Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          oJgHgFh/Ic4VDJwTdnmsKP842ngryu6u7fh87foqjnM=
Subject key identifier:   4B:0F:25:A3:44:9D:A5:29:B8:22:0B:DA:91:B8:83:52:35:3A:48:82
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       018F86A4281C60D562BD076FDA8AD7F542BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          0F1D
Signing time:             Fri 17 May 2024 13:00:56 +0000
Manifest this update:     Fri 17 May 2024 13:00:56 +0000
Manifest next update:     Sat 18 May 2024 13:00:56 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: TafKJ9POPZVCa4uqY9WylRiMTOdhrXaeSTpEwghQnAI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a4:28:1c:60:d5:62:bd:07:6f:da:8a:d7:f5:42:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: May 17 13:00:56 2024 GMT
            Not After : May 18 13:00:56 2024 GMT
        Subject: CN=4b0f25a3449da529b8220bda91b88352353a4882
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:46:30:d6:64:58:75:27:64:4f:ed:33:1b:7e:
                    df:de:63:b7:3b:1d:d1:e3:0c:59:3a:a6:e2:82:c1:
                    5e:52:63:64:29:8c:86:fe:4d:57:97:49:c2:3f:a5:
                    79:dc:5b:41:76:14:e1:b1:a6:5a:76:da:09:d8:a1:
                    a5:b9:68:72:51:bf:aa:dc:60:51:de:79:16:a9:13:
                    8e:ea:c6:18:9f:ea:7c:ea:0c:dd:cb:b9:26:e9:77:
                    ea:24:ea:30:b2:60:98:cf:e7:5d:f9:bc:8e:83:0d:
                    ff:35:59:ed:37:1b:88:9c:38:60:be:18:47:29:0d:
                    3b:b8:20:b9:40:b9:26:09:6d:cf:54:e1:63:05:15:
                    50:41:a7:12:c4:dd:cc:c9:bb:d6:64:58:9e:47:e6:
                    1c:40:a2:9c:fc:da:9a:be:e0:ba:43:a4:0b:8a:85:
                    b9:9f:58:4c:a0:bb:6d:fc:e1:0a:c2:dc:6b:fa:52:
                    26:7c:0c:11:12:07:95:a8:16:e6:c9:2c:5f:f9:f2:
                    11:4b:35:91:fb:dd:5a:82:71:61:16:07:d5:2f:69:
                    68:25:63:e8:88:b1:58:62:c9:ce:d1:29:16:5c:59:
                    d4:4b:e7:6d:56:12:92:37:82:3f:4b:9e:1b:5a:f1:
                    7d:e3:50:0f:dc:45:6f:92:e0:a6:e9:ba:7b:d2:97:
                    e1:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:0F:25:A3:44:9D:A5:29:B8:22:0B:DA:91:B8:83:52:35:3A:48:82
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:52:29:71:df:24:f4:be:71:ee:f9:3f:a1:04:73:11:16:e9:
         be:ef:d2:57:bb:65:7e:e9:7e:3c:aa:4a:2c:15:36:96:05:19:
         ed:23:4e:3f:b0:60:5e:68:3a:19:16:0e:51:1d:18:e2:3d:e6:
         e2:f6:ce:16:6d:5f:0a:4a:c6:61:9e:0b:68:aa:fa:18:df:1d:
         a7:7d:28:45:c1:ef:af:57:f9:c4:06:d1:02:ea:4f:5c:46:6c:
         b6:83:a3:e7:65:6e:16:96:ca:f1:fc:23:0e:58:fa:0d:00:e3:
         bc:3e:64:bb:b4:00:06:66:04:6a:71:c2:b7:2e:6c:ef:49:bd:
         1e:a3:98:98:ac:6d:fa:ac:ac:72:73:92:18:f9:7b:a5:24:8c:
         0d:21:d1:a3:c1:d8:bd:4a:7b:25:74:c7:52:a3:ab:ad:0d:86:
         cd:80:48:c2:61:3a:04:f0:83:f2:7a:1e:4d:84:8c:6d:63:04:
         28:3f:7d:06:03:28:74:88:50:11:60:25:47:f3:3c:70:2a:f9:
         3c:96:e6:11:35:f2:d5:96:99:36:ee:c6:43:bc:e8:7a:12:89:
         ec:62:b3:a9:c0:d4:69:be:13:08:29:05:b7:a1:82:1c:b9:4b:
         3b:df:cc:70:23:6e:03:2d:24:20:58:d7:dc:4f:38:83:6d:1f:
         6f:c7:04:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+GpCgcYNVivQdv2orX9UK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjQwNTE3MTMwMDU2WhcNMjQwNTE4MTMwMDU2WjAzMTEwLwYDVQQD
Eyg0YjBmMjVhMzQ0OWRhNTI5YjgyMjBiZGE5MWI4ODM1MjM1M2E0ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUYw1mRYdSdkT+0zG37f3mO3Ox3R
4wxZOqbigsFeUmNkKYyG/k1Xl0nCP6V53FtBdhThsaZadtoJ2KGluWhyUb+q3GBR
3nkWqROO6sYYn+p86gzdy7km6XfqJOowsmCYz+dd+byOgw3/NVntNxuInDhgvhhH
KQ07uCC5QLkmCW3PVOFjBRVQQacSxN3MybvWZFieR+YcQKKc/NqavuC6Q6QLioW5
n1hMoLtt/OEKwtxr+lImfAwREgeVqBbmySxf+fIRSzWR+91agnFhFgfVL2loJWPo
iLFYYsnO0SkWXFnUS+dtVhKSN4I/S54bWvF941AP3EVvkuCm6bp70pfhlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEsPJaNEnaUpuCIL2pG4g1I1OkiCMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAolIpcd8k
9L5x7vk/oQRzERbpvu/SV7tlful+PKpKLBU2lgUZ7SNOP7BgXmg6GRYOUR0Y4j3m
4vbOFm1fCkrGYZ4LaKr6GN8dp30oRcHvr1f5xAbRAupPXEZstoOj52VuFpbK8fwj
Dlj6DQDjvD5ku7QABmYEanHCty5s70m9HqOYmKxt+qyscnOSGPl7pSSMDSHRo8HY
vUp7JXTHUqOrrQ2GzYBIwmE6BPCD8noeTYSMbWMEKD99BgModIhQEWAlR/M8cCr5
PJbmETXy1ZaZNu7GQ7zoehKJ7GKzqcDUab4TCCkFt6GCHLlLO9/McCNuAy0kIFjX
3E84g20fb8cEnA==
-----END CERTIFICATE-----