Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
File:                     kljqmCx9enWV6Dphx66z12GIlww.mft (raw, json)
Hash identifier:          AOJCD7Lf/duBQbB41AAz9QDnE+khKNo0KVEWjlmm54I=
Subject key identifier:   AA:C0:E4:9F:33:03:6C:55:13:B5:9F:70:35:38:C7:6E:A1:D1:7D:62
Authority key identifier: 92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C
Certificate issuer:       /CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
Certificate serial:       019357D2BAD36875A9A0B1CA9BF83ED9619A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
Manifest number:          1117
Signing time:             Sat 23 Nov 2024 07:00:48 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:48 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:48 +0000
Files and hashes:         1: kljqmCx9enWV6Dphx66z12GIlww.crl (hash: IgINWgwzgatOBXMcc5rLzFWEYbs9AU8H/efXP/MOVK0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:ba:d3:68:75:a9:a0:b1:ca:9b:f8:3e:d9:61:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9258ea982c7d7a7595e83a61c7aeb3d76188970c
        Validity
            Not Before: Nov 23 07:00:48 2024 GMT
            Not After : Nov 24 07:00:48 2024 GMT
        Subject: CN=aac0e49f33036c5513b59f703538c76ea1d17d62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:d9:a0:5c:43:83:49:15:ea:d9:1e:52:c4:f4:
                    82:3f:d4:db:a6:01:cd:a4:ca:46:11:92:1b:87:f0:
                    d2:67:89:30:21:fd:7f:4b:6d:1b:8b:97:58:d5:47:
                    69:6a:e6:c2:42:e6:09:1a:09:04:cc:81:f2:43:24:
                    79:ea:87:82:a7:b8:71:bd:a0:9f:dc:f7:0e:82:db:
                    02:7c:6f:08:22:7d:18:2a:57:ea:b9:45:06:6c:a0:
                    b3:08:d1:10:bd:83:56:a1:a9:a8:ee:e8:09:89:7d:
                    af:4d:4d:01:a7:30:3f:35:01:2c:9d:29:31:03:95:
                    42:82:f2:6e:41:f4:ae:b3:45:9c:59:98:e6:50:29:
                    8e:77:22:22:8b:b1:0a:37:e2:76:e1:f3:c0:55:ff:
                    c8:5a:46:61:47:48:ba:22:a9:58:8d:d1:03:67:40:
                    8c:ba:4e:86:89:b0:48:f8:d1:34:7a:f1:ba:4a:2f:
                    87:31:d7:37:58:4e:35:6a:72:90:5f:88:f7:9a:9b:
                    02:b5:4a:96:15:64:99:ef:95:6e:34:17:6d:d0:e2:
                    ae:bc:3a:80:56:ca:32:88:73:29:70:57:d8:a7:5e:
                    07:3a:0b:31:4a:12:f6:f2:48:8f:e1:68:e1:5a:9a:
                    4d:5c:d0:84:af:69:05:9f:40:91:13:d9:f9:10:09:
                    5e:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:C0:E4:9F:33:03:6C:55:13:B5:9F:70:35:38:C7:6E:A1:D1:7D:62
            X509v3 Authority Key Identifier:
                keyid:92:58:EA:98:2C:7D:7A:75:95:E8:3A:61:C7:AE:B3:D7:61:88:97:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kljqmCx9enWV6Dphx66z12GIlww.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f91eed-98c6-47f6-abf7-911070f27e37/1/kljqmCx9enWV6Dphx66z12GIlww.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:60:97:d6:ff:7f:6f:5d:90:5e:31:9b:6a:a4:d4:c6:a0:83:
         5b:0b:3c:74:0d:2c:aa:f7:76:cb:40:ee:f1:71:46:6d:3b:17:
         89:99:12:1b:2a:0b:81:74:4c:ca:2e:06:fa:90:59:90:6e:ae:
         b7:71:48:a1:d4:8e:14:aa:58:0e:e6:76:8f:70:f1:95:f3:84:
         3f:44:ea:5c:6d:9d:18:b1:ad:e4:9e:99:66:24:9f:fe:6c:e9:
         a0:8f:1e:0f:da:2d:50:c8:fe:e8:54:ac:64:4b:9b:86:b8:a2:
         09:0b:f0:c3:5f:74:71:b2:73:14:0b:8c:de:b4:20:6f:f2:93:
         4b:b0:04:a2:6f:fe:53:cc:fb:00:85:9a:db:6d:eb:f9:de:96:
         5d:08:8e:ea:23:70:53:bc:a2:a3:f8:af:40:2f:f4:c9:f3:85:
         4c:de:c7:c1:6b:fb:b0:79:b1:bf:bd:0a:da:b4:ab:d8:c6:3a:
         0c:bd:20:ae:98:24:1e:00:38:9b:da:2c:34:91:d3:96:08:ed:
         01:94:4b:9d:33:0c:97:f1:0f:ff:f2:0d:4a:60:b3:9f:9e:0c:
         31:70:96:c7:ae:07:f8:7e:21:f1:25:91:79:f4:f5:88:1e:a6:
         b1:9a:ca:7f:cf:8e:56:78:74:f8:1a:5c:ca:98:62:44:fc:de:
         55:04:5a:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0rrTaHWpoLHKm/g+2WGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNThlYTk4MmM3ZDdhNzU5NWU4M2E2MWM3YWViM2Q3NjE4
ODk3MGMwHhcNMjQxMTIzMDcwMDQ4WhcNMjQxMTI0MDcwMDQ4WjAzMTEwLwYDVQQD
EyhhYWMwZTQ5ZjMzMDM2YzU1MTNiNTlmNzAzNTM4Yzc2ZWExZDE3ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dmgXEODSRXq2R5SxPSCP9TbpgHN
pMpGEZIbh/DSZ4kwIf1/S20bi5dY1UdpaubCQuYJGgkEzIHyQyR56oeCp7hxvaCf
3PcOgtsCfG8IIn0YKlfquUUGbKCzCNEQvYNWoamo7ugJiX2vTU0BpzA/NQEsnSkx
A5VCgvJuQfSus0WcWZjmUCmOdyIii7EKN+J24fPAVf/IWkZhR0i6IqlYjdEDZ0CM
uk6GibBI+NE0evG6Si+HMdc3WE41anKQX4j3mpsCtUqWFWSZ75VuNBdt0OKuvDqA
VsoyiHMpcFfYp14HOgsxShL28kiP4WjhWppNXNCEr2kFn0CRE9n5EAleVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrA5J8zA2xVE7WfcDU4x26h0X1iMB8GA1UdIwQY
MBaAFJJY6pgsfXp1leg6Yceus9dhiJcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjct
OTExMDcwZjI3ZTM3LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mOTFlZWQtOThjNi00N2Y2LWFiZjctOTExMDcwZjI3ZTM3
LzEva2xqcW1DeDllbldWNkRwaHg2NnoxMkdJbHd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApWCX1v9/
b12QXjGbaqTUxqCDWws8dA0sqvd2y0Du8XFGbTsXiZkSGyoLgXRMyi4G+pBZkG6u
t3FIodSOFKpYDuZ2j3DxlfOEP0TqXG2dGLGt5J6ZZiSf/mzpoI8eD9otUMj+6FSs
ZEubhriiCQvww190cbJzFAuM3rQgb/KTS7AEom/+U8z7AIWa223r+d6WXQiO6iNw
U7yio/ivQC/0yfOFTN7HwWv7sHmxv70K2rSr2MY6DL0grpgkHgA4m9osNJHTlgjt
AZRLnTMMl/EP//INSmCzn54MMXCWx64H+H4h8SWRefT1iB6msZrKf8+OVnh0+Bpc
yphiRPzeVQRa6Q==
-----END CERTIFICATE-----