Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
File:                     _x2DMuEYqaIYfqtYhCedZYDxGfc.mft (raw, json)
Hash identifier:          Qd57h2VXy3sCulS9Ni/TIvQ/Oml/Voqx+KkoqKTQ7Jw=
Subject key identifier:   F5:AD:F9:3D:5F:1C:04:E4:60:7D:6B:7F:A1:9D:F4:40:23:B7:B2:2D
Authority key identifier: FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7
Certificate issuer:       /CN=ff1d8332e118a9a2187eab5884279d6580f119f7
Certificate serial:       0191F9A2B5BF0266CDEFCB47D1758AC3F002
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
Manifest number:          0116
Signing time:             Mon 16 Sep 2024 07:01:15 +0000
Manifest this update:     Mon 16 Sep 2024 07:01:15 +0000
Manifest next update:     Tue 17 Sep 2024 07:01:15 +0000
Files and hashes:         1: _x2DMuEYqaIYfqtYhCedZYDxGfc.crl (hash: sFt2+wmY0epDeFawdCHuTuOh/rHWqN6jkhIuhSaHhXY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:a2:b5:bf:02:66:cd:ef:cb:47:d1:75:8a:c3:f0:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff1d8332e118a9a2187eab5884279d6580f119f7
        Validity
            Not Before: Sep 16 07:01:15 2024 GMT
            Not After : Sep 17 07:01:15 2024 GMT
        Subject: CN=f5adf93d5f1c04e4607d6b7fa19df44023b7b22d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b9:5f:ef:15:e9:c5:fb:c5:cb:13:19:b4:f4:
                    16:c1:86:11:05:93:c1:9e:1e:21:e5:b2:25:70:d1:
                    5e:d4:ff:f0:6f:73:e6:46:0f:61:4f:71:c1:dc:32:
                    db:ba:70:ad:6b:1c:8f:e5:ee:58:c9:73:38:f8:1b:
                    79:b8:e5:53:b2:dd:e3:ff:07:37:67:9d:d9:74:56:
                    09:d9:e7:c4:57:20:c7:fb:16:d6:ff:ea:bd:28:e9:
                    df:13:25:b6:54:64:1f:e0:39:0d:74:33:8d:a8:1c:
                    bd:19:47:36:f3:c2:1d:1e:d1:74:11:52:9c:d4:7f:
                    ec:d8:7f:2a:96:b5:3d:8e:9c:4e:02:97:dc:f2:3e:
                    1e:4e:47:eb:36:81:80:60:3d:a2:da:3e:f1:39:00:
                    c0:c9:f2:0a:a8:d6:a2:0a:ba:f9:d0:1e:bd:fd:79:
                    a5:14:66:44:00:e1:71:6c:53:53:e8:df:ce:df:2e:
                    51:3c:8b:fc:3e:3b:c7:39:42:5c:97:96:3d:e5:81:
                    bb:28:24:95:bf:8b:6a:23:19:32:f5:56:cb:00:02:
                    c8:9e:fe:b7:ec:8d:18:81:89:62:12:c4:05:4f:af:
                    e1:a9:0d:12:19:c3:6c:ca:45:ad:61:ed:83:9b:33:
                    de:60:c5:23:ba:1d:0c:70:58:15:93:a6:1f:68:8b:
                    44:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AD:F9:3D:5F:1C:04:E4:60:7D:6B:7F:A1:9D:F4:40:23:B7:B2:2D
            X509v3 Authority Key Identifier:
                keyid:FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:03:20:c1:3a:41:ae:26:c6:01:0c:d0:5d:13:8c:d3:ab:2a:
         83:8d:71:9d:99:a6:6f:2e:19:36:a4:ed:cc:de:93:c2:f7:2a:
         cb:d0:1b:b5:ae:ec:cc:93:1f:80:a9:00:fc:b7:91:33:57:00:
         c1:2c:82:d1:51:3e:c1:a9:1b:30:b2:6c:b3:b4:b5:1f:4c:89:
         b5:2e:84:26:3d:59:72:47:cd:36:3a:0f:fe:55:73:a0:3c:86:
         54:dc:65:57:44:fe:6c:39:6b:8a:22:9e:0c:b9:68:e7:28:a0:
         cf:91:38:c0:dd:3f:7b:4f:68:13:a8:59:3d:fb:f1:1c:b2:6e:
         59:4d:47:0a:2a:2c:59:f6:41:35:67:81:a1:a7:08:c4:e5:bf:
         b5:75:09:a9:b5:ae:3b:d2:b7:42:27:e9:57:ab:d1:16:95:e5:
         d0:bb:17:f5:17:66:6a:8e:38:c2:21:da:95:3c:63:ee:9a:aa:
         eb:41:a3:7c:6f:8c:18:19:87:24:22:76:aa:a3:81:37:b6:b8:
         18:cb:92:cd:03:ba:63:07:74:4c:f8:28:36:8c:04:42:d6:52:
         08:6a:63:3b:88:49:ad:4c:94:65:48:02:1b:37:3b:24:5e:7f:
         1d:1f:3a:bd:50:f7:4e:75:d9:f8:8a:ca:72:91:95:1f:47:ea:
         da:14:ef:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5orW/AmbN78tH0XWKw/ACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWQ4MzMyZTExOGE5YTIxODdlYWI1ODg0Mjc5ZDY1ODBm
MTE5ZjcwHhcNMjQwOTE2MDcwMTE1WhcNMjQwOTE3MDcwMTE1WjAzMTEwLwYDVQQD
EyhmNWFkZjkzZDVmMWMwNGU0NjA3ZDZiN2ZhMTlkZjQ0MDIzYjdiMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArblf7xXpxfvFyxMZtPQWwYYRBZPB
nh4h5bIlcNFe1P/wb3PmRg9hT3HB3DLbunCtaxyP5e5YyXM4+Bt5uOVTst3j/wc3
Z53ZdFYJ2efEVyDH+xbW/+q9KOnfEyW2VGQf4DkNdDONqBy9GUc288IdHtF0EVKc
1H/s2H8qlrU9jpxOApfc8j4eTkfrNoGAYD2i2j7xOQDAyfIKqNaiCrr50B69/Xml
FGZEAOFxbFNT6N/O3y5RPIv8PjvHOUJcl5Y95YG7KCSVv4tqIxky9VbLAALInv63
7I0YgYliEsQFT6/hqQ0SGcNsykWtYe2DmzPeYMUjuh0McFgVk6YfaItEcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWt+T1fHATkYH1rf6Gd9EAjt7ItMB8GA1UdIwQY
MBaAFP8dgzLhGKmiGH6rWIQnnWWA8Rn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUt
ZGVhMzBlY2I3MzZkLzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUtZGVhMzBlY2I3MzZk
LzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgMgwTpB
ribGAQzQXROM06sqg41xnZmmby4ZNqTtzN6Twvcqy9Abta7szJMfgKkA/LeRM1cA
wSyC0VE+wakbMLJss7S1H0yJtS6EJj1ZckfNNjoP/lVzoDyGVNxlV0T+bDlriiKe
DLlo5yigz5E4wN0/e09oE6hZPfvxHLJuWU1HCiosWfZBNWeBoacIxOW/tXUJqbWu
O9K3QifpV6vRFpXl0LsX9Rdmao44wiHalTxj7pqq60GjfG+MGBmHJCJ2qqOBN7a4
GMuSzQO6Ywd0TPgoNowEQtZSCGpjO4hJrUyUZUgCGzc7JF5/HR86vVD3TnXZ+IrK
cpGVH0fq2hTvcg==
-----END CERTIFICATE-----