Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
File:                     l5SL1vKtFY5iT9jonp718b2x05o.mft (raw, json)
Hash identifier:          ynpGWEPW2RAlTR9ZYY+AymEG6rb/wm/eKfeHxyRhU64=
Subject key identifier:   2A:48:80:77:36:12:99:BB:B2:41:09:1D:5C:66:29:F9:B5:F9:FC:27
Authority key identifier: 97:94:8B:D6:F2:AD:15:8E:62:4F:D8:E8:9E:9E:F5:F1:BD:B1:D3:9A
Certificate issuer:       /CN=97948bd6f2ad158e624fd8e89e9ef5f1bdb1d39a
Certificate serial:       019363D673F933D0A684172DFBCD903397DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
Manifest number:          A7
Signing time:             Mon 25 Nov 2024 15:00:18 +0000
Manifest this update:     Mon 25 Nov 2024 15:00:18 +0000
Manifest next update:     Tue 26 Nov 2024 15:00:18 +0000
Files and hashes:         1: l5SL1vKtFY5iT9jonp718b2x05o.crl (hash: 0FZS6R0S/RAel34VYl+0cD9hzJtXv8V+wguhAtjvKB0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 15:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:63:d6:73:f9:33:d0:a6:84:17:2d:fb:cd:90:33:97:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=97948bd6f2ad158e624fd8e89e9ef5f1bdb1d39a
        Validity
            Not Before: Nov 25 15:00:18 2024 GMT
            Not After : Nov 26 15:00:18 2024 GMT
        Subject: CN=2a488077361299bbb241091d5c6629f9b5f9fc27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bf:10:55:4a:4d:2a:27:7d:ca:c0:d0:e5:d6:
                    7b:ba:1b:85:85:8a:fa:af:c8:0a:1a:b9:40:40:08:
                    f4:5e:f3:65:cf:50:fd:c0:52:06:6d:ad:d9:ff:fe:
                    eb:34:3b:c0:0c:43:2a:04:30:e8:ce:ba:7a:b5:4a:
                    ff:05:46:32:1d:d0:c3:b2:ae:7a:7f:03:9f:9b:c9:
                    06:d1:e3:6e:77:38:62:2a:62:0c:45:3b:c0:e4:e7:
                    45:7c:24:e7:3f:8e:56:51:a7:02:3a:4a:e8:5d:a8:
                    75:59:13:77:78:76:24:9f:c8:6a:79:6d:84:ab:5f:
                    06:44:7a:de:6e:18:02:ef:34:37:71:7b:59:66:6e:
                    81:79:cd:b9:c6:79:2b:2e:5b:ad:b6:12:ae:cb:dd:
                    c3:a8:87:88:83:b2:cf:cc:98:9a:f4:60:e8:01:58:
                    c1:80:d4:ad:a6:6b:78:82:00:ea:41:1d:ff:19:48:
                    36:da:05:25:9a:79:18:30:a5:60:5e:fe:fc:9a:69:
                    45:08:00:9c:76:89:27:48:02:74:60:ee:2d:51:0b:
                    cf:bf:1a:01:59:8b:fd:81:17:1c:5a:8c:aa:1b:72:
                    71:c2:28:f6:f9:70:1f:8f:8a:e9:21:d4:6f:92:0a:
                    29:34:e4:81:15:56:8a:04:f6:c9:41:82:62:20:9b:
                    73:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:48:80:77:36:12:99:BB:B2:41:09:1D:5C:66:29:F9:B5:F9:FC:27
            X509v3 Authority Key Identifier:
                keyid:97:94:8B:D6:F2:AD:15:8E:62:4F:D8:E8:9E:9E:F5:F1:BD:B1:D3:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5SL1vKtFY5iT9jonp718b2x05o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/c727bf-7709-4b33-b618-a6c5000c7184/1/l5SL1vKtFY5iT9jonp718b2x05o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:2e:6e:c3:9a:e5:37:cf:3d:18:77:e2:a4:ba:8b:7c:93:44:
         52:e1:c3:1e:8b:c5:97:43:7f:1f:80:cc:92:f7:fe:63:a6:32:
         35:7d:9d:09:d9:67:18:39:7f:ff:af:79:8b:80:31:24:d3:6d:
         8a:0b:2b:2c:96:74:5c:2b:20:48:3a:8a:02:9f:5e:a3:76:d3:
         7f:db:1e:16:ca:d3:b6:99:ec:03:2d:15:3f:14:3e:58:b6:91:
         83:05:4e:da:44:b1:aa:95:44:10:8f:69:39:22:9d:b4:dd:93:
         bb:d6:41:40:f8:5a:30:8a:ee:27:29:96:42:6e:3d:57:25:55:
         d8:98:5b:81:8b:4c:db:3b:ab:40:b1:7d:9f:48:9e:9d:04:4b:
         38:ca:81:69:bb:f1:e0:50:ab:7c:b6:06:be:24:af:9e:af:11:
         8f:cd:d2:58:e2:a5:65:85:6a:ea:47:0e:56:3e:37:f0:ae:c7:
         08:a0:09:ab:4d:37:d3:98:ba:80:f4:1d:1d:29:ed:94:53:8f:
         b3:84:05:2d:cb:e8:36:2b:7e:82:6f:95:df:ac:2c:06:43:4a:
         67:dc:e0:25:54:b6:01:55:bd:10:d5:e9:44:2d:60:51:1b:d1:
         a5:37:54:5e:71:c2:7b:b8:ed:68:4b:59:e6:b0:56:43:f4:03:
         51:e0:12:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNj1nP5M9CmhBct+82QM5fbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTQ4YmQ2ZjJhZDE1OGU2MjRmZDhlODllOWVmNWYxYmRi
MWQzOWEwHhcNMjQxMTI1MTUwMDE4WhcNMjQxMTI2MTUwMDE4WjAzMTEwLwYDVQQD
EygyYTQ4ODA3NzM2MTI5OWJiYjI0MTA5MWQ1YzY2MjlmOWI1ZjlmYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur8QVUpNKid9ysDQ5dZ7uhuFhYr6
r8gKGrlAQAj0XvNlz1D9wFIGba3Z//7rNDvADEMqBDDozrp6tUr/BUYyHdDDsq56
fwOfm8kG0eNudzhiKmIMRTvA5OdFfCTnP45WUacCOkroXah1WRN3eHYkn8hqeW2E
q18GRHrebhgC7zQ3cXtZZm6Bec25xnkrLlutthKuy93DqIeIg7LPzJia9GDoAVjB
gNStpmt4ggDqQR3/GUg22gUlmnkYMKVgXv78mmlFCACcdoknSAJ0YO4tUQvPvxoB
WYv9gRccWoyqG3Jxwij2+XAfj4rpIdRvkgopNOSBFVaKBPbJQYJiIJtz2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpIgHc2Epm7skEJHVxmKfm1+fwnMB8GA1UdIwQY
MBaAFJeUi9byrRWOYk/Y6J6e9fG9sdOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jNzI3YmYtNzcwOS00YjMzLWI2MTgt
YTZjNTAwMGM3MTg0LzEvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jNzI3YmYtNzcwOS00YjMzLWI2MTgtYTZjNTAwMGM3MTg0
LzEvbDVTTDF2S3RGWTVpVDlqb25wNzE4YjJ4MDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASS5uw5rl
N889GHfipLqLfJNEUuHDHovFl0N/H4DMkvf+Y6YyNX2dCdlnGDl//695i4AxJNNt
igsrLJZ0XCsgSDqKAp9eo3bTf9seFsrTtpnsAy0VPxQ+WLaRgwVO2kSxqpVEEI9p
OSKdtN2Tu9ZBQPhaMIruJymWQm49VyVV2JhbgYtM2zurQLF9n0ienQRLOMqBabvx
4FCrfLYGviSvnq8Rj83SWOKlZYVq6kcOVj438K7HCKAJq00305i6gPQdHSntlFOP
s4QFLcvoNit+gm+V36wsBkNKZ9zgJVS2AVW9ENXpRC1gURvRpTdUXnHCe7jtaEtZ
5rBWQ/QDUeAS5Q==
-----END CERTIFICATE-----