Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
File:                     Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft (raw, json)
Hash identifier:          iJBNbXvKhjtlIhMuljSuGEU7lWePqPuq7ePBtp2HunY=
Subject key identifier:   41:7F:4A:48:30:2F:D1:6A:5D:87:5C:8D:ED:AA:3A:EA:3D:8C:9B:6E
Authority key identifier: 16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56
Certificate issuer:       /CN=1686f7be9ba171c32746ab4ed20be882bd304356
Certificate serial:       019357D2D7AAC1B535FA7F4F18F1EEFEA148
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
Manifest number:          0101
Signing time:             Sat 23 Nov 2024 07:00:55 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:55 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:55 +0000
Files and hashes:         1: Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl (hash: 5vzJXonkIyR51pWtffKvAIbUcvs2uXxa1p1Uo0casdA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:d7:aa:c1:b5:35:fa:7f:4f:18:f1:ee:fe:a1:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1686f7be9ba171c32746ab4ed20be882bd304356
        Validity
            Not Before: Nov 23 07:00:55 2024 GMT
            Not After : Nov 24 07:00:55 2024 GMT
        Subject: CN=417f4a48302fd16a5d875c8dedaa3aea3d8c9b6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f3:7a:93:3b:6d:c4:65:69:d1:fa:c1:b1:65:
                    43:7f:4d:91:61:a7:a3:3a:cc:51:21:2b:37:b0:aa:
                    ed:6c:ae:bd:93:f1:c6:4f:c2:9a:86:8d:4e:18:dc:
                    e9:71:cd:e7:bf:c3:ba:9f:e3:b3:18:68:1f:03:72:
                    a0:dc:62:d1:0c:14:57:c3:1e:e5:57:d9:82:4a:05:
                    a8:a6:47:72:f0:72:a5:f1:67:67:8f:f1:99:35:a9:
                    d7:7c:18:32:1d:54:24:c5:e1:76:cd:ec:43:81:5c:
                    b3:93:c0:32:44:78:ab:b6:d1:a8:d3:fc:b0:93:5b:
                    ee:33:97:d6:f7:03:5d:75:99:62:41:3f:f5:39:ce:
                    71:45:12:2a:4e:65:62:9c:53:c2:cd:09:2a:57:3c:
                    34:96:ca:ee:08:95:52:94:a6:04:f8:18:1c:7c:a3:
                    7c:3e:7e:40:10:fb:51:db:bb:88:b7:03:e4:c7:3b:
                    51:fd:3e:a8:cd:e5:e5:ec:57:91:0e:e2:b6:0d:37:
                    2f:3c:15:65:6b:fc:fb:a0:01:e0:b3:9c:b8:cb:90:
                    58:c0:73:37:68:be:02:45:a8:9e:6a:6c:f8:4d:c2:
                    ea:28:43:c5:0e:b5:a2:14:72:e7:df:b2:3d:14:74:
                    ff:0f:ae:f7:7c:e2:18:f6:be:73:e5:9b:bd:a9:8e:
                    99:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:7F:4A:48:30:2F:D1:6A:5D:87:5C:8D:ED:AA:3A:EA:3D:8C:9B:6E
            X509v3 Authority Key Identifier:
                keyid:16:86:F7:BE:9B:A1:71:C3:27:46:AB:4E:D2:0B:E8:82:BD:30:43:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fob3vpuhccMnRqtO0gvogr0wQ1Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/7ca808-c795-40ef-8a49-74a98cb66fff/1/Fob3vpuhccMnRqtO0gvogr0wQ1Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:e4:8c:ec:c4:9d:f8:45:57:31:e3:93:89:4e:6c:ff:11:f3:
         a3:f6:1e:ee:63:a2:c4:7f:64:42:f1:42:49:ae:e3:3e:0a:24:
         d2:3b:db:af:ba:c7:b7:4c:c6:37:f9:b7:d3:60:e8:17:6d:cb:
         b1:90:e9:4d:1d:20:23:89:86:21:2c:e3:31:aa:ad:ff:c2:a4:
         35:1b:91:c4:65:f7:35:80:18:af:d8:b5:53:d6:15:8a:24:ed:
         a0:45:00:e5:62:f4:b1:f3:27:a2:ab:9c:6f:e5:86:0d:cf:6c:
         b8:c3:24:49:ae:5c:3a:ac:d2:7e:04:26:48:7d:81:57:2d:0d:
         1e:79:0f:8e:dc:c4:2e:15:17:7c:f8:1f:4e:89:aa:48:f8:2f:
         0b:5f:58:3c:63:f4:f7:e4:ed:36:74:90:16:e2:52:b2:84:fd:
         35:3a:c7:00:88:52:17:b2:f5:a2:eb:11:85:88:12:94:9b:4d:
         f4:6b:34:8d:10:26:ab:cb:bd:2b:40:ba:2d:2f:a7:d6:f0:db:
         b6:c5:5e:7f:08:07:9f:10:e6:d5:dd:c6:6a:6a:84:08:f9:0e:
         e4:ec:e9:16:65:31:4f:ac:eb:93:a9:e9:09:e8:00:34:e5:d4:
         2d:a2:e8:6d:18:30:64:a6:45:4a:e8:a2:7d:47:54:5d:6c:5a:
         35:cd:ed:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0teqwbU1+n9PGPHu/qFIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODZmN2JlOWJhMTcxYzMyNzQ2YWI0ZWQyMGJlODgyYmQz
MDQzNTYwHhcNMjQxMTIzMDcwMDU1WhcNMjQxMTI0MDcwMDU1WjAzMTEwLwYDVQQD
Eyg0MTdmNGE0ODMwMmZkMTZhNWQ4NzVjOGRlZGFhM2FlYTNkOGM5YjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPN6kzttxGVp0frBsWVDf02RYaej
OsxRISs3sKrtbK69k/HGT8Kaho1OGNzpcc3nv8O6n+OzGGgfA3Kg3GLRDBRXwx7l
V9mCSgWopkdy8HKl8Wdnj/GZNanXfBgyHVQkxeF2zexDgVyzk8AyRHirttGo0/yw
k1vuM5fW9wNddZliQT/1Oc5xRRIqTmVinFPCzQkqVzw0lsruCJVSlKYE+BgcfKN8
Pn5AEPtR27uItwPkxztR/T6ozeXl7FeRDuK2DTcvPBVla/z7oAHgs5y4y5BYwHM3
aL4CRaieamz4TcLqKEPFDrWiFHLn37I9FHT/D673fOIY9r5z5Zu9qY6ZEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEF/SkgwL9FqXYdcje2qOuo9jJtuMB8GA1UdIwQY
MBaAFBaG976boXHDJ0arTtIL6IK9MENWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDkt
NzRhOThjYjY2ZmZmLzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy83Y2E4MDgtYzc5NS00MGVmLThhNDktNzRhOThjYjY2ZmZm
LzEvRm9iM3ZwdWhjY01uUnF0TzBndm9ncjB3UTFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAduSM7MSd
+EVXMeOTiU5s/xHzo/Ye7mOixH9kQvFCSa7jPgok0jvbr7rHt0zGN/m302DoF23L
sZDpTR0gI4mGISzjMaqt/8KkNRuRxGX3NYAYr9i1U9YViiTtoEUA5WL0sfMnoquc
b+WGDc9suMMkSa5cOqzSfgQmSH2BVy0NHnkPjtzELhUXfPgfTomqSPgvC19YPGP0
9+TtNnSQFuJSsoT9NTrHAIhSF7L1ousRhYgSlJtN9Gs0jRAmq8u9K0C6LS+n1vDb
tsVefwgHnxDm1d3GamqECPkO5OzpFmUxT6zrk6npCegANOXULaLobRgwZKZFSuii
fUdUXWxaNc3t6Q==
-----END CERTIFICATE-----