Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
File:                     RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft (raw, json)
Hash identifier:          cNGuwpCliOnotgWIwgQtlteLZB7QAfqqVKhI9USs/0A=
Subject key identifier:   A5:4C:36:CE:9D:71:07:9E:83:C1:88:53:79:5A:D0:D9:24:0D:C7:08
Authority key identifier: 46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4
Certificate issuer:       /CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
Certificate serial:       019364E992E55224CED06651F791F13A79E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
Manifest number:          04BF
Signing time:             Mon 25 Nov 2024 20:00:49 +0000
Manifest this update:     Mon 25 Nov 2024 20:00:49 +0000
Manifest next update:     Tue 26 Nov 2024 20:00:49 +0000
Files and hashes:         1: RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl (hash: FsPaYrzRpPBlFCpU7dWaSWXu6Wd9fD1lfaw0+gfWAUM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 20:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:e9:92:e5:52:24:ce:d0:66:51:f7:91:f1:3a:79:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4654f3e6927ec4c7c97d0f236a8c24534a7fcdd4
        Validity
            Not Before: Nov 25 20:00:49 2024 GMT
            Not After : Nov 26 20:00:49 2024 GMT
        Subject: CN=a54c36ce9d71079e83c18853795ad0d9240dc708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6a:5a:34:8c:55:c4:ab:37:ba:09:cc:1f:40:
                    2c:8f:d2:cc:3c:e6:f3:91:21:1e:c6:26:b2:29:b3:
                    a1:40:5f:7c:b1:24:80:a1:3d:18:ee:b8:4c:4a:92:
                    91:2f:5d:b0:aa:5e:c9:ff:ce:a2:c0:55:52:36:de:
                    46:bd:4b:8a:e6:db:9b:57:f0:b8:b3:61:0f:eb:31:
                    34:05:ae:e4:7b:f3:12:29:f5:d6:ab:34:10:9d:c5:
                    fa:df:ee:83:40:ae:93:78:f8:b1:c6:eb:7b:a7:79:
                    cf:35:47:4e:21:67:89:fd:07:18:b4:02:d3:0a:8b:
                    2e:35:13:ca:90:46:97:4c:11:df:8e:e8:ae:49:ab:
                    c4:08:6a:67:14:89:35:4a:f5:e5:27:22:7f:e4:0c:
                    5b:b9:22:b2:77:2e:e3:06:0b:24:7c:8e:93:31:72:
                    6a:d7:36:84:07:6f:91:d8:ec:9f:37:dc:ae:83:dc:
                    93:5e:b4:a9:9e:8c:e0:e4:d2:2a:35:ed:e4:22:8f:
                    e3:63:2a:ca:9f:9a:36:2a:99:ec:45:42:82:ea:c5:
                    8f:4f:47:58:89:02:c8:5a:c2:2c:9e:a6:c7:25:35:
                    ef:a0:87:65:dd:58:9f:89:cf:8b:5c:06:cc:4c:9b:
                    81:27:69:7f:7d:9f:0f:53:12:4b:9f:dd:89:b9:02:
                    84:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:4C:36:CE:9D:71:07:9E:83:C1:88:53:79:5A:D0:D9:24:0D:C7:08
            X509v3 Authority Key Identifier:
                keyid:46:54:F3:E6:92:7E:C4:C7:C9:7D:0F:23:6A:8C:24:53:4A:7F:CD:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7ff4a3-d191-4c6b-835a-b8050622aa96/1/RlTz5pJ-xMfJfQ8jaowkU0p_zdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:2a:fd:06:37:ef:d5:d4:c5:6d:ca:05:02:a4:93:12:6e:4c:
         fb:91:8e:ac:e7:29:6b:0d:21:78:aa:60:a2:f8:5e:06:8a:fc:
         fd:36:ce:cf:2f:03:84:85:50:cf:83:d1:0e:2f:4e:02:ee:7d:
         32:0a:61:a5:a1:c8:fb:40:74:d8:b8:b3:fa:81:ea:4e:a3:3f:
         76:88:6a:8f:b9:aa:09:5d:16:31:68:60:67:02:04:49:d9:bd:
         46:b5:00:f2:e9:08:ef:0f:aa:5e:77:e3:a2:63:63:8c:75:b4:
         c7:43:d1:97:3b:ca:8d:7c:06:8f:e9:97:92:84:ca:10:04:f1:
         85:5c:1d:b1:ab:14:ea:ce:40:a0:7b:1c:83:5e:28:fe:57:a6:
         5e:7d:2e:0a:ad:ba:65:ef:38:3f:9b:54:41:f1:79:a7:fe:7e:
         f4:c8:c4:ff:7f:5a:6f:80:d6:ec:61:3a:f7:1d:1e:29:af:e7:
         50:9a:94:a7:57:ea:87:72:68:a3:ed:fb:d8:5c:c2:7f:fa:a9:
         f7:65:46:72:5d:f6:1d:4b:b4:28:67:18:a2:f3:55:c1:0f:03:
         3e:1d:eb:3b:16:a3:d1:78:06:56:7c:8b:a5:2f:2b:56:f0:6d:
         96:a6:4e:28:9e:99:ef:e0:06:e8:67:e7:22:00:5b:19:34:b3:
         f7:4e:37:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNk6ZLlUiTO0GZR95HxOnnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NTRmM2U2OTI3ZWM0YzdjOTdkMGYyMzZhOGMyNDUzNGE3
ZmNkZDQwHhcNMjQxMTI1MjAwMDQ5WhcNMjQxMTI2MjAwMDQ5WjAzMTEwLwYDVQQD
EyhhNTRjMzZjZTlkNzEwNzllODNjMTg4NTM3OTVhZDBkOTI0MGRjNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2paNIxVxKs3ugnMH0Asj9LMPObz
kSEexiayKbOhQF98sSSAoT0Y7rhMSpKRL12wql7J/86iwFVSNt5GvUuK5tubV/C4
s2EP6zE0Ba7ke/MSKfXWqzQQncX63+6DQK6TePixxut7p3nPNUdOIWeJ/QcYtALT
CosuNRPKkEaXTBHfjuiuSavECGpnFIk1SvXlJyJ/5AxbuSKydy7jBgskfI6TMXJq
1zaEB2+R2OyfN9yug9yTXrSpnozg5NIqNe3kIo/jYyrKn5o2KpnsRUKC6sWPT0dY
iQLIWsIsnqbHJTXvoIdl3Vific+LXAbMTJuBJ2l/fZ8PUxJLn92JuQKEJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKVMNs6dcQeeg8GIU3la0NkkDccIMB8GA1UdIwQY
MBaAFEZU8+aSfsTHyX0PI2qMJFNKf83UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEt
YjgwNTA2MjJhYTk2LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZmY0YTMtZDE5MS00YzZiLTgzNWEtYjgwNTA2MjJhYTk2
LzEvUmxUejVwSi14TWZKZlE4amFvd2tVMHBfemRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKyr9Bjfv
1dTFbcoFAqSTEm5M+5GOrOcpaw0heKpgovheBor8/TbOzy8DhIVQz4PRDi9OAu59
MgphpaHI+0B02Liz+oHqTqM/dohqj7mqCV0WMWhgZwIESdm9RrUA8ukI7w+qXnfj
omNjjHW0x0PRlzvKjXwGj+mXkoTKEATxhVwdsasU6s5AoHscg14o/lemXn0uCq26
Ze84P5tUQfF5p/5+9MjE/39ab4DW7GE69x0eKa/nUJqUp1fqh3Joo+372FzCf/qp
92VGcl32HUu0KGcYovNVwQ8DPh3rOxaj0XgGVnyLpS8rVvBtlqZOKJ6Z7+AG6Gfn
IgBbGTSz9043Bg==
-----END CERTIFICATE-----