Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
File:                     P9WU69efjdhbR5LpUzvkaBaohgY.mft (raw, json)
Hash identifier:          Q0286YxRm6wqC01WlHLeEsJg3eDKI6eoAEoqdYa1QrI=
Subject key identifier:   98:DE:66:73:57:B5:4D:4A:29:7E:6D:F9:65:CD:9B:EA:34:25:48:A1
Authority key identifier: 3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06
Certificate issuer:       /CN=3fd594ebd79f8dd85b4792e9533be46816a88606
Certificate serial:       019357D25113BAE28571F885B5940CA76F2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
Manifest number:          0EF0
Signing time:             Sat 23 Nov 2024 07:00:21 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:21 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:21 +0000
Files and hashes:         1: P9WU69efjdhbR5LpUzvkaBaohgY.crl (hash: G7k/gLNaJiPi46LFKNhbjt1t90kAWZhU8a+LYV1PTUw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:51:13:ba:e2:85:71:f8:85:b5:94:0c:a7:6f:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd594ebd79f8dd85b4792e9533be46816a88606
        Validity
            Not Before: Nov 23 07:00:21 2024 GMT
            Not After : Nov 24 07:00:21 2024 GMT
        Subject: CN=98de667357b54d4a297e6df965cd9bea342548a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:b6:6d:3a:05:e2:86:48:c4:50:b1:ba:43:80:
                    c8:76:d4:d5:03:c3:f0:55:82:f1:7e:36:22:3e:48:
                    87:32:91:cd:a4:b7:fc:69:45:79:97:f5:de:83:43:
                    2e:e5:81:89:73:17:f4:22:a2:22:5c:68:06:b6:3f:
                    4d:53:09:c7:48:41:ae:36:28:e6:12:88:8e:88:e1:
                    e0:32:d8:80:be:61:0e:cb:da:96:ae:68:e9:cd:2b:
                    32:ad:cd:ad:cf:ea:9a:8b:b3:62:34:17:3a:be:2c:
                    af:12:23:15:1c:e7:89:ee:05:d4:5f:56:96:2f:6f:
                    6f:20:4a:7c:56:3d:68:a1:32:b4:f6:31:0a:85:55:
                    0b:68:62:b2:6c:7b:0c:9c:b6:1d:68:a6:ee:24:3b:
                    50:c9:69:ac:f7:56:25:03:19:1e:ce:ef:57:e7:20:
                    26:ac:e6:b6:73:1c:16:4a:3d:1e:32:97:de:d7:22:
                    57:a0:b7:7f:59:c1:a3:87:f7:e8:96:25:36:db:dd:
                    aa:9e:a1:b0:63:e1:62:0e:c2:49:9f:15:69:d9:d3:
                    bf:3b:98:f8:a7:68:90:2f:5f:3c:f8:8c:9a:97:d5:
                    f6:1c:f1:6c:d0:26:93:19:e7:6b:82:83:25:da:42:
                    6b:a5:06:b4:67:e0:e2:fc:f5:12:61:fe:2a:c4:36:
                    93:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:DE:66:73:57:B5:4D:4A:29:7E:6D:F9:65:CD:9B:EA:34:25:48:A1
            X509v3 Authority Key Identifier:
                keyid:3F:D5:94:EB:D7:9F:8D:D8:5B:47:92:E9:53:3B:E4:68:16:A8:86:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9WU69efjdhbR5LpUzvkaBaohgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/30a86d-b972-415e-b8fa-6624691f6f13/1/P9WU69efjdhbR5LpUzvkaBaohgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:90:21:16:fc:d0:50:73:61:ef:4e:b9:d2:e5:29:d3:cb:0c:
         cf:41:1c:6e:58:19:38:ce:42:70:22:31:67:db:c0:c9:f2:50:
         1c:c6:3e:b1:10:88:be:09:3f:31:f6:a0:21:75:a9:4f:be:1a:
         78:dc:a8:bf:47:4a:de:65:dc:07:35:fa:c0:5e:f7:61:35:9c:
         a4:f3:6c:14:03:81:bc:fc:a5:14:55:d6:da:a3:b3:8f:80:1a:
         bd:be:ec:da:dc:ff:77:80:be:c5:13:98:d0:31:51:d6:61:8f:
         cf:06:7b:c8:cc:fc:f4:90:fe:3c:7a:08:e7:4d:32:02:aa:cc:
         24:f9:08:fb:53:1e:49:20:3b:cc:47:b7:de:f7:92:e9:53:b3:
         77:57:ae:a1:8a:d8:a1:7e:88:3d:46:40:9b:b1:cc:9c:25:94:
         b4:02:a9:d6:32:15:5f:f0:de:27:6d:18:7d:f9:e3:f1:c4:9b:
         47:52:7c:b0:8e:ea:d2:14:63:62:15:ad:42:21:04:46:9b:7b:
         12:fc:c2:8e:1d:01:7f:70:cb:95:3a:0e:07:6c:e5:8f:13:ce:
         80:c0:17:aa:4d:19:72:b0:e3:d3:1c:18:14:0b:c1:18:ed:40:
         3b:b2:4a:4a:f7:33:36:46:c7:02:1d:ea:e6:7f:b1:7e:05:f6:
         21:76:23:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0lETuuKFcfiFtZQMp28qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDU5NGViZDc5ZjhkZDg1YjQ3OTJlOTUzM2JlNDY4MTZh
ODg2MDYwHhcNMjQxMTIzMDcwMDIxWhcNMjQxMTI0MDcwMDIxWjAzMTEwLwYDVQQD
Eyg5OGRlNjY3MzU3YjU0ZDRhMjk3ZTZkZjk2NWNkOWJlYTM0MjU0OGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrZtOgXihkjEULG6Q4DIdtTVA8Pw
VYLxfjYiPkiHMpHNpLf8aUV5l/Xeg0Mu5YGJcxf0IqIiXGgGtj9NUwnHSEGuNijm
EoiOiOHgMtiAvmEOy9qWrmjpzSsyrc2tz+qai7NiNBc6viyvEiMVHOeJ7gXUX1aW
L29vIEp8Vj1ooTK09jEKhVULaGKybHsMnLYdaKbuJDtQyWms91YlAxkezu9X5yAm
rOa2cxwWSj0eMpfe1yJXoLd/WcGjh/foliU2292qnqGwY+FiDsJJnxVp2dO/O5j4
p2iQL188+Iyal9X2HPFs0CaTGedrgoMl2kJrpQa0Z+Di/PUSYf4qxDaT6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjeZnNXtU1KKX5t+WXNm+o0JUihMB8GA1UdIwQY
MBaAFD/VlOvXn43YW0eS6VM75GgWqIYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEt
NjYyNDY5MWY2ZjEzLzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zMGE4NmQtYjk3Mi00MTVlLWI4ZmEtNjYyNDY5MWY2ZjEz
LzEvUDlXVTY5ZWZqZGhiUjVMcFV6dmthQmFvaGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJAhFvzQ
UHNh70650uUp08sMz0EcblgZOM5CcCIxZ9vAyfJQHMY+sRCIvgk/MfagIXWpT74a
eNyov0dK3mXcBzX6wF73YTWcpPNsFAOBvPylFFXW2qOzj4Aavb7s2tz/d4C+xROY
0DFR1mGPzwZ7yMz89JD+PHoI500yAqrMJPkI+1MeSSA7zEe33veS6VOzd1euoYrY
oX6IPUZAm7HMnCWUtAKp1jIVX/DeJ20Yffnj8cSbR1J8sI7q0hRjYhWtQiEERpt7
EvzCjh0Bf3DLlToOB2zljxPOgMAXqk0ZcrDj0xwYFAvBGO1AO7JKSvczNkbHAh3q
5n+xfgX2IXYjKw==
-----END CERTIFICATE-----