Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
File:                     RmSgU4XAYmgVApGX6xUGSF09bRw.mft (raw, json)
Hash identifier:          oado8ye6w2fG6D1e+GDHkYBG1EyNQnDQ5X8IGTURAyg=
Subject key identifier:   7D:EC:7A:5E:95:AA:D7:5A:28:5E:D8:53:36:F4:65:08:89:ED:79:FC
Authority key identifier: 46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C
Certificate issuer:       /CN=4664a05385c0626815029197eb1506485d3d6d1c
Certificate serial:       01936B2294455F2326B2E647DD6B3C577D28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
Manifest number:          04D1
Signing time:             Wed 27 Nov 2024 01:00:48 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:48 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:48 +0000
Files and hashes:         1: RmSgU4XAYmgVApGX6xUGSF09bRw.crl (hash: DQhDZm8vbLRCfZ6XDPq+nfZXi0CmmyVs4cnjoYwKRHQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Nov 2024 01:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:94:45:5f:23:26:b2:e6:47:dd:6b:3c:57:7d:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4664a05385c0626815029197eb1506485d3d6d1c
        Validity
            Not Before: Nov 27 01:00:48 2024 GMT
            Not After : Nov 28 01:00:48 2024 GMT
        Subject: CN=7dec7a5e95aad75a285ed85336f4650889ed79fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:13:4a:c2:6a:58:8e:ae:dc:f9:c3:34:a4:04:
                    af:f3:75:76:f6:ad:9a:2d:e5:e2:67:9a:13:86:fe:
                    27:c1:45:1d:69:05:23:dd:92:1d:ff:95:fa:81:38:
                    06:f3:f5:15:5a:5b:f6:5b:ae:c1:bc:3b:f6:52:e6:
                    57:3b:24:40:97:ba:09:12:a8:d6:81:b5:29:21:94:
                    58:40:97:61:cb:f3:a9:16:c6:cb:30:44:8a:5c:00:
                    82:a2:90:bd:10:d9:84:e2:82:df:07:33:c8:cf:68:
                    52:6c:74:58:d5:ae:44:04:bb:3d:c0:db:fb:a4:a9:
                    da:86:4e:98:03:c4:e1:4b:19:47:46:9e:d9:d9:54:
                    b1:88:2f:5f:5e:0a:d4:c2:cd:41:2d:31:3d:fa:17:
                    2a:e9:a9:d9:57:c0:bd:23:96:c6:6d:e3:38:73:69:
                    ab:c6:da:04:d4:60:c9:c5:87:e7:ef:bf:d4:1f:03:
                    65:d5:7b:0c:5b:3e:9d:7f:6b:7b:36:b0:54:81:ef:
                    ea:23:35:36:95:d0:41:2c:b1:89:55:06:38:5c:d7:
                    63:4a:44:93:51:21:1f:23:d2:10:29:82:f1:35:29:
                    d2:27:8a:c6:d9:3c:cb:c5:6c:be:28:43:70:7a:ed:
                    da:2e:53:a9:ab:de:f2:2c:50:4b:38:47:49:f8:07:
                    63:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:EC:7A:5E:95:AA:D7:5A:28:5E:D8:53:36:F4:65:08:89:ED:79:FC
            X509v3 Authority Key Identifier:
                keyid:46:64:A0:53:85:C0:62:68:15:02:91:97:EB:15:06:48:5D:3D:6D:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSgU4XAYmgVApGX6xUGSF09bRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bd7646-add9-4859-9de9-9c8485483d59/1/RmSgU4XAYmgVApGX6xUGSF09bRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:10:31:d1:f5:5a:62:fe:2e:8c:60:fc:d4:77:46:39:09:bf:
         03:5c:d4:d4:27:f0:dc:1e:ec:51:cb:ed:b6:de:8b:56:1d:0f:
         b4:75:00:5c:c5:6f:d0:ea:0d:a8:e3:dd:4d:48:04:81:a2:eb:
         5a:dc:b0:0b:d6:7e:89:11:81:4e:e4:14:91:db:3a:dc:d1:0d:
         18:b8:53:ab:cb:b8:a5:54:88:d3:5e:c0:9b:26:1e:65:c9:0c:
         b2:74:58:e2:5f:69:ef:87:1a:90:1e:70:06:05:12:5b:db:d8:
         e4:49:e5:be:2d:cc:58:79:f0:5b:10:2d:8d:3e:e5:10:4e:19:
         e4:b3:61:28:8b:7c:c7:be:50:14:85:d0:06:f3:57:34:ca:1e:
         f1:70:c3:d8:a6:b3:03:51:2f:3a:f0:12:87:fb:e6:98:1b:de:
         68:88:1d:20:af:b2:95:1c:27:6e:1a:18:e1:6e:cd:b1:73:6c:
         c3:88:ef:86:3a:5d:ee:68:be:5c:c8:b4:2a:b4:e3:b1:f5:99:
         22:68:54:1b:a8:90:99:f4:7b:97:77:3b:7b:a5:ea:32:60:10:
         7b:de:d5:17:8b:79:2a:b1:20:8a:7b:36:49:28:3c:89:2e:e4:
         bc:c3:6a:49:a4:e8:ac:a9:53:5f:35:10:bc:64:e5:5a:de:59:
         45:6d:c9:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIpRFXyMmsuZH3Ws8V30oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NjRhMDUzODVjMDYyNjgxNTAyOTE5N2ViMTUwNjQ4NWQz
ZDZkMWMwHhcNMjQxMTI3MDEwMDQ4WhcNMjQxMTI4MDEwMDQ4WjAzMTEwLwYDVQQD
Eyg3ZGVjN2E1ZTk1YWFkNzVhMjg1ZWQ4NTMzNmY0NjUwODg5ZWQ3OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BNKwmpYjq7c+cM0pASv83V29q2a
LeXiZ5oThv4nwUUdaQUj3ZId/5X6gTgG8/UVWlv2W67BvDv2UuZXOyRAl7oJEqjW
gbUpIZRYQJdhy/OpFsbLMESKXACCopC9ENmE4oLfBzPIz2hSbHRY1a5EBLs9wNv7
pKnahk6YA8ThSxlHRp7Z2VSxiC9fXgrUws1BLTE9+hcq6anZV8C9I5bGbeM4c2mr
xtoE1GDJxYfn77/UHwNl1XsMWz6df2t7NrBUge/qIzU2ldBBLLGJVQY4XNdjSkST
USEfI9IQKYLxNSnSJ4rG2TzLxWy+KENweu3aLlOpq97yLFBLOEdJ+AdjowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3sel6VqtdaKF7YUzb0ZQiJ7Xn8MB8GA1UdIwQY
MBaAFEZkoFOFwGJoFQKRl+sVBkhdPW0cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTkt
OWM4NDg1NDgzZDU5LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iZDc2NDYtYWRkOS00ODU5LTlkZTktOWM4NDg1NDgzZDU5
LzEvUm1TZ1U0WEFZbWdWQXBHWDZ4VUdTRjA5YlJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUBAx0fVa
Yv4ujGD81HdGOQm/A1zU1Cfw3B7sUcvttt6LVh0PtHUAXMVv0OoNqOPdTUgEgaLr
WtywC9Z+iRGBTuQUkds63NENGLhTq8u4pVSI017AmyYeZckMsnRY4l9p74cakB5w
BgUSW9vY5Enlvi3MWHnwWxAtjT7lEE4Z5LNhKIt8x75QFIXQBvNXNMoe8XDD2Kaz
A1EvOvASh/vmmBveaIgdIK+ylRwnbhoY4W7NsXNsw4jvhjpd7mi+XMi0KrTjsfWZ
ImhUG6iQmfR7l3c7e6XqMmAQe97VF4t5KrEgins2SSg8iS7kvMNqSaTorKlTXzUQ
vGTlWt5ZRW3JHg==
-----END CERTIFICATE-----