Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
File:                     XX2xSVjPTXheWe9cbGefjvVMHYs.mft (raw, json)
Hash identifier:          Smc8zgUEON5zo20r1E14NAcF5yv2opQSDBHEHsWhriM=
Subject key identifier:   4A:88:16:56:87:A5:6C:7B:C6:CD:85:52:B4:87:52:4E:D7:E4:54:4A
Authority key identifier: 5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B
Certificate issuer:       /CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
Certificate serial:       019358E56678F38EB7BFC51EF1F44996A811
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
Manifest number:          035A
Signing time:             Sat 23 Nov 2024 12:00:49 +0000
Manifest this update:     Sat 23 Nov 2024 12:00:49 +0000
Manifest next update:     Sun 24 Nov 2024 12:00:49 +0000
Files and hashes:         1: XX2xSVjPTXheWe9cbGefjvVMHYs.crl (hash: 5IovMI0RJZC79HxH36AGr857+LZ25FHfFnuSXWirjB4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:e5:66:78:f3:8e:b7:bf:c5:1e:f1:f4:49:96:a8:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d7db14958cf4d785e59ef5c6c679f8ef54c1d8b
        Validity
            Not Before: Nov 23 12:00:49 2024 GMT
            Not After : Nov 24 12:00:49 2024 GMT
        Subject: CN=4a88165687a56c7bc6cd8552b487524ed7e4544a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:58:ec:8d:6a:ae:0e:7b:0b:10:41:a9:d1:19:
                    2e:44:d5:a9:c4:9b:4d:2f:9a:ed:67:de:5e:7c:98:
                    b5:6b:37:5a:42:1c:e7:81:14:08:3a:7f:84:62:d5:
                    6d:a4:66:a6:f8:99:0e:e8:f3:ef:8c:5d:18:55:ec:
                    61:dc:7a:a9:f0:e9:c5:90:7c:30:23:63:3e:b1:c2:
                    56:70:3d:d5:d3:6e:5a:8b:e4:fd:91:61:32:05:1b:
                    32:fb:84:8a:46:e6:a5:84:43:ee:0f:14:22:1f:ed:
                    ae:c9:f4:c0:a6:7b:f5:bf:8e:74:54:4e:a8:5b:e5:
                    05:6f:2d:ce:a8:95:87:42:98:d9:70:0b:ca:03:99:
                    48:7b:05:ff:b3:fe:39:25:fd:f0:ea:6a:6f:4b:c3:
                    f2:ad:c2:d3:50:d1:be:8b:c0:81:7e:51:b4:89:1a:
                    be:04:10:91:a7:2e:e4:a5:54:60:20:88:85:1b:24:
                    77:92:6b:0e:e3:8c:14:6d:62:f6:d1:33:5c:fb:b3:
                    04:74:93:ca:58:92:9b:f8:41:44:be:dd:95:74:11:
                    de:9e:f7:1b:64:fa:36:20:b3:d7:96:b8:20:cf:31:
                    9f:cc:7e:ef:2a:46:87:7f:65:de:12:d5:3d:28:cd:
                    e2:72:1b:ba:63:8e:93:3e:49:d4:7a:00:18:2f:2b:
                    05:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:88:16:56:87:A5:6C:7B:C6:CD:85:52:B4:87:52:4E:D7:E4:54:4A
            X509v3 Authority Key Identifier:
                keyid:5D:7D:B1:49:58:CF:4D:78:5E:59:EF:5C:6C:67:9F:8E:F5:4C:1D:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX2xSVjPTXheWe9cbGefjvVMHYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/217e97-6b2c-4a5d-915b-949c628e5f3c/1/XX2xSVjPTXheWe9cbGefjvVMHYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2d:3f:68:79:bb:11:70:52:a8:3f:2e:7f:67:cb:61:86:7d:9c:
         72:eb:68:23:4b:66:db:48:84:fe:65:1d:ee:92:ee:6f:65:74:
         ee:d9:2a:8a:c8:42:d4:46:bd:ae:fd:cf:55:eb:ca:a9:96:6f:
         f0:be:80:4b:84:56:19:9a:ae:f6:e8:9d:27:7e:68:a5:d4:32:
         35:2c:70:b7:fa:8b:93:a3:31:7d:f2:a4:98:1b:76:36:bc:7a:
         65:0f:04:26:97:23:49:fe:0a:7a:28:55:b5:b2:69:64:07:af:
         70:7a:5f:24:ae:bc:4b:28:3b:48:bc:ce:f7:a8:5c:d0:15:97:
         22:9c:74:c1:d3:ee:4a:db:89:7e:42:d6:4b:ed:0b:f5:ea:00:
         f0:39:19:cc:f6:46:42:4b:55:9e:99:93:4e:ac:ff:75:f6:1e:
         8b:82:5f:5a:c0:6a:c3:bc:d0:94:3f:49:33:f8:b1:da:14:f6:
         19:f1:e1:d9:6e:94:f6:23:9b:84:24:98:85:66:35:c3:fa:ad:
         3a:96:21:c2:87:7f:b0:23:2b:d7:67:5c:96:dd:26:db:cc:02:
         f4:6e:82:ff:27:46:12:02:fc:d1:1a:28:42:f1:f4:8d:ff:f9:
         41:7b:97:86:d5:93:1f:31:8c:94:d7:95:f0:bb:6e:a3:f7:26:
         f3:1c:25:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNY5WZ48463v8Ue8fRJlqgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkN2RiMTQ5NThjZjRkNzg1ZTU5ZWY1YzZjNjc5ZjhlZjU0
YzFkOGIwHhcNMjQxMTIzMTIwMDQ5WhcNMjQxMTI0MTIwMDQ5WjAzMTEwLwYDVQQD
Eyg0YTg4MTY1Njg3YTU2YzdiYzZjZDg1NTJiNDg3NTI0ZWQ3ZTQ1NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxljsjWquDnsLEEGp0RkuRNWpxJtN
L5rtZ95efJi1azdaQhzngRQIOn+EYtVtpGam+JkO6PPvjF0YVexh3Hqp8OnFkHww
I2M+scJWcD3V025ai+T9kWEyBRsy+4SKRualhEPuDxQiH+2uyfTApnv1v450VE6o
W+UFby3OqJWHQpjZcAvKA5lIewX/s/45Jf3w6mpvS8PyrcLTUNG+i8CBflG0iRq+
BBCRpy7kpVRgIIiFGyR3kmsO44wUbWL20TNc+7MEdJPKWJKb+EFEvt2VdBHenvcb
ZPo2ILPXlrggzzGfzH7vKkaHf2XeEtU9KM3ichu6Y46TPknUegAYLysFNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqIFlaHpWx7xs2FUrSHUk7X5FRKMB8GA1UdIwQY
MBaAFF19sUlYz014XlnvXGxnn471TB2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWIt
OTQ5YzYyOGU1ZjNjLzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yMTdlOTctNmIyYy00YTVkLTkxNWItOTQ5YzYyOGU1ZjNj
LzEvWFgyeFNWalBUWGhlV2U5Y2JHZWZqdlZNSFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALT9oebsR
cFKoPy5/Z8thhn2ccutoI0tm20iE/mUd7pLub2V07tkqishC1Ea9rv3PVevKqZZv
8L6AS4RWGZqu9uidJ35opdQyNSxwt/qLk6MxffKkmBt2Nrx6ZQ8EJpcjSf4KeihV
tbJpZAevcHpfJK68Syg7SLzO96hc0BWXIpx0wdPuStuJfkLWS+0L9eoA8DkZzPZG
QktVnpmTTqz/dfYei4JfWsBqw7zQlD9JM/ix2hT2GfHh2W6U9iObhCSYhWY1w/qt
OpYhwod/sCMr12dclt0m28wC9G6C/ydGEgL80RooQvH0jf/5QXuXhtWTHzGMlNeV
8Ltuo/cm8xwlWQ==
-----END CERTIFICATE-----