Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
File:                     PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft (raw, json)
Hash identifier:          he9zftG4a+R4A7LRT8C6hoUqq1iIJriqPRxoG3OV3rA=
Subject key identifier:   DF:B4:9A:4A:24:05:7C:EB:59:7D:FF:47:47:AE:6D:E1:43:56:F1:C8
Authority key identifier: 3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6
Certificate issuer:       /CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
Certificate serial:       0193568963256C6BB20FD5059B279BDDDBE2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
Manifest number:          F5
Signing time:             Sat 23 Nov 2024 01:01:04 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:04 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:04 +0000
Files and hashes:         1: PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl (hash: FBk47lDXrtfldZoN5a36FR9f8pb/86vlDWoMO/plWaI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:63:25:6c:6b:b2:0f:d5:05:9b:27:9b:dd:db:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d1b67ccda49c8de48929341f6de8a2b6025b3a6
        Validity
            Not Before: Nov 23 01:01:04 2024 GMT
            Not After : Nov 24 01:01:04 2024 GMT
        Subject: CN=dfb49a4a24057ceb597dff4747ae6de14356f1c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:83:49:b0:e0:76:f8:e0:00:99:69:f7:8c:eb:
                    8a:24:7f:ef:c3:78:f3:98:7f:d0:08:ad:cc:21:5c:
                    de:93:12:28:0a:08:f7:d7:a9:fa:b2:28:13:73:04:
                    f6:f0:48:3d:e1:c4:0c:b9:d9:04:78:17:8e:12:35:
                    e5:09:fd:63:5c:d1:64:a2:19:97:90:02:c7:36:6a:
                    4d:9a:f1:a0:02:99:52:74:b2:2f:67:5a:cb:9f:13:
                    f3:f4:28:04:cf:cc:2e:2e:9f:8c:8b:56:da:1b:9f:
                    3d:83:44:76:37:b5:23:6e:12:6c:2c:3c:72:27:17:
                    55:82:42:3a:60:51:b7:fc:fa:76:be:05:4d:56:1e:
                    ce:11:c4:6e:7c:0a:d7:e5:a5:e4:79:b4:0d:4e:0c:
                    6c:ce:1e:60:09:b9:ad:04:b2:4b:85:ba:be:c1:20:
                    d5:80:72:90:15:5b:e5:f7:b0:69:d6:dc:97:64:6d:
                    77:29:7a:06:d2:b4:ab:34:a9:36:d7:ab:f6:cf:f7:
                    fd:12:22:83:e8:34:47:1b:66:cd:22:53:f6:22:0e:
                    66:df:c4:99:26:26:14:28:70:ee:dc:a9:c8:6e:65:
                    c0:19:50:87:c6:da:19:e4:10:19:b8:38:74:a1:b3:
                    1f:d3:18:ca:c0:8f:86:8f:b7:4d:b8:07:c6:c8:40:
                    bb:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:B4:9A:4A:24:05:7C:EB:59:7D:FF:47:47:AE:6D:E1:43:56:F1:C8
            X509v3 Authority Key Identifier:
                keyid:3D:1B:67:CC:DA:49:C8:DE:48:92:93:41:F6:DE:8A:2B:60:25:B3:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PRtnzNpJyN5IkpNB9t6KK2Als6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d8c098-7862-42cd-ad03-08b24be12689/1/PRtnzNpJyN5IkpNB9t6KK2Als6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:31:64:da:18:7b:64:e6:9e:b2:79:91:8a:73:28:0f:03:64:
         26:bd:97:3b:12:0d:27:07:83:b7:99:90:1d:b8:77:2c:fb:9b:
         39:35:cd:91:05:af:b5:21:1a:5e:3f:15:35:62:a6:58:8e:39:
         71:eb:88:aa:33:3d:d5:2c:df:05:c3:11:66:fe:26:f4:9f:bc:
         60:8a:72:84:43:ae:da:b7:46:86:d8:17:01:e9:19:23:f5:0f:
         c8:cc:03:ad:4e:a4:4f:ff:3e:01:51:05:2c:6c:7b:2c:74:d0:
         53:8b:23:23:ca:12:40:4f:3f:cc:2f:c0:7a:ed:37:4a:fd:64:
         ab:98:53:9c:e1:55:41:6d:1c:3c:b5:8c:bb:dd:7d:63:f3:50:
         69:c8:01:e4:a1:99:d5:c9:2e:48:c8:59:9d:36:ec:ae:3f:ce:
         6d:4e:99:1d:f9:77:98:f6:1b:74:51:d0:15:ca:7c:55:36:c4:
         fa:cb:de:32:24:cd:c1:7f:19:75:4b:e1:5f:09:c2:f3:03:01:
         8d:49:e3:99:d0:dd:76:33:af:47:22:85:0e:fc:10:3b:48:40:
         31:39:8c:e6:90:bc:47:67:99:b9:36:5c:34:ff:d3:8b:f0:42:
         ce:af:b1:40:d7:81:d1:4b:21:0b:9f:50:88:e7:60:91:6c:49:
         e5:dd:46:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiWMlbGuyD9UFmyeb3dviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMWI2N2NjZGE0OWM4ZGU0ODkyOTM0MWY2ZGU4YTJiNjAy
NWIzYTYwHhcNMjQxMTIzMDEwMTA0WhcNMjQxMTI0MDEwMTA0WjAzMTEwLwYDVQQD
EyhkZmI0OWE0YTI0MDU3Y2ViNTk3ZGZmNDc0N2FlNmRlMTQzNTZmMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYNJsOB2+OAAmWn3jOuKJH/vw3jz
mH/QCK3MIVzekxIoCgj316n6sigTcwT28Eg94cQMudkEeBeOEjXlCf1jXNFkohmX
kALHNmpNmvGgAplSdLIvZ1rLnxPz9CgEz8wuLp+Mi1baG589g0R2N7UjbhJsLDxy
JxdVgkI6YFG3/Pp2vgVNVh7OEcRufArX5aXkebQNTgxszh5gCbmtBLJLhbq+wSDV
gHKQFVvl97Bp1tyXZG13KXoG0rSrNKk216v2z/f9EiKD6DRHG2bNIlP2Ig5m38SZ
JiYUKHDu3KnIbmXAGVCHxtoZ5BAZuDh0obMf0xjKwI+Gj7dNuAfGyEC7RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+0mkokBXzrWX3/R0eubeFDVvHIMB8GA1UdIwQY
MBaAFD0bZ8zaScjeSJKTQfbeiitgJbOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMt
MDhiMjRiZTEyNjg5LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kOGMwOTgtNzg2Mi00MmNkLWFkMDMtMDhiMjRiZTEyNjg5
LzEvUFJ0bnpOcEp5TjVJa3BOQjl0NktLMkFsczZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuTFk2hh7
ZOaesnmRinMoDwNkJr2XOxINJweDt5mQHbh3LPubOTXNkQWvtSEaXj8VNWKmWI45
ceuIqjM91SzfBcMRZv4m9J+8YIpyhEOu2rdGhtgXAekZI/UPyMwDrU6kT/8+AVEF
LGx7LHTQU4sjI8oSQE8/zC/Aeu03Sv1kq5hTnOFVQW0cPLWMu919Y/NQacgB5KGZ
1ckuSMhZnTbsrj/ObU6ZHfl3mPYbdFHQFcp8VTbE+sveMiTNwX8ZdUvhXwnC8wMB
jUnjmdDddjOvRyKFDvwQO0hAMTmM5pC8R2eZuTZcNP/Ti/BCzq+xQNeB0UshC59Q
iOdgkWxJ5d1GKw==
-----END CERTIFICATE-----