Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
File:                     aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft (raw, json)
Hash identifier:          i+Kx+80ttOncTTQEd9Q9TrIk63tDqM26laZrgw8PSfg=
Subject key identifier:   58:52:93:66:E0:F4:C6:A1:4C:D3:13:35:43:51:76:37:5A:0F:D8:DA
Authority key identifier: 69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71
Certificate issuer:       /CN=6987d0047fb1d8912c63f911305a714f438b1e71
Certificate serial:       01935689E3AAD23EF1C751439DB85DB95185
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
Manifest number:          136F
Signing time:             Sat 23 Nov 2024 01:01:37 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:37 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:37 +0000
Files and hashes:         1: aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl (hash: VSvEt4/x2kxNMrxtuRk+X783umlerLIi8IfrWytdNtw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:e3:aa:d2:3e:f1:c7:51:43:9d:b8:5d:b9:51:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6987d0047fb1d8912c63f911305a714f438b1e71
        Validity
            Not Before: Nov 23 01:01:37 2024 GMT
            Not After : Nov 24 01:01:37 2024 GMT
        Subject: CN=58529366e0f4c6a14cd31335435176375a0fd8da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:f4:9b:00:6a:da:73:04:5f:e4:b3:e7:9f:cf:
                    d3:9b:79:e3:66:f5:6e:3e:aa:f2:b3:4d:c6:73:ab:
                    8c:41:e2:d9:dc:8b:f2:59:54:ac:dd:ea:99:4c:04:
                    b7:e0:1e:e1:3c:1d:bf:fb:8d:4d:60:e4:18:ee:4f:
                    84:05:fd:c9:90:6b:f5:32:14:bf:31:49:f7:56:7c:
                    5a:54:7a:68:44:4f:ad:e2:40:f4:93:3f:72:30:f2:
                    e3:0c:28:81:ca:d1:6a:fb:60:20:3d:ad:b5:75:bf:
                    2a:b1:8e:e1:d2:e7:6e:32:f5:28:cb:bf:41:71:ef:
                    75:66:57:d9:01:cf:79:5b:f2:b5:ab:2c:f3:59:ee:
                    a2:44:35:92:1d:66:0b:c0:3e:87:85:f2:33:60:85:
                    9f:12:17:b5:22:0f:61:59:76:f1:66:ae:07:0c:ff:
                    ce:8b:db:86:b1:09:dc:cb:8d:45:29:72:b0:a8:64:
                    af:2f:31:2e:cc:e2:f9:39:c0:70:d0:76:1d:7d:db:
                    06:d2:02:96:83:9d:b1:da:d2:c6:d3:04:0c:54:44:
                    aa:28:da:2e:46:ec:a6:65:59:a5:a5:82:6b:fd:29:
                    65:ad:fa:58:c1:25:bd:c9:fb:0d:99:c8:66:cf:ad:
                    a5:3a:8e:21:2a:6e:f5:e3:f1:58:1b:33:9f:ea:d9:
                    c8:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:52:93:66:E0:F4:C6:A1:4C:D3:13:35:43:51:76:37:5A:0F:D8:DA
            X509v3 Authority Key Identifier:
                keyid:69:87:D0:04:7F:B1:D8:91:2C:63:F9:11:30:5A:71:4F:43:8B:1E:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfQBH-x2JEsY_kRMFpxT0OLHnE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/d83454-d359-4e9e-841c-42914be0aa04/1/aYfQBH-x2JEsY_kRMFpxT0OLHnE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:a1:15:65:1a:db:49:df:e7:ac:c5:4a:09:b1:32:3f:4f:1a:
         ef:95:7d:10:bd:54:b8:2d:5d:5e:99:e1:32:80:2c:97:e9:e1:
         cb:96:c7:bf:e3:5e:bb:74:e6:3a:80:f6:b6:d1:77:75:80:3b:
         85:a4:74:c2:e6:b4:a7:20:ff:47:36:4b:f2:16:e0:de:37:0d:
         3d:00:cb:d6:16:9b:d0:46:4e:45:5e:ad:e8:9b:72:25:62:39:
         8a:b2:fd:90:e7:5a:81:e5:a9:ee:83:99:2a:8b:31:6b:77:22:
         e0:6e:b0:02:b3:bb:c2:26:fb:50:d5:10:66:88:22:07:09:2b:
         41:f1:71:6a:ed:a3:e1:54:19:86:bc:3a:70:eb:74:9f:c9:8d:
         90:63:fb:ab:01:fd:1a:67:89:ac:3e:31:cf:9b:3f:85:45:15:
         aa:4c:6d:36:cd:76:0a:3d:b0:b4:e6:7a:69:0a:e1:76:18:61:
         9b:85:b1:d7:cb:9e:a0:c3:2c:1d:96:e5:d2:42:73:24:1d:09:
         34:d2:bc:cb:56:21:39:71:95:8a:69:20:ad:14:bf:37:af:f2:
         23:a7:a8:89:81:21:2e:13:a9:89:09:14:2f:9b:6f:b6:5e:e4:
         ac:63:0c:b9:b1:5b:00:ad:7a:2f:29:1b:17:e9:43:3a:de:c1:
         e3:08:cc:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWieOq0j7xx1FDnbhduVGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkMDA0N2ZiMWQ4OTEyYzYzZjkxMTMwNWE3MTRmNDM4
YjFlNzEwHhcNMjQxMTIzMDEwMTM3WhcNMjQxMTI0MDEwMTM3WjAzMTEwLwYDVQQD
Eyg1ODUyOTM2NmUwZjRjNmExNGNkMzEzMzU0MzUxNzYzNzVhMGZkOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPSbAGracwRf5LPnn8/Tm3njZvVu
Pqrys03Gc6uMQeLZ3IvyWVSs3eqZTAS34B7hPB2/+41NYOQY7k+EBf3JkGv1MhS/
MUn3VnxaVHpoRE+t4kD0kz9yMPLjDCiBytFq+2AgPa21db8qsY7h0uduMvUoy79B
ce91ZlfZAc95W/K1qyzzWe6iRDWSHWYLwD6HhfIzYIWfEhe1Ig9hWXbxZq4HDP/O
i9uGsQncy41FKXKwqGSvLzEuzOL5OcBw0HYdfdsG0gKWg52x2tLG0wQMVESqKNou
RuymZVmlpYJr/SllrfpYwSW9yfsNmchmz62lOo4hKm714/FYGzOf6tnIqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFhSk2bg9MahTNMTNUNRdjdaD9jaMB8GA1UdIwQY
MBaAFGmH0AR/sdiRLGP5ETBacU9Dix5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMt
NDI5MTRiZTBhYTA0LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9kODM0NTQtZDM1OS00ZTllLTg0MWMtNDI5MTRiZTBhYTA0
LzEvYVlmUUJILXgySkVzWV9rUk1GcHhUME9MSG5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgqEVZRrb
Sd/nrMVKCbEyP08a75V9EL1UuC1dXpnhMoAsl+nhy5bHv+Neu3TmOoD2ttF3dYA7
haR0wua0pyD/RzZL8hbg3jcNPQDL1hab0EZORV6t6JtyJWI5irL9kOdageWp7oOZ
Kosxa3ci4G6wArO7wib7UNUQZogiBwkrQfFxau2j4VQZhrw6cOt0n8mNkGP7qwH9
GmeJrD4xz5s/hUUVqkxtNs12Cj2wtOZ6aQrhdhhhm4Wx18ueoMMsHZbl0kJzJB0J
NNK8y1YhOXGVimkgrRS/N6/yI6eoiYEhLhOpiQkUL5tvtl7krGMMubFbAK16Lykb
F+lDOt7B4wjMeg==
-----END CERTIFICATE-----