Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
File:                     FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json)
Hash identifier:          u53ZovmLH4WTVuuU8lUM8hRULR2/ceyLH7oEkqaNBX0=
Subject key identifier:   B8:4E:77:35:5A:45:CC:9F:35:70:EF:3E:76:FE:84:A0:D8:66:F1:E0
Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A
Certificate issuer:       /CN=14c2eab6a2960506046a1da4312773d98e97cd5a
Certificate serial:       019356897352071C5DD2FC84175AB90FA545
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
Manifest number:          0813
Signing time:             Sat 23 Nov 2024 01:01:08 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:08 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:08 +0000
Files and hashes:         1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: 8l/lPA95Y0jGh7v/bvRT6LegCHGwAEfB2lVWCZaOx6A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:73:52:07:1c:5d:d2:fc:84:17:5a:b9:0f:a5:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a
        Validity
            Not Before: Nov 23 01:01:08 2024 GMT
            Not After : Nov 24 01:01:08 2024 GMT
        Subject: CN=b84e77355a45cc9f3570ef3e76fe84a0d866f1e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:5d:11:09:b1:cf:40:7d:61:7a:dc:ca:c1:8c:
                    01:90:68:58:67:d9:83:71:61:82:d2:dd:9e:17:19:
                    73:ef:fb:7a:71:9c:2f:8d:ba:8f:74:7b:b7:7c:c3:
                    cf:b3:b6:19:69:ee:35:b3:87:2c:c4:2a:2e:43:ac:
                    82:c2:8d:bf:57:6b:3e:8f:f0:1a:d6:91:be:2d:b8:
                    f8:0b:fb:46:c0:51:bc:39:9f:64:b5:41:8f:45:98:
                    13:97:df:7a:30:d5:1b:41:89:e1:aa:19:9b:74:1c:
                    f2:e2:38:27:0e:c8:9c:a2:ee:45:03:fd:02:d1:19:
                    b1:ef:19:2f:a5:45:51:38:60:a5:58:20:65:c2:08:
                    30:8e:e4:c8:46:b3:e3:63:3c:0c:9e:70:ea:ee:1b:
                    4e:7a:10:e1:8d:57:7b:84:17:13:6c:06:21:46:86:
                    93:37:3e:4e:c3:06:c6:5c:98:16:fa:2e:de:62:d7:
                    64:19:c8:fc:53:fe:68:b0:bf:c8:96:c8:2b:d5:5b:
                    f5:81:14:4d:ae:7a:be:27:0c:6c:3a:55:8f:98:09:
                    1b:e6:ae:5a:e5:79:a1:fb:37:62:b3:f7:a9:ce:88:
                    df:8f:77:d6:fe:70:3f:d6:e2:77:3c:6c:59:a8:37:
                    ac:21:92:72:60:93:20:dc:a8:e1:25:57:59:6a:2c:
                    7a:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:4E:77:35:5A:45:CC:9F:35:70:EF:3E:76:FE:84:A0:D8:66:F1:E0
            X509v3 Authority Key Identifier:
                keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:57:93:ac:f2:0e:8b:32:61:0c:78:84:94:5f:7b:52:bb:6a:
         6b:12:21:fa:2a:c9:1d:63:39:6f:2d:85:83:f5:b8:10:45:c9:
         30:c0:86:1a:9c:70:00:69:ce:71:7b:20:0c:9c:58:d9:5c:e1:
         03:2e:ad:1f:81:84:a2:c2:9d:57:ad:d7:d3:33:4a:f6:a4:2a:
         66:5c:cf:4b:07:0c:a9:30:68:7d:a1:87:49:54:b8:82:ee:96:
         19:b3:7a:32:e5:7c:d9:1a:16:c5:b0:5a:cd:e9:22:8e:50:b2:
         c0:f1:e6:72:80:e7:2b:4c:4a:45:49:32:ef:a2:84:db:5f:9d:
         64:b4:e2:05:e5:e6:53:21:03:32:46:82:80:f1:5b:83:2f:65:
         33:04:93:bd:d1:1b:cb:5c:25:68:fd:0b:17:c0:07:00:72:23:
         0b:38:32:5c:a9:5f:78:de:d9:c6:4a:c0:20:85:08:35:33:15:
         00:75:54:34:60:d9:85:b2:ab:01:37:b6:9d:7d:3f:ea:2c:b6:
         17:f1:c0:e0:f7:a0:be:19:e5:4f:a3:f9:f8:78:aa:a5:e0:de:
         2a:4e:7f:45:3b:2a:bc:93:69:99:94:89:e0:85:ae:55:c8:44:
         d1:75:67:0d:5d:d4:e0:94:b5:e7:2e:1f:da:36:24:32:93:9b:
         c8:17:59:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiXNSBxxd0vyEF1q5D6VFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5
N2NkNWEwHhcNMjQxMTIzMDEwMTA4WhcNMjQxMTI0MDEwMTA4WjAzMTEwLwYDVQQD
EyhiODRlNzczNTVhNDVjYzlmMzU3MGVmM2U3NmZlODRhMGQ4NjZmMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtl0RCbHPQH1hetzKwYwBkGhYZ9mD
cWGC0t2eFxlz7/t6cZwvjbqPdHu3fMPPs7YZae41s4csxCouQ6yCwo2/V2s+j/Aa
1pG+Lbj4C/tGwFG8OZ9ktUGPRZgTl996MNUbQYnhqhmbdBzy4jgnDsicou5FA/0C
0Rmx7xkvpUVROGClWCBlwggwjuTIRrPjYzwMnnDq7htOehDhjVd7hBcTbAYhRoaT
Nz5OwwbGXJgW+i7eYtdkGcj8U/5osL/Ilsgr1Vv1gRRNrnq+JwxsOlWPmAkb5q5a
5Xmh+zdis/epzojfj3fW/nA/1uJ3PGxZqDesIZJyYJMg3KjhJVdZaix6VQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLhOdzVaRcyfNXDvPnb+hKDYZvHgMB8GA1UdIwQY
MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt
NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw
LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATVeTrPIO
izJhDHiElF97UrtqaxIh+irJHWM5by2Fg/W4EEXJMMCGGpxwAGnOcXsgDJxY2Vzh
Ay6tH4GEosKdV63X0zNK9qQqZlzPSwcMqTBofaGHSVS4gu6WGbN6MuV82RoWxbBa
zekijlCywPHmcoDnK0xKRUky76KE21+dZLTiBeXmUyEDMkaCgPFbgy9lMwSTvdEb
y1wlaP0LF8AHAHIjCzgyXKlfeN7ZxkrAIIUINTMVAHVUNGDZhbKrATe2nX0/6iy2
F/HA4PegvhnlT6P5+HiqpeDeKk5/RTsqvJNpmZSJ4IWuVchE0XVnDV3U4JS15y4f
2jYkMpObyBdZ5Q==
-----END CERTIFICATE-----