Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
File:                     LONOJrtlYwuGk29JaTU-18hplcg.mft (raw, json)
Hash identifier:          Nbrr7irZppqB0PnYEzSQo1LJGGXQJuQbGu7O46rPzmA=
Subject key identifier:   CA:7D:74:AB:AD:7D:8D:C1:9D:13:48:44:23:B2:98:CC:47:60:9E:9A
Authority key identifier: 2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8
Certificate issuer:       /CN=2ce34e26bb65630b86936f4969353ed7c86995c8
Certificate serial:       019357D23CD8EE30A5C182FD7EAEE73B4597
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
Manifest number:          12AC
Signing time:             Sat 23 Nov 2024 07:00:16 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:16 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:16 +0000
Files and hashes:         1: LONOJrtlYwuGk29JaTU-18hplcg.crl (hash: u8tXXzpBHccL2Nfg0TBb7BUMi6lj+NvP4VeeuqrUVAk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 00:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:3c:d8:ee:30:a5:c1:82:fd:7e:ae:e7:3b:45:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ce34e26bb65630b86936f4969353ed7c86995c8
        Validity
            Not Before: Nov 23 07:00:16 2024 GMT
            Not After : Nov 24 07:00:16 2024 GMT
        Subject: CN=ca7d74abad7d8dc19d13484423b298cc47609e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:cf:87:4e:52:61:1d:1c:3e:5c:43:a0:bf:09:
                    64:c5:ed:ed:50:73:9d:4b:be:77:46:a0:a8:1f:14:
                    1d:c3:f3:a3:85:09:9f:62:ed:e5:bd:7f:d8:d5:03:
                    3b:f8:06:0f:6a:f2:66:75:e9:26:90:25:ab:a3:60:
                    5b:a0:4c:b1:7e:29:31:79:87:22:14:9b:40:fd:c9:
                    0c:9c:bf:e8:48:4e:f4:d1:fe:6f:06:33:a6:21:04:
                    80:f7:49:95:b1:d9:02:41:e8:76:83:af:b7:a3:66:
                    d7:40:7b:be:87:61:a4:85:8f:99:05:6e:e9:5a:0e:
                    3a:f8:eb:6c:ab:8a:4a:b0:1a:9e:8f:71:df:fd:ac:
                    17:bc:25:f4:10:66:84:1b:57:70:91:56:58:f9:87:
                    32:54:6e:cb:e3:b9:b2:90:f4:a1:c5:06:5c:9c:3e:
                    8f:e5:d9:aa:51:5b:2c:4c:ca:22:6e:df:c4:ff:39:
                    1d:55:53:dc:66:67:89:f0:4e:d7:14:d5:cf:5d:f8:
                    47:a4:f7:6e:55:6c:b7:d7:0e:ef:dc:48:4c:c9:0d:
                    fd:03:98:dd:02:57:2a:0f:df:d7:86:e8:d8:7a:f5:
                    a3:d7:d7:b6:71:dc:9b:48:dd:c3:e3:08:c0:e4:35:
                    11:7f:40:47:78:a4:e7:f2:d1:90:70:d5:8f:ea:de:
                    f7:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:7D:74:AB:AD:7D:8D:C1:9D:13:48:44:23:B2:98:CC:47:60:9E:9A
            X509v3 Authority Key Identifier:
                keyid:2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:51:3c:ed:57:92:cd:91:0f:8e:3a:0e:24:f4:52:62:f2:dd:
         4a:ba:ce:f6:80:a2:65:5f:f7:09:98:e7:c1:74:85:3b:c2:e3:
         66:11:d3:9c:de:c5:ee:cd:8a:21:0e:98:0b:e4:a0:53:e7:6b:
         12:9d:de:b8:e8:72:15:35:64:ee:51:c0:00:1d:28:4c:1d:f9:
         5a:e6:74:5b:34:e3:21:52:0c:5c:2f:84:a9:d4:1b:bf:64:8e:
         21:43:d7:ba:d9:92:8d:bf:81:64:00:86:d5:36:0a:0b:d9:6b:
         74:25:59:30:1e:3e:ee:83:1f:ad:e5:ee:b2:e4:b3:14:18:0b:
         1e:9a:4d:18:8e:81:f7:c0:26:f9:3c:31:a3:89:44:a9:eb:7e:
         0b:6a:c6:6b:41:cb:7d:71:11:96:52:df:9b:b7:a4:e1:c9:54:
         40:56:1b:f1:0e:38:81:f6:57:07:6c:0c:b8:8d:0b:b3:0e:ad:
         a8:7c:5a:98:f7:b9:8f:5f:03:9b:7d:fe:71:13:4d:d6:9e:59:
         46:4d:3e:00:fb:e3:d5:ef:48:77:82:f5:2d:e5:41:16:ab:7c:
         32:b5:20:d0:c0:7b:7b:6f:8a:0f:90:bf:51:7e:6e:c1:c6:03:
         c9:ca:07:d6:ac:52:6b:49:6f:87:19:54:91:84:15:8c:86:f7:
         af:9a:aa:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0jzY7jClwYL9fq7nO0WXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTM0ZTI2YmI2NTYzMGI4NjkzNmY0OTY5MzUzZWQ3Yzg2
OTk1YzgwHhcNMjQxMTIzMDcwMDE2WhcNMjQxMTI0MDcwMDE2WjAzMTEwLwYDVQQD
EyhjYTdkNzRhYmFkN2Q4ZGMxOWQxMzQ4NDQyM2IyOThjYzQ3NjA5ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9M+HTlJhHRw+XEOgvwlkxe3tUHOd
S753RqCoHxQdw/OjhQmfYu3lvX/Y1QM7+AYPavJmdekmkCWro2BboEyxfikxeYci
FJtA/ckMnL/oSE700f5vBjOmIQSA90mVsdkCQeh2g6+3o2bXQHu+h2GkhY+ZBW7p
Wg46+Otsq4pKsBqej3Hf/awXvCX0EGaEG1dwkVZY+YcyVG7L47mykPShxQZcnD6P
5dmqUVssTMoibt/E/zkdVVPcZmeJ8E7XFNXPXfhHpPduVWy31w7v3EhMyQ39A5jd
AlcqD9/XhujYevWj19e2cdybSN3D4wjA5DURf0BHeKTn8tGQcNWP6t73gwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMp9dKutfY3BnRNIRCOymMxHYJ6aMB8GA1UdIwQY
MBaAFCzjTia7ZWMLhpNvSWk1PtfIaZXIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWIt
YjU5OTcyM2ZjMDUzLzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWItYjU5OTcyM2ZjMDUz
LzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnlE87VeS
zZEPjjoOJPRSYvLdSrrO9oCiZV/3CZjnwXSFO8LjZhHTnN7F7s2KIQ6YC+SgU+dr
Ep3euOhyFTVk7lHAAB0oTB35WuZ0WzTjIVIMXC+EqdQbv2SOIUPXutmSjb+BZACG
1TYKC9lrdCVZMB4+7oMfreXusuSzFBgLHppNGI6B98Am+Twxo4lEqet+C2rGa0HL
fXERllLfm7ek4clUQFYb8Q44gfZXB2wMuI0Lsw6tqHxamPe5j18Dm33+cRNN1p5Z
Rk0+APvj1e9Id4L1LeVBFqt8MrUg0MB7e2+KD5C/UX5uwcYDycoH1qxSa0lvhxlU
kYQVjIb3r5qqzQ==
-----END CERTIFICATE-----