Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          h6o24Dr88XL41ccq5wEOql/AQlbEfGLN4VELboHiYAg=
Subject key identifier:   AD:C1:51:72:95:34:16:07:A4:7D:DD:DA:E5:26:11:5F:2B:0C:D4:A3
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       01940646890DD6C838FC01822CD45B6CDE56
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0CD1
Signing time:             Fri 27 Dec 2024 04:01:13 +0000
Manifest this update:     Fri 27 Dec 2024 04:01:13 +0000
Manifest next update:     Sat 28 Dec 2024 04:01:13 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: AwXW+K0mUSOjnJlT0kSqGAnrtuax8gacNr7McKRFUnY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 04:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:89:0d:d6:c8:38:fc:01:82:2c:d4:5b:6c:de:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: Dec 27 04:01:13 2024 GMT
            Not After : Dec 28 04:01:13 2024 GMT
        Subject: CN=adc1517295341607a47ddddae526115f2b0cd4a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:52:67:af:cd:a7:20:e1:ac:2c:1a:78:2b:50:
                    4f:58:24:1e:dc:5c:b3:9e:84:59:94:be:ab:db:5c:
                    19:67:6f:27:e8:81:1f:5e:ff:59:be:ca:89:56:f5:
                    25:fc:72:eb:39:f8:9e:b5:cf:05:a0:95:ff:20:1d:
                    19:0f:64:b9:93:e2:3b:0e:a0:20:70:06:6a:95:02:
                    5d:cf:e7:73:e3:55:5f:57:b3:20:e6:67:96:75:a9:
                    6e:9b:70:31:66:61:d9:91:6f:be:04:64:7f:01:89:
                    e5:47:5a:1b:9e:f4:1c:ef:ac:a8:6d:38:24:13:cb:
                    a3:c6:36:83:02:f1:6a:44:74:7d:66:6a:bb:d4:93:
                    9f:ef:b7:b4:92:a4:46:49:9b:61:ff:90:74:02:94:
                    92:df:84:9b:d4:ae:d8:4e:e0:fe:b3:b1:e4:3b:47:
                    26:b7:f0:33:a0:77:72:e3:ef:f6:a0:17:23:f7:7d:
                    6f:78:9a:23:09:7e:33:12:0e:68:82:96:24:41:98:
                    6b:aa:c2:ae:48:7a:46:60:00:e5:cb:4a:09:56:d6:
                    ee:f0:a2:f9:df:82:30:a4:27:8c:5a:fe:03:27:fa:
                    af:a0:f4:2f:6e:d5:74:59:e3:0e:99:46:f1:64:09:
                    8c:56:89:14:cd:aa:2c:29:0d:36:65:82:9e:ec:10:
                    e6:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:C1:51:72:95:34:16:07:A4:7D:DD:DA:E5:26:11:5F:2B:0C:D4:A3
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:61:59:b0:b9:71:b0:a6:8f:b1:28:f2:f3:2c:24:17:4c:aa:
         1d:27:82:95:e8:05:ab:94:42:54:28:30:50:55:de:5e:b0:bb:
         e2:e1:41:77:60:5f:37:48:4b:13:1f:b1:4e:0c:4a:d1:66:d8:
         93:1f:e2:80:f5:29:e4:87:92:c6:b9:a6:83:cf:04:3b:eb:92:
         40:7c:1e:54:da:e9:4a:b9:ee:ec:0c:33:53:be:52:c2:ff:18:
         e9:e0:fe:8d:dd:d3:c4:49:c4:81:a3:9c:d1:32:d0:55:10:8a:
         eb:a1:c6:16:52:27:21:85:07:c4:e1:46:4d:48:11:5a:f4:f7:
         1a:75:73:27:2a:30:0b:21:ea:0f:12:31:89:4f:92:53:5c:86:
         19:ab:8d:94:f9:d8:57:18:d8:42:26:57:90:70:fb:26:d4:23:
         78:56:7b:cb:7d:fb:00:16:e5:a3:24:96:19:17:54:d9:3b:a1:
         fa:c6:f1:a8:cf:8f:cc:9b:00:f7:6c:63:ee:aa:c9:32:cd:64:
         f1:c6:46:19:45:2a:75:c3:c2:1c:f3:75:fd:19:0a:5a:7c:26:
         ac:4f:55:dc:27:f8:b7:29:51:55:0c:a4:d8:b7:ce:45:f0:cf:
         60:11:5f:b2:f3:71:03:8a:24:61:a1:b5:46:71:b1:fb:60:b9:
         e7:97:3b:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRokN1sg4/AGCLNRbbN5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjQxMjI3MDQwMTEzWhcNMjQxMjI4MDQwMTEzWjAzMTEwLwYDVQQD
EyhhZGMxNTE3Mjk1MzQxNjA3YTQ3ZGRkZGFlNTI2MTE1ZjJiMGNkNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VJnr82nIOGsLBp4K1BPWCQe3Fyz
noRZlL6r21wZZ28n6IEfXv9ZvsqJVvUl/HLrOfietc8FoJX/IB0ZD2S5k+I7DqAg
cAZqlQJdz+dz41VfV7Mg5meWdalum3AxZmHZkW++BGR/AYnlR1obnvQc76yobTgk
E8ujxjaDAvFqRHR9Zmq71JOf77e0kqRGSZth/5B0ApSS34Sb1K7YTuD+s7HkO0cm
t/AzoHdy4+/2oBcj931veJojCX4zEg5ogpYkQZhrqsKuSHpGYADly0oJVtbu8KL5
34IwpCeMWv4DJ/qvoPQvbtV0WeMOmUbxZAmMVokUzaosKQ02ZYKe7BDmwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK3BUXKVNBYHpH3d2uUmEV8rDNSjMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmFZsLlx
sKaPsSjy8ywkF0yqHSeClegFq5RCVCgwUFXeXrC74uFBd2BfN0hLEx+xTgxK0WbY
kx/igPUp5IeSxrmmg88EO+uSQHweVNrpSrnu7AwzU75Swv8Y6eD+jd3TxEnEgaOc
0TLQVRCK66HGFlInIYUHxOFGTUgRWvT3GnVzJyowCyHqDxIxiU+SU1yGGauNlPnY
VxjYQiZXkHD7JtQjeFZ7y337ABbloySWGRdU2Tuh+sbxqM+PzJsA92xj7qrJMs1k
8cZGGUUqdcPCHPN1/RkKWnwmrE9V3Cf4tylRVQyk2LfORfDPYBFfsvNxA4okYaG1
RnGx+2C555c79Q==
-----END CERTIFICATE-----