Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
File:                     kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json)
Hash identifier:          EJZY0k7AA3mQigPwc0TteUB8Ri3QOF1e9KgwFmb56Sw=
Subject key identifier:   EF:3C:DC:55:EC:DD:4B:7D:9F:57:A6:BE:18:B8:AE:D7:1B:34:93:C4
Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1
Certificate issuer:       /CN=91f8a49b0d6533d067995687faee3db73aaa08b1
Certificate serial:       019365FCA77A99094CDD561ECB8E286D03B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
Manifest number:          028B
Signing time:             Tue 26 Nov 2024 01:01:16 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:16 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:16 +0000
Files and hashes:         1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: qkEvwEf8WKCFjHAjTT4oSjA2Guaikn3oAP8vOtVROa0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:a7:7a:99:09:4c:dd:56:1e:cb:8e:28:6d:03:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1
        Validity
            Not Before: Nov 26 01:01:16 2024 GMT
            Not After : Nov 27 01:01:16 2024 GMT
        Subject: CN=ef3cdc55ecdd4b7d9f57a6be18b8aed71b3493c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:3c:4e:32:ca:f7:50:cd:ce:f9:21:9e:fc:d7:
                    2b:50:e6:cb:09:7c:89:71:92:a6:6a:24:e4:ab:c4:
                    9b:09:0f:63:a0:fa:f8:7a:63:3d:ff:eb:0c:b2:0d:
                    81:09:12:b8:73:9c:56:cc:07:51:23:24:d8:e5:c2:
                    76:5c:0d:72:80:ea:c1:01:50:26:80:a6:23:e4:55:
                    43:57:64:eb:97:21:39:93:44:98:39:45:e7:ee:c0:
                    ac:1b:79:42:26:33:82:8b:69:f3:66:4e:93:9c:41:
                    f4:bf:54:4a:ee:c8:cf:08:f4:64:ff:99:ce:f4:1f:
                    32:3e:5c:04:8d:00:4f:b5:f7:e7:15:52:3d:5d:80:
                    33:77:65:f1:df:df:4c:0c:7b:ce:08:00:b6:40:b0:
                    86:84:f7:d7:56:16:00:c5:fa:07:20:d7:ba:a3:a0:
                    2c:cb:3b:9e:a6:e6:2f:d0:3b:e7:aa:48:32:ce:dc:
                    ee:ec:b0:4e:19:24:f4:d4:f7:97:8c:ce:97:0d:95:
                    ae:60:9c:e9:68:19:c3:dd:c9:e3:04:be:00:e4:a3:
                    76:ad:7f:b3:98:f4:80:48:39:3b:c0:45:6a:9a:be:
                    2f:b5:35:93:45:2a:1b:81:af:2b:70:fd:26:e0:34:
                    b2:82:8c:88:af:91:48:0f:90:c2:a7:e7:bf:98:f4:
                    af:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:3C:DC:55:EC:DD:4B:7D:9F:57:A6:BE:18:B8:AE:D7:1B:34:93:C4
            X509v3 Authority Key Identifier:
                keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:e7:6d:27:ea:7a:a9:cd:fc:d5:4f:5e:e7:15:b5:28:ba:81:
         88:61:98:f1:40:2a:9b:5a:77:cb:10:33:2b:e9:e7:2b:88:b1:
         e0:66:c1:c0:c6:99:d5:1b:7a:6e:0c:ae:d6:6a:2d:fd:2a:49:
         2e:f2:ba:38:5a:ba:24:d4:f3:1d:ab:8b:89:1e:47:25:25:85:
         81:b5:31:22:1e:d5:ef:f8:5b:05:1e:80:9e:3f:c1:91:8f:f7:
         86:fc:ab:f6:8d:df:a1:18:a0:f2:c7:db:25:d8:77:90:98:af:
         ea:cc:75:7b:da:db:f0:62:6b:c3:ba:32:4f:5a:82:77:3b:99:
         10:db:b4:a7:03:b4:98:6b:47:66:0a:13:4f:68:b8:e5:62:7b:
         31:b9:e0:56:93:76:b6:1b:e9:91:dc:f0:0d:4f:b1:50:28:fa:
         2b:67:e4:50:51:2c:f2:bf:07:f3:1e:b5:8b:56:76:d3:77:ab:
         41:79:3a:fa:5c:55:8f:e8:40:f5:f0:5f:0b:f3:8d:67:0a:c9:
         9d:2c:6c:b7:1d:48:0b:e5:01:7d:1a:da:ee:e7:78:44:aa:b3:
         cb:67:b9:ee:5f:18:64:28:89:fa:ce:20:50:db:47:18:60:7e:
         cc:89:c3:7e:bb:18:b1:09:04:c8:8e:94:ca:09:88:d6:92:44:
         ed:52:dc:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/Kd6mQlM3VYey44obQOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh
YTA4YjEwHhcNMjQxMTI2MDEwMTE2WhcNMjQxMTI3MDEwMTE2WjAzMTEwLwYDVQQD
EyhlZjNjZGM1NWVjZGQ0YjdkOWY1N2E2YmUxOGI4YWVkNzFiMzQ5M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzxOMsr3UM3O+SGe/NcrUObLCXyJ
cZKmaiTkq8SbCQ9joPr4emM9/+sMsg2BCRK4c5xWzAdRIyTY5cJ2XA1ygOrBAVAm
gKYj5FVDV2TrlyE5k0SYOUXn7sCsG3lCJjOCi2nzZk6TnEH0v1RK7sjPCPRk/5nO
9B8yPlwEjQBPtffnFVI9XYAzd2Xx399MDHvOCAC2QLCGhPfXVhYAxfoHINe6o6As
yzuepuYv0Dvnqkgyztzu7LBOGST01PeXjM6XDZWuYJzpaBnD3cnjBL4A5KN2rX+z
mPSASDk7wEVqmr4vtTWTRSobga8rcP0m4DSygoyIr5FID5DCp+e/mPSvEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO883FXs3Ut9n1emvhi4rtcbNJPEMB8GA1UdIwQY
MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt
NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0
LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE+dtJ+p6
qc381U9e5xW1KLqBiGGY8UAqm1p3yxAzK+nnK4ix4GbBwMaZ1Rt6bgyu1mot/SpJ
LvK6OFq6JNTzHauLiR5HJSWFgbUxIh7V7/hbBR6Anj/BkY/3hvyr9o3foRig8sfb
Jdh3kJiv6sx1e9rb8GJrw7oyT1qCdzuZENu0pwO0mGtHZgoTT2i45WJ7MbngVpN2
thvpkdzwDU+xUCj6K2fkUFEs8r8H8x61i1Z203erQXk6+lxVj+hA9fBfC/ONZwrJ
nSxstx1IC+UBfRra7ud4RKqzy2e57l8YZCiJ+s4gUNtHGGB+zInDfrsYsQkEyI6U
ygmI1pJE7VLcLQ==
-----END CERTIFICATE-----