Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
File:                     4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json)
Hash identifier:          wR6tSBo6I/sE9FcwmWE/HhpXTLjutQ0G/nuKmZ0kd80=
Subject key identifier:   1C:69:2C:D2:EA:DA:CA:55:5F:31:52:01:9A:02:68:5D:F1:45:A7:F9
Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48
Certificate issuer:       /CN=e0a3370a841b893e7b68f86a393363582e105648
Certificate serial:       019356F6B17DAA7D3F92F07795B59B35E9FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
Manifest number:          084B
Signing time:             Sat 23 Nov 2024 03:00:28 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:28 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:28 +0000
Files and hashes:         1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: TsnebfwLWd4dIOMLmghvqImi8SzQzR0dw9vN0LpeyK4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:b1:7d:aa:7d:3f:92:f0:77:95:b5:9b:35:e9:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648
        Validity
            Not Before: Nov 23 03:00:28 2024 GMT
            Not After : Nov 24 03:00:28 2024 GMT
        Subject: CN=1c692cd2eadaca555f3152019a02685df145a7f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:97:c7:44:18:61:c3:28:17:4e:d2:60:9c:90:
                    71:5a:19:0f:3e:43:a5:f9:b5:cd:a8:e7:8e:c0:5c:
                    c8:82:8d:60:d0:bd:d9:8c:6d:9c:7c:29:b5:e0:2a:
                    47:3f:9b:80:3b:1f:9e:80:62:5d:2a:0b:91:f1:f4:
                    08:77:18:23:5d:53:cb:ca:f0:e6:6f:3f:74:5d:a2:
                    1c:4d:db:fe:41:67:04:aa:2c:77:8d:b4:3b:58:40:
                    da:56:f9:14:7d:b5:e6:de:90:57:a1:e6:fb:b5:e8:
                    34:b3:c4:db:fb:c5:2e:d1:5e:69:f4:ac:5e:b1:c3:
                    1b:73:e9:bf:0c:f9:42:b7:7c:0d:1b:99:39:86:f1:
                    39:f9:b4:2a:a0:be:d6:6c:1a:a5:c3:ec:67:4c:5e:
                    a1:cb:07:c1:98:32:ee:18:f4:7e:9b:d7:b6:47:65:
                    8d:86:0e:ac:a9:09:04:d2:d7:09:99:bc:c3:be:9d:
                    6b:2b:a1:db:1d:5f:60:0e:28:51:22:8c:84:cf:0e:
                    4d:de:ec:78:71:55:6a:97:3a:6c:85:4d:71:64:7b:
                    b9:08:c2:97:c2:65:0c:06:e3:1c:02:fd:88:b0:0c:
                    eb:9a:b0:8e:ee:cb:93:cb:bf:9d:a2:4f:60:5c:92:
                    5e:6d:f0:44:34:a6:2a:b0:c4:f3:e3:7b:ba:66:25:
                    59:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:69:2C:D2:EA:DA:CA:55:5F:31:52:01:9A:02:68:5D:F1:45:A7:F9
            X509v3 Authority Key Identifier:
                keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b9:3e:2b:e5:b5:af:dd:56:11:e3:4a:0e:30:34:4c:1e:7e:a8:
         f3:e3:e3:c8:a4:d4:5d:0f:ff:05:91:48:1c:83:5c:96:48:0e:
         89:fa:f8:ea:71:5b:35:1f:09:1b:d8:08:76:da:64:0d:36:e0:
         5c:b9:69:01:4a:93:23:a1:26:74:a1:1d:9a:e0:af:6f:de:c3:
         6f:14:f9:79:84:4b:19:62:5c:15:88:09:d2:75:bc:51:20:18:
         bc:05:d0:c9:14:db:e2:fc:c4:93:6a:42:d8:87:00:eb:9f:49:
         51:6b:8e:4d:ba:5e:bc:d8:8a:3e:5f:99:7f:4e:a1:20:f3:e6:
         f8:5d:8f:76:06:89:c7:79:c5:aa:6a:c5:e4:e1:48:ff:9b:d9:
         de:17:ca:df:33:d5:01:e3:aa:57:b5:b4:5b:92:2d:5d:6f:93:
         c2:47:be:3b:1f:40:0f:18:56:36:ea:3e:ea:19:94:e0:96:17:
         4a:1c:00:c1:b6:32:99:f6:15:77:28:e1:ff:05:f9:b4:6e:2c:
         8d:cd:34:23:c8:96:ca:9d:ec:4e:1c:2c:bf:ca:19:ba:96:16:
         6e:b0:12:db:dd:3e:22:7d:d5:63:28:29:ff:38:a2:b7:cb:bf:
         c5:42:5e:de:09:d7:a8:8d:20:c0:ea:46:7d:20:e7:a8:9f:74:
         92:fc:21:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9rF9qn0/kvB3lbWbNen7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx
MDU2NDgwHhcNMjQxMTIzMDMwMDI4WhcNMjQxMTI0MDMwMDI4WjAzMTEwLwYDVQQD
EygxYzY5MmNkMmVhZGFjYTU1NWYzMTUyMDE5YTAyNjg1ZGYxNDVhN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZfHRBhhwygXTtJgnJBxWhkPPkOl
+bXNqOeOwFzIgo1g0L3ZjG2cfCm14CpHP5uAOx+egGJdKguR8fQIdxgjXVPLyvDm
bz90XaIcTdv+QWcEqix3jbQ7WEDaVvkUfbXm3pBXoeb7teg0s8Tb+8Uu0V5p9Kxe
scMbc+m/DPlCt3wNG5k5hvE5+bQqoL7WbBqlw+xnTF6hywfBmDLuGPR+m9e2R2WN
hg6sqQkE0tcJmbzDvp1rK6HbHV9gDihRIoyEzw5N3ux4cVVqlzpshU1xZHu5CMKX
wmUMBuMcAv2IsAzrmrCO7suTy7+dok9gXJJebfBENKYqsMTz43u6ZiVZ6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxpLNLq2spVXzFSAZoCaF3xRaf5MB8GA1UdIwQY
MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt
YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl
LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuT4r5bWv
3VYR40oOMDRMHn6o8+PjyKTUXQ//BZFIHINclkgOifr46nFbNR8JG9gIdtpkDTbg
XLlpAUqTI6EmdKEdmuCvb97DbxT5eYRLGWJcFYgJ0nW8USAYvAXQyRTb4vzEk2pC
2IcA659JUWuOTbpevNiKPl+Zf06hIPPm+F2PdgaJx3nFqmrF5OFI/5vZ3hfK3zPV
AeOqV7W0W5ItXW+Twke+Ox9ADxhWNuo+6hmU4JYXShwAwbYymfYVdyjh/wX5tG4s
jc00I8iWyp3sThwsv8oZupYWbrAS290+In3VYygp/ziit8u/xUJe3gnXqI0gwOpG
fSDnqJ90kvwh9A==
-----END CERTIFICATE-----