Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
File:                     NJI6ntps8kDsh5WeHcONNh951ho.mft (raw, json)
Hash identifier:          KQNK9tUxm/izMqqpR6K4efpbvskw5u4yLxAjBH68XBY=
Subject key identifier:   BE:5C:1D:FC:B8:8A:38:5E:01:44:74:14:7B:E8:22:69:1A:DA:F0:52
Authority key identifier: 34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A
Certificate issuer:       /CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
Certificate serial:       0191FA47BF9BC85BDC0FBDA14C49BE75F478
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
Manifest number:          CC
Signing time:             Mon 16 Sep 2024 10:01:31 +0000
Manifest this update:     Mon 16 Sep 2024 10:01:31 +0000
Manifest next update:     Tue 17 Sep 2024 10:01:31 +0000
Files and hashes:         1: NJI6ntps8kDsh5WeHcONNh951ho.crl (hash: gYvISQtP1kixeeAcuGbxyiX84nI7iE0t/od55kA/g2w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 10:01:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:47:bf:9b:c8:5b:dc:0f:bd:a1:4c:49:be:75:f4:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34923a9eda6cf240ec87959e1dc38d361f79d61a
        Validity
            Not Before: Sep 16 10:01:31 2024 GMT
            Not After : Sep 17 10:01:31 2024 GMT
        Subject: CN=be5c1dfcb88a385e014474147be822691adaf052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d8:2f:5a:7f:73:a3:4a:0d:52:88:59:13:e1:
                    5e:ac:f4:9f:15:43:0d:1e:ad:0c:be:53:e2:6e:33:
                    39:a9:fa:3c:9a:b8:85:31:03:23:36:ac:08:02:5c:
                    25:82:01:e7:5a:42:2a:b7:30:0d:38:1b:de:f2:35:
                    1d:95:91:f9:08:b6:e9:7b:55:97:f9:5a:d6:bd:eb:
                    d3:20:ff:d0:94:ee:3f:71:4e:0e:c1:eb:a7:8a:dc:
                    ea:06:ee:a9:a7:57:61:e3:a1:91:3d:73:d3:07:7b:
                    9c:6a:a7:4d:c9:c2:01:26:c6:ea:97:3a:46:5b:90:
                    b8:7d:5b:7f:1f:5b:ce:c1:19:70:af:3a:75:78:06:
                    d4:9b:12:97:96:32:1f:7e:12:3a:43:be:ea:17:a6:
                    db:56:87:12:ec:1d:e0:90:e4:16:8d:33:e8:50:55:
                    4b:98:d5:dd:40:a7:72:6d:3b:45:6d:4c:35:de:11:
                    3b:62:dc:cd:b9:d5:ab:b4:96:3e:55:62:5a:0e:cb:
                    a9:25:cb:27:de:12:fc:f7:92:db:dd:3c:3d:6d:76:
                    f3:25:1d:85:36:ff:94:a5:10:2d:04:72:25:36:27:
                    5b:42:21:ae:47:cc:a4:71:cf:08:31:76:4e:72:1b:
                    e5:d2:5f:64:0a:6e:9a:4c:08:e3:bb:cb:41:2a:15:
                    69:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:5C:1D:FC:B8:8A:38:5E:01:44:74:14:7B:E8:22:69:1A:DA:F0:52
            X509v3 Authority Key Identifier:
                keyid:34:92:3A:9E:DA:6C:F2:40:EC:87:95:9E:1D:C3:8D:36:1F:79:D6:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJI6ntps8kDsh5WeHcONNh951ho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/043d5c-db3d-4445-b071-1f8f3ad04680/1/NJI6ntps8kDsh5WeHcONNh951ho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:40:c3:ea:5f:43:c4:f4:d2:6f:d9:29:7e:ce:d3:fe:7d:6e:
         ae:f7:5b:ec:83:cc:b5:b6:ea:c0:49:db:53:f9:36:06:3e:13:
         11:ef:5b:72:a2:0b:23:94:20:58:94:b8:71:7f:d1:86:86:02:
         86:9a:bb:a3:5e:36:21:91:1c:28:f6:08:f8:b7:1f:91:01:f9:
         a6:05:5c:0c:0c:58:02:b7:f4:1a:eb:82:e1:14:e7:9e:db:eb:
         70:49:b4:22:49:62:3e:04:f5:22:4f:27:91:7a:11:b2:db:ff:
         72:aa:ba:13:d3:99:c9:35:e4:8f:b7:35:41:1c:33:57:86:e1:
         14:0f:5a:7b:05:cc:57:39:49:3c:71:8a:e5:38:d2:f2:f7:d5:
         a5:b1:69:09:89:15:53:b4:de:38:78:ed:31:fa:31:9d:8c:69:
         84:6a:41:83:ae:28:c5:5c:0a:c0:2b:28:45:69:b1:ab:d6:9f:
         1e:7d:3b:53:ec:ff:6a:72:b4:52:cd:c6:b1:10:f7:b2:47:5d:
         01:78:7e:89:b2:fd:9f:73:95:2d:70:15:36:00:b5:19:6e:ff:
         54:96:8f:0a:29:21:13:4f:48:52:25:ee:6f:ea:1b:30:62:2c:
         a7:56:74:4e:21:18:98:1e:e1:3e:3e:f4:d3:68:9e:4b:0f:96:
         20:27:9e:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6R7+byFvcD72hTEm+dfR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTIzYTllZGE2Y2YyNDBlYzg3OTU5ZTFkYzM4ZDM2MWY3
OWQ2MWEwHhcNMjQwOTE2MTAwMTMxWhcNMjQwOTE3MTAwMTMxWjAzMTEwLwYDVQQD
EyhiZTVjMWRmY2I4OGEzODVlMDE0NDc0MTQ3YmU4MjI2OTFhZGFmMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNgvWn9zo0oNUohZE+FerPSfFUMN
Hq0MvlPibjM5qfo8mriFMQMjNqwIAlwlggHnWkIqtzANOBve8jUdlZH5CLbpe1WX
+VrWvevTIP/QlO4/cU4OweunitzqBu6pp1dh46GRPXPTB3ucaqdNycIBJsbqlzpG
W5C4fVt/H1vOwRlwrzp1eAbUmxKXljIffhI6Q77qF6bbVocS7B3gkOQWjTPoUFVL
mNXdQKdybTtFbUw13hE7YtzNudWrtJY+VWJaDsupJcsn3hL895Lb3Tw9bXbzJR2F
Nv+UpRAtBHIlNidbQiGuR8ykcc8IMXZOchvl0l9kCm6aTAjju8tBKhVpmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5cHfy4ijheAUR0FHvoImka2vBSMB8GA1UdIwQY
MBaAFDSSOp7abPJA7IeVnh3DjTYfedYaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEt
MWY4ZjNhZDA0NjgwLzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wNDNkNWMtZGIzZC00NDQ1LWIwNzEtMWY4ZjNhZDA0Njgw
LzEvTkpJNm50cHM4a0RzaDVXZUhjT05OaDk1MWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACEDD6l9D
xPTSb9kpfs7T/n1urvdb7IPMtbbqwEnbU/k2Bj4TEe9bcqILI5QgWJS4cX/RhoYC
hpq7o142IZEcKPYI+LcfkQH5pgVcDAxYArf0GuuC4RTnntvrcEm0IkliPgT1Ik8n
kXoRstv/cqq6E9OZyTXkj7c1QRwzV4bhFA9aewXMVzlJPHGK5TjS8vfVpbFpCYkV
U7TeOHjtMfoxnYxphGpBg64oxVwKwCsoRWmxq9afHn07U+z/anK0Us3GsRD3skdd
AXh+ibL9n3OVLXAVNgC1GW7/VJaPCikhE09IUiXub+obMGIsp1Z0TiEYmB7hPj70
02ieSw+WICee3w==
-----END CERTIFICATE-----