Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          TMpisDSWbHctaX04ci7YgvjHPDq8VpE7nYeryuXbRNY=
Subject key identifier:   80:26:BD:F0:4E:C0:4D:31:80:CC:2F:0D:E3:A5:D9:93:AB:9F:E7:2B
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       0193572E12C862B73578C5D5D56E9048498A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          0511
Signing time:             Sat 23 Nov 2024 04:00:57 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:57 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:57 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: h5V1FghAroMGpeNXzJBRQ1MW5MgUg3HN6thRldHCBps=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2e:12:c8:62:b7:35:78:c5:d5:d5:6e:90:48:49:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: Nov 23 04:00:57 2024 GMT
            Not After : Nov 24 04:00:57 2024 GMT
        Subject: CN=8026bdf04ec04d3180cc2f0de3a5d993ab9fe72b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:c6:8c:a0:98:ac:b8:2a:da:10:39:52:81:c4:
                    d8:57:96:23:ca:f5:ea:3b:a9:41:43:0b:80:78:9d:
                    e0:ce:9f:46:e5:16:f7:7c:78:f0:92:a8:ab:94:f1:
                    6c:81:d4:b2:76:d3:0a:87:40:24:0e:f6:8c:38:ea:
                    a7:7a:b3:5b:50:c1:df:da:7a:db:2a:1f:8a:d7:a2:
                    e2:74:ba:4f:07:98:0f:af:25:b8:6a:fd:89:5a:ea:
                    04:9c:b6:1e:a6:6c:52:cd:5d:ec:cc:17:39:77:2b:
                    00:4b:cb:3f:e5:a1:36:dc:0a:12:b9:95:4d:1a:ea:
                    01:b7:73:65:29:94:7d:7e:d0:56:07:ae:49:e9:4e:
                    0d:32:e3:dd:3f:c9:68:ec:d9:55:e7:aa:77:5c:6d:
                    16:ab:60:d0:78:e3:0c:82:97:48:10:4f:98:d8:ac:
                    74:91:63:32:10:25:10:6e:f3:b8:4a:d8:ee:5a:27:
                    66:46:56:3e:0f:0c:6a:ae:31:5c:d1:41:35:06:c0:
                    84:65:78:3b:b9:00:aa:26:45:72:72:f2:c7:bc:18:
                    29:5a:db:08:62:1a:e3:91:db:56:57:f0:23:2b:38:
                    cf:68:4a:2c:a0:28:c0:47:6f:06:87:40:0e:a9:1c:
                    2d:96:75:96:a3:bf:55:d4:0c:64:1f:49:44:0b:9b:
                    5d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:26:BD:F0:4E:C0:4D:31:80:CC:2F:0D:E3:A5:D9:93:AB:9F:E7:2B
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:51:90:4e:63:d5:6b:de:27:14:56:10:01:6d:9e:e6:e2:d1:
         2e:e5:7b:72:05:db:d2:a1:50:93:67:8f:53:d1:c3:b5:64:c8:
         e8:01:60:1a:47:23:fd:fe:5e:06:09:e3:71:ad:83:6c:fd:e8:
         6a:0a:8d:fd:b2:4e:1c:ad:1c:fd:18:97:9c:db:02:71:44:8c:
         b9:ba:9f:24:9f:0c:1a:55:d4:d0:6d:a3:9e:51:6b:fe:86:41:
         c9:3f:7d:b2:c7:7a:a7:62:8f:84:f3:84:b6:32:05:99:90:0c:
         84:49:b3:c1:1c:8d:0a:32:e0:9f:ec:da:29:14:c9:43:29:5e:
         cf:29:a8:b1:99:04:8f:44:61:1b:ef:d6:91:6e:02:7d:d5:1d:
         67:bd:3f:cf:ed:b9:f6:55:bb:f2:46:79:3a:d1:3e:ee:c0:2c:
         a6:4a:27:1e:b7:b1:cd:6e:3c:f0:5f:30:84:fc:a3:71:3e:bf:
         8e:2b:a7:e8:d1:7d:51:b6:d2:83:45:4b:d7:0a:ef:bb:4e:e6:
         d9:75:2d:30:7c:51:f6:9c:61:b8:c9:d1:e6:d4:88:3b:d6:a0:
         9c:fc:0d:0a:6c:5c:01:d9:1d:cf:2e:d6:5d:e9:11:fa:a9:71:
         2b:99:56:15:ed:e6:b9:e8:2e:ce:25:77:c6:c3:c8:75:b5:18:
         db:f0:47:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLhLIYrc1eMXV1W6QSEmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjQxMTIzMDQwMDU3WhcNMjQxMTI0MDQwMDU3WjAzMTEwLwYDVQQD
Eyg4MDI2YmRmMDRlYzA0ZDMxODBjYzJmMGRlM2E1ZDk5M2FiOWZlNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9saMoJisuCraEDlSgcTYV5YjyvXq
O6lBQwuAeJ3gzp9G5Rb3fHjwkqirlPFsgdSydtMKh0AkDvaMOOqnerNbUMHf2nrb
Kh+K16LidLpPB5gPryW4av2JWuoEnLYepmxSzV3szBc5dysAS8s/5aE23AoSuZVN
GuoBt3NlKZR9ftBWB65J6U4NMuPdP8lo7NlV56p3XG0Wq2DQeOMMgpdIEE+Y2Kx0
kWMyECUQbvO4StjuWidmRlY+DwxqrjFc0UE1BsCEZXg7uQCqJkVycvLHvBgpWtsI
YhrjkdtWV/AjKzjPaEosoCjAR28Gh0AOqRwtlnWWo79V1AxkH0lEC5tdKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIAmvfBOwE0xgMwvDeOl2ZOrn+crMB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj1GQTmPV
a94nFFYQAW2e5uLRLuV7cgXb0qFQk2ePU9HDtWTI6AFgGkcj/f5eBgnjca2DbP3o
agqN/bJOHK0c/RiXnNsCcUSMubqfJJ8MGlXU0G2jnlFr/oZByT99ssd6p2KPhPOE
tjIFmZAMhEmzwRyNCjLgn+zaKRTJQylezymosZkEj0RhG+/WkW4CfdUdZ70/z+25
9lW78kZ5OtE+7sAspkonHrexzW488F8whPyjcT6/jiun6NF9UbbSg0VL1wrvu07m
2XUtMHxR9pxhuMnR5tSIO9agnPwNCmxcAdkdzy7WXekR+qlxK5lWFe3mueguziV3
xsPIdbUY2/BHIw==
-----END CERTIFICATE-----