Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          x0WwYlQ1n7yU30YmjfFeL7s41PWu32exXevwh0qSW6s=
Subject key identifier:   45:A5:63:2A:34:9F:58:8E:D6:35:BA:C9:1E:B0:18:6F:4C:8A:B6:9E
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       01935809550C7B6995F8445ABB40A58ACD1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          0143
Signing time:             Sat 23 Nov 2024 08:00:26 +0000
Manifest this update:     Sat 23 Nov 2024 08:00:26 +0000
Manifest next update:     Sun 24 Nov 2024 08:00:26 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: 779jdFWlrJXVP2PDizY8UjwFgL/+X01s/ixx4oh2S1k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 00:17:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:09:55:0c:7b:69:95:f8:44:5a:bb:40:a5:8a:cd:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Nov 23 08:00:26 2024 GMT
            Not After : Nov 24 08:00:26 2024 GMT
        Subject: CN=45a5632a349f588ed635bac91eb0186f4c8ab69e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:dc:d1:0f:32:ad:54:f9:64:d8:b3:11:f2:91:
                    34:15:f1:51:6b:79:b7:ea:8e:d5:15:cb:9e:3c:4d:
                    52:c5:ae:54:c4:b6:56:12:b1:41:81:86:04:78:4d:
                    32:b0:86:5d:77:8e:c9:6c:93:ae:1e:55:6b:7e:f1:
                    5b:a8:2c:6a:31:e2:66:fe:72:a2:36:37:7c:13:0f:
                    b9:2f:cf:51:74:c7:cb:0f:8e:89:6b:c8:08:ea:90:
                    8b:ca:85:aa:f1:6f:b2:97:2b:16:06:14:fa:df:aa:
                    da:cd:74:a9:60:5d:0e:82:f5:90:3a:4b:87:c7:db:
                    40:4f:e7:ca:d7:0e:f7:d2:2f:0f:95:97:d7:c6:8e:
                    d1:9e:5b:0a:86:05:ad:b3:a2:1c:0a:33:69:28:78:
                    bc:01:c8:da:c8:ed:d5:4e:46:4c:d3:d8:47:10:34:
                    38:23:b7:90:36:cd:7c:f3:71:96:95:c3:b0:a3:2e:
                    9f:66:2c:e3:5a:f6:06:49:62:28:c9:fa:da:fb:c3:
                    12:08:37:68:e6:69:df:39:41:a0:20:13:51:39:38:
                    3a:91:a0:25:85:fb:dd:d9:36:4c:9e:15:0f:cd:a3:
                    24:37:9d:52:be:72:1a:29:d7:21:e3:00:2c:73:bb:
                    cf:60:f8:b2:56:93:13:e5:b4:3e:8a:54:82:99:8d:
                    f0:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:A5:63:2A:34:9F:58:8E:D6:35:BA:C9:1E:B0:18:6F:4C:8A:B6:9E
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:05:02:4f:3b:71:b8:84:9d:d4:f0:e0:f5:b7:fd:ab:db:b2:
         3d:a8:9f:96:2f:05:87:43:cf:aa:64:01:d7:17:06:7d:73:cf:
         e6:65:46:49:2d:6b:5e:03:95:6e:a7:8d:6a:dd:16:02:60:73:
         b2:e9:4b:52:7e:c1:34:04:52:07:5c:e8:64:ce:f8:81:0d:0c:
         ce:75:b9:02:65:5d:60:ff:0d:80:fd:88:32:38:88:84:17:9d:
         ba:87:f0:99:d0:aa:e3:e5:9e:52:ee:8f:a6:e5:67:34:38:d0:
         3e:5c:76:21:7b:e1:cb:c5:5c:81:3b:eb:de:c5:da:69:3e:bb:
         54:71:e8:4a:b8:ee:ef:b8:8e:6b:08:44:48:60:fb:e8:d0:3e:
         f2:24:6b:bb:dd:13:42:ba:92:99:d8:30:d2:76:5f:cb:86:8b:
         b4:9d:93:b9:9c:fc:43:eb:ee:08:98:d8:f5:92:8c:8f:13:8b:
         aa:9d:8c:d8:71:42:47:9a:59:f1:b0:ff:52:30:a7:cb:1b:d9:
         e8:b3:fe:3a:df:00:79:eb:ad:bb:dc:8a:b2:1b:4b:f9:8c:47:
         96:93:bb:6b:72:6f:da:9a:81:b6:80:15:5f:2b:b3:04:62:62:
         b9:56:2c:60:84:db:91:8d:b9:e1:2b:c1:39:30:39:db:8f:7c:
         67:53:94:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYCVUMe2mV+ERau0Clis0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjQxMTIzMDgwMDI2WhcNMjQxMTI0MDgwMDI2WjAzMTEwLwYDVQQD
Eyg0NWE1NjMyYTM0OWY1ODhlZDYzNWJhYzkxZWIwMTg2ZjRjOGFiNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzRDzKtVPlk2LMR8pE0FfFRa3m3
6o7VFcuePE1Sxa5UxLZWErFBgYYEeE0ysIZdd47JbJOuHlVrfvFbqCxqMeJm/nKi
Njd8Ew+5L89RdMfLD46Ja8gI6pCLyoWq8W+ylysWBhT636razXSpYF0OgvWQOkuH
x9tAT+fK1w730i8PlZfXxo7RnlsKhgWts6IcCjNpKHi8AcjayO3VTkZM09hHEDQ4
I7eQNs1883GWlcOwoy6fZizjWvYGSWIoyfra+8MSCDdo5mnfOUGgIBNROTg6kaAl
hfvd2TZMnhUPzaMkN51SvnIaKdch4wAsc7vPYPiyVpMT5bQ+ilSCmY3wRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWlYyo0n1iO1jW6yR6wGG9MiraeMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZAUCTztx
uISd1PDg9bf9q9uyPaifli8Fh0PPqmQB1xcGfXPP5mVGSS1rXgOVbqeNat0WAmBz
sulLUn7BNARSB1zoZM74gQ0MznW5AmVdYP8NgP2IMjiIhBeduofwmdCq4+WeUu6P
puVnNDjQPlx2IXvhy8VcgTvr3sXaaT67VHHoSrju77iOawhESGD76NA+8iRru90T
QrqSmdgw0nZfy4aLtJ2TuZz8Q+vuCJjY9ZKMjxOLqp2M2HFCR5pZ8bD/UjCnyxvZ
6LP+Ot8Aeeutu9yKshtL+YxHlpO7a3Jv2pqBtoAVXyuzBGJiuVYsYITbkY254SvB
OTA52498Z1OUlg==
-----END CERTIFICATE-----