Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
File:                     4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json)
Hash identifier:          sQsIt6kjczTnCWi3wNjXlarYB4q9QQBoaD4/xYDbAMc=
Subject key identifier:   39:B6:81:7F:A9:E2:10:1D:A6:DB:56:3B:3F:47:CC:80:2A:DB:7A:98
Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0
Certificate issuer:       /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
Certificate serial:       0191FA7E1F3A0CEBFB3441506953EE8B10CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
Manifest number:          8E
Signing time:             Mon 16 Sep 2024 11:00:55 +0000
Manifest this update:     Mon 16 Sep 2024 11:00:55 +0000
Manifest next update:     Tue 17 Sep 2024 11:00:55 +0000
Files and hashes:         1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: MZfkmRZU7zpGwXNqExfQVMoupMsLg/0BignArdxmPjg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 11:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:7e:1f:3a:0c:eb:fb:34:41:50:69:53:ee:8b:10:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0
        Validity
            Not Before: Sep 16 11:00:55 2024 GMT
            Not After : Sep 17 11:00:55 2024 GMT
        Subject: CN=39b6817fa9e2101da6db563b3f47cc802adb7a98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:11:e0:d9:1e:a5:a1:9f:ad:06:59:26:40:71:
                    39:05:a7:30:98:9f:4a:a5:9c:82:7a:f9:b7:64:c3:
                    d7:e4:3c:7a:ea:6a:6f:7e:b9:5c:48:d6:d9:a4:e4:
                    67:26:10:97:72:b0:59:4a:d2:30:d8:49:9e:1f:c9:
                    05:0e:f8:4b:10:b3:f4:a5:d3:d4:4c:0d:e7:44:c3:
                    22:c7:2d:fa:75:14:46:db:58:0b:df:50:e0:13:20:
                    04:fd:2b:ee:73:75:3f:c5:b4:ad:b3:a3:55:f1:4a:
                    77:96:a7:21:e3:26:73:af:69:73:b8:a5:21:41:20:
                    c5:34:d4:53:b1:1b:6b:53:6d:a4:c8:d5:54:2e:c3:
                    10:e3:04:c0:f7:73:ad:aa:f6:12:57:c3:f4:5f:d1:
                    81:99:d4:bd:48:2d:a1:f5:d6:1a:68:17:f4:d0:ab:
                    98:c8:d7:c3:65:f9:ff:9b:78:4e:4f:af:dd:94:ed:
                    4b:54:f2:89:9a:c8:86:20:86:50:00:ac:fc:80:0f:
                    8f:6c:9b:d2:b4:7d:8a:23:bb:d5:5a:1c:fb:ef:a2:
                    86:c9:59:bb:ae:42:55:0d:63:57:32:56:d5:15:a1:
                    6c:fb:5c:41:0b:f2:4e:ce:ee:1a:25:fa:af:80:e1:
                    27:6e:aa:2e:65:bf:25:93:51:8d:27:dd:3b:86:89:
                    d2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:B6:81:7F:A9:E2:10:1D:A6:DB:56:3B:3F:47:CC:80:2A:DB:7A:98
            X509v3 Authority Key Identifier:
                keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:1a:e0:c2:f4:41:ea:b9:ce:d4:d1:f6:15:2c:15:17:be:70:
         1e:a3:d7:be:f9:b9:47:b2:09:36:b1:94:9d:2f:da:1f:0f:37:
         55:33:d0:c8:a8:f3:10:ca:72:6d:fd:b5:cb:97:87:2e:02:2f:
         12:3a:aa:50:a9:fd:df:36:3f:81:e2:1a:6a:2a:9c:e8:1d:36:
         f9:c2:a9:ed:e9:e8:f6:88:d7:1f:f3:98:2f:c9:01:ba:11:78:
         39:f9:e8:30:9c:1f:d6:23:84:85:84:87:68:93:6f:b4:31:ad:
         4a:99:fc:8a:fa:ee:40:2e:2c:7e:5a:a5:68:0b:e5:5a:49:f3:
         35:73:49:89:cb:fb:53:01:ce:49:82:17:b8:9b:c6:e9:e4:aa:
         d2:11:81:c1:16:40:28:75:eb:96:63:c9:32:ee:50:c0:65:2d:
         3f:f1:80:a8:3e:7a:06:16:6f:92:e2:25:d3:13:98:d1:36:f8:
         40:19:47:60:fd:02:ce:ac:1d:6f:0e:14:c7:0f:5e:46:07:4f:
         ad:5a:1b:73:a2:95:95:59:0f:97:1a:a3:3a:5a:cf:76:52:26:
         96:82:11:2f:28:a4:af:cc:3b:65:d9:d1:aa:24:a7:ad:40:7e:
         1d:05:7f:ab:02:9e:4d:a0:c0:0e:33:13:1e:c5:eb:13:dd:73:
         84:bc:36:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6fh86DOv7NEFQaVPuixDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0
MDQ3ZTAwHhcNMjQwOTE2MTEwMDU1WhcNMjQwOTE3MTEwMDU1WjAzMTEwLwYDVQQD
EygzOWI2ODE3ZmE5ZTIxMDFkYTZkYjU2M2IzZjQ3Y2M4MDJhZGI3YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RHg2R6loZ+tBlkmQHE5BacwmJ9K
pZyCevm3ZMPX5Dx66mpvfrlcSNbZpORnJhCXcrBZStIw2EmeH8kFDvhLELP0pdPU
TA3nRMMixy36dRRG21gL31DgEyAE/Svuc3U/xbSts6NV8Up3lqch4yZzr2lzuKUh
QSDFNNRTsRtrU22kyNVULsMQ4wTA93OtqvYSV8P0X9GBmdS9SC2h9dYaaBf00KuY
yNfDZfn/m3hOT6/dlO1LVPKJmsiGIIZQAKz8gA+PbJvStH2KI7vVWhz776KGyVm7
rkJVDWNXMlbVFaFs+1xBC/JOzu4aJfqvgOEnbqouZb8lk1GNJ907honSbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDm2gX+p4hAdpttWOz9HzIAq23qYMB8GA1UdIwQY
MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt
N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1
LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRrgwvRB
6rnO1NH2FSwVF75wHqPXvvm5R7IJNrGUnS/aHw83VTPQyKjzEMpybf21y5eHLgIv
EjqqUKn93zY/geIaaiqc6B02+cKp7eno9ojXH/OYL8kBuhF4OfnoMJwf1iOEhYSH
aJNvtDGtSpn8ivruQC4sflqlaAvlWknzNXNJicv7UwHOSYIXuJvG6eSq0hGBwRZA
KHXrlmPJMu5QwGUtP/GAqD56BhZvkuIl0xOY0Tb4QBlHYP0Czqwdbw4Uxw9eRgdP
rVobc6KVlVkPlxqjOlrPdlImloIRLyikr8w7ZdnRqiSnrUB+HQV/qwKeTaDADjMT
HsXrE91zhLw2Yg==
-----END CERTIFICATE-----