Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
File:                     coCW6KzXbpqhfz62eAQG49pWPtI.mft (raw, json)
Hash identifier:          n4KME1tSk/L40/pFwyIusEIt7+TH7/PTEVP3C4M4tak=
Subject key identifier:   A2:8F:13:B4:E1:94:F2:C1:E8:07:E0:B6:91:96:F7:90:6D:EF:17:10
Authority key identifier: 72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2
Certificate issuer:       /CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
Certificate serial:       01935764B8B19D3E8965BCF276B47C6928FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
Manifest number:          122B
Signing time:             Sat 23 Nov 2024 05:00:38 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:38 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:38 +0000
Files and hashes:         1: coCW6KzXbpqhfz62eAQG49pWPtI.crl (hash: Ze4vYI3K7rTrDZSXkRIi6Nbc3OTZXC+wjLZc06PlEnQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:b8:b1:9d:3e:89:65:bc:f2:76:b4:7c:69:28:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=728096e8acd76e9aa17f3eb6780406e3da563ed2
        Validity
            Not Before: Nov 23 05:00:38 2024 GMT
            Not After : Nov 24 05:00:38 2024 GMT
        Subject: CN=a28f13b4e194f2c1e807e0b69196f7906def1710
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:70:f1:67:e2:de:44:0a:9c:df:81:05:54:26:
                    97:0e:cf:91:ba:0e:28:54:e2:f6:a4:da:bd:0e:01:
                    47:90:79:9c:6f:63:53:dc:fe:95:e6:10:ca:f8:e5:
                    52:bc:bc:1b:8b:03:47:f9:fc:0d:4d:d2:a7:bf:c2:
                    0f:eb:b8:dd:0e:e4:ce:e3:92:8b:1f:db:fc:20:a0:
                    2f:91:f7:1d:84:43:28:c1:fe:be:cb:62:64:62:41:
                    dc:f7:3c:a0:94:a6:fe:02:71:fa:46:9f:74:f9:21:
                    d9:93:86:61:cd:3b:68:ac:e5:6f:51:a8:c2:a1:24:
                    d3:2a:50:51:89:f7:de:9f:ec:21:cd:0d:97:57:9a:
                    e5:4e:9a:99:23:da:df:cc:16:1f:57:13:a7:19:74:
                    cf:1a:28:67:79:da:87:51:a0:5b:81:e6:99:90:16:
                    c5:f6:51:52:43:21:9c:5d:31:04:27:ea:85:06:a8:
                    94:36:75:45:15:b0:67:51:ac:34:03:28:47:13:e7:
                    db:fd:8e:0f:08:23:cb:21:07:8c:a0:e3:a4:21:ff:
                    28:70:4b:85:2e:a1:2c:12:f7:b3:80:97:57:6d:1e:
                    c7:60:93:72:04:cf:8f:66:73:46:d2:94:62:42:e0:
                    1e:be:b9:7c:76:88:a3:00:48:b2:76:12:5b:36:16:
                    46:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:8F:13:B4:E1:94:F2:C1:E8:07:E0:B6:91:96:F7:90:6D:EF:17:10
            X509v3 Authority Key Identifier:
                keyid:72:80:96:E8:AC:D7:6E:9A:A1:7F:3E:B6:78:04:06:E3:DA:56:3E:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/coCW6KzXbpqhfz62eAQG49pWPtI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/bf144b-aab5-407e-904f-c1734d50cb3b/1/coCW6KzXbpqhfz62eAQG49pWPtI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:a4:c2:25:2b:3c:ca:dd:dd:04:6f:1c:12:3a:5d:a3:c6:d9:
         17:03:f3:5f:e4:1f:8d:6f:13:17:8e:1c:7d:10:95:96:1b:fe:
         8a:48:3f:18:70:dc:2f:f2:a8:23:c7:f0:1b:a2:f8:b9:46:ab:
         29:fe:b3:15:6a:e9:f4:49:f6:d5:57:c8:23:cf:d0:59:9b:39:
         7d:02:2e:79:c1:55:ad:81:ed:e5:cb:b4:0f:61:62:10:5e:d8:
         2b:d1:0d:ea:c8:fa:a7:1b:c9:a2:4f:c0:8d:2f:03:65:cc:42:
         21:36:07:d6:e3:4f:b8:4f:dd:cc:9e:d0:bf:48:e3:b8:5e:38:
         72:8a:eb:d2:46:8d:8b:76:d0:fd:61:68:8a:4d:bc:0a:f2:5e:
         c6:f8:73:ae:e2:ff:30:3d:ac:2b:6c:a3:44:3f:0a:e8:1f:e5:
         05:b6:72:c7:84:6d:a5:40:60:62:fb:01:fc:0d:b3:09:53:5f:
         5a:84:bd:f1:53:8a:86:39:36:f2:77:00:e7:88:86:6f:3a:f1:
         87:f5:86:26:a2:6f:1f:ca:e2:28:56:ca:29:7b:94:6e:59:87:
         cb:7f:7b:34:c9:f1:3e:00:9c:87:66:d4:b0:04:cb:fa:8f:4c:
         1c:cc:3a:fa:93:22:d1:88:45:71:f9:b9:70:8a:6a:d4:c4:31:
         40:c6:fe:ac
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZLixnT6JZbzydrR8aSj+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyODA5NmU4YWNkNzZlOWFhMTdmM2ViNjc4MDQwNmUzZGE1
NjNlZDIwHhcNMjQxMTIzMDUwMDM4WhcNMjQxMTI0MDUwMDM4WjAzMTEwLwYDVQQD
EyhhMjhmMTNiNGUxOTRmMmMxZTgwN2UwYjY5MTk2Zjc5MDZkZWYxNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nDxZ+LeRAqc34EFVCaXDs+Rug4o
VOL2pNq9DgFHkHmcb2NT3P6V5hDK+OVSvLwbiwNH+fwNTdKnv8IP67jdDuTO45KL
H9v8IKAvkfcdhEMowf6+y2JkYkHc9zyglKb+AnH6Rp90+SHZk4ZhzTtorOVvUajC
oSTTKlBRiffen+whzQ2XV5rlTpqZI9rfzBYfVxOnGXTPGihnedqHUaBbgeaZkBbF
9lFSQyGcXTEEJ+qFBqiUNnVFFbBnUaw0AyhHE+fb/Y4PCCPLIQeMoOOkIf8ocEuF
LqEsEvezgJdXbR7HYJNyBM+PZnNG0pRiQuAevrl8doijAEiydhJbNhZG6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKPE7ThlPLB6AfgtpGW95Bt7xcQMB8GA1UdIwQY
MBaAFHKAluis126aoX8+tngEBuPaVj7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYt
YzE3MzRkNTBjYjNiLzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9iZjE0NGItYWFiNS00MDdlLTkwNGYtYzE3MzRkNTBjYjNi
LzEvY29DVzZLelhicHFoZno2MmVBUUc0OXBXUHRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYaTCJSs8
yt3dBG8cEjpdo8bZFwPzX+QfjW8TF44cfRCVlhv+ikg/GHDcL/KoI8fwG6L4uUar
Kf6zFWrp9En21VfII8/QWZs5fQIuecFVrYHt5cu0D2FiEF7YK9EN6sj6pxvJok/A
jS8DZcxCITYH1uNPuE/dzJ7Qv0jjuF44corr0kaNi3bQ/WFoik28CvJexvhzruL/
MD2sK2yjRD8K6B/lBbZyx4RtpUBgYvsB/A2zCVNfWoS98VOKhjk28ncA54iGbzrx
h/WGJqJvH8riKFbKKXuUblmHy397NMnxPgCch2bUsATL+o9MHMw6+pMi0YhFcfm5
cIpq1MQxQMb+rA==
-----END CERTIFICATE-----