Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          KLup5+tA3cohuF1U259TXq4etUxVYpcDZc98LOKMsRE=
Subject key identifier:   23:8D:7E:09:62:65:F7:2B:F7:90:3D:5E:3B:8B:AD:D1:5E:26:C2:46
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       019369D9A1C67F9F79A634949FB15985B356
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          0905
Signing time:             Tue 26 Nov 2024 19:01:30 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:30 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:30 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: S6X1NYDRIn2Eew4CDxLq5dFM2SYuAcsnwQSSAhAdlJI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:a1:c6:7f:9f:79:a6:34:94:9f:b1:59:85:b3:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: Nov 26 19:01:30 2024 GMT
            Not After : Nov 27 19:01:30 2024 GMT
        Subject: CN=238d7e096265f72bf7903d5e3b8badd15e26c246
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:92:cc:d4:a5:54:72:96:8f:49:aa:63:66:6c:
                    60:2b:97:1d:c2:2e:d3:fa:01:bb:69:65:8a:ff:b2:
                    b6:17:c9:b1:06:89:01:d9:42:39:4f:31:d2:ff:48:
                    ab:37:ad:51:af:53:f0:38:d8:f1:c1:c5:8f:3b:17:
                    ce:36:ad:03:45:01:b4:59:94:ec:c8:db:08:83:7f:
                    51:05:5a:0a:67:28:75:bb:b9:b0:43:0a:48:89:14:
                    61:08:bd:90:c7:04:36:ca:a3:a2:6c:ec:90:51:59:
                    23:b1:28:1f:e7:dc:b0:e2:96:89:db:60:a9:30:f6:
                    6e:21:32:a5:df:38:23:16:8b:cd:79:dc:9c:9c:13:
                    e0:cd:5f:48:6b:1b:fa:75:52:e3:f4:ee:65:d4:d4:
                    a3:d1:46:d5:2a:1e:34:f0:6e:05:93:58:45:0d:86:
                    ce:5c:33:2f:60:d3:bf:9c:28:aa:57:cd:ca:fe:f0:
                    c6:58:35:02:42:73:73:78:7b:01:50:12:47:f0:80:
                    d1:8d:29:1c:dc:88:be:83:44:13:9a:23:67:e5:d1:
                    0a:c5:14:86:69:87:ed:f7:1d:ee:94:60:49:d4:d4:
                    38:11:05:ee:46:04:8f:30:6d:5d:b9:6f:68:8b:42:
                    7c:e7:36:93:8f:5e:4b:85:76:10:b1:af:6f:65:ed:
                    86:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:8D:7E:09:62:65:F7:2B:F7:90:3D:5E:3B:8B:AD:D1:5E:26:C2:46
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:7d:ea:d6:df:76:6f:e4:66:bb:dd:b3:86:65:41:3c:a1:2a:
         ad:7e:51:f9:2b:fc:41:f0:bd:29:82:38:b7:c8:c1:26:a7:3d:
         50:af:d9:eb:ff:5f:e1:20:2d:6c:74:9a:28:1b:9b:6f:7a:6e:
         7c:61:ec:98:ac:ab:67:07:da:4f:1d:26:61:24:82:31:af:ce:
         86:ec:22:7b:f4:04:82:cf:58:4b:8c:7f:ce:57:0b:f7:d6:87:
         93:4d:e5:2f:39:55:2c:19:f1:ab:82:4f:a4:05:c2:ae:02:a3:
         3c:88:8b:49:f8:05:67:6e:d5:14:b3:99:01:38:fc:9a:c4:14:
         a7:6d:e2:e5:c1:c8:a9:02:9d:1b:3e:30:c2:53:76:a0:24:f4:
         39:d6:f5:7c:a6:ca:a0:d2:76:db:59:2f:84:66:24:dc:ff:80:
         80:12:85:5a:f1:a1:1a:4e:e1:57:47:e1:64:9e:9a:ed:e3:d1:
         68:53:93:f4:d5:47:ab:42:6a:56:3d:a9:19:d2:11:76:8e:eb:
         03:cc:2c:88:f2:2f:6d:b9:b2:96:69:61:2b:08:ef:fd:5b:72:
         cd:27:4f:70:eb:48:00:17:8f:f2:c1:ec:a3:82:5d:0c:8c:c1:
         d0:10:c8:b2:68:62:2d:1f:bd:06:88:2c:db:92:bc:09:87:94:
         c9:59:11:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2aHGf595pjSUn7FZhbNWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjQxMTI2MTkwMTMwWhcNMjQxMTI3MTkwMTMwWjAzMTEwLwYDVQQD
EygyMzhkN2UwOTYyNjVmNzJiZjc5MDNkNWUzYjhiYWRkMTVlMjZjMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZLM1KVUcpaPSapjZmxgK5cdwi7T
+gG7aWWK/7K2F8mxBokB2UI5TzHS/0irN61Rr1PwONjxwcWPOxfONq0DRQG0WZTs
yNsIg39RBVoKZyh1u7mwQwpIiRRhCL2QxwQ2yqOibOyQUVkjsSgf59yw4paJ22Cp
MPZuITKl3zgjFovNedycnBPgzV9Iaxv6dVLj9O5l1NSj0UbVKh408G4Fk1hFDYbO
XDMvYNO/nCiqV83K/vDGWDUCQnNzeHsBUBJH8IDRjSkc3Ii+g0QTmiNn5dEKxRSG
aYft9x3ulGBJ1NQ4EQXuRgSPMG1duW9oi0J85zaTj15LhXYQsa9vZe2GgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCONfgliZfcr95A9XjuLrdFeJsJGMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHn3q1t92
b+Rmu92zhmVBPKEqrX5R+Sv8QfC9KYI4t8jBJqc9UK/Z6/9f4SAtbHSaKBubb3pu
fGHsmKyrZwfaTx0mYSSCMa/Ohuwie/QEgs9YS4x/zlcL99aHk03lLzlVLBnxq4JP
pAXCrgKjPIiLSfgFZ27VFLOZATj8msQUp23i5cHIqQKdGz4wwlN2oCT0Odb1fKbK
oNJ221kvhGYk3P+AgBKFWvGhGk7hV0fhZJ6a7ePRaFOT9NVHq0JqVj2pGdIRdo7r
A8wsiPIvbbmylmlhKwjv/VtyzSdPcOtIABeP8sHso4JdDIzB0BDIsmhiLR+9Bogs
25K8CYeUyVkRJw==
-----END CERTIFICATE-----