Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
File:                     pKgNKvhhtwo37AUOAT5t-6lMiz0.mft (raw, json)
Hash identifier:          +Vlf1PG0VE39RKbWsa3uxBHIbI0nxEwZg+jfWDyeNNI=
Subject key identifier:   03:CE:69:9C:04:38:2C:B2:0C:85:47:71:80:0B:88:C6:6F:3F:47:5C
Authority key identifier: A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D
Certificate issuer:       /CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
Certificate serial:       01935877A1CDC9DBB279B6D5568615A37AB7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
Manifest number:          0C16
Signing time:             Sat 23 Nov 2024 10:00:55 +0000
Manifest this update:     Sat 23 Nov 2024 10:00:55 +0000
Manifest next update:     Sun 24 Nov 2024 10:00:55 +0000
Files and hashes:         1: pKgNKvhhtwo37AUOAT5t-6lMiz0.crl (hash: MaVoKFz9bErk0KzwcAUrcgvFkwDt7Sb8Ky2/O6z3xW0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:a1:cd:c9:db:b2:79:b6:d5:56:86:15:a3:7a:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a80d2af861b70a37ec050e013e6dfba94c8b3d
        Validity
            Not Before: Nov 23 10:00:55 2024 GMT
            Not After : Nov 24 10:00:55 2024 GMT
        Subject: CN=03ce699c04382cb20c854771800b88c66f3f475c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ae:fd:9b:68:fb:39:d8:61:5c:da:ac:2e:3e:
                    7a:bd:cd:12:d4:99:3f:7b:0c:05:fd:7f:3d:19:4e:
                    6e:e2:c6:7e:f5:bf:c5:da:0e:c7:6c:95:14:0a:7d:
                    f5:7a:85:4b:19:bf:4d:b2:fa:bb:3d:4e:08:32:69:
                    a9:4d:ab:64:6b:af:03:df:e6:c0:ba:68:f2:43:85:
                    b3:57:41:82:de:88:1f:78:41:4d:e9:07:17:c2:a5:
                    d6:07:2a:27:8e:9f:61:fa:39:56:1d:5a:40:bb:8d:
                    7e:da:2a:44:d5:94:9e:2f:0b:76:71:80:78:bd:5b:
                    77:23:5d:4b:f7:b6:8e:b4:24:ea:b8:de:52:24:95:
                    d2:d1:ba:b2:68:92:e9:d8:df:de:c1:ef:e3:7e:2f:
                    19:22:32:45:b2:c0:d4:dc:ab:1a:ba:4e:c3:6f:0f:
                    4b:92:42:37:bb:7d:dd:b1:4a:52:5d:50:75:35:4d:
                    2d:19:ea:c7:9b:a5:ab:f2:b5:f1:4a:38:60:41:c4:
                    f9:9e:fa:53:76:63:a8:82:3f:09:a7:db:b8:12:f0:
                    dc:a1:1d:9c:c7:e0:93:f3:76:79:64:18:17:12:b6:
                    ee:29:e2:5c:02:a5:61:d6:52:69:f2:75:12:c5:f8:
                    46:cd:c0:bf:78:28:c8:f1:a9:91:5e:f8:d1:03:75:
                    e9:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:CE:69:9C:04:38:2C:B2:0C:85:47:71:80:0B:88:C6:6F:3F:47:5C
            X509v3 Authority Key Identifier:
                keyid:A4:A8:0D:2A:F8:61:B7:0A:37:EC:05:0E:01:3E:6D:FB:A9:4C:8B:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKgNKvhhtwo37AUOAT5t-6lMiz0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ec6225-d6a7-418a-b02f-6234ea09e186/1/pKgNKvhhtwo37AUOAT5t-6lMiz0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:c8:40:68:47:96:d3:97:38:64:b6:e6:ce:0f:d4:8a:ae:68:
         37:57:13:45:be:4c:7f:a9:85:21:a9:3e:9a:66:20:43:58:52:
         89:03:15:ce:89:46:84:bb:6f:22:66:1e:d7:36:2f:78:3d:5e:
         6c:d9:54:d0:3b:bd:42:c1:f9:a2:c1:70:d6:fa:9b:cc:63:2d:
         85:e4:0f:5b:4e:ec:4c:e4:85:a1:8c:85:fd:06:71:8a:db:d4:
         6e:8f:2b:ea:b8:06:34:79:62:06:d4:82:c7:e0:0b:01:d4:ca:
         a4:38:3b:d2:1a:62:d8:07:3c:39:0b:7d:20:ea:28:f5:2e:25:
         9b:c6:fa:bf:1a:2a:79:dc:b8:e4:79:12:b6:71:b2:62:1a:e7:
         d9:be:de:0f:f1:3f:d6:0e:b7:dd:64:f6:70:68:69:55:3e:7c:
         88:4f:0c:a5:a5:e1:8d:b6:30:80:65:98:18:90:c0:76:85:b4:
         50:56:8a:2f:8c:9f:b8:2a:3b:ff:f5:35:05:98:2b:18:50:f5:
         77:40:af:6c:f7:5b:8b:b2:9a:b0:c6:42:c0:0d:9a:36:12:e6:
         86:aa:ac:0e:6f:a5:33:ee:e6:94:91:2b:7d:36:34:d5:cd:d7:
         11:42:84:8f:f0:07:23:dd:41:ad:d9:ea:b1:d3:36:f4:be:65:
         9d:f7:8c:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd6HNyduyebbVVoYVo3q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTgwZDJhZjg2MWI3MGEzN2VjMDUwZTAxM2U2ZGZiYTk0
YzhiM2QwHhcNMjQxMTIzMTAwMDU1WhcNMjQxMTI0MTAwMDU1WjAzMTEwLwYDVQQD
EygwM2NlNjk5YzA0MzgyY2IyMGM4NTQ3NzE4MDBiODhjNjZmM2Y0NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta79m2j7OdhhXNqsLj56vc0S1Jk/
ewwF/X89GU5u4sZ+9b/F2g7HbJUUCn31eoVLGb9Nsvq7PU4IMmmpTatka68D3+bA
umjyQ4WzV0GC3ogfeEFN6QcXwqXWByonjp9h+jlWHVpAu41+2ipE1ZSeLwt2cYB4
vVt3I11L97aOtCTquN5SJJXS0bqyaJLp2N/ewe/jfi8ZIjJFssDU3Ksauk7Dbw9L
kkI3u33dsUpSXVB1NU0tGerHm6Wr8rXxSjhgQcT5nvpTdmOogj8Jp9u4EvDcoR2c
x+CT83Z5ZBgXErbuKeJcAqVh1lJp8nUSxfhGzcC/eCjI8amRXvjRA3XpDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPOaZwEOCyyDIVHcYALiMZvP0dcMB8GA1UdIwQY
MBaAFKSoDSr4YbcKN+wFDgE+bfupTIs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYt
NjIzNGVhMDllMTg2LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lYzYyMjUtZDZhNy00MThhLWIwMmYtNjIzNGVhMDllMTg2
LzEvcEtnTkt2aGh0d28zN0FVT0FUNXQtNmxNaXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACshAaEeW
05c4ZLbmzg/Uiq5oN1cTRb5Mf6mFIak+mmYgQ1hSiQMVzolGhLtvImYe1zYveD1e
bNlU0Du9QsH5osFw1vqbzGMtheQPW07sTOSFoYyF/QZxitvUbo8r6rgGNHliBtSC
x+ALAdTKpDg70hpi2Ac8OQt9IOoo9S4lm8b6vxoqedy45HkStnGyYhrn2b7eD/E/
1g633WT2cGhpVT58iE8MpaXhjbYwgGWYGJDAdoW0UFaKL4yfuCo7//U1BZgrGFD1
d0CvbPdbi7KasMZCwA2aNhLmhqqsDm+lM+7mlJErfTY01c3XEUKEj/AHI91Brdnq
sdM29L5lnfeMew==
-----END CERTIFICATE-----