Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
File:                     TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft (raw, json)
Hash identifier:          xJt9Zf65DLPGufst7kuEbORaENXtymayJjZsF9LuDu8=
Subject key identifier:   22:50:7B:81:D3:71:52:47:B2:01:07:09:5C:47:70:45:BF:0F:72:73
Authority key identifier: 4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61
Certificate issuer:       /CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
Certificate serial:       01936A46FF9E5251E0A72C0431126970E01A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
Manifest number:          12D8
Signing time:             Tue 26 Nov 2024 21:00:57 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:57 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:57 +0000
Files and hashes:         1: TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl (hash: JtNq6AqDjKnONrKWkhMMnERmzXclndGmI37zIEgnLE4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:ff:9e:52:51:e0:a7:2c:04:31:12:69:70:e0:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4c0006e05896f6ffb30161e7c8dda2f9ad05b561
        Validity
            Not Before: Nov 26 21:00:57 2024 GMT
            Not After : Nov 27 21:00:57 2024 GMT
        Subject: CN=22507b81d3715247b20107095c477045bf0f7273
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:c3:44:4b:f6:37:5d:d5:17:3a:2f:5b:97:1d:
                    0e:1f:db:f3:e1:72:0b:bb:7e:8c:d3:32:b7:63:a7:
                    5a:56:b8:7e:87:03:5e:35:ee:c4:32:6c:65:50:4a:
                    bf:bd:89:15:91:05:35:5e:ea:fd:f4:af:46:60:c9:
                    68:5a:91:34:a2:6f:be:58:8d:f5:84:51:9e:08:9d:
                    16:27:76:80:b3:50:7f:27:0c:61:0a:00:86:89:90:
                    00:7d:69:6f:4f:09:02:b7:c3:b7:04:02:91:ba:28:
                    c1:76:6b:f1:ca:82:cc:d7:d1:53:74:87:a3:7f:65:
                    5f:9b:df:a2:ed:39:cd:05:ee:40:f9:53:f4:d0:35:
                    ba:57:39:f8:dd:68:cd:38:15:24:88:b2:1d:19:31:
                    5f:48:cc:2c:44:af:10:e5:82:20:9d:29:9a:5e:12:
                    74:9b:7a:3f:8d:5f:27:01:67:c9:9b:f0:59:00:f7:
                    e2:4e:71:a1:b9:65:7c:bc:e5:c6:12:24:d6:4a:82:
                    90:1f:dc:e7:e5:25:95:17:f0:af:74:df:5a:2c:74:
                    85:20:a5:0a:e8:6a:44:9c:e7:c3:1e:e3:cb:05:f0:
                    c7:b0:77:1f:df:34:7b:9a:fe:b2:fa:8e:07:35:8b:
                    8a:12:07:47:70:ab:9c:03:48:0c:48:f6:5f:a2:95:
                    a7:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:50:7B:81:D3:71:52:47:B2:01:07:09:5C:47:70:45:BF:0F:72:73
            X509v3 Authority Key Identifier:
                keyid:4C:00:06:E0:58:96:F6:FF:B3:01:61:E7:C8:DD:A2:F9:AD:05:B5:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TAAG4FiW9v-zAWHnyN2i-a0FtWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/b7f839-c680-45ea-a8ee-13087bebd1e4/1/TAAG4FiW9v-zAWHnyN2i-a0FtWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:d0:92:fa:ea:1a:5a:77:58:0e:c0:ac:5c:28:0b:30:9b:7f:
         9a:32:00:55:b3:a8:4e:08:75:4c:2c:0f:80:5e:3c:2d:67:94:
         50:f0:9d:90:ad:04:9d:e3:c4:ae:09:fb:e7:1a:86:eb:0e:24:
         b3:f9:4e:d6:29:c3:58:14:3c:8e:f3:22:3d:6e:1c:75:5a:20:
         39:49:f3:67:06:b5:b2:6c:87:d5:94:a4:57:89:0e:78:8a:bd:
         bb:c5:2d:ed:a3:af:33:a2:22:a6:31:0c:94:ba:cc:fd:27:28:
         cc:f5:72:f8:ba:56:00:17:60:28:69:27:07:ed:ae:e5:e5:91:
         5c:25:af:2a:65:5b:08:e2:8e:52:0b:ca:8a:0c:0f:73:09:93:
         7f:e4:3b:f9:25:24:bd:e7:73:a6:1b:e9:b0:76:9d:a1:12:9b:
         29:7a:d8:8c:e6:30:3c:43:fc:16:0e:40:79:1c:1d:d3:4b:65:
         42:a0:22:39:f6:e8:8c:06:c4:fc:c5:e9:1f:ba:da:02:8a:82:
         5c:e1:d0:20:da:8f:13:44:18:b3:a5:77:d4:0b:c3:97:63:f3:
         27:75:04:7f:2e:c9:79:a3:df:6c:3b:b9:f8:4e:3c:d4:e1:08:
         1d:a3:6b:ee:c2:fd:4c:85:29:07:74:fc:54:bc:94:18:63:3a:
         06:89:b2:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRv+eUlHgpywEMRJpcOAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMDAwNmUwNTg5NmY2ZmZiMzAxNjFlN2M4ZGRhMmY5YWQw
NWI1NjEwHhcNMjQxMTI2MjEwMDU3WhcNMjQxMTI3MjEwMDU3WjAzMTEwLwYDVQQD
EygyMjUwN2I4MWQzNzE1MjQ3YjIwMTA3MDk1YzQ3NzA0NWJmMGY3MjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcNES/Y3XdUXOi9blx0OH9vz4XIL
u36M0zK3Y6daVrh+hwNeNe7EMmxlUEq/vYkVkQU1Xur99K9GYMloWpE0om++WI31
hFGeCJ0WJ3aAs1B/JwxhCgCGiZAAfWlvTwkCt8O3BAKRuijBdmvxyoLM19FTdIej
f2Vfm9+i7TnNBe5A+VP00DW6Vzn43WjNOBUkiLIdGTFfSMwsRK8Q5YIgnSmaXhJ0
m3o/jV8nAWfJm/BZAPfiTnGhuWV8vOXGEiTWSoKQH9zn5SWVF/CvdN9aLHSFIKUK
6GpEnOfDHuPLBfDHsHcf3zR7mv6y+o4HNYuKEgdHcKucA0gMSPZfopWnVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJQe4HTcVJHsgEHCVxHcEW/D3JzMB8GA1UdIwQY
MBaAFEwABuBYlvb/swFh58jdovmtBbVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUt
MTMwODdiZWJkMWU0LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9iN2Y4MzktYzY4MC00NWVhLWE4ZWUtMTMwODdiZWJkMWU0
LzEvVEFBRzRGaVc5di16QVdIbnlOMmktYTBGdFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhdCS+uoa
WndYDsCsXCgLMJt/mjIAVbOoTgh1TCwPgF48LWeUUPCdkK0EnePErgn75xqG6w4k
s/lO1inDWBQ8jvMiPW4cdVogOUnzZwa1smyH1ZSkV4kOeIq9u8Ut7aOvM6IipjEM
lLrM/ScozPVy+LpWABdgKGknB+2u5eWRXCWvKmVbCOKOUgvKigwPcwmTf+Q7+SUk
vedzphvpsHadoRKbKXrYjOYwPEP8Fg5AeRwd00tlQqAiOfbojAbE/MXpH7raAoqC
XOHQINqPE0QYs6V31AvDl2PzJ3UEfy7JeaPfbDu5+E481OEIHaNr7sL9TIUpB3T8
VLyUGGM6BomylA==
-----END CERTIFICATE-----