Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
File:                     QzFPMPOkU_9JIh2VStgCijBKAVA.mft (raw, json)
Hash identifier:          ri2oK0qvu55ouHgG5L0wS/GVWSMq0gVT+8vLG/eMmCg=
Subject key identifier:   2F:14:03:08:69:6F:15:77:48:32:39:6A:32:A9:06:24:CC:0C:1F:19
Authority key identifier: 43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50
Certificate issuer:       /CN=43314f30f3a453ff49221d954ad8028a304a0150
Certificate serial:       019356F6D4DD9911A6C4740136866159597D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
Manifest number:          136F
Signing time:             Sat 23 Nov 2024 03:00:37 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:37 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:37 +0000
Files and hashes:         1: QzFPMPOkU_9JIh2VStgCijBKAVA.crl (hash: m0WNpVdMWqbFxinxS+hIPwKdp/Csl8SvrLU6nU1dN4M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:d4:dd:99:11:a6:c4:74:01:36:86:61:59:59:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43314f30f3a453ff49221d954ad8028a304a0150
        Validity
            Not Before: Nov 23 03:00:37 2024 GMT
            Not After : Nov 24 03:00:37 2024 GMT
        Subject: CN=2f140308696f15774832396a32a90624cc0c1f19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:bb:d1:23:eb:f6:ac:b7:f2:c3:3e:3f:52:6b:
                    e7:39:79:00:3b:e4:32:ea:a9:87:9a:e8:28:6e:d1:
                    db:32:34:7d:72:da:92:fe:cf:20:da:92:b1:57:c2:
                    d4:12:e3:e4:5b:67:4a:ca:f8:19:41:16:7b:95:0f:
                    7d:29:86:76:bb:a2:a6:3e:89:ac:53:90:e4:66:35:
                    e4:f8:38:1e:75:7e:f8:b9:85:e5:19:1c:0d:0d:a0:
                    65:f0:c4:ed:d7:96:09:06:f9:c3:aa:19:96:5a:39:
                    dc:6d:e0:eb:67:49:4f:17:62:4c:a6:6b:e9:75:af:
                    7b:87:13:e2:ce:f1:40:ba:f7:b6:42:a5:e4:69:02:
                    34:cc:db:e9:bd:70:17:c1:77:ea:5e:32:41:d8:ab:
                    da:15:ed:33:84:35:c4:7e:63:a3:91:6c:66:7a:b8:
                    95:37:c3:23:b9:bd:73:ae:2a:d8:ac:19:3e:98:a0:
                    b3:4c:fe:bc:96:e0:df:df:7c:b9:5a:d6:e9:c5:3b:
                    eb:25:17:f8:23:ed:8c:8f:82:9a:7e:f4:00:b3:0c:
                    6d:4e:0c:7d:2e:c2:fa:9d:d3:e0:e4:bd:05:a4:0e:
                    d9:05:46:f0:76:71:dd:24:6c:ff:9a:1f:88:8d:58:
                    3a:8c:0c:91:c6:d8:28:ec:cb:e5:6e:d3:53:99:2a:
                    73:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:14:03:08:69:6F:15:77:48:32:39:6A:32:A9:06:24:CC:0C:1F:19
            X509v3 Authority Key Identifier:
                keyid:43:31:4F:30:F3:A4:53:FF:49:22:1D:95:4A:D8:02:8A:30:4A:01:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QzFPMPOkU_9JIh2VStgCijBKAVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/630e94-6b71-4063-9328-558eea1f5901/1/QzFPMPOkU_9JIh2VStgCijBKAVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:69:70:bf:57:f5:ab:31:22:4f:41:f8:c3:44:ab:44:94:d7:
         28:aa:aa:f1:e9:c3:c8:58:f9:7b:dc:3e:94:d6:3f:99:3d:c1:
         84:d9:33:be:c4:33:63:1c:ba:72:c5:25:1a:c8:1b:46:17:59:
         02:10:9f:56:ee:88:ff:fd:14:ae:08:67:65:02:5a:06:25:3c:
         d5:b7:9a:01:36:eb:08:3c:19:59:3a:5b:13:4d:ca:90:48:f1:
         23:cf:14:cd:b4:93:cc:17:d2:7d:a1:cb:c1:03:98:95:c5:12:
         8f:2a:bb:ef:1e:16:0a:8a:1e:ae:e5:31:49:c5:72:ba:de:97:
         04:e1:a9:4f:09:fd:46:21:ee:2c:01:7e:bd:3a:3f:69:81:a4:
         3e:80:af:8b:cc:58:ea:9c:f7:08:ec:5e:56:bd:0e:bd:23:a5:
         4a:ae:30:da:d5:d9:48:88:74:96:aa:34:cf:cd:ed:57:71:a6:
         eb:08:c3:47:65:c7:7f:5d:c8:89:8b:e8:66:28:50:fe:9b:29:
         7c:01:cb:28:df:fc:17:f9:62:b6:b8:97:32:67:1c:b9:56:50:
         3d:48:4e:6a:02:09:f1:9a:8f:d9:c5:ca:48:5e:09:14:67:10:
         04:90:76:20:c8:b3:d7:3f:8e:ff:be:40:2b:7e:81:e8:97:e2:
         21:ba:8a:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9tTdmRGmxHQBNoZhWVl9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMzE0ZjMwZjNhNDUzZmY0OTIyMWQ5NTRhZDgwMjhhMzA0
YTAxNTAwHhcNMjQxMTIzMDMwMDM3WhcNMjQxMTI0MDMwMDM3WjAzMTEwLwYDVQQD
EygyZjE0MDMwODY5NmYxNTc3NDgzMjM5NmEzMmE5MDYyNGNjMGMxZjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbvRI+v2rLfywz4/UmvnOXkAO+Qy
6qmHmugobtHbMjR9ctqS/s8g2pKxV8LUEuPkW2dKyvgZQRZ7lQ99KYZ2u6KmPoms
U5DkZjXk+DgedX74uYXlGRwNDaBl8MTt15YJBvnDqhmWWjncbeDrZ0lPF2JMpmvp
da97hxPizvFAuve2QqXkaQI0zNvpvXAXwXfqXjJB2KvaFe0zhDXEfmOjkWxmeriV
N8Mjub1zrirYrBk+mKCzTP68luDf33y5WtbpxTvrJRf4I+2Mj4KafvQAswxtTgx9
LsL6ndPg5L0FpA7ZBUbwdnHdJGz/mh+IjVg6jAyRxtgo7MvlbtNTmSpzOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC8UAwhpbxV3SDI5ajKpBiTMDB8ZMB8GA1UdIwQY
MBaAFEMxTzDzpFP/SSIdlUrYAoowSgFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgt
NTU4ZWVhMWY1OTAxLzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82MzBlOTQtNmI3MS00MDYzLTkzMjgtNTU4ZWVhMWY1OTAx
LzEvUXpGUE1QT2tVXzlKSWgyVlN0Z0NpakJLQVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2lwv1f1
qzEiT0H4w0SrRJTXKKqq8enDyFj5e9w+lNY/mT3BhNkzvsQzYxy6csUlGsgbRhdZ
AhCfVu6I//0UrghnZQJaBiU81beaATbrCDwZWTpbE03KkEjxI88UzbSTzBfSfaHL
wQOYlcUSjyq77x4WCooeruUxScVyut6XBOGpTwn9RiHuLAF+vTo/aYGkPoCvi8xY
6pz3COxeVr0OvSOlSq4w2tXZSIh0lqo0z83tV3Gm6wjDR2XHf13IiYvoZihQ/psp
fAHLKN/8F/litriXMmccuVZQPUhOagIJ8ZqP2cXKSF4JFGcQBJB2IMiz1z+O/75A
K36B6JfiIbqKIw==
-----END CERTIFICATE-----