Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
File:                     p2H8O2oE10MHa9KG3oIURfBlTvc.mft (raw, json)
Hash identifier:          /GZtWVjIHFzudhuS7wzp8HebLlCCFZIvw/IprR3tOXg=
Subject key identifier:   A0:F9:1F:04:09:6F:AC:B4:CB:B3:C4:66:65:D1:B1:AF:74:C8:07:01
Authority key identifier: A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7
Certificate issuer:       /CN=a761fc3b6a04d743076bd286de821445f0654ef7
Certificate serial:       0193572DE4257F9D4914E571D545B365B87E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
Manifest number:          1300
Signing time:             Sat 23 Nov 2024 04:00:45 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:45 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:45 +0000
Files and hashes:         1: p2H8O2oE10MHa9KG3oIURfBlTvc.crl (hash: gi1tFIsW273I+9acZqLn8Mek/QIe6q02CgwxkP1BVkU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:e4:25:7f:9d:49:14:e5:71:d5:45:b3:65:b8:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a761fc3b6a04d743076bd286de821445f0654ef7
        Validity
            Not Before: Nov 23 04:00:45 2024 GMT
            Not After : Nov 24 04:00:45 2024 GMT
        Subject: CN=a0f91f04096facb4cbb3c46665d1b1af74c80701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:7e:06:b1:38:a3:19:2c:8b:46:03:fc:d4:8b:
                    30:a6:3e:1e:dd:2e:12:fb:59:85:fd:b2:74:d0:34:
                    5e:27:6b:25:ac:42:be:f5:6d:d6:b7:25:e7:ca:59:
                    0b:5b:e2:6a:f1:13:b4:cc:46:b1:37:f8:d0:76:fc:
                    ad:2d:b0:a1:71:51:80:bb:de:05:48:ae:24:eb:e0:
                    3d:cd:6c:2c:69:59:47:0b:26:13:9c:9f:f7:6c:cc:
                    b0:81:c5:11:79:c8:c6:ea:59:95:3b:68:ed:83:ad:
                    39:8c:d2:48:f9:db:37:7e:a4:f3:30:83:e1:5b:01:
                    6b:f6:f6:4a:27:06:64:8c:9f:ca:dc:fd:20:66:c8:
                    79:d5:d0:d2:60:a2:f3:23:4f:35:da:52:9a:98:b2:
                    a3:8a:79:92:43:b2:85:dc:e2:15:54:d6:74:73:69:
                    66:c6:60:7a:1c:1b:eb:d8:5d:e2:60:54:04:6a:ce:
                    49:21:7e:87:25:0c:90:6b:e0:3d:ce:97:56:d6:30:
                    7e:80:50:c6:9f:03:4f:a3:bb:1c:e6:ab:f8:79:94:
                    e0:52:82:01:0d:67:13:9c:62:04:15:60:98:7e:80:
                    d0:ce:ea:b6:e2:f5:9f:56:b6:26:cb:7d:a5:a0:1f:
                    b1:05:6f:38:cd:24:1f:d2:df:cc:2d:65:44:b0:e5:
                    78:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:F9:1F:04:09:6F:AC:B4:CB:B3:C4:66:65:D1:B1:AF:74:C8:07:01
            X509v3 Authority Key Identifier:
                keyid:A7:61:FC:3B:6A:04:D7:43:07:6B:D2:86:DE:82:14:45:F0:65:4E:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2H8O2oE10MHa9KG3oIURfBlTvc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/72934e-fe73-4a99-811f-a0cde7ba8bbe/1/p2H8O2oE10MHa9KG3oIURfBlTvc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:c1:a0:e8:83:82:1d:c2:df:05:3a:29:50:eb:3b:50:c9:02:
         85:59:e7:fa:e0:23:5a:3c:10:29:f9:0c:61:51:8f:ba:66:15:
         47:1a:e6:57:69:d4:b2:89:db:69:64:76:95:26:10:4a:d8:aa:
         27:8e:f6:43:58:c0:ae:9d:0b:81:ec:ab:2e:89:d1:73:19:8e:
         79:12:6f:7a:8f:bc:04:ec:55:44:e9:32:c0:2e:1a:af:52:17:
         50:f5:5d:4d:f4:70:c6:0f:48:ce:fb:16:01:7c:39:79:2c:50:
         af:be:fa:ac:d7:4d:52:d3:7a:19:12:ff:57:ed:11:92:55:6a:
         e1:81:d2:d7:10:bf:8a:26:1e:93:3e:17:c2:1c:db:a4:07:c8:
         2e:ed:3f:3e:ec:42:ed:6d:9f:be:38:5c:cc:cf:10:c3:29:21:
         f8:9a:ce:3b:c7:f7:5d:ac:7f:53:c8:f4:44:46:e2:14:13:82:
         ca:0e:7d:58:37:75:c1:93:ac:72:3d:42:f4:ad:a2:65:fb:57:
         b6:67:84:0a:d7:79:5a:69:73:27:c4:c6:b3:01:ba:cc:3f:8c:
         ec:fe:2a:5d:67:55:75:28:f8:e5:f2:0b:93:b6:b0:0b:f9:a2:
         f1:bb:8d:fb:40:b2:ec:c4:86:66:13:12:45:dc:7b:5e:d3:b7:
         ea:53:1d:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLeQlf51JFOVx1UWzZbh+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjFmYzNiNmEwNGQ3NDMwNzZiZDI4NmRlODIxNDQ1ZjA2
NTRlZjcwHhcNMjQxMTIzMDQwMDQ1WhcNMjQxMTI0MDQwMDQ1WjAzMTEwLwYDVQQD
EyhhMGY5MWYwNDA5NmZhY2I0Y2JiM2M0NjY2NWQxYjFhZjc0YzgwNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4GsTijGSyLRgP81Iswpj4e3S4S
+1mF/bJ00DReJ2slrEK+9W3WtyXnylkLW+Jq8RO0zEaxN/jQdvytLbChcVGAu94F
SK4k6+A9zWwsaVlHCyYTnJ/3bMywgcURecjG6lmVO2jtg605jNJI+ds3fqTzMIPh
WwFr9vZKJwZkjJ/K3P0gZsh51dDSYKLzI0812lKamLKjinmSQ7KF3OIVVNZ0c2lm
xmB6HBvr2F3iYFQEas5JIX6HJQyQa+A9zpdW1jB+gFDGnwNPo7sc5qv4eZTgUoIB
DWcTnGIEFWCYfoDQzuq24vWfVrYmy32loB+xBW84zSQf0t/MLWVEsOV4twIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKD5HwQJb6y0y7PEZmXRsa90yAcBMB8GA1UdIwQY
MBaAFKdh/DtqBNdDB2vSht6CFEXwZU73MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYt
YTBjZGU3YmE4YmJlLzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83MjkzNGUtZmU3My00YTk5LTgxMWYtYTBjZGU3YmE4YmJl
LzEvcDJIOE8yb0UxME1IYTlLRzNvSVVSZkJsVHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8Gg6IOC
HcLfBTopUOs7UMkChVnn+uAjWjwQKfkMYVGPumYVRxrmV2nUsonbaWR2lSYQStiq
J472Q1jArp0LgeyrLonRcxmOeRJveo+8BOxVROkywC4ar1IXUPVdTfRwxg9IzvsW
AXw5eSxQr776rNdNUtN6GRL/V+0RklVq4YHS1xC/iiYekz4XwhzbpAfILu0/PuxC
7W2fvjhczM8Qwykh+JrOO8f3Xax/U8j0REbiFBOCyg59WDd1wZOscj1C9K2iZftX
tmeECtd5WmlzJ8TGswG6zD+M7P4qXWdVdSj45fILk7awC/mi8buN+0Cy7MSGZhMS
Rdx7XtO36lMdBQ==
-----END CERTIFICATE-----