Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          OzFE+xTG4rMhPy8UCpW1qFdiZ8S9BvAPU08Z0IwEt00=
Subject key identifier:   35:09:8E:BA:E3:56:06:4F:32:8D:67:E5:6D:33:33:41:2F:76:A6:A6
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       019405A1067F8CD0F4C6DB0F9D0C0F7A426D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0CFD
Signing time:             Fri 27 Dec 2024 01:00:26 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:26 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:26 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: 3UyvhKhf/XvcKYpbs9IZyOT97eFygi2GCRF+JXBYj7s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 01:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a1:06:7f:8c:d0:f4:c6:db:0f:9d:0c:0f:7a:42:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Dec 27 01:00:26 2024 GMT
            Not After : Dec 28 01:00:26 2024 GMT
        Subject: CN=35098ebae356064f328d67e56d3333412f76a6a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:54:0c:c4:b1:08:32:6a:80:f1:b5:00:aa:ba:
                    d0:b8:e2:84:6c:ef:74:a4:0d:cc:da:9e:46:c9:51:
                    e6:0b:71:a8:19:90:de:15:1d:95:2b:c9:bc:be:40:
                    2d:ed:49:55:44:64:57:27:11:05:9c:90:b6:f4:41:
                    cf:c3:b4:73:34:1b:bf:f1:4a:46:28:b4:1c:58:a3:
                    c7:7f:fd:a6:e4:26:2f:ee:2d:09:f1:e2:f9:b7:3b:
                    d9:7d:c8:71:3a:65:7d:6b:cf:d4:ff:a9:64:c6:07:
                    21:c9:f8:17:6f:3f:0b:7b:7f:9f:46:82:46:3b:6f:
                    40:fc:8c:58:35:8a:8b:11:29:a0:34:e3:26:b8:7f:
                    12:43:7a:75:b0:6d:bb:93:30:8f:bd:21:47:ad:7a:
                    14:c9:92:96:fd:e7:c9:a5:a8:1f:61:ee:13:3d:e5:
                    e9:1f:85:e1:cf:ff:53:01:25:bb:26:d8:92:e4:2e:
                    b4:a1:41:ce:95:a7:3f:c2:55:bd:ec:93:2e:7d:33:
                    05:4a:77:f5:7c:97:90:ed:fd:ad:74:92:da:23:33:
                    f0:55:5a:77:1c:f4:dd:25:01:ba:76:8b:9d:50:cd:
                    9d:9d:7d:5a:97:ee:6d:99:f6:c1:65:a5:06:24:64:
                    c8:de:cf:0b:c5:70:b9:e5:92:f7:f2:29:bc:43:aa:
                    bd:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:09:8E:BA:E3:56:06:4F:32:8D:67:E5:6D:33:33:41:2F:76:A6:A6
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a7:dc:6e:e0:3e:60:ab:1f:8d:46:61:2f:64:ec:d0:8d:ea:c8:
         0c:4c:05:8b:64:e8:7a:5a:04:2b:4c:8d:bf:13:e6:cf:f0:40:
         13:95:56:fd:e1:1e:7a:1e:8c:80:41:db:7c:df:fe:69:a5:64:
         75:a8:e4:fc:8f:a9:81:1e:b9:4f:4d:82:4c:86:61:04:54:8e:
         19:5b:11:85:17:9f:3d:ef:97:2f:d4:8b:df:c3:6f:d1:c0:71:
         81:f5:b5:0b:42:d6:d4:7f:e8:8e:81:e3:16:db:6d:2d:cb:ad:
         c5:02:31:42:2f:c5:35:15:c1:48:ce:3a:cd:27:93:86:71:4c:
         fc:2c:86:5b:de:3a:56:61:e3:32:81:a8:04:71:34:c3:21:76:
         fe:b7:a9:b6:81:da:a3:63:60:5d:55:14:d0:49:c6:ef:26:c9:
         f3:d9:08:47:d3:c2:42:80:fe:3d:b3:dd:0c:d3:ab:e3:cc:0c:
         c8:3f:bc:e9:b7:76:13:cb:c8:44:ee:ca:20:0b:8c:e3:30:51:
         ec:bd:9f:2f:a2:0d:6f:9e:4d:26:64:f5:a7:c7:2d:2b:98:83:
         16:85:c1:30:51:39:48:87:d3:8c:2e:27:57:04:f3:1e:ec:ae:
         88:08:d3:94:de:27:17:c2:75:e8:6c:a1:60:8e:6d:be:ec:a4:
         17:4a:3f:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoQZ/jND0xtsPnQwPekJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjQxMjI3MDEwMDI2WhcNMjQxMjI4MDEwMDI2WjAzMTEwLwYDVQQD
EygzNTA5OGViYWUzNTYwNjRmMzI4ZDY3ZTU2ZDMzMzM0MTJmNzZhNmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFQMxLEIMmqA8bUAqrrQuOKEbO90
pA3M2p5GyVHmC3GoGZDeFR2VK8m8vkAt7UlVRGRXJxEFnJC29EHPw7RzNBu/8UpG
KLQcWKPHf/2m5CYv7i0J8eL5tzvZfchxOmV9a8/U/6lkxgchyfgXbz8Le3+fRoJG
O29A/IxYNYqLESmgNOMmuH8SQ3p1sG27kzCPvSFHrXoUyZKW/efJpagfYe4TPeXp
H4Xhz/9TASW7JtiS5C60oUHOlac/wlW97JMufTMFSnf1fJeQ7f2tdJLaIzPwVVp3
HPTdJQG6doudUM2dnX1al+5tmfbBZaUGJGTI3s8LxXC55ZL38im8Q6q9vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUJjrrjVgZPMo1n5W0zM0EvdqamMB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp9xu4D5g
qx+NRmEvZOzQjerIDEwFi2ToeloEK0yNvxPmz/BAE5VW/eEeeh6MgEHbfN/+aaVk
dajk/I+pgR65T02CTIZhBFSOGVsRhRefPe+XL9SL38Nv0cBxgfW1C0LW1H/ojoHj
FtttLcutxQIxQi/FNRXBSM46zSeThnFM/CyGW946VmHjMoGoBHE0wyF2/reptoHa
o2NgXVUU0EnG7ybJ89kIR9PCQoD+PbPdDNOr48wMyD+86bd2E8vIRO7KIAuM4zBR
7L2fL6INb55NJmT1p8ctK5iDFoXBMFE5SIfTjC4nVwTzHuyuiAjTlN4nF8J16Gyh
YI5tvuykF0o//A==
-----END CERTIFICATE-----