Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
File:                     r5aNFt0rQdNStf0zxJs-xP2tQlg.mft (raw, json)
Hash identifier:          +ownMm0BE3jw1D/ESNaT/PPp5R+6HjJDqzHx0XPoX6Q=
Subject key identifier:   3B:BF:9C:3D:2A:28:38:9F:19:6F:EB:0A:39:E9:4D:2A:1C:CB:F1:23
Authority key identifier: AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
Certificate issuer:       /CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Certificate serial:       01936B22239CA772108CDEC88B3101737AFB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
Manifest number:          0C8C
Signing time:             Wed 27 Nov 2024 01:00:19 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:19 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:19 +0000
Files and hashes:         1: r5aNFt0rQdNStf0zxJs-xP2tQlg.crl (hash: Wf/SJf51ogPafINhvuZNGPwPLNNz1W4bNYkYgXwqJMA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:23:9c:a7:72:10:8c:de:c8:8b:31:01:73:7a:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
        Validity
            Not Before: Nov 27 01:00:19 2024 GMT
            Not After : Nov 28 01:00:19 2024 GMT
        Subject: CN=3bbf9c3d2a28389f196feb0a39e94d2a1ccbf123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:8f:63:6d:81:d8:7d:68:0d:76:4b:c6:38:3a:
                    7f:22:82:e1:cf:c8:34:cd:34:b1:4c:f8:b3:7c:59:
                    94:a1:1d:a4:f4:fe:32:7e:eb:90:d3:96:7b:31:2f:
                    09:8e:58:dd:f0:3f:e8:ee:f0:f0:57:2c:2e:52:7f:
                    d7:79:4f:70:ad:d0:16:2a:ed:9a:67:7e:3a:3e:82:
                    78:b3:9d:d5:08:a3:85:6c:dd:b5:ff:f9:34:0c:9b:
                    2a:62:1e:7c:36:d7:42:32:44:85:6d:22:84:6a:39:
                    b1:7d:2a:49:98:d6:48:1a:e3:8b:6a:fa:b4:7b:4c:
                    a8:c2:6f:f2:3b:e1:64:b4:a6:94:bb:0e:52:47:bb:
                    13:43:82:dc:c2:a5:c4:d0:17:79:9b:e6:4a:ed:69:
                    3c:89:a7:5c:39:5f:30:e2:64:11:ba:19:ca:c6:39:
                    ec:19:54:92:a7:89:01:a3:1a:30:4f:0a:65:03:36:
                    73:94:66:a5:2f:c1:69:58:9c:58:82:04:8c:8d:6e:
                    4c:be:b6:bd:7a:7c:0a:94:51:19:56:36:a3:66:49:
                    87:f5:bd:af:3f:c9:33:26:46:07:80:0a:d0:d4:70:
                    b2:74:3d:20:ab:97:5e:f8:ca:73:e1:2a:8d:1b:1c:
                    2d:10:60:0e:88:11:5b:80:ee:d8:9a:a2:c2:22:4a:
                    b0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:BF:9C:3D:2A:28:38:9F:19:6F:EB:0A:39:E9:4D:2A:1C:CB:F1:23
            X509v3 Authority Key Identifier:
                keyid:AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:58:d4:62:fa:34:74:f8:f1:51:0b:61:fe:64:41:3c:1a:56:
         b8:4d:ff:af:d6:99:79:a5:ea:ee:e1:7e:35:52:7e:ba:48:76:
         be:42:7e:44:be:45:0e:34:1e:a8:e5:00:da:80:8f:9b:c8:72:
         f3:f4:f2:df:2e:7d:84:d1:42:68:b6:37:49:7f:6e:56:33:d7:
         6f:74:4b:77:af:74:f8:04:5a:81:fd:df:ba:68:14:46:af:a4:
         77:5e:ec:76:3a:28:86:01:10:25:f4:44:27:70:f3:47:53:4b:
         4b:9e:14:2b:eb:e6:81:f6:99:3a:e3:aa:45:57:0f:03:e7:bb:
         3d:02:bf:ac:d9:9d:8a:6f:38:04:03:b9:ca:40:ca:bc:2b:69:
         ed:02:a8:91:89:fe:7e:4c:7c:33:99:5a:dc:2c:a0:10:ce:c2:
         bb:71:78:97:6d:c7:7c:59:43:1f:93:da:f4:ce:28:e9:87:8b:
         cd:bf:52:89:d0:34:8e:c1:5b:5a:01:17:da:53:81:83:a2:9d:
         c4:86:15:f4:ff:73:8c:3c:89:29:70:cb:2e:af:cd:bb:c6:ed:
         72:c2:b0:36:89:33:33:80:60:3e:81:f6:62:7c:43:f3:ad:93:
         c6:d6:a2:ce:49:cb:9e:5a:4e:32:ff:17:58:0e:b7:fd:00:74:
         1f:3f:63:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIiOcp3IQjN7IizEBc3r7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTY4ZDE2ZGQyYjQxZDM1MmI1ZmQzM2M0OWIzZWM0ZmRh
ZDQyNTgwHhcNMjQxMTI3MDEwMDE5WhcNMjQxMTI4MDEwMDE5WjAzMTEwLwYDVQQD
EygzYmJmOWMzZDJhMjgzODlmMTk2ZmViMGEzOWU5NGQyYTFjY2JmMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o9jbYHYfWgNdkvGODp/IoLhz8g0
zTSxTPizfFmUoR2k9P4yfuuQ05Z7MS8Jjljd8D/o7vDwVywuUn/XeU9wrdAWKu2a
Z346PoJ4s53VCKOFbN21//k0DJsqYh58NtdCMkSFbSKEajmxfSpJmNZIGuOLavq0
e0yowm/yO+FktKaUuw5SR7sTQ4LcwqXE0Bd5m+ZK7Wk8iadcOV8w4mQRuhnKxjns
GVSSp4kBoxowTwplAzZzlGalL8FpWJxYggSMjW5Mvra9enwKlFEZVjajZkmH9b2v
P8kzJkYHgArQ1HCydD0gq5de+Mpz4SqNGxwtEGAOiBFbgO7YmqLCIkqwjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDu/nD0qKDifGW/rCjnpTSocy/EjMB8GA1UdIwQY
MBaAFK+WjRbdK0HTUrX9M8SbPsT9rUJYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3Yjct
YzI5NmVjNGIyMTcwLzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3YjctYzI5NmVjNGIyMTcw
LzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnljUYvo0
dPjxUQth/mRBPBpWuE3/r9aZeaXq7uF+NVJ+ukh2vkJ+RL5FDjQeqOUA2oCPm8hy
8/Ty3y59hNFCaLY3SX9uVjPXb3RLd690+ARagf3fumgURq+kd17sdjoohgEQJfRE
J3DzR1NLS54UK+vmgfaZOuOqRVcPA+e7PQK/rNmdim84BAO5ykDKvCtp7QKokYn+
fkx8M5la3CygEM7Cu3F4l23HfFlDH5Pa9M4o6YeLzb9SidA0jsFbWgEX2lOBg6Kd
xIYV9P9zjDyJKXDLLq/Nu8btcsKwNokzM4BgPoH2YnxD862TxtaizknLnlpOMv8X
WA63/QB0Hz9jrw==
-----END CERTIFICATE-----