Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          LQGfJACLpNGXygNXelNKm76YkoUDD35kjMgKSTYmIHU=
Subject key identifier:   BE:37:70:F7:87:36:68:29:A4:A3:D5:2C:3D:ED:0A:CB:03:2B:91:4E
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       0193572D9A4B5C51C53F6C4D5C7264F155EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          029B
Signing time:             Sat 23 Nov 2024 04:00:26 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:26 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:26 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: oqb8pQ701MuqnYVugD5g5NMmBY9FWY7/YV1IFI01ZHA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:9a:4b:5c:51:c5:3f:6c:4d:5c:72:64:f1:55:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Nov 23 04:00:26 2024 GMT
            Not After : Nov 24 04:00:26 2024 GMT
        Subject: CN=be3770f787366829a4a3d52c3ded0acb032b914e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8e:34:bc:c4:f2:0a:16:3a:75:7f:e9:fa:45:
                    4b:ea:da:d9:38:3d:d6:c6:46:15:6b:3c:79:74:ae:
                    03:3e:8a:e1:7d:47:89:40:36:ce:31:fa:c9:ba:5b:
                    03:79:3d:69:e9:55:a0:e8:d4:a1:88:8d:d3:1d:45:
                    ba:d4:13:aa:cd:69:35:bf:80:82:3f:8c:d1:18:89:
                    11:2a:e6:3b:0d:29:fd:00:38:17:91:e1:86:28:44:
                    f9:38:90:85:21:47:bb:bb:8d:a8:e8:71:49:84:c5:
                    aa:99:e4:0d:84:ea:9b:a2:a6:c8:45:8e:03:fd:a4:
                    70:e4:0b:65:fb:42:3c:e0:3f:6d:de:fd:94:a2:71:
                    b1:11:91:77:59:3a:d0:0e:59:88:6b:73:04:ae:0d:
                    b4:c3:07:c7:ed:fe:7b:6d:d9:58:da:89:57:8c:70:
                    80:63:59:3e:f2:c8:ba:3d:bd:f3:89:08:5c:c3:cb:
                    81:06:7d:d5:b8:9a:6e:d3:fb:09:ce:93:6a:2d:cc:
                    51:12:30:01:d0:6e:dc:ee:b1:26:02:d1:76:cc:26:
                    9d:c9:99:a6:78:d3:d8:3b:7e:d9:21:e0:5d:a5:1d:
                    aa:af:e0:1b:f6:cb:1f:f2:e5:cc:8a:4c:38:3c:b1:
                    a0:d5:03:82:f6:f7:5d:64:ed:d7:69:eb:8a:97:53:
                    cd:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:37:70:F7:87:36:68:29:A4:A3:D5:2C:3D:ED:0A:CB:03:2B:91:4E
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:c0:40:03:98:34:fa:df:d2:f0:4e:12:41:3b:41:c7:cc:bb:
         15:b7:69:73:e8:aa:c3:7e:79:d8:e6:b3:59:17:28:a3:7b:ce:
         db:6d:61:f7:07:79:35:bd:78:e3:d0:44:b1:52:2a:09:7c:f8:
         d6:d1:5b:d8:21:ad:85:0b:ac:ec:7c:9f:47:6c:d2:f4:08:0a:
         51:91:d3:0d:9f:0b:a9:ce:5f:fb:4c:77:8e:ce:e4:e4:c6:93:
         04:83:d3:91:33:20:78:95:6d:78:27:da:82:56:6f:33:fe:e0:
         44:fa:20:69:ec:74:57:a6:57:31:c6:a6:53:8c:d6:8e:65:09:
         e0:e8:ef:36:74:fb:aa:02:a0:c9:8c:40:1b:95:b0:8a:95:fc:
         40:af:14:a0:08:51:b8:ef:e6:e1:08:67:2f:50:51:cf:d8:08:
         57:59:1f:18:fc:9e:75:f4:68:a5:5c:36:ae:50:b9:76:71:0b:
         39:5d:7d:1e:b2:86:59:1c:47:33:2e:91:08:40:77:8d:9b:d9:
         ab:52:0c:57:cb:2f:4d:82:48:11:3a:c7:3c:86:10:a0:e9:16:
         d2:0f:0c:13:0d:4d:aa:d2:42:29:52:7e:0b:4f:13:ce:27:77:
         a1:fc:6d:e7:8e:bf:f9:41:30:3b:8f:c1:46:60:a2:d8:76:77:
         b9:71:01:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLZpLXFHFP2xNXHJk8VXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjQxMTIzMDQwMDI2WhcNMjQxMTI0MDQwMDI2WjAzMTEwLwYDVQQD
EyhiZTM3NzBmNzg3MzY2ODI5YTRhM2Q1MmMzZGVkMGFjYjAzMmI5MTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY40vMTyChY6dX/p+kVL6trZOD3W
xkYVazx5dK4DPorhfUeJQDbOMfrJulsDeT1p6VWg6NShiI3THUW61BOqzWk1v4CC
P4zRGIkRKuY7DSn9ADgXkeGGKET5OJCFIUe7u42o6HFJhMWqmeQNhOqboqbIRY4D
/aRw5Atl+0I84D9t3v2UonGxEZF3WTrQDlmIa3MErg20wwfH7f57bdlY2olXjHCA
Y1k+8si6Pb3ziQhcw8uBBn3VuJpu0/sJzpNqLcxREjAB0G7c7rEmAtF2zCadyZmm
eNPYO37ZIeBdpR2qr+Ab9ssf8uXMikw4PLGg1QOC9vddZO3XaeuKl1PNdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL43cPeHNmgppKPVLD3tCssDK5FOMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8BAA5g0
+t/S8E4SQTtBx8y7Fbdpc+iqw3552OazWRcoo3vO221h9wd5Nb1449BEsVIqCXz4
1tFb2CGthQus7HyfR2zS9AgKUZHTDZ8Lqc5f+0x3js7k5MaTBIPTkTMgeJVteCfa
glZvM/7gRPogaex0V6ZXMcamU4zWjmUJ4OjvNnT7qgKgyYxAG5WwipX8QK8UoAhR
uO/m4QhnL1BRz9gIV1kfGPyedfRopVw2rlC5dnELOV19HrKGWRxHMy6RCEB3jZvZ
q1IMV8svTYJIETrHPIYQoOkW0g8MEw1NqtJCKVJ+C08Tzid3ofxt546/+UEwO4/B
RmCi2HZ3uXEBkg==
-----END CERTIFICATE-----