Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
File:                     VmhcNSHqj-av5l1TOjsZno92UFs.mft (raw, json)
Hash identifier:          E09nCXkq7o22CMQ14rreJc0Rohz9e3jY5Ep1UF09Ud4=
Subject key identifier:   3B:CA:E6:82:10:95:C1:4B:83:28:DC:B0:60:57:31:A8:81:46:24:3F
Authority key identifier: 56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B
Certificate issuer:       /CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
Certificate serial:       01935879D3661A70273BF8A5C26307C067FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
Manifest number:          1277
Signing time:             Sat 23 Nov 2024 10:03:19 +0000
Manifest this update:     Sat 23 Nov 2024 10:03:19 +0000
Manifest next update:     Sun 24 Nov 2024 10:03:19 +0000
Files and hashes:         1: VmhcNSHqj-av5l1TOjsZno92UFs.crl (hash: SB3OFpBTvf7MtuEfVZDKSJjekxCmi0/IL5Rx+iyXCRs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:79:d3:66:1a:70:27:3b:f8:a5:c2:63:07:c0:67:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56685c3521ea8fe6afe65d533a3b199e8f76505b
        Validity
            Not Before: Nov 23 10:03:19 2024 GMT
            Not After : Nov 24 10:03:19 2024 GMT
        Subject: CN=3bcae6821095c14b8328dcb0605731a88146243f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cf:a0:a1:13:44:ae:a6:ef:76:ea:4a:96:52:
                    a2:69:ce:de:fa:3b:e0:4e:b6:78:39:52:5c:3f:92:
                    5d:48:3b:d6:b9:4a:c5:a2:81:bb:ae:b6:c3:40:ea:
                    57:40:c6:61:6c:3e:ac:59:e3:3e:5a:31:07:b3:1c:
                    8f:a3:8a:64:ad:b7:b3:fc:eb:ef:d4:65:26:27:a3:
                    94:df:51:6d:7b:1f:92:b9:d7:0f:98:fe:4d:43:87:
                    4d:6e:63:75:75:31:70:86:f3:5e:4b:05:39:ed:26:
                    22:15:8d:d8:13:41:d1:fc:74:30:fa:d5:40:4d:0e:
                    d1:98:4a:f9:4f:0a:4b:ca:1b:03:8d:ce:79:18:7d:
                    9f:b7:0c:9a:c4:91:9c:fc:25:55:93:39:08:49:ad:
                    7c:8e:b3:4e:e1:3b:a4:a4:0d:3d:66:4f:f0:43:6a:
                    f7:e0:7c:d5:f2:2a:7d:a7:d2:79:dc:24:52:1a:34:
                    0e:46:64:58:88:68:fb:e5:bb:4f:fb:e9:54:f1:3b:
                    89:c7:60:0c:31:f2:0a:40:dd:12:6c:95:e4:5e:bd:
                    4a:40:bf:e9:32:21:27:57:31:d1:5a:01:c9:96:f1:
                    41:ac:24:a9:6a:75:a5:9f:17:64:99:f2:ca:d4:d8:
                    2c:83:ed:7b:c1:1d:dc:ac:4c:ee:0f:fa:62:45:5b:
                    cf:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:CA:E6:82:10:95:C1:4B:83:28:DC:B0:60:57:31:A8:81:46:24:3F
            X509v3 Authority Key Identifier:
                keyid:56:68:5C:35:21:EA:8F:E6:AF:E6:5D:53:3A:3B:19:9E:8F:76:50:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VmhcNSHqj-av5l1TOjsZno92UFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/16fcd2-5de3-4216-a75c-58c32895dcde/1/VmhcNSHqj-av5l1TOjsZno92UFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:97:26:33:db:15:9f:9a:53:e0:c3:9a:63:53:e0:0e:4e:e2:
         df:56:c8:69:b7:ef:4a:ae:3b:5c:da:35:fc:8a:be:ab:ba:7e:
         28:ee:68:e7:4a:4f:4a:f1:8d:85:42:10:72:d2:7b:6e:0c:e7:
         d1:04:92:84:6a:1f:13:bc:88:1c:de:fb:1a:30:5e:0d:2e:a7:
         7e:52:78:1c:d5:4c:7b:bd:69:eb:a2:ba:1c:4b:cb:b0:3e:bb:
         c1:6b:ec:e8:f2:61:f4:ad:8e:36:42:cf:17:e2:be:f1:83:ae:
         4a:5a:3c:60:9a:ae:02:0c:2c:70:3a:3f:da:ab:63:2c:8e:3f:
         12:95:0e:bc:d2:a5:e2:44:48:4b:bf:3b:0d:e2:0b:c0:d1:46:
         cb:eb:cb:b9:1c:87:41:21:79:20:f9:e0:f3:be:17:fb:36:fb:
         7d:20:ac:eb:60:15:8a:ac:c0:34:da:c5:eb:f0:06:9e:5f:71:
         98:0a:25:4b:1e:df:89:5c:f1:23:e5:6a:e3:22:c4:c4:4b:b1:
         ce:44:c6:e5:aa:53:35:8a:fb:52:b2:65:7e:ac:cb:71:9e:a9:
         f9:d7:2b:33:7d:66:c5:0a:c4:2b:ab:67:44:10:83:e4:c2:8d:
         aa:99:0e:3c:d2:15:dd:61:a3:d1:f5:7e:a1:5e:23:37:d8:9a:
         5d:8b:96:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYedNmGnAnO/ilwmMHwGf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Njg1YzM1MjFlYThmZTZhZmU2NWQ1MzNhM2IxOTllOGY3
NjUwNWIwHhcNMjQxMTIzMTAwMzE5WhcNMjQxMTI0MTAwMzE5WjAzMTEwLwYDVQQD
EygzYmNhZTY4MjEwOTVjMTRiODMyOGRjYjA2MDU3MzFhODgxNDYyNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM+goRNErqbvdupKllKiac7e+jvg
TrZ4OVJcP5JdSDvWuUrFooG7rrbDQOpXQMZhbD6sWeM+WjEHsxyPo4pkrbez/Ovv
1GUmJ6OU31Ftex+SudcPmP5NQ4dNbmN1dTFwhvNeSwU57SYiFY3YE0HR/HQw+tVA
TQ7RmEr5TwpLyhsDjc55GH2ftwyaxJGc/CVVkzkISa18jrNO4TukpA09Zk/wQ2r3
4HzV8ip9p9J53CRSGjQORmRYiGj75btP++lU8TuJx2AMMfIKQN0SbJXkXr1KQL/p
MiEnVzHRWgHJlvFBrCSpanWlnxdkmfLK1Ngsg+17wR3crEzuD/piRVvPSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvK5oIQlcFLgyjcsGBXMaiBRiQ/MB8GA1UdIwQY
MBaAFFZoXDUh6o/mr+ZdUzo7GZ6PdlBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMt
NThjMzI4OTVkY2RlLzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8xNmZjZDItNWRlMy00MjE2LWE3NWMtNThjMzI4OTVkY2Rl
LzEvVm1oY05TSHFqLWF2NWwxVE9qc1pubzkyVUZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5cmM9sV
n5pT4MOaY1PgDk7i31bIabfvSq47XNo1/Iq+q7p+KO5o50pPSvGNhUIQctJ7bgzn
0QSShGofE7yIHN77GjBeDS6nflJ4HNVMe71p66K6HEvLsD67wWvs6PJh9K2ONkLP
F+K+8YOuSlo8YJquAgwscDo/2qtjLI4/EpUOvNKl4kRIS787DeILwNFGy+vLuRyH
QSF5IPng874X+zb7fSCs62AViqzANNrF6/AGnl9xmAolSx7fiVzxI+Vq4yLExEux
zkTG5apTNYr7UrJlfqzLcZ6p+dcrM31mxQrEK6tnRBCD5MKNqpkOPNIV3WGj0fV+
oV4jN9iaXYuWiA==
-----END CERTIFICATE-----