Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
File:                     PflufaVJi3Djuxe24YoxE3EtMrY.mft (raw, json)
Hash identifier:          H3TZ3La8tLbKr94RO3MYhdc8Vr7fQaFMH9n1te5qzus=
Subject key identifier:   1F:BF:24:73:94:C9:F0:17:BA:5B:C3:B9:75:60:18:E2:01:4A:62:AC
Authority key identifier: 3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6
Certificate issuer:       /CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
Certificate serial:       01935689BF54B06B68A2BC790E7671F81E7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
Manifest number:          0D57
Signing time:             Sat 23 Nov 2024 01:01:27 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:27 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:27 +0000
Files and hashes:         1: PflufaVJi3Djuxe24YoxE3EtMrY.crl (hash: QR4rvC5fVAjGMjpPncC70+ZiIgelP2r9ev8ztPQT2HQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:bf:54:b0:6b:68:a2:bc:79:0e:76:71:f8:1e:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3df96e7da5498b70e3bb17b6e18a3113712d32b6
        Validity
            Not Before: Nov 23 01:01:27 2024 GMT
            Not After : Nov 24 01:01:27 2024 GMT
        Subject: CN=1fbf247394c9f017ba5bc3b9756018e2014a62ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:53:fc:b7:f2:e8:63:8f:c1:58:a9:cc:72:a0:
                    f7:72:01:ac:5f:72:77:10:b6:1f:34:ea:28:75:7c:
                    3d:ed:b1:4d:23:44:5c:bc:8d:2e:09:50:73:09:81:
                    39:4c:75:42:cb:ba:66:c0:0b:70:c2:86:82:d4:2b:
                    f8:dd:d0:28:7f:06:1e:80:c1:44:88:16:18:33:35:
                    3a:dc:0e:77:50:9d:27:84:97:00:88:08:c4:87:cf:
                    f3:0b:c2:ba:36:ac:0d:49:10:97:70:d1:50:cc:4b:
                    87:54:84:9c:95:07:cf:c7:75:20:3a:6d:8d:28:38:
                    45:12:af:3c:2d:00:cf:34:88:74:b7:6e:71:47:5b:
                    9c:e7:08:e5:35:64:80:74:0c:b7:5a:75:76:27:96:
                    46:12:19:7f:6c:1d:e3:09:8f:6d:5e:4e:ec:90:db:
                    d4:04:92:4e:22:85:7f:60:cf:e7:06:ed:75:3b:b6:
                    9f:8c:3a:c0:1d:80:bb:19:b5:d7:df:50:5b:3e:66:
                    56:e3:08:44:50:2e:65:6d:43:d4:d7:5a:58:39:8b:
                    15:9b:e7:36:27:18:57:dc:fa:d2:c0:f1:f5:1e:e3:
                    26:88:49:d7:db:2d:9e:87:b6:44:61:c3:d9:73:46:
                    b7:83:69:20:3e:8d:e4:68:52:94:57:a1:48:8c:60:
                    a2:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:BF:24:73:94:C9:F0:17:BA:5B:C3:B9:75:60:18:E2:01:4A:62:AC
            X509v3 Authority Key Identifier:
                keyid:3D:F9:6E:7D:A5:49:8B:70:E3:BB:17:B6:E1:8A:31:13:71:2D:32:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PflufaVJi3Djuxe24YoxE3EtMrY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8831d9-3933-483a-b9af-36e88506680e/1/PflufaVJi3Djuxe24YoxE3EtMrY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:be:90:75:95:db:16:f8:0e:45:b2:68:25:23:fb:23:48:95:
         8f:9a:e2:a5:23:74:d2:10:3c:3f:48:ce:6d:b9:96:c4:48:8e:
         2b:1e:37:18:2e:d2:8b:26:67:12:2d:c6:40:46:eb:f0:06:2b:
         af:55:bd:bf:d6:66:41:78:2c:61:14:32:e8:08:8f:8b:05:22:
         69:1f:06:df:97:a0:a3:f3:84:cc:35:3b:cd:30:84:db:05:28:
         b2:8a:03:a0:42:4d:99:cd:df:72:ac:97:f8:f5:f4:ad:12:98:
         d0:1c:f4:89:f4:85:3a:68:6c:39:6d:ac:c6:7d:1e:5f:a6:86:
         dc:01:1b:75:a5:52:64:43:fa:46:5e:d1:00:59:48:6c:2b:37:
         4c:fd:3e:3e:4f:3f:04:4d:a5:23:02:1b:b2:10:de:8e:d3:93:
         3e:9b:22:ce:f1:17:2c:0a:50:45:44:4d:51:fe:6f:4e:b4:a9:
         0d:81:00:f2:82:fe:ad:9a:0e:17:0d:c0:1a:d0:52:28:e7:bc:
         3d:2b:3e:bb:02:66:b4:98:2b:6d:c8:b6:00:82:73:3a:d1:12:
         b0:11:b4:55:90:d3:10:e5:87:da:15:5b:98:19:cb:0b:d1:5c:
         c0:86:d5:d2:60:f8:62:03:52:cd:6e:aa:8c:13:14:75:ec:bd:
         c5:51:0c:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWib9UsGtoorx5DnZx+B5+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjk2ZTdkYTU0OThiNzBlM2JiMTdiNmUxOGEzMTEzNzEy
ZDMyYjYwHhcNMjQxMTIzMDEwMTI3WhcNMjQxMTI0MDEwMTI3WjAzMTEwLwYDVQQD
EygxZmJmMjQ3Mzk0YzlmMDE3YmE1YmMzYjk3NTYwMThlMjAxNGE2MmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlP8t/LoY4/BWKnMcqD3cgGsX3J3
ELYfNOoodXw97bFNI0RcvI0uCVBzCYE5THVCy7pmwAtwwoaC1Cv43dAofwYegMFE
iBYYMzU63A53UJ0nhJcAiAjEh8/zC8K6NqwNSRCXcNFQzEuHVISclQfPx3UgOm2N
KDhFEq88LQDPNIh0t25xR1uc5wjlNWSAdAy3WnV2J5ZGEhl/bB3jCY9tXk7skNvU
BJJOIoV/YM/nBu11O7afjDrAHYC7GbXX31BbPmZW4whEUC5lbUPU11pYOYsVm+c2
JxhX3PrSwPH1HuMmiEnX2y2eh7ZEYcPZc0a3g2kgPo3kaFKUV6FIjGCiqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+/JHOUyfAXulvDuXVgGOIBSmKsMB8GA1UdIwQY
MBaAFD35bn2lSYtw47sXtuGKMRNxLTK2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYt
MzZlODg1MDY2ODBlLzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84ODMxZDktMzkzMy00ODNhLWI5YWYtMzZlODg1MDY2ODBl
LzEvUGZsdWZhVkppM0RqdXhlMjRZb3hFM0V0TXJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmb6QdZXb
FvgORbJoJSP7I0iVj5ripSN00hA8P0jObbmWxEiOKx43GC7SiyZnEi3GQEbr8AYr
r1W9v9ZmQXgsYRQy6AiPiwUiaR8G35ego/OEzDU7zTCE2wUosooDoEJNmc3fcqyX
+PX0rRKY0Bz0ifSFOmhsOW2sxn0eX6aG3AEbdaVSZEP6Rl7RAFlIbCs3TP0+Pk8/
BE2lIwIbshDejtOTPpsizvEXLApQRURNUf5vTrSpDYEA8oL+rZoOFw3AGtBSKOe8
PSs+uwJmtJgrbci2AIJzOtESsBG0VZDTEOWH2hVbmBnLC9FcwIbV0mD4YgNSzW6q
jBMUdey9xVEMCw==
-----END CERTIFICATE-----