Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
File:                     XpgU1DFdMK28jeMGAFVq6cPPns4.mft (raw, json)
Hash identifier:          IbHi1suFAJPfSMaMh+w78o0A05LxDaadDV+hy5cmPqw=
Subject key identifier:   FD:0F:45:B3:06:13:00:9C:F9:11:79:97:F0:20:A9:20:72:6C:F9:D8
Authority key identifier: 5E:98:14:D4:31:5D:30:AD:BC:8D:E3:06:00:55:6A:E9:C3:CF:9E:CE
Certificate issuer:       /CN=5e9814d4315d30adbc8de30600556ae9c3cf9ece
Certificate serial:       0193572DB7F343DAF919499F3A6203C31D8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
Manifest number:          1371
Signing time:             Sat 23 Nov 2024 04:00:34 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:34 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:34 +0000
Files and hashes:         1: XpgU1DFdMK28jeMGAFVq6cPPns4.crl (hash: OrP9ZgWj9L981xZgGCpEbYc0E6QZcbNvga5foZ/aWJU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:b7:f3:43:da:f9:19:49:9f:3a:62:03:c3:1d:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e9814d4315d30adbc8de30600556ae9c3cf9ece
        Validity
            Not Before: Nov 23 04:00:34 2024 GMT
            Not After : Nov 24 04:00:34 2024 GMT
        Subject: CN=fd0f45b30613009cf9117997f020a920726cf9d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:c5:ad:c6:7c:86:98:29:b4:ba:6c:7c:c8:94:
                    30:55:ea:aa:df:82:43:66:fc:d4:7f:fe:86:b1:57:
                    d2:2f:78:76:f5:31:7a:90:29:27:87:61:e3:c9:c0:
                    14:bd:77:72:36:52:9c:44:8d:23:9d:40:c4:4e:9d:
                    34:a0:8c:8a:05:46:6b:e3:ca:63:96:42:f5:e5:13:
                    97:96:ed:93:6e:fc:ee:df:41:f3:99:5d:ed:aa:35:
                    3c:f5:d6:99:cc:a2:61:46:8c:1a:b0:90:84:5a:19:
                    e6:23:cf:46:19:5c:53:3d:9a:ad:b1:6b:ce:84:2d:
                    59:09:e2:ed:7a:ae:ae:8e:d8:5f:08:91:20:f7:28:
                    a2:2e:5e:55:4c:d6:08:54:bd:42:b7:84:47:ce:85:
                    39:3a:d5:a1:16:fb:1a:14:d0:0c:ae:51:2b:38:ac:
                    82:ce:31:76:6d:c2:46:0e:83:0a:cc:c4:4a:44:12:
                    d3:94:59:0c:08:02:46:0d:89:8d:2a:74:49:db:cb:
                    a2:75:b4:14:e0:6c:59:1e:2e:ab:0a:a2:b6:64:9c:
                    1c:02:38:73:36:54:27:fc:c6:92:e7:1f:2a:48:4a:
                    24:b0:01:3f:4a:89:0e:c7:3d:73:35:d2:f0:42:bc:
                    34:7b:53:68:96:97:57:6e:fa:1f:48:95:8f:ca:a9:
                    3a:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:0F:45:B3:06:13:00:9C:F9:11:79:97:F0:20:A9:20:72:6C:F9:D8
            X509v3 Authority Key Identifier:
                keyid:5E:98:14:D4:31:5D:30:AD:BC:8D:E3:06:00:55:6A:E9:C3:CF:9E:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpgU1DFdMK28jeMGAFVq6cPPns4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7a78d4-0340-4227-b147-35b53d2376d2/1/XpgU1DFdMK28jeMGAFVq6cPPns4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:d3:fc:d8:2d:32:60:e0:76:37:71:d5:00:2f:ad:29:92:da:
         22:dd:6b:6e:13:00:45:64:03:c1:5d:ba:f6:d6:57:03:34:c6:
         5b:2a:3c:79:bf:2f:9b:cf:6d:1f:76:e7:38:e6:83:ee:77:c9:
         c4:b9:19:6a:2c:4e:2e:57:c9:82:dd:bd:d8:28:61:0b:68:73:
         ff:eb:b3:f2:e2:c4:7b:07:c4:d1:2d:54:b6:a1:bf:c2:7d:a5:
         fe:4e:0d:2c:ea:35:f8:37:f5:72:c0:e6:5f:d0:ce:c0:b1:85:
         df:48:35:a7:32:2e:41:28:2e:c5:38:c5:4c:be:bb:9f:6c:90:
         2c:28:a3:1f:22:aa:14:bf:17:55:3b:10:0d:f0:72:99:e6:09:
         55:5d:55:86:40:b6:a3:37:00:5b:f9:ed:c9:4f:d1:ce:a1:bc:
         43:f0:a4:eb:a4:3e:2e:2f:74:25:81:ae:27:bd:e9:b5:43:50:
         d6:9c:5c:24:57:b3:7f:75:aa:76:21:a6:ed:a6:92:17:43:8b:
         80:04:10:1e:29:c3:72:26:62:f6:fc:9e:89:af:0e:31:33:48:
         76:21:3b:fb:b1:37:43:c6:44:b2:34:90:5b:94:d2:a2:60:ae:
         e7:ee:60:a5:54:ae:c8:4e:f0:f8:3a:b9:be:6b:a2:30:f4:76:
         70:6f:7a:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLbfzQ9r5GUmfOmIDwx2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTgxNGQ0MzE1ZDMwYWRiYzhkZTMwNjAwNTU2YWU5YzNj
ZjllY2UwHhcNMjQxMTIzMDQwMDM0WhcNMjQxMTI0MDQwMDM0WjAzMTEwLwYDVQQD
EyhmZDBmNDViMzA2MTMwMDljZjkxMTc5OTdmMDIwYTkyMDcyNmNmOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncWtxnyGmCm0umx8yJQwVeqq34JD
ZvzUf/6GsVfSL3h29TF6kCknh2HjycAUvXdyNlKcRI0jnUDETp00oIyKBUZr48pj
lkL15ROXlu2Tbvzu30HzmV3tqjU89daZzKJhRowasJCEWhnmI89GGVxTPZqtsWvO
hC1ZCeLteq6ujthfCJEg9yiiLl5VTNYIVL1Ct4RHzoU5OtWhFvsaFNAMrlErOKyC
zjF2bcJGDoMKzMRKRBLTlFkMCAJGDYmNKnRJ28uidbQU4GxZHi6rCqK2ZJwcAjhz
NlQn/MaS5x8qSEoksAE/SokOxz1zNdLwQrw0e1NolpdXbvofSJWPyqk6zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP0PRbMGEwCc+RF5l/AgqSBybPnYMB8GA1UdIwQY
MBaAFF6YFNQxXTCtvI3jBgBVaunDz57OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83YTc4ZDQtMDM0MC00MjI3LWIxNDct
MzViNTNkMjM3NmQyLzEvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83YTc4ZDQtMDM0MC00MjI3LWIxNDctMzViNTNkMjM3NmQy
LzEvWHBnVTFERmRNSzI4amVNR0FGVnE2Y1BQbnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVNP82C0y
YOB2N3HVAC+tKZLaIt1rbhMARWQDwV269tZXAzTGWyo8eb8vm89tH3bnOOaD7nfJ
xLkZaixOLlfJgt292ChhC2hz/+uz8uLEewfE0S1UtqG/wn2l/k4NLOo1+Df1csDm
X9DOwLGF30g1pzIuQSguxTjFTL67n2yQLCijHyKqFL8XVTsQDfBymeYJVV1VhkC2
ozcAW/ntyU/RzqG8Q/Ck66Q+Li90JYGuJ73ptUNQ1pxcJFezf3WqdiGm7aaSF0OL
gAQQHinDciZi9vyeia8OMTNIdiE7+7E3Q8ZEsjSQW5TSomCu5+5gpVSuyE7w+Dq5
vmuiMPR2cG967g==
-----END CERTIFICATE-----