Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
File:                     aAImjB8WbJ31GjQgRbsTLw-WyC0.mft (raw, json)
Hash identifier:          jLToEDCYDdh3/bpFWpgw1RrKNjJhwpmd24UH1aS+z/U=
Subject key identifier:   1A:D2:A6:76:CF:C7:BE:30:E2:97:99:58:A0:87:8A:BD:E6:79:A9:F5
Authority key identifier: 68:02:26:8C:1F:16:6C:9D:F5:1A:34:20:45:BB:13:2F:0F:96:C8:2D
Certificate issuer:       /CN=6802268c1f166c9df51a342045bb132f0f96c82d
Certificate serial:       0193568905B9FAFD691623741C74ABA85F7A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
Manifest number:          08F3
Signing time:             Sat 23 Nov 2024 01:00:40 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:40 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:40 +0000
Files and hashes:         1: aAImjB8WbJ31GjQgRbsTLw-WyC0.crl (hash: AnSU0aPc69oUJpLQMFrdY6JgvliVwfNdyvdHvx4ntNs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:05:b9:fa:fd:69:16:23:74:1c:74:ab:a8:5f:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6802268c1f166c9df51a342045bb132f0f96c82d
        Validity
            Not Before: Nov 23 01:00:40 2024 GMT
            Not After : Nov 24 01:00:40 2024 GMT
        Subject: CN=1ad2a676cfc7be30e2979958a0878abde679a9f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:93:82:33:df:ba:72:5d:d1:89:e3:43:dd:af:
                    8d:86:14:93:39:6e:83:78:1b:69:6f:1b:dd:75:78:
                    81:dc:10:92:31:09:6e:95:1b:5a:e3:5f:61:79:84:
                    73:ef:a1:a6:b0:ac:74:73:cf:20:29:bb:96:e1:7c:
                    fb:85:de:e6:ae:9a:b6:89:90:25:f0:66:32:35:85:
                    81:a1:91:a8:3f:72:76:c3:d6:b5:f6:16:99:4e:ff:
                    b9:a5:fb:19:9c:5a:c3:04:fb:8d:00:fb:73:70:10:
                    76:00:d5:5c:0e:94:b0:be:d6:17:a7:cc:53:34:26:
                    90:e4:63:e5:84:85:cb:e9:e7:b4:1e:70:bb:f7:51:
                    92:7b:f7:8b:78:fe:e4:40:1c:fb:75:75:05:9b:d4:
                    8c:8b:d8:b1:78:23:10:20:a5:87:2f:d5:bd:39:2e:
                    95:2a:02:cb:d9:f1:f8:df:33:d8:f7:32:ba:63:0b:
                    ba:7b:5f:a9:9a:3c:59:a9:d4:cb:29:23:9d:e2:6c:
                    a6:99:18:0f:29:fe:8a:c3:41:24:69:17:ff:ac:d7:
                    77:7e:e1:94:a4:ef:ea:00:64:94:08:03:96:cf:0b:
                    77:ac:e7:1f:df:ff:9c:97:a6:07:e0:68:ae:76:67:
                    16:6c:cf:ae:2b:7a:d6:ca:7f:e4:4a:03:d9:1d:58:
                    6b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:D2:A6:76:CF:C7:BE:30:E2:97:99:58:A0:87:8A:BD:E6:79:A9:F5
            X509v3 Authority Key Identifier:
                keyid:68:02:26:8C:1F:16:6C:9D:F5:1A:34:20:45:BB:13:2F:0F:96:C8:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAImjB8WbJ31GjQgRbsTLw-WyC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/c8649d-2f00-4663-8e4e-e3c22d0f6207/1/aAImjB8WbJ31GjQgRbsTLw-WyC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:7f:d1:ff:4e:e6:13:c8:a0:e5:aa:64:02:8a:d0:b2:e2:1f:
         21:25:cd:b3:a1:01:29:d4:07:26:23:02:f6:76:71:42:74:7a:
         3b:60:d2:ec:fb:31:6b:c0:cf:9d:26:83:e0:31:5a:71:5a:59:
         ce:4f:15:e9:7f:9a:b1:39:c4:c0:50:28:bf:41:78:42:9b:c8:
         c4:0b:8e:d9:e7:59:bf:c6:f5:7a:52:4e:02:32:1b:4d:fd:d9:
         5c:fb:08:b2:d2:1f:ed:c4:fd:ac:47:18:21:51:80:d3:a9:e5:
         a0:6e:37:21:6b:7c:f3:3d:21:27:b2:31:43:61:14:76:72:bc:
         e2:52:c0:9f:95:2d:26:a7:c9:cf:f0:3f:c0:71:55:79:83:7e:
         ec:73:ec:de:cd:98:2b:ac:f0:c8:d3:96:90:39:88:df:81:50:
         13:34:73:31:2f:53:60:5b:00:f9:af:a3:43:35:37:ea:c0:2c:
         5c:07:61:2c:58:2b:cd:a9:21:c4:42:dd:fe:4c:aa:76:29:f9:
         90:e2:57:3b:db:79:db:9a:45:4b:85:fe:42:9e:80:81:d7:37:
         32:d6:e8:f9:90:07:61:08:cf:9f:3b:a9:3a:bb:ae:17:7c:1f:
         f2:5c:97:8a:6b:03:1f:31:76:be:ed:f5:51:23:77:c1:58:ae:
         1a:9d:53:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiQW5+v1pFiN0HHSrqF96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDIyNjhjMWYxNjZjOWRmNTFhMzQyMDQ1YmIxMzJmMGY5
NmM4MmQwHhcNMjQxMTIzMDEwMDQwWhcNMjQxMTI0MDEwMDQwWjAzMTEwLwYDVQQD
EygxYWQyYTY3NmNmYzdiZTMwZTI5Nzk5NThhMDg3OGFiZGU2NzlhOWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5OCM9+6cl3RieND3a+NhhSTOW6D
eBtpbxvddXiB3BCSMQlulRta419heYRz76GmsKx0c88gKbuW4Xz7hd7mrpq2iZAl
8GYyNYWBoZGoP3J2w9a19haZTv+5pfsZnFrDBPuNAPtzcBB2ANVcDpSwvtYXp8xT
NCaQ5GPlhIXL6ee0HnC791GSe/eLeP7kQBz7dXUFm9SMi9ixeCMQIKWHL9W9OS6V
KgLL2fH43zPY9zK6Ywu6e1+pmjxZqdTLKSOd4mymmRgPKf6Kw0EkaRf/rNd3fuGU
pO/qAGSUCAOWzwt3rOcf3/+cl6YH4GiudmcWbM+uK3rWyn/kSgPZHVhrbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrSpnbPx74w4peZWKCHir3mean1MB8GA1UdIwQY
MBaAFGgCJowfFmyd9Ro0IEW7Ey8PlsgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jODY0OWQtMmYwMC00NjYzLThlNGUt
ZTNjMjJkMGY2MjA3LzEvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jODY0OWQtMmYwMC00NjYzLThlNGUtZTNjMjJkMGY2MjA3
LzEvYUFJbWpCOFdiSjMxR2pRZ1Jic1RMdy1XeUMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlX/R/07m
E8ig5apkAorQsuIfISXNs6EBKdQHJiMC9nZxQnR6O2DS7Psxa8DPnSaD4DFacVpZ
zk8V6X+asTnEwFAov0F4QpvIxAuO2edZv8b1elJOAjIbTf3ZXPsIstIf7cT9rEcY
IVGA06nloG43IWt88z0hJ7IxQ2EUdnK84lLAn5UtJqfJz/A/wHFVeYN+7HPs3s2Y
K6zwyNOWkDmI34FQEzRzMS9TYFsA+a+jQzU36sAsXAdhLFgrzakhxELd/kyqdin5
kOJXO9t525pFS4X+Qp6Agdc3Mtbo+ZAHYQjPnzupOruuF3wf8lyXimsDHzF2vu31
USN3wViuGp1TTg==
-----END CERTIFICATE-----