Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
File:                     NB54rk8RnAGERACQzx2JrMiyLCQ.mft (raw, json)
Hash identifier:          MVeTJa/LHvd8IZAaDKLvSd4vzRsmYjqV2bmk4XS9X5I=
Subject key identifier:   16:68:89:64:EF:F0:5E:BE:F0:05:C0:44:33:83:7B:37:99:B4:66:3D
Authority key identifier: 34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24
Certificate issuer:       /CN=341e78ae4f119c0184440090cf1d89acc8b22c24
Certificate serial:       01935809182C00FB70E6B20711DE36059695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
Manifest number:          012F
Signing time:             Sat 23 Nov 2024 08:00:11 +0000
Manifest this update:     Sat 23 Nov 2024 08:00:11 +0000
Manifest next update:     Sun 24 Nov 2024 08:00:11 +0000
Files and hashes:         1: NB54rk8RnAGERACQzx2JrMiyLCQ.crl (hash: 8hVn13vVwZ8aK0lOdF7mOIZ45VXdB/B4+G/v24ojMq4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:09:18:2c:00:fb:70:e6:b2:07:11:de:36:05:96:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=341e78ae4f119c0184440090cf1d89acc8b22c24
        Validity
            Not Before: Nov 23 08:00:11 2024 GMT
            Not After : Nov 24 08:00:11 2024 GMT
        Subject: CN=16688964eff05ebef005c04433837b3799b4663d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:e1:e7:03:14:83:8e:b6:05:68:2f:14:c1:a1:
                    00:78:9b:c0:ed:44:8c:66:9e:46:fe:7b:08:ce:af:
                    8e:29:05:5c:c5:26:5b:06:d3:e5:3b:1d:78:2a:e1:
                    9d:cd:c2:92:cb:4a:18:bf:61:56:2f:05:22:ef:5f:
                    5d:a2:90:7f:5d:86:13:18:aa:38:25:22:3c:ea:cb:
                    3d:ec:12:1d:71:d4:56:32:14:d2:d4:4b:25:48:44:
                    25:49:98:d8:33:2b:f4:90:15:50:e5:20:56:62:c2:
                    31:e2:2b:75:87:1c:0a:b8:ae:f3:e3:4c:59:3d:16:
                    ff:e2:b2:99:47:86:7c:0c:c6:d0:60:92:d2:2b:c3:
                    a0:91:26:10:14:12:85:ae:55:64:93:fe:7e:bc:f6:
                    a0:fb:76:f9:32:43:81:52:43:03:18:8a:75:0c:77:
                    94:a3:a5:08:ab:3c:76:13:ca:f7:c6:70:d4:fe:a1:
                    e2:64:a1:95:e1:1f:3e:05:fa:27:f7:80:28:5b:2e:
                    d4:8a:59:f9:ee:de:f8:c9:b7:7a:03:ff:1f:bf:ff:
                    80:53:24:bb:af:a6:d7:22:ca:bf:54:5a:a0:0c:8f:
                    5b:dc:37:7d:f3:9f:a1:4b:c7:a8:10:80:e3:04:39:
                    fb:18:c7:21:f7:9d:f7:74:89:4c:17:d8:6e:37:ed:
                    7a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:68:89:64:EF:F0:5E:BE:F0:05:C0:44:33:83:7B:37:99:B4:66:3D
            X509v3 Authority Key Identifier:
                keyid:34:1E:78:AE:4F:11:9C:01:84:44:00:90:CF:1D:89:AC:C8:B2:2C:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NB54rk8RnAGERACQzx2JrMiyLCQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/2aeca7-0837-468d-bd62-03bb21aefba0/1/NB54rk8RnAGERACQzx2JrMiyLCQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:0d:e7:5d:f4:a9:1d:4c:fa:80:1d:11:49:09:1f:ea:22:45:
         70:70:79:8e:39:d3:ca:18:a9:2e:94:67:18:82:94:73:b0:77:
         d9:40:f9:9e:06:69:96:8b:cc:a7:60:ef:de:01:ad:20:41:80:
         9d:4d:86:94:5c:9a:ed:55:08:e2:ba:d3:78:93:aa:ca:5f:5f:
         75:04:e5:40:a6:35:4d:d8:29:5f:2d:1b:dc:ec:31:cd:24:e6:
         36:b7:8a:5d:88:0b:04:6f:fb:69:c6:85:0a:d0:40:df:65:fd:
         4a:8d:24:e8:41:5b:9d:3f:ba:85:1d:88:6d:02:1a:11:c1:30:
         5e:2e:61:be:be:ae:12:7b:b1:32:ea:04:7b:63:05:8c:7a:2b:
         0d:8c:c0:89:5b:e6:5b:39:98:58:01:fe:11:a0:ce:3e:ac:22:
         6c:55:39:4b:6e:3e:a9:7d:1a:8c:b2:59:90:17:56:e1:31:59:
         8d:0a:ad:12:2a:48:37:dc:cf:39:97:41:f5:c1:51:24:3d:7b:
         a3:88:89:eb:ba:38:f5:37:80:7f:6c:ad:c3:12:6c:47:18:21:
         30:22:9d:36:49:42:21:b2:05:df:fb:0b:93:95:e3:40:da:8c:
         05:80:ac:12:98:bf:8e:dc:38:11:d4:f4:60:03:61:96:44:7e:
         57:f0:04:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYCRgsAPtw5rIHEd42BZaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MWU3OGFlNGYxMTljMDE4NDQ0MDA5MGNmMWQ4OWFjYzhi
MjJjMjQwHhcNMjQxMTIzMDgwMDExWhcNMjQxMTI0MDgwMDExWjAzMTEwLwYDVQQD
EygxNjY4ODk2NGVmZjA1ZWJlZjAwNWMwNDQzMzgzN2IzNzk5YjQ2NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OHnAxSDjrYFaC8UwaEAeJvA7USM
Zp5G/nsIzq+OKQVcxSZbBtPlOx14KuGdzcKSy0oYv2FWLwUi719dopB/XYYTGKo4
JSI86ss97BIdcdRWMhTS1EslSEQlSZjYMyv0kBVQ5SBWYsIx4it1hxwKuK7z40xZ
PRb/4rKZR4Z8DMbQYJLSK8OgkSYQFBKFrlVkk/5+vPag+3b5MkOBUkMDGIp1DHeU
o6UIqzx2E8r3xnDU/qHiZKGV4R8+Bfon94AoWy7Uiln57t74ybd6A/8fv/+AUyS7
r6bXIsq/VFqgDI9b3Dd985+hS8eoEIDjBDn7GMch9533dIlMF9huN+16ewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBZoiWTv8F6+8AXARDODezeZtGY9MB8GA1UdIwQY
MBaAFDQeeK5PEZwBhEQAkM8diazIsiwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjIt
MDNiYjIxYWVmYmEwLzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8yYWVjYTctMDgzNy00NjhkLWJkNjItMDNiYjIxYWVmYmEw
LzEvTkI1NHJrOFJuQUdFUkFDUXp4MkpyTWl5TENRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbw3nXfSp
HUz6gB0RSQkf6iJFcHB5jjnTyhipLpRnGIKUc7B32UD5ngZplovMp2Dv3gGtIEGA
nU2GlFya7VUI4rrTeJOqyl9fdQTlQKY1TdgpXy0b3OwxzSTmNreKXYgLBG/7acaF
CtBA32X9So0k6EFbnT+6hR2IbQIaEcEwXi5hvr6uEnuxMuoEe2MFjHorDYzAiVvm
WzmYWAH+EaDOPqwibFU5S24+qX0ajLJZkBdW4TFZjQqtEipIN9zPOZdB9cFRJD17
o4iJ67o49TeAf2ytwxJsRxghMCKdNklCIbIF3/sLk5XjQNqMBYCsEpi/jtw4EdT0
YANhlkR+V/AEfg==
-----END CERTIFICATE-----