Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
File:                     4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json)
Hash identifier:          Dz0Kzh3X7HjsFyqXQFr6Ll6MSgJ5gvs/DVK0cNsYg2I=
Subject key identifier:   B4:BF:AB:4D:CC:96:0D:77:9E:12:B7:44:18:72:91:E6:4F:95:CA:B9
Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF
Certificate issuer:       /CN=e22501d9a401709838f33d1ae279bce7100b3ccf
Certificate serial:       01935878F6AFF729D35AAFC2FCBFD39A8AF0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
Manifest number:          0DE9
Signing time:             Sat 23 Nov 2024 10:02:22 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:22 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:22 +0000
Files and hashes:         1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: v33NBifP1MaRHJW1PCyofQkM0js8A8NVlOf+S1jtuU8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:f6:af:f7:29:d3:5a:af:c2:fc:bf:d3:9a:8a:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf
        Validity
            Not Before: Nov 23 10:02:22 2024 GMT
            Not After : Nov 24 10:02:22 2024 GMT
        Subject: CN=b4bfab4dcc960d779e12b744187291e64f95cab9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:7c:93:5f:ac:8e:b6:f0:32:c1:bd:2a:c0:10:
                    21:fc:6e:dc:2c:84:c3:bf:f4:6b:59:6f:e2:11:08:
                    47:e0:0f:46:6b:8c:8e:9f:e5:e6:20:62:85:3d:83:
                    a4:38:ad:b0:ee:97:0f:e6:7a:88:a4:d8:23:ba:5e:
                    a7:11:13:48:72:45:41:76:43:f5:09:af:fa:c2:12:
                    5f:6d:21:ac:f0:e2:4a:c5:92:66:ac:dc:9c:33:7b:
                    53:d8:c3:a4:de:e4:3e:cc:99:d8:d9:d6:bd:90:fb:
                    0b:ca:91:e9:a3:05:a5:38:c2:b0:6e:f0:bd:49:09:
                    d7:eb:9b:9a:03:98:76:5f:dc:f5:1b:63:49:a7:b4:
                    84:c8:06:cc:89:2f:78:85:7b:dd:85:4f:5e:72:e3:
                    d8:3a:f3:32:90:1a:c1:f8:f4:61:90:89:2b:66:47:
                    9b:ce:82:81:a0:b3:0c:23:6d:cf:cd:eb:c5:c8:9d:
                    33:cf:48:4e:31:95:2c:f8:0a:d6:18:2b:de:fe:c5:
                    99:3c:42:20:99:7b:38:16:e2:8b:a1:65:b2:91:a8:
                    86:5f:14:35:a2:aa:fa:82:6c:d2:e0:39:b9:cd:23:
                    4b:0f:87:75:62:70:11:4a:92:0d:1b:ad:0d:06:7b:
                    c7:8a:f3:97:9b:8c:1c:2b:4b:2a:84:07:9b:d5:72:
                    e6:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:BF:AB:4D:CC:96:0D:77:9E:12:B7:44:18:72:91:E6:4F:95:CA:B9
            X509v3 Authority Key Identifier:
                keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:cd:c9:63:e4:47:2e:7c:1a:f6:94:a1:f1:91:f2:d3:65:c0:
         a5:75:63:19:b5:a7:3f:93:77:a8:a1:76:57:c7:60:ce:31:d7:
         a8:90:d9:bb:16:1c:b9:39:2e:47:c9:d7:ec:8d:ed:03:01:b6:
         1c:d6:10:10:a7:59:89:67:96:e8:59:d2:bb:30:71:ac:22:35:
         8c:f1:cf:4b:7f:37:da:4b:df:31:6e:29:86:07:06:6b:de:27:
         1d:d0:2b:27:fb:6e:b5:4e:dc:f8:00:f6:17:bb:04:64:cd:e5:
         7b:33:49:ae:36:fc:af:f3:c2:6b:d0:7b:16:bb:cd:07:50:e2:
         09:32:73:e4:3e:e7:97:f5:0a:26:ab:73:f7:8a:39:44:e5:ef:
         7b:02:bd:30:e2:30:e0:8c:eb:a9:f8:fa:46:3a:b2:25:5a:77:
         3a:9f:66:a6:ec:79:e5:43:f9:81:41:21:40:1a:a9:5f:f3:99:
         90:08:65:49:57:d8:f4:28:f8:95:16:c9:ec:cb:1e:23:a0:87:
         0d:cc:10:a8:a8:8c:75:f2:bd:5c:4e:cf:85:c1:38:0d:64:07:
         a2:c4:ec:30:94:4d:8e:c6:38:49:e4:9b:20:86:0f:cc:26:5b:
         38:81:c3:22:c7:60:08:d9:44:e4:3b:38:cc:5d:d7:ad:e4:79:
         d3:dd:b2:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYePav9ynTWq/C/L/TmorwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw
YjNjY2YwHhcNMjQxMTIzMTAwMjIyWhcNMjQxMTI0MTAwMjIyWjAzMTEwLwYDVQQD
EyhiNGJmYWI0ZGNjOTYwZDc3OWUxMmI3NDQxODcyOTFlNjRmOTVjYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHyTX6yOtvAywb0qwBAh/G7cLITD
v/RrWW/iEQhH4A9Ga4yOn+XmIGKFPYOkOK2w7pcP5nqIpNgjul6nERNIckVBdkP1
Ca/6whJfbSGs8OJKxZJmrNycM3tT2MOk3uQ+zJnY2da9kPsLypHpowWlOMKwbvC9
SQnX65uaA5h2X9z1G2NJp7SEyAbMiS94hXvdhU9ecuPYOvMykBrB+PRhkIkrZkeb
zoKBoLMMI23PzevFyJ0zz0hOMZUs+ArWGCve/sWZPEIgmXs4FuKLoWWykaiGXxQ1
oqr6gmzS4Dm5zSNLD4d1YnARSpING60NBnvHivOXm4wcK0sqhAeb1XLmCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS/q03Mlg13nhK3RBhykeZPlcq5MB8GA1UdIwQY
MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt
Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3
LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZs3JY+RH
Lnwa9pSh8ZHy02XApXVjGbWnP5N3qKF2V8dgzjHXqJDZuxYcuTkuR8nX7I3tAwG2
HNYQEKdZiWeW6FnSuzBxrCI1jPHPS3832kvfMW4phgcGa94nHdArJ/tutU7c+AD2
F7sEZM3lezNJrjb8r/PCa9B7FrvNB1DiCTJz5D7nl/UKJqtz94o5ROXvewK9MOIw
4Izrqfj6RjqyJVp3Op9mpux55UP5gUEhQBqpX/OZkAhlSVfY9Cj4lRbJ7MseI6CH
DcwQqKiMdfK9XE7PhcE4DWQHosTsMJRNjsY4SeSbIIYPzCZbOIHDIsdgCNlE5Ds4
zF3XreR5092yxg==
-----END CERTIFICATE-----