Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
File:                     LDfpq5czmfAvAyfJgRoYdQDEtsk.mft (raw, json)
Hash identifier:          epqY748K/bC55/p8m/vsJTpprUmoYgSwLLPTGWgNg7Y=
Subject key identifier:   61:47:F8:27:CC:9E:5B:03:61:3C:88:0A:60:8F:13:01:AD:4D:D4:35
Authority key identifier: 2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9
Certificate issuer:       /CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
Certificate serial:       0191F9D9968374700CB4C3DE9B473D198E62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
Manifest number:          F4
Signing time:             Mon 16 Sep 2024 08:01:12 +0000
Manifest this update:     Mon 16 Sep 2024 08:01:12 +0000
Manifest next update:     Tue 17 Sep 2024 08:01:12 +0000
Files and hashes:         1: LDfpq5czmfAvAyfJgRoYdQDEtsk.crl (hash: QH9EkI2NlLGyyfEcWn9egDavH4x9hHJgJATW5RtZcrg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 08:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:d9:96:83:74:70:0c:b4:c3:de:9b:47:3d:19:8e:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c37e9ab973399f02f0327c9811a187500c4b6c9
        Validity
            Not Before: Sep 16 08:01:12 2024 GMT
            Not After : Sep 17 08:01:12 2024 GMT
        Subject: CN=6147f827cc9e5b03613c880a608f1301ad4dd435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ba:17:86:9b:f6:47:23:41:9a:97:38:1b:0f:
                    26:41:13:a5:ff:0b:62:d8:72:4f:ed:d3:8c:11:ca:
                    a8:43:f0:98:8f:d7:85:c7:c8:a9:9b:15:d7:c1:34:
                    67:a0:bc:32:1f:0d:ef:6c:6f:89:1b:f1:42:74:4e:
                    ed:5f:a4:d5:fb:de:bc:96:74:24:65:48:cb:cd:64:
                    5c:95:23:ab:2c:69:a8:d3:6a:6d:ce:a3:1c:cd:d2:
                    8b:94:f8:54:2b:53:87:b1:21:60:e9:76:10:b5:a8:
                    24:5e:79:b2:33:15:6a:37:05:2c:ce:4a:24:fc:fb:
                    90:be:75:f3:67:74:c3:cd:37:bc:a7:60:25:85:35:
                    2a:d9:76:d1:82:7f:83:0d:80:13:af:8f:e9:10:9c:
                    76:10:64:29:47:41:23:9c:0c:00:e8:1d:63:d2:83:
                    af:c0:56:c4:f2:24:51:e9:24:3f:1b:98:b6:d5:82:
                    59:c3:06:38:5e:59:c8:a9:64:57:28:09:d1:81:5b:
                    bb:ea:38:36:03:7f:09:58:bf:de:38:a5:cb:fc:15:
                    5d:37:69:05:ca:cc:e2:1e:50:22:29:15:4a:8a:ac:
                    ea:f0:77:b3:7e:ef:12:52:d3:b2:cb:84:9e:ef:43:
                    1e:7e:00:17:50:58:29:4b:57:5c:5c:25:1a:61:8d:
                    14:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:47:F8:27:CC:9E:5B:03:61:3C:88:0A:60:8F:13:01:AD:4D:D4:35
            X509v3 Authority Key Identifier:
                keyid:2C:37:E9:AB:97:33:99:F0:2F:03:27:C9:81:1A:18:75:00:C4:B6:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDfpq5czmfAvAyfJgRoYdQDEtsk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/55314e-9156-4776-9e01-570dca7ad13e/1/LDfpq5czmfAvAyfJgRoYdQDEtsk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:2e:f0:0d:e7:9d:08:08:3b:4a:f8:d4:7b:90:6f:94:ae:b1:
         c8:cf:19:01:81:c7:7b:25:19:c7:7f:a2:48:ca:a7:ee:3f:1d:
         a3:30:af:39:70:95:d3:1b:fc:bd:ef:d4:11:e0:cc:d8:fc:7b:
         33:2c:34:c5:8e:78:69:16:da:ae:4b:9b:a3:1f:b0:22:84:f4:
         da:86:43:5b:fa:50:db:bd:0a:b0:5c:74:7e:e7:e4:24:30:f2:
         a4:e2:80:08:27:2e:8f:4e:65:25:4d:f8:eb:ea:5e:34:30:82:
         26:cb:9c:56:e9:d1:54:b4:1d:8f:4e:72:f9:0c:c3:c3:f8:20:
         3b:ea:d2:ad:de:6f:97:21:79:15:61:ed:2d:27:e2:e5:62:01:
         c6:2a:11:0c:43:b8:46:22:fb:1a:34:b7:4f:96:ed:84:41:48:
         fd:14:0e:d4:56:4f:6b:17:d8:56:83:c5:2d:7a:89:b8:8c:14:
         36:f7:0e:ac:48:39:95:0d:74:67:cf:94:dd:89:07:6b:6c:6c:
         7c:f0:9c:21:8a:76:53:a2:8e:f0:37:a0:c2:85:bc:45:79:fa:
         ce:db:bc:fd:32:6e:3f:26:2f:cb:fd:81:3d:72:98:ee:7a:8a:
         4d:32:29:33:ee:10:4c:6f:4a:c0:57:e9:06:f6:ae:ca:39:ea:
         7b:29:31:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH52ZaDdHAMtMPem0c9GY5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzdlOWFiOTczMzk5ZjAyZjAzMjdjOTgxMWExODc1MDBj
NGI2YzkwHhcNMjQwOTE2MDgwMTEyWhcNMjQwOTE3MDgwMTEyWjAzMTEwLwYDVQQD
Eyg2MTQ3ZjgyN2NjOWU1YjAzNjEzYzg4MGE2MDhmMTMwMWFkNGRkNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsroXhpv2RyNBmpc4Gw8mQROl/wti
2HJP7dOMEcqoQ/CYj9eFx8ipmxXXwTRnoLwyHw3vbG+JG/FCdE7tX6TV+968lnQk
ZUjLzWRclSOrLGmo02ptzqMczdKLlPhUK1OHsSFg6XYQtagkXnmyMxVqNwUszkok
/PuQvnXzZ3TDzTe8p2AlhTUq2XbRgn+DDYATr4/pEJx2EGQpR0EjnAwA6B1j0oOv
wFbE8iRR6SQ/G5i21YJZwwY4XlnIqWRXKAnRgVu76jg2A38JWL/eOKXL/BVdN2kF
ysziHlAiKRVKiqzq8Hezfu8SUtOyy4Se70MefgAXUFgpS1dcXCUaYY0UBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFH+CfMnlsDYTyICmCPEwGtTdQ1MB8GA1UdIwQY
MBaAFCw36auXM5nwLwMnyYEaGHUAxLbJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEt
NTcwZGNhN2FkMTNlLzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NTMxNGUtOTE1Ni00Nzc2LTllMDEtNTcwZGNhN2FkMTNl
LzEvTERmcHE1Y3ptZkF2QXlmSmdSb1lkUURFdHNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMS7wDeed
CAg7SvjUe5BvlK6xyM8ZAYHHeyUZx3+iSMqn7j8dozCvOXCV0xv8ve/UEeDM2Px7
Myw0xY54aRbarkubox+wIoT02oZDW/pQ270KsFx0fufkJDDypOKACCcuj05lJU34
6+peNDCCJsucVunRVLQdj05y+QzDw/ggO+rSrd5vlyF5FWHtLSfi5WIBxioRDEO4
RiL7GjS3T5bthEFI/RQO1FZPaxfYVoPFLXqJuIwUNvcOrEg5lQ10Z8+U3YkHa2xs
fPCcIYp2U6KO8DegwoW8RXn6ztu8/TJuPyYvy/2BPXKY7nqKTTIpM+4QTG9KwFfp
BvauyjnqeykxfA==
-----END CERTIFICATE-----