Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          2zabMkG3MyPmjZF45IlG7uypsKlq6I4sthUDI9VrrRM=
Subject key identifier:   C8:DE:AD:8A:05:D3:DA:94:AA:16:4A:88:F0:86:2E:E2:EB:30:92:AF
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       019357D2D368F1F48AC6A1ADEEA55D43D98E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          08B6
Signing time:             Sat 23 Nov 2024 07:00:54 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:54 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:54 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: +JDN24gQjLa5oMnEa7w/V2bYGnb8bQbnnvDEXardUzo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:d3:68:f1:f4:8a:c6:a1:ad:ee:a5:5d:43:d9:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: Nov 23 07:00:54 2024 GMT
            Not After : Nov 24 07:00:54 2024 GMT
        Subject: CN=c8dead8a05d3da94aa164a88f0862ee2eb3092af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:ee:92:06:7b:34:9b:0b:b6:0e:8f:e5:4b:2e:
                    1a:6b:10:d2:61:86:56:fd:66:cf:2a:dd:33:29:28:
                    af:f3:f1:6b:9a:da:19:27:58:f5:02:cd:4e:13:15:
                    a5:37:57:99:d6:fe:bc:3d:41:d2:fb:ba:da:34:c4:
                    51:5c:82:b6:46:79:72:72:9a:0a:54:21:e1:2d:b8:
                    74:a0:09:20:36:a6:90:f8:83:8e:cd:81:9c:d6:d4:
                    f4:cf:ca:29:a6:64:37:af:bb:28:63:9f:29:1d:8b:
                    00:83:ee:72:6e:de:b3:e0:23:5f:60:1c:9f:6c:79:
                    a9:a0:9f:da:bb:f9:3c:52:92:c6:1d:71:1f:9a:0f:
                    81:81:cf:cd:ed:29:36:e7:38:ea:45:ab:31:d0:dd:
                    51:cf:cc:7f:45:38:48:23:b2:4c:2b:2c:77:52:ae:
                    ca:37:f6:f2:f1:b5:1b:6e:55:d9:7e:56:4a:ca:d0:
                    0a:68:c5:f7:b4:d5:00:ea:d0:12:0a:3e:5e:5b:07:
                    95:2b:24:ed:b1:af:bb:13:74:4f:ac:45:34:24:2f:
                    b2:9c:ab:04:9c:1c:a4:da:84:79:33:41:52:dd:ae:
                    ae:5d:a5:f7:6c:33:9a:95:a6:48:ad:60:a2:e4:43:
                    4c:11:e5:33:e8:43:80:91:7d:55:e6:14:93:60:62:
                    9d:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:DE:AD:8A:05:D3:DA:94:AA:16:4A:88:F0:86:2E:E2:EB:30:92:AF
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:64:95:a3:29:e0:83:2c:0e:eb:b9:6b:8a:b5:7b:2d:13:a4:
         b5:d7:2a:b0:1f:7f:73:ea:ee:ff:db:66:55:b5:06:3e:4b:0e:
         c4:18:10:00:bf:79:18:78:ea:b2:69:ba:b1:b4:f7:18:e3:be:
         61:fb:c6:95:95:91:3c:71:18:bd:10:6c:c1:0a:ff:b3:5e:3c:
         11:32:97:47:30:71:c1:23:00:e3:96:83:45:78:10:97:7b:ed:
         d9:20:31:51:25:6d:eb:c4:bf:a9:b7:8d:86:b3:4d:63:cf:ed:
         f0:ea:bf:1f:62:2b:ec:ac:98:94:13:7f:f9:3e:8c:69:13:f1:
         05:18:9d:04:2f:d6:40:56:05:04:d9:37:56:83:a6:2d:cc:18:
         27:5f:54:3b:1f:fb:a3:94:cc:71:ba:e7:93:32:10:57:12:86:
         0b:49:31:62:18:e9:66:e2:a1:a4:19:4e:a2:e4:11:b6:42:29:
         d1:42:d2:d4:fc:d2:3d:ee:f4:e2:01:02:5e:fe:90:c6:8b:b4:
         52:b8:94:7d:00:ae:62:96:f3:5c:55:93:78:0f:3d:3b:32:91:
         fb:f5:ca:41:70:ed:da:56:a7:e4:ce:00:f0:4a:57:7a:c7:12:
         27:11:02:84:94:02:b9:e1:23:1d:26:05:14:2b:19:e5:f7:e4:
         48:42:32:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0tNo8fSKxqGt7qVdQ9mOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjQxMTIzMDcwMDU0WhcNMjQxMTI0MDcwMDU0WjAzMTEwLwYDVQQD
EyhjOGRlYWQ4YTA1ZDNkYTk0YWExNjRhODhmMDg2MmVlMmViMzA5MmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+6SBns0mwu2Do/lSy4aaxDSYYZW
/WbPKt0zKSiv8/FrmtoZJ1j1As1OExWlN1eZ1v68PUHS+7raNMRRXIK2RnlycpoK
VCHhLbh0oAkgNqaQ+IOOzYGc1tT0z8oppmQ3r7soY58pHYsAg+5ybt6z4CNfYByf
bHmpoJ/au/k8UpLGHXEfmg+Bgc/N7Sk25zjqRasx0N1Rz8x/RThII7JMKyx3Uq7K
N/by8bUbblXZflZKytAKaMX3tNUA6tASCj5eWweVKyTtsa+7E3RPrEU0JC+ynKsE
nByk2oR5M0FS3a6uXaX3bDOalaZIrWCi5ENMEeUz6EOAkX1V5hSTYGKdqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMjerYoF09qUqhZKiPCGLuLrMJKvMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxmSVoyng
gywO67lrirV7LROktdcqsB9/c+ru/9tmVbUGPksOxBgQAL95GHjqsmm6sbT3GOO+
YfvGlZWRPHEYvRBswQr/s148ETKXRzBxwSMA45aDRXgQl3vt2SAxUSVt68S/qbeN
hrNNY8/t8Oq/H2Ir7KyYlBN/+T6MaRPxBRidBC/WQFYFBNk3VoOmLcwYJ19UOx/7
o5TMcbrnkzIQVxKGC0kxYhjpZuKhpBlOouQRtkIp0ULS1PzSPe704gECXv6Qxou0
UriUfQCuYpbzXFWTeA89OzKR+/XKQXDt2lan5M4A8EpXescSJxEChJQCueEjHSYF
FCsZ5ffkSEIymQ==
-----END CERTIFICATE-----