Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
File:                     KMaADXS8QQW0DnfqCFugJtvuw18.mft (raw, json)
Hash identifier:          hDQBzuQ78XfqYWNlFdbtXrqcMSyoYmH/LLWUsiBqqTk=
Subject key identifier:   42:13:5A:2D:04:94:09:47:2B:5E:83:C1:C5:AD:3B:29:E6:03:39:5C
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Certificate issuer:       /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial:       01935764AACAD957198890F1907E0EC09B0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
Manifest number:          0DAF
Signing time:             Sat 23 Nov 2024 05:00:35 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:35 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:35 +0000
Files and hashes:         1: KMaADXS8QQW0DnfqCFugJtvuw18.crl (hash: dk598PN8nfu7UPNpITSz8RrvIdRVgXr3gWyjvXBNpUY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:aa:ca:d9:57:19:88:90:f1:90:7e:0e:c0:9b:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
        Validity
            Not Before: Nov 23 05:00:35 2024 GMT
            Not After : Nov 24 05:00:35 2024 GMT
        Subject: CN=42135a2d049409472b5e83c1c5ad3b29e603395c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:80:02:3e:5a:7a:d4:2b:2f:d4:cd:9b:46:b2:
                    f2:d8:bb:ae:c0:ea:a0:29:cd:19:81:73:b9:dd:f4:
                    23:4e:d1:2d:8c:29:2f:54:ba:e4:95:55:43:7a:41:
                    91:de:d8:a9:93:6f:39:ce:1b:04:a7:25:e6:27:8a:
                    8d:37:52:72:ce:4e:2e:99:9c:21:11:00:15:2c:d6:
                    b4:a8:bb:81:27:d4:76:73:02:52:3c:4b:e1:12:fc:
                    25:45:0f:9a:df:52:b5:ec:8d:45:eb:d8:51:b0:50:
                    2f:17:7e:04:51:fe:f2:a2:ec:5a:28:bd:8f:e5:fd:
                    f8:ef:44:e3:4d:07:d4:61:0f:4f:1c:14:ab:d3:91:
                    35:a3:e2:15:3c:0c:c9:5c:12:d0:99:4d:c5:4e:33:
                    86:94:60:1d:26:cd:39:12:4a:b8:9e:40:37:e7:df:
                    c3:62:aa:d7:b6:1f:af:3f:4d:58:83:7d:71:8d:7e:
                    02:15:4d:0a:a5:0a:0d:34:39:ed:ec:3f:5f:42:80:
                    bf:62:06:31:0c:5f:3f:f3:a8:5a:af:37:fc:c0:96:
                    8e:c5:c3:89:1e:50:0b:0d:68:ca:d1:b3:ea:04:97:
                    92:3f:e8:28:9d:2f:06:5f:a4:ee:60:79:ba:a8:67:
                    56:02:bd:dd:45:dc:b4:db:c7:05:d8:ba:31:98:60:
                    c7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:13:5A:2D:04:94:09:47:2B:5E:83:C1:C5:AD:3B:29:E6:03:39:5C
            X509v3 Authority Key Identifier:
                keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:13:1a:4a:ea:c2:68:d3:3a:78:5a:b9:50:9d:12:ba:b0:3e:
         75:ad:2d:38:cf:e3:98:6b:22:e0:5c:86:3d:48:01:7d:d8:d1:
         60:d1:3d:3a:7f:95:f9:df:ee:c2:e7:fe:f2:23:85:48:08:a3:
         88:53:86:57:76:79:7c:50:84:8e:25:54:80:c3:63:cc:c1:3e:
         47:e1:85:a6:27:42:b7:b3:ca:e6:e6:8d:20:0f:da:41:23:77:
         5e:a2:e2:b4:37:9a:a7:80:f8:ee:f2:bd:04:99:7a:72:1b:50:
         ce:0a:df:87:0f:7d:2a:ea:57:d8:d4:ae:92:09:c6:e2:b4:13:
         9e:d0:04:d2:4b:0c:c4:ab:39:9f:a4:08:2d:4b:9c:4d:cc:5e:
         36:68:45:62:6a:e4:5d:c6:30:8d:ae:fd:c1:64:2b:01:da:1e:
         b9:28:5f:ac:c2:5a:85:c6:47:d2:27:ed:63:a0:10:11:84:88:
         a2:04:06:72:b1:13:94:b7:6f:e4:e1:8e:2d:e2:9f:de:35:fc:
         7e:31:91:08:d1:57:b8:63:a9:2a:67:ac:6f:95:0a:f7:f0:de:
         85:e5:04:1a:30:62:96:67:df:c9:78:c6:21:ed:1b:9b:6c:c7:
         2a:ef:ce:00:59:9d:04:77:71:be:a8:1f:02:0d:e2:7e:0f:b0:
         38:7f:11:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZKrK2VcZiJDxkH4OwJsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzY4MDBkNzRiYzQxMDViNDBlNzdlYTA4NWJhMDI2ZGJl
ZWMzNWYwHhcNMjQxMTIzMDUwMDM1WhcNMjQxMTI0MDUwMDM1WjAzMTEwLwYDVQQD
Eyg0MjEzNWEyZDA0OTQwOTQ3MmI1ZTgzYzFjNWFkM2IyOWU2MDMzOTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4ACPlp61Csv1M2bRrLy2LuuwOqg
Kc0ZgXO53fQjTtEtjCkvVLrklVVDekGR3tipk285zhsEpyXmJ4qNN1Jyzk4umZwh
EQAVLNa0qLuBJ9R2cwJSPEvhEvwlRQ+a31K17I1F69hRsFAvF34EUf7youxaKL2P
5f3470TjTQfUYQ9PHBSr05E1o+IVPAzJXBLQmU3FTjOGlGAdJs05Ekq4nkA359/D
YqrXth+vP01Yg31xjX4CFU0KpQoNNDnt7D9fQoC/YgYxDF8/86harzf8wJaOxcOJ
HlALDWjK0bPqBJeSP+gonS8GX6TuYHm6qGdWAr3dRdy028cF2LoxmGDH0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEITWi0ElAlHK16DwcWtOynmAzlcMB8GA1UdIwQY
MBaAFCjGgA10vEEFtA536ghboCbb7sNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTIt
NDkzOWJiZmRmYjg2LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTItNDkzOWJiZmRmYjg2
LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZxMaSurC
aNM6eFq5UJ0SurA+da0tOM/jmGsi4FyGPUgBfdjRYNE9On+V+d/uwuf+8iOFSAij
iFOGV3Z5fFCEjiVUgMNjzME+R+GFpidCt7PK5uaNIA/aQSN3XqLitDeap4D47vK9
BJl6chtQzgrfhw99KupX2NSukgnG4rQTntAE0ksMxKs5n6QILUucTcxeNmhFYmrk
XcYwja79wWQrAdoeuShfrMJahcZH0iftY6AQEYSIogQGcrETlLdv5OGOLeKf3jX8
fjGRCNFXuGOpKmesb5UK9/DeheUEGjBilmffyXjGIe0bm2zHKu/OAFmdBHdxvqgf
Ag3ifg+wOH8Rig==
-----END CERTIFICATE-----