Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
File:                     BcojF2aaRo1QmoqhkGvvp1v5wgE.mft (raw, json)
Hash identifier:          CZhCl0CtckOZWfzgoqA5IIsX21TZoJfeqjqWCveCT8s=
Subject key identifier:   88:BA:DC:54:BF:AD:CA:F9:AE:A5:9B:44:76:DA:7B:19:A7:1D:56:B6
Authority key identifier: 05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01
Certificate issuer:       /CN=05ca2317669a468d509a8aa1906befa75bf9c201
Certificate serial:       019369D8C44E56C95B07CC5AEFB7707BF410
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
Manifest number:          0AB3
Signing time:             Tue 26 Nov 2024 19:00:33 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:33 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:33 +0000
Files and hashes:         1: BcojF2aaRo1QmoqhkGvvp1v5wgE.crl (hash: m3sSSt5jVAhAw0v+GQG4guRcoh93M+2AiAMyss0H97M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d8:c4:4e:56:c9:5b:07:cc:5a:ef:b7:70:7b:f4:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05ca2317669a468d509a8aa1906befa75bf9c201
        Validity
            Not Before: Nov 26 19:00:33 2024 GMT
            Not After : Nov 27 19:00:33 2024 GMT
        Subject: CN=88badc54bfadcaf9aea59b4476da7b19a71d56b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a9:65:d0:6a:a1:38:c2:94:f2:7e:27:a6:92:
                    5d:c4:ff:06:e6:ab:17:73:c2:e4:b8:50:63:b4:1a:
                    a2:53:50:4d:3d:47:26:3a:64:2e:fa:5c:56:3f:a7:
                    4e:84:59:58:90:46:91:d1:7d:a7:32:30:15:66:27:
                    ef:cd:9b:82:c8:4c:d6:3a:cd:f6:05:98:de:57:c6:
                    fe:94:f5:f7:59:5b:70:3b:a0:1d:90:ee:25:c2:2e:
                    44:56:70:30:56:54:b3:a3:dd:c5:d2:2f:98:bf:21:
                    85:a1:57:d5:ca:6c:a8:09:58:f7:d0:c5:e7:38:c5:
                    23:9a:7b:f3:be:fb:b9:7e:35:c3:52:be:31:f0:88:
                    be:f9:a9:2a:0b:fd:ed:b5:37:7d:c8:9c:70:a9:b5:
                    9f:a3:95:76:52:35:2c:59:85:79:18:7b:b7:e9:eb:
                    0c:9a:96:6d:16:2e:2b:b0:ed:67:e9:4c:03:49:9f:
                    30:85:b3:a9:37:3b:08:f4:49:f2:b3:54:66:98:62:
                    ab:0c:5d:30:b3:45:c0:8c:c5:31:0b:85:34:8d:df:
                    c6:db:f1:84:aa:8f:35:ab:97:43:18:30:9a:cc:f0:
                    19:38:e0:80:6c:21:0a:c3:2f:35:37:01:ec:16:22:
                    31:b7:91:e6:76:01:e0:0e:54:e1:64:c1:7c:1c:d8:
                    89:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:BA:DC:54:BF:AD:CA:F9:AE:A5:9B:44:76:DA:7B:19:A7:1D:56:B6
            X509v3 Authority Key Identifier:
                keyid:05:CA:23:17:66:9A:46:8D:50:9A:8A:A1:90:6B:EF:A7:5B:F9:C2:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BcojF2aaRo1QmoqhkGvvp1v5wgE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/bdecaa-d141-46b2-9d40-1331e651c79f/1/BcojF2aaRo1QmoqhkGvvp1v5wgE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         49:20:20:4e:36:c5:bd:59:97:d0:0a:ce:a0:44:eb:de:6b:b0:
         ba:de:93:1e:84:07:3c:34:1b:ec:dd:21:94:9d:45:af:df:83:
         f6:17:85:47:6c:cc:76:99:d9:52:96:0f:4a:65:7e:6f:58:22:
         ba:07:d7:59:de:55:e4:e1:4f:5e:71:04:c8:2d:c4:7d:09:25:
         37:57:f6:56:26:61:13:58:b7:de:5a:cd:47:17:6d:b2:2d:42:
         d5:80:81:c8:c5:01:67:cf:75:e0:8c:ae:41:ed:a5:43:b7:ef:
         ba:72:82:42:6f:c0:a3:c0:c0:d4:ea:f0:25:50:42:34:90:99:
         35:ab:26:e5:ef:82:32:f9:13:25:7b:5c:60:ee:30:db:ef:7b:
         80:a9:a0:2a:e0:7d:7a:b9:88:aa:b7:70:42:f5:8c:01:1c:42:
         9a:24:1a:6b:c5:bb:b4:f7:a6:09:12:bc:58:fd:a2:98:b1:af:
         19:d1:e6:1c:e5:3b:bd:9b:84:46:4e:ce:a0:c5:e6:f2:7d:f6:
         a9:32:ac:d7:53:b2:6c:1b:66:72:0e:16:36:84:80:a6:ff:c4:
         8b:cb:bc:0b:ce:48:8b:c9:4e:1a:31:ae:88:97:69:be:58:7d:
         8f:74:75:ef:2a:47:4a:c1:ae:e3:4e:70:a0:5a:ac:4e:45:29:
         eb:2e:2f:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2MROVslbB8xa77dwe/QQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1Y2EyMzE3NjY5YTQ2OGQ1MDlhOGFhMTkwNmJlZmE3NWJm
OWMyMDEwHhcNMjQxMTI2MTkwMDMzWhcNMjQxMTI3MTkwMDMzWjAzMTEwLwYDVQQD
Eyg4OGJhZGM1NGJmYWRjYWY5YWVhNTliNDQ3NmRhN2IxOWE3MWQ1NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuall0GqhOMKU8n4nppJdxP8G5qsX
c8LkuFBjtBqiU1BNPUcmOmQu+lxWP6dOhFlYkEaR0X2nMjAVZifvzZuCyEzWOs32
BZjeV8b+lPX3WVtwO6AdkO4lwi5EVnAwVlSzo93F0i+YvyGFoVfVymyoCVj30MXn
OMUjmnvzvvu5fjXDUr4x8Ii++akqC/3ttTd9yJxwqbWfo5V2UjUsWYV5GHu36esM
mpZtFi4rsO1n6UwDSZ8whbOpNzsI9Enys1RmmGKrDF0ws0XAjMUxC4U0jd/G2/GE
qo81q5dDGDCazPAZOOCAbCEKwy81NwHsFiIxt5HmdgHgDlThZMF8HNiJ5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIi63FS/rcr5rqWbRHbaexmnHVa2MB8GA1UdIwQY
MBaAFAXKIxdmmkaNUJqKoZBr76db+cIBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAt
MTMzMWU2NTFjNzlmLzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iZGVjYWEtZDE0MS00NmIyLTlkNDAtMTMzMWU2NTFjNzlm
LzEvQmNvakYyYWFSbzFRbW9xaGtHdnZwMXY1d2dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASSAgTjbF
vVmX0ArOoETr3muwut6THoQHPDQb7N0hlJ1Fr9+D9heFR2zMdpnZUpYPSmV+b1gi
ugfXWd5V5OFPXnEEyC3EfQklN1f2ViZhE1i33lrNRxdtsi1C1YCByMUBZ8914Iyu
Qe2lQ7fvunKCQm/Ao8DA1OrwJVBCNJCZNasm5e+CMvkTJXtcYO4w2+97gKmgKuB9
ermIqrdwQvWMARxCmiQaa8W7tPemCRK8WP2imLGvGdHmHOU7vZuERk7OoMXm8n32
qTKs11OybBtmcg4WNoSApv/Ei8u8C85Ii8lOGjGuiJdpvlh9j3R17ypHSsGu405w
oFqsTkUp6y4vMQ==
-----END CERTIFICATE-----