Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
File:                     GD41veDiUEYFoX1O0FVDfo00ql8.mft (raw, json)
Hash identifier:          V5wwcCkslyMQ5iveqlXtdyJLs+5RmpQ0DnZ8Dv3WA5Y=
Subject key identifier:   C3:D5:13:47:B4:5F:84:25:47:0A:D2:AF:8C:91:42:AA:3E:83:EF:3C
Authority key identifier: 18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F
Certificate issuer:       /CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
Certificate serial:       019364B2B3B797445BCFF9890957D1EF7E85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
Manifest number:          1376
Signing time:             Mon 25 Nov 2024 19:00:53 +0000
Manifest this update:     Mon 25 Nov 2024 19:00:53 +0000
Manifest next update:     Tue 26 Nov 2024 19:00:53 +0000
Files and hashes:         1: GD41veDiUEYFoX1O0FVDfo00ql8.crl (hash: XQGtKmIN7XjZlhZ0fLdUc91P2hPQZTUP/iluLTcWYdU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 19:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:b2:b3:b7:97:44:5b:cf:f9:89:09:57:d1:ef:7e:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=183e35bde0e2504605a17d4ed055437e8d34aa5f
        Validity
            Not Before: Nov 25 19:00:53 2024 GMT
            Not After : Nov 26 19:00:53 2024 GMT
        Subject: CN=c3d51347b45f8425470ad2af8c9142aa3e83ef3c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:72:33:b8:bd:47:4c:9e:e7:38:46:93:2d:e5:
                    ca:3f:2d:d2:e9:a6:3a:43:87:0b:fe:5c:c4:bd:1b:
                    eb:13:b6:35:92:4f:ce:fc:01:41:97:1c:a4:db:e9:
                    7a:db:82:16:88:6f:6b:46:f1:dd:39:94:0b:f3:9c:
                    67:2a:b5:4a:b8:a2:9c:15:9e:d5:87:ca:60:98:01:
                    50:41:4a:75:30:36:5d:6f:d6:0b:7a:d3:5e:6b:0f:
                    f6:59:83:c6:a5:35:f0:14:08:a4:bd:f8:8f:62:82:
                    36:69:fb:3a:62:c2:d0:82:64:7f:0b:e1:0b:09:39:
                    e4:dd:3e:fa:f7:24:47:55:7c:93:26:b7:1d:d4:c3:
                    aa:f9:8d:ec:a1:b1:4e:16:f2:69:56:c2:9c:17:bf:
                    e7:40:b5:dd:ca:e2:22:4d:ce:6c:b7:b6:74:3e:8d:
                    29:17:f2:6d:fc:24:25:58:b6:fd:f6:39:cc:a7:7d:
                    e2:f4:8b:3d:6f:0a:a1:cf:c3:f6:3a:27:73:6b:cd:
                    e6:3f:ce:b3:a8:e9:22:a2:ee:ee:f9:dd:81:f3:a2:
                    01:a4:7c:56:3b:db:7b:4a:8c:a3:12:0f:9a:24:1e:
                    aa:77:0a:ca:e2:de:0a:7e:25:6a:7c:5e:3c:fc:cd:
                    49:c4:fa:06:1b:c7:22:ab:bc:87:ac:88:a2:ff:4f:
                    33:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:D5:13:47:B4:5F:84:25:47:0A:D2:AF:8C:91:42:AA:3E:83:EF:3C
            X509v3 Authority Key Identifier:
                keyid:18:3E:35:BD:E0:E2:50:46:05:A1:7D:4E:D0:55:43:7E:8D:34:AA:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GD41veDiUEYFoX1O0FVDfo00ql8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/4cb524-baaf-41af-b85f-cc8c2db6cf25/1/GD41veDiUEYFoX1O0FVDfo00ql8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:19:4d:bf:25:84:38:3c:95:b1:05:e1:36:b7:ec:7f:a5:54:
         dd:ad:ca:11:e4:aa:d0:1d:05:c6:c6:23:66:b2:fe:de:a3:28:
         f1:68:8e:9e:42:01:ab:22:33:85:18:37:71:6a:49:2e:c0:55:
         83:28:1d:5f:6e:d4:a7:26:7a:ed:34:97:c6:16:7d:86:44:95:
         31:98:f4:89:97:84:67:58:7d:d9:2e:fb:1a:6c:f9:b2:dd:df:
         89:b2:54:36:56:e5:8d:9f:c0:db:e7:36:b5:64:8b:d9:ad:34:
         57:29:c3:cf:e0:23:19:02:f4:b9:c9:b0:05:b9:22:ed:28:49:
         15:46:0f:61:96:66:e0:cf:32:29:71:14:09:18:ec:a9:04:c6:
         7c:85:0c:31:0f:c5:56:9d:14:86:1a:76:1c:48:20:77:83:94:
         d9:f6:1f:02:ed:45:72:4d:a8:74:c4:1e:4d:47:ba:06:81:a7:
         cb:2b:ea:d5:9c:ca:ff:01:00:f1:62:cc:b0:a1:02:f7:2d:04:
         8f:a1:59:94:de:e0:88:28:3c:29:04:1c:13:c6:05:3e:02:cf:
         a1:75:e4:d0:ba:12:46:cf:64:6f:3e:89:8c:c8:24:ab:33:6e:
         d4:56:60:55:27:c4:cb:35:52:93:6d:b6:cb:5b:d8:9f:f8:e2:
         8c:ed:66:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNksrO3l0Rbz/mJCVfR736FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4M2UzNWJkZTBlMjUwNDYwNWExN2Q0ZWQwNTU0MzdlOGQz
NGFhNWYwHhcNMjQxMTI1MTkwMDUzWhcNMjQxMTI2MTkwMDUzWjAzMTEwLwYDVQQD
EyhjM2Q1MTM0N2I0NWY4NDI1NDcwYWQyYWY4YzkxNDJhYTNlODNlZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHIzuL1HTJ7nOEaTLeXKPy3S6aY6
Q4cL/lzEvRvrE7Y1kk/O/AFBlxyk2+l624IWiG9rRvHdOZQL85xnKrVKuKKcFZ7V
h8pgmAFQQUp1MDZdb9YLetNeaw/2WYPGpTXwFAikvfiPYoI2afs6YsLQgmR/C+EL
CTnk3T769yRHVXyTJrcd1MOq+Y3sobFOFvJpVsKcF7/nQLXdyuIiTc5st7Z0Po0p
F/Jt/CQlWLb99jnMp33i9Is9bwqhz8P2Oidza83mP86zqOkiou7u+d2B86IBpHxW
O9t7SoyjEg+aJB6qdwrK4t4KfiVqfF48/M1JxPoGG8ciq7yHrIii/08zfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMPVE0e0X4QlRwrSr4yRQqo+g+88MB8GA1UdIwQY
MBaAFBg+Nb3g4lBGBaF9TtBVQ36NNKpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYt
Y2M4YzJkYjZjZjI1LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80Y2I1MjQtYmFhZi00MWFmLWI4NWYtY2M4YzJkYjZjZjI1
LzEvR0Q0MXZlRGlVRVlGb1gxTzBGVkRmbzAwcWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFxlNvyWE
ODyVsQXhNrfsf6VU3a3KEeSq0B0FxsYjZrL+3qMo8WiOnkIBqyIzhRg3cWpJLsBV
gygdX27UpyZ67TSXxhZ9hkSVMZj0iZeEZ1h92S77Gmz5st3fibJUNlbljZ/A2+c2
tWSL2a00VynDz+AjGQL0ucmwBbki7ShJFUYPYZZm4M8yKXEUCRjsqQTGfIUMMQ/F
Vp0Uhhp2HEggd4OU2fYfAu1Fck2odMQeTUe6BoGnyyvq1ZzK/wEA8WLMsKEC9y0E
j6FZlN7giCg8KQQcE8YFPgLPoXXk0LoSRs9kbz6JjMgkqzNu1FZgVSfEyzVSk222
y1vYn/jijO1mgQ==
-----END CERTIFICATE-----