Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          NLIopL/omXVC2xeYGQ9k6HeFBkQk568VY2GfTa17k3I=
Subject key identifier:   93:06:EB:A9:52:6D:A8:42:28:6D:5B:32:CC:DF:72:B7:34:22:F3:67
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       0193568A8EAFF3F6D4BCDCAA6333FA56ACB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          1300
Signing time:             Sat 23 Nov 2024 01:02:21 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:21 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:21 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: CEWg76sZn58PaMa2jw2hSHpc/U+r/fLFr3IebgfjeVE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:8e:af:f3:f6:d4:bc:dc:aa:63:33:fa:56:ac:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: Nov 23 01:02:21 2024 GMT
            Not After : Nov 24 01:02:21 2024 GMT
        Subject: CN=9306eba9526da842286d5b32ccdf72b73422f367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:fc:1d:9c:aa:46:4e:a4:d8:69:b4:8f:cc:33:
                    dd:02:59:96:40:58:4f:52:dc:9d:c2:a5:32:94:aa:
                    e1:4a:65:5d:4e:18:8f:44:8c:f3:1e:7b:bf:6e:1f:
                    bf:05:88:fe:84:6d:04:d1:93:57:ae:b1:f6:47:59:
                    c6:54:a0:0e:ed:82:75:f8:f1:ed:f5:19:86:46:e5:
                    34:79:2b:79:0f:14:b9:8b:50:e6:6c:ba:2d:5c:c6:
                    45:1a:90:99:47:4a:61:6e:85:3d:86:67:61:c3:b3:
                    fa:95:9b:6e:d0:06:05:49:db:2f:18:55:fb:28:62:
                    c0:68:c7:bd:a2:93:fd:8b:ee:f7:32:24:c9:df:b2:
                    6b:27:42:27:23:c4:ed:fd:c6:8e:18:8d:46:42:98:
                    d2:2e:f9:f2:22:48:e6:1e:25:78:c6:5b:82:e6:87:
                    aa:5a:e6:0e:38:5b:e5:e1:b9:07:0e:bc:d0:56:2d:
                    65:bb:37:76:b3:04:cc:98:87:d1:d7:2d:53:ae:d5:
                    d4:e8:e7:a5:da:b6:d3:91:74:b5:44:ac:f3:c5:86:
                    6c:ad:7e:1c:29:f7:7f:3d:0d:3c:f0:7c:be:c1:1e:
                    ac:0a:6e:f3:c6:23:ea:55:da:28:72:49:6e:e9:ef:
                    fd:20:63:0b:51:e0:48:a3:25:9e:aa:93:35:cc:d0:
                    ee:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:06:EB:A9:52:6D:A8:42:28:6D:5B:32:CC:DF:72:B7:34:22:F3:67
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:9d:04:c8:ef:cf:2e:d5:23:62:7c:11:21:db:bf:ac:ef:e9:
         46:58:c6:e6:5c:36:e3:a6:d8:15:d1:08:0f:0f:6a:ad:b2:ae:
         24:7e:7d:cc:95:73:cc:0f:19:3c:d5:16:06:dc:b9:cb:75:19:
         8a:02:b2:9d:bb:3b:64:a7:b8:40:1b:02:6a:e7:5b:5f:95:8e:
         27:71:e6:43:01:e2:f4:96:80:1a:d7:2f:07:90:d6:66:38:5c:
         b2:dc:20:23:3c:64:d7:f1:32:98:6e:dc:33:23:79:56:33:a4:
         cd:8e:ca:a6:9c:0d:be:c8:54:5d:87:4d:ea:28:6c:c1:b8:19:
         b8:da:d5:33:31:0a:94:d5:dd:7c:db:5e:3b:f0:7c:48:83:e7:
         2a:ab:ae:0c:7f:31:b1:35:93:0e:a7:df:49:ec:b3:0a:35:c6:
         c6:e8:f6:e2:36:1d:1e:bf:87:fc:96:1a:49:cc:da:5f:ca:24:
         14:6a:0f:79:7f:ae:8d:aa:31:41:31:a7:2e:b5:5d:54:92:23:
         1e:32:18:cf:d8:d5:09:33:6e:bc:4b:90:e2:f7:15:4c:89:d2:
         37:4d:1f:85:f6:b7:92:74:b4:38:0e:ea:ae:de:29:5a:98:a9:
         50:5b:08:13:0f:bc:c5:f3:3b:3b:fa:7d:1c:39:6c:38:53:32:
         bc:71:6e:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWio6v8/bUvNyqYzP6Vqy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjQxMTIzMDEwMjIxWhcNMjQxMTI0MDEwMjIxWjAzMTEwLwYDVQQD
Eyg5MzA2ZWJhOTUyNmRhODQyMjg2ZDViMzJjY2RmNzJiNzM0MjJmMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvwdnKpGTqTYabSPzDPdAlmWQFhP
UtydwqUylKrhSmVdThiPRIzzHnu/bh+/BYj+hG0E0ZNXrrH2R1nGVKAO7YJ1+PHt
9RmGRuU0eSt5DxS5i1DmbLotXMZFGpCZR0phboU9hmdhw7P6lZtu0AYFSdsvGFX7
KGLAaMe9opP9i+73MiTJ37JrJ0InI8Tt/caOGI1GQpjSLvnyIkjmHiV4xluC5oeq
WuYOOFvl4bkHDrzQVi1luzd2swTMmIfR1y1TrtXU6Oel2rbTkXS1RKzzxYZsrX4c
Kfd/PQ088Hy+wR6sCm7zxiPqVdoocklu6e/9IGMLUeBIoyWeqpM1zNDuTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJMG66lSbahCKG1bMszfcrc0IvNnMB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALp0EyO/P
LtUjYnwRIdu/rO/pRljG5lw246bYFdEIDw9qrbKuJH59zJVzzA8ZPNUWBty5y3UZ
igKynbs7ZKe4QBsCaudbX5WOJ3HmQwHi9JaAGtcvB5DWZjhcstwgIzxk1/EymG7c
MyN5VjOkzY7KppwNvshUXYdN6ihswbgZuNrVMzEKlNXdfNteO/B8SIPnKquuDH8x
sTWTDqffSeyzCjXGxuj24jYdHr+H/JYaSczaX8okFGoPeX+ujaoxQTGnLrVdVJIj
HjIYz9jVCTNuvEuQ4vcVTInSN00fhfa3knS0OA7qrt4pWpipUFsIEw+8xfM7O/p9
HDlsOFMyvHFuIQ==
-----END CERTIFICATE-----