Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          gnAk2Q9qf3Wum6amEr1/d8pKxCentgfAaQ5gC+niMmU=
Subject key identifier:   46:01:B7:BD:80:4A:8E:89:00:E6:AE:6D:63:75:DC:8C:FD:1D:C7:AF
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       019357D2B0754854D20F7EA8698187F266E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          0321
Signing time:             Sat 23 Nov 2024 07:00:45 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:45 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:45 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: vj95sUJOMozNQtMO/Z1eAYt5KEsHfNUuBjI+jeiYv1U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:b0:75:48:54:d2:0f:7e:a8:69:81:87:f2:66:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: Nov 23 07:00:45 2024 GMT
            Not After : Nov 24 07:00:45 2024 GMT
        Subject: CN=4601b7bd804a8e8900e6ae6d6375dc8cfd1dc7af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a3:ad:07:48:65:01:d6:ef:dc:74:74:16:97:
                    59:f6:65:0f:23:1c:e1:f1:c0:e1:ee:01:63:0e:5e:
                    e4:8e:3a:1f:dc:81:59:4d:4e:7f:f6:e7:eb:a8:a3:
                    97:6f:54:dc:16:7b:8b:61:53:82:74:4c:1a:f4:fa:
                    b9:91:55:10:d5:90:d5:0c:8f:ca:66:b7:fe:d0:d6:
                    e2:ca:09:07:9b:3b:a4:25:a5:b1:92:c9:82:82:cd:
                    1b:aa:46:70:b3:b8:f3:f9:d2:2b:d3:40:ab:ca:c3:
                    b6:c2:2b:48:c9:d4:2a:c7:e3:74:ff:77:11:3b:82:
                    cb:47:e7:f7:48:ad:8d:db:83:5b:c8:21:53:c6:a1:
                    58:ca:8a:9f:97:00:cb:53:c0:64:79:dc:a6:ae:d4:
                    0d:2f:6c:f9:4e:0e:69:85:8e:73:54:61:7b:9c:2c:
                    19:86:0d:11:25:58:9d:c8:25:b6:63:e4:75:32:14:
                    59:7d:36:fe:d5:a9:12:2c:fb:ad:de:b3:55:10:8f:
                    b9:16:71:7c:3e:47:81:4c:ff:0d:fe:31:ad:5a:58:
                    d8:e3:55:81:d2:34:a2:d4:05:84:2b:b0:15:51:c2:
                    28:01:12:2a:e7:63:74:3f:8f:cf:65:fd:d4:12:6f:
                    b3:80:78:b0:c7:7a:f4:5f:b1:99:97:9d:3b:eb:a8:
                    c1:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:01:B7:BD:80:4A:8E:89:00:E6:AE:6D:63:75:DC:8C:FD:1D:C7:AF
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:fd:44:de:40:4d:a7:3a:1c:cd:1d:41:bd:93:23:52:89:23:
         d5:bb:d4:e1:58:35:d6:d7:57:0a:ce:ef:b5:c7:91:b2:6b:b6:
         ec:83:a5:11:68:17:a7:88:af:3d:91:ed:98:4b:5b:85:ac:09:
         bb:2b:44:d1:44:b7:88:a3:ca:24:ce:3f:19:e1:e6:9b:f6:d2:
         a2:c1:13:93:ae:6f:bc:ff:80:b9:7c:2f:a3:90:9a:ab:8a:b0:
         69:27:0d:31:84:bf:1b:a2:7f:d6:0d:e9:50:4a:03:08:c5:12:
         76:05:92:71:48:e3:98:c9:f3:c9:1e:7d:12:6c:97:71:2e:42:
         b7:4f:37:1f:b7:e9:56:4b:ea:b1:b4:33:7f:54:12:38:9c:cc:
         fc:d3:f2:90:f4:ba:0b:54:39:39:6e:cb:d8:60:b9:a8:62:09:
         32:58:86:01:fb:76:22:1c:1f:d9:1e:1b:f1:78:9d:0e:b3:14:
         18:55:05:c3:40:84:fa:76:47:ae:5e:04:40:13:f3:27:ff:b3:
         89:53:bd:ea:f8:4a:28:5e:ad:17:1b:30:c5:a4:46:3e:10:d8:
         6d:e4:30:2a:f7:8c:4f:25:6b:57:63:17:7b:2e:90:fd:66:ba:
         6f:38:df:a0:13:fc:33:e2:1c:da:93:96:91:3f:63:7a:23:9d:
         86:da:ec:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0rB1SFTSD36oaYGH8mbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjQxMTIzMDcwMDQ1WhcNMjQxMTI0MDcwMDQ1WjAzMTEwLwYDVQQD
Eyg0NjAxYjdiZDgwNGE4ZTg5MDBlNmFlNmQ2Mzc1ZGM4Y2ZkMWRjN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKOtB0hlAdbv3HR0FpdZ9mUPIxzh
8cDh7gFjDl7kjjof3IFZTU5/9ufrqKOXb1TcFnuLYVOCdEwa9Pq5kVUQ1ZDVDI/K
Zrf+0NbiygkHmzukJaWxksmCgs0bqkZws7jz+dIr00CrysO2witIydQqx+N0/3cR
O4LLR+f3SK2N24NbyCFTxqFYyoqflwDLU8BkedymrtQNL2z5Tg5phY5zVGF7nCwZ
hg0RJVidyCW2Y+R1MhRZfTb+1akSLPut3rNVEI+5FnF8PkeBTP8N/jGtWljY41WB
0jSi1AWEK7AVUcIoARIq52N0P4/PZf3UEm+zgHiwx3r0X7GZl50766jBZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEYBt72ASo6JAOaubWN13Iz9HcevMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiv1E3kBN
pzoczR1BvZMjUokj1bvU4Vg11tdXCs7vtceRsmu27IOlEWgXp4ivPZHtmEtbhawJ
uytE0US3iKPKJM4/GeHmm/bSosETk65vvP+AuXwvo5Caq4qwaScNMYS/G6J/1g3p
UEoDCMUSdgWScUjjmMnzyR59EmyXcS5Ct083H7fpVkvqsbQzf1QSOJzM/NPykPS6
C1Q5OW7L2GC5qGIJMliGAft2Ihwf2R4b8XidDrMUGFUFw0CE+nZHrl4EQBPzJ/+z
iVO96vhKKF6tFxswxaRGPhDYbeQwKveMTyVrV2MXey6Q/Wa6bzjfoBP8M+Ic2pOW
kT9jeiOdhtrs7A==
-----END CERTIFICATE-----