Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
File:                     bDg245a8UGRDYGuf1zN6kg5x3tE.mft (raw, json)
Hash identifier:          B1bqKqQoJyGKbxOlrdjuQl7MsQaF6T7LR5Ud20CL3vI=
Subject key identifier:   66:D6:37:1E:E4:19:A2:65:F1:CC:9B:82:AA:78:46:5E:53:3B:96:A5
Authority key identifier: 6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1
Certificate issuer:       /CN=6c3836e396bc506443606b9fd7337a920e71ded1
Certificate serial:       0193572E136313ECBF558CF392CEE3EB8302
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
Manifest number:          11F3
Signing time:             Sat 23 Nov 2024 04:00:57 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:57 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:57 +0000
Files and hashes:         1: bDg245a8UGRDYGuf1zN6kg5x3tE.crl (hash: eIX0x6wdK+v5AIcFMVqnPWEYZjjz7Y4lGQEZg1NvxGE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2e:13:63:13:ec:bf:55:8c:f3:92:ce:e3:eb:83:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c3836e396bc506443606b9fd7337a920e71ded1
        Validity
            Not Before: Nov 23 04:00:57 2024 GMT
            Not After : Nov 24 04:00:57 2024 GMT
        Subject: CN=66d6371ee419a265f1cc9b82aa78465e533b96a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:62:10:c2:93:4f:cb:5f:14:92:51:ce:e2:47:
                    f2:33:51:30:05:a9:b2:e3:db:e7:e1:2d:de:26:48:
                    94:e6:40:30:f6:5a:e7:57:00:1a:a6:e1:7f:ba:3e:
                    07:98:61:a3:ea:66:de:d2:25:1b:5d:e8:6f:9e:d9:
                    9c:6a:1b:80:0d:e2:c0:3a:aa:f6:23:f7:6e:65:61:
                    df:a1:14:e8:7d:e4:6f:4f:4a:c2:08:d6:b3:a9:80:
                    d4:12:96:5b:c4:bf:39:7d:1a:80:07:b9:bb:eb:1a:
                    23:6e:74:e7:7f:3a:a8:f3:b3:67:83:a8:c1:d2:cd:
                    46:7f:5d:55:92:2b:e3:05:c6:6d:30:2e:0b:0d:7d:
                    a6:82:21:8f:11:bb:17:3d:4c:1f:d8:68:60:cf:32:
                    02:5c:86:3e:4d:04:3c:ec:95:09:16:ea:74:4b:ac:
                    cd:b8:78:21:ba:4b:94:cf:43:53:4e:9e:8b:3a:97:
                    bd:b1:34:96:6b:91:05:fc:e9:d8:74:d4:2f:17:bd:
                    e9:2e:9c:8f:44:f2:05:51:20:1e:33:58:58:4d:f6:
                    5a:7c:a4:9c:90:08:2f:9a:0b:df:e0:42:e5:fe:6a:
                    a1:ea:32:9a:91:d0:01:e7:7e:7f:de:df:81:bc:b8:
                    63:03:36:c4:b9:56:0b:9d:12:83:24:43:d9:ec:ee:
                    c4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:D6:37:1E:E4:19:A2:65:F1:CC:9B:82:AA:78:46:5E:53:3B:96:A5
            X509v3 Authority Key Identifier:
                keyid:6C:38:36:E3:96:BC:50:64:43:60:6B:9F:D7:33:7A:92:0E:71:DE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDg245a8UGRDYGuf1zN6kg5x3tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f3994e-0b10-4383-b34c-eb6b13c5e268/1/bDg245a8UGRDYGuf1zN6kg5x3tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:83:f2:f1:de:63:91:50:58:91:a5:be:f6:82:aa:7e:27:18:
         d1:95:96:a3:c3:53:a0:77:68:4e:ec:4f:78:c0:dc:13:a2:1c:
         09:b0:26:68:07:28:5a:cf:ab:d9:97:aa:44:97:70:41:7c:5d:
         0f:a3:93:4e:71:3f:21:96:d2:78:b8:a3:71:31:3b:91:35:fb:
         d2:79:2b:45:45:10:fd:da:86:0c:04:69:fa:91:39:1d:ad:15:
         5a:a0:99:cd:8e:b3:b4:ac:2b:80:4d:9a:1c:20:62:02:10:52:
         39:73:d8:6e:ac:05:6e:c7:c6:23:44:80:33:48:1b:c8:b5:e4:
         95:33:c8:7d:a2:38:7b:cb:23:f2:86:db:91:17:5c:76:86:5a:
         c7:04:00:75:56:2a:d9:ec:5b:01:e2:58:f5:ae:48:b2:76:7c:
         aa:9b:7c:bf:6a:12:7e:79:ab:e3:07:c6:15:db:7a:b2:22:51:
         7e:a7:ff:40:4c:72:29:22:8c:84:b4:8d:fc:76:b4:cf:93:00:
         16:4a:bb:db:ce:22:e2:06:90:b2:0b:78:9c:17:9a:88:9e:04:
         c0:6c:de:73:a3:db:02:67:ac:ce:59:b1:80:8f:68:80:b2:d5:
         9d:88:c8:39:a9:f6:50:39:23:0a:c5:26:c4:d2:93:40:07:f4:
         0a:6d:99:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLhNjE+y/VYzzks7j64MCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzgzNmUzOTZiYzUwNjQ0MzYwNmI5ZmQ3MzM3YTkyMGU3
MWRlZDEwHhcNMjQxMTIzMDQwMDU3WhcNMjQxMTI0MDQwMDU3WjAzMTEwLwYDVQQD
Eyg2NmQ2MzcxZWU0MTlhMjY1ZjFjYzliODJhYTc4NDY1ZTUzM2I5NmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWIQwpNPy18UklHO4kfyM1EwBamy
49vn4S3eJkiU5kAw9lrnVwAapuF/uj4HmGGj6mbe0iUbXehvntmcahuADeLAOqr2
I/duZWHfoRTofeRvT0rCCNazqYDUEpZbxL85fRqAB7m76xojbnTnfzqo87Nng6jB
0s1Gf11VkivjBcZtMC4LDX2mgiGPEbsXPUwf2GhgzzICXIY+TQQ87JUJFup0S6zN
uHghukuUz0NTTp6LOpe9sTSWa5EF/OnYdNQvF73pLpyPRPIFUSAeM1hYTfZafKSc
kAgvmgvf4ELl/mqh6jKakdAB535/3t+BvLhjAzbEuVYLnRKDJEPZ7O7EGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGbWNx7kGaJl8cybgqp4Rl5TO5alMB8GA1UdIwQY
MBaAFGw4NuOWvFBkQ2Brn9czepIOcd7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMt
ZWI2YjEzYzVlMjY4LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9mMzk5NGUtMGIxMC00MzgzLWIzNGMtZWI2YjEzYzVlMjY4
LzEvYkRnMjQ1YThVR1JEWUd1ZjF6TjZrZzV4M3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq4Py8d5j
kVBYkaW+9oKqficY0ZWWo8NToHdoTuxPeMDcE6IcCbAmaAcoWs+r2ZeqRJdwQXxd
D6OTTnE/IZbSeLijcTE7kTX70nkrRUUQ/dqGDARp+pE5Ha0VWqCZzY6ztKwrgE2a
HCBiAhBSOXPYbqwFbsfGI0SAM0gbyLXklTPIfaI4e8sj8obbkRdcdoZaxwQAdVYq
2exbAeJY9a5IsnZ8qpt8v2oSfnmr4wfGFdt6siJRfqf/QExyKSKMhLSN/Ha0z5MA
Fkq7284i4gaQsgt4nBeaiJ4EwGzec6PbAmeszlmxgI9ogLLVnYjIOan2UDkjCsUm
xNKTQAf0Cm2Zdw==
-----END CERTIFICATE-----