Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
File:                     2krNipcsDnNxGs9H4MhFmhz3JgY.mft (raw, json)
Hash identifier:          2V2LvzriaupbqHMDb9gAChznyqn4SydrV5LoKzgs7ek=
Subject key identifier:   20:44:4C:DF:86:7A:2E:27:DB:56:BC:AA:FA:70:8A:88:60:37:D9:A9
Authority key identifier: DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06
Certificate issuer:       /CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
Certificate serial:       019406EAC288FA6D55CCB39AA847EB4EE478
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
Manifest number:          1329
Signing time:             Fri 27 Dec 2024 07:00:35 +0000
Manifest this update:     Fri 27 Dec 2024 07:00:35 +0000
Manifest next update:     Sat 28 Dec 2024 07:00:35 +0000
Files and hashes:         1: 2krNipcsDnNxGs9H4MhFmhz3JgY.crl (hash: RRFJPjHilN5Pw6xZzPFGpAlYbLiBapuH0s1iBDbA3ZM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 07:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:ea:c2:88:fa:6d:55:cc:b3:9a:a8:47:eb:4e:e4:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da4acd8a972c0e73711acf47e0c8459a1cf72606
        Validity
            Not Before: Dec 27 07:00:35 2024 GMT
            Not After : Dec 28 07:00:35 2024 GMT
        Subject: CN=20444cdf867a2e27db56bcaafa708a886037d9a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:e8:ab:22:89:bc:fc:8d:94:f3:bd:ee:d5:e3:
                    8a:c0:3e:f5:01:db:64:90:99:bd:74:d1:7c:90:34:
                    9b:27:ef:20:e2:0a:87:f2:8a:07:87:33:9a:de:14:
                    1c:f8:a3:d4:f5:c1:4e:65:68:d9:97:ce:c4:57:66:
                    4e:ac:b0:93:bc:ac:4b:43:27:1c:13:3b:69:7f:36:
                    6b:d1:1a:39:7a:09:24:82:3c:5d:a8:7f:5a:29:3b:
                    64:91:1a:76:00:e5:06:c4:3e:dd:8f:05:d4:2d:c0:
                    af:37:aa:85:b7:f4:dc:5d:ee:6b:6f:03:e5:e7:15:
                    82:c3:89:63:33:ec:a8:fc:da:7d:b7:bf:da:e6:b5:
                    44:42:2c:95:9d:7d:4b:2a:47:8c:81:4d:60:ee:df:
                    3e:c3:9d:fe:e3:8e:a4:a0:16:c8:55:6b:ea:5f:05:
                    03:ee:5a:3c:04:e2:a2:8b:f5:56:9b:47:4f:6c:cc:
                    6c:75:9f:a2:28:4b:34:45:f6:01:69:61:ea:d1:2f:
                    06:38:43:c5:3e:7f:b5:e5:e8:4c:0a:3b:99:25:d6:
                    39:28:4a:8b:39:92:5c:02:ad:1f:a4:f0:a4:b8:5a:
                    db:58:7c:d4:df:7c:93:f3:67:39:c5:aa:d4:5e:0b:
                    72:b0:c9:a6:ac:c8:a5:b3:f6:8f:56:75:6e:a2:27:
                    6f:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:44:4C:DF:86:7A:2E:27:DB:56:BC:AA:FA:70:8A:88:60:37:D9:A9
            X509v3 Authority Key Identifier:
                keyid:DA:4A:CD:8A:97:2C:0E:73:71:1A:CF:47:E0:C8:45:9A:1C:F7:26:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2krNipcsDnNxGs9H4MhFmhz3JgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/1b132e-b79e-4e58-9380-9e5fd43935b7/1/2krNipcsDnNxGs9H4MhFmhz3JgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:ab:08:e4:de:5e:8c:bc:30:a3:86:06:a8:44:75:e9:a4:ca:
         fc:50:a3:fa:68:88:9f:bb:ae:7b:84:a0:48:34:95:8f:b5:a4:
         2f:68:2e:39:bf:4e:d0:da:ba:b7:73:8a:69:8c:c8:f2:e8:00:
         a5:9b:0a:b8:af:86:dd:05:79:e1:61:f1:f9:d5:2d:ec:ff:e1:
         b8:46:c7:aa:2e:9d:71:a6:2f:0f:86:15:17:19:04:c0:57:d9:
         b2:5d:80:c0:c9:71:2a:5a:7c:ca:28:24:4e:b6:90:02:4d:70:
         05:4c:ba:8b:72:24:58:bd:cc:29:d8:a4:30:aa:2b:43:6c:0d:
         d5:53:7a:36:82:03:88:0d:79:9b:49:30:44:c8:ba:80:32:cb:
         80:f0:9d:f1:c1:b1:da:06:b0:c9:5b:39:e7:e6:18:a1:e4:b8:
         04:80:c3:86:56:cd:7b:d9:04:36:95:52:13:7d:34:e3:d2:1a:
         fd:f1:15:7b:b2:d1:01:0d:83:e0:77:1d:ec:9b:91:44:fe:ef:
         3a:c9:ec:a3:da:3d:69:b0:13:a7:f2:f7:2e:6d:db:e9:7d:f2:
         2b:48:e7:32:cc:22:57:25:0e:13:5d:cb:75:3d:54:d0:6e:55:
         f6:2a:e6:df:c9:1b:6f:22:6c:ea:d0:f6:b4:4f:7d:5b:cc:34:
         a8:95:87:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQG6sKI+m1VzLOaqEfrTuR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGFjZDhhOTcyYzBlNzM3MTFhY2Y0N2UwYzg0NTlhMWNm
NzI2MDYwHhcNMjQxMjI3MDcwMDM1WhcNMjQxMjI4MDcwMDM1WjAzMTEwLwYDVQQD
EygyMDQ0NGNkZjg2N2EyZTI3ZGI1NmJjYWFmYTcwOGE4ODYwMzdkOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uirIom8/I2U873u1eOKwD71Adtk
kJm9dNF8kDSbJ+8g4gqH8ooHhzOa3hQc+KPU9cFOZWjZl87EV2ZOrLCTvKxLQycc
EztpfzZr0Ro5egkkgjxdqH9aKTtkkRp2AOUGxD7djwXULcCvN6qFt/TcXe5rbwPl
5xWCw4ljM+yo/Np9t7/a5rVEQiyVnX1LKkeMgU1g7t8+w53+446koBbIVWvqXwUD
7lo8BOKii/VWm0dPbMxsdZ+iKEs0RfYBaWHq0S8GOEPFPn+15ehMCjuZJdY5KEqL
OZJcAq0fpPCkuFrbWHzU33yT82c5xarUXgtysMmmrMils/aPVnVuoidvQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCBETN+Gei4n21a8qvpwiohgN9mpMB8GA1UdIwQY
MBaAFNpKzYqXLA5zcRrPR+DIRZoc9yYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAt
OWU1ZmQ0MzkzNWI3LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8xYjEzMmUtYjc5ZS00ZTU4LTkzODAtOWU1ZmQ0MzkzNWI3
LzEvMmtyTmlwY3NEbk54R3M5SDRNaEZtaHozSmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnKsI5N5e
jLwwo4YGqER16aTK/FCj+miIn7uue4SgSDSVj7WkL2guOb9O0Nq6t3OKaYzI8ugA
pZsKuK+G3QV54WHx+dUt7P/huEbHqi6dcaYvD4YVFxkEwFfZsl2AwMlxKlp8yigk
TraQAk1wBUy6i3IkWL3MKdikMKorQ2wN1VN6NoIDiA15m0kwRMi6gDLLgPCd8cGx
2gawyVs55+YYoeS4BIDDhlbNe9kENpVSE30049Ia/fEVe7LRAQ2D4Hcd7JuRRP7v
Osnso9o9abATp/L3Lm3b6X3yK0jnMswiVyUOE13LdT1U0G5V9irm38kbbyJs6tD2
tE99W8w0qJWHog==
-----END CERTIFICATE-----