Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
File:                     A1mTnOHGqpvru2WA4VbuvYcd87I.mft (raw, json)
Hash identifier:          91KnAU/1xKYY/cwp645yZ/wAD0/gO1EKyT/l09Tu0LM=
Subject key identifier:   73:50:E6:0C:D8:C0:5C:DE:73:5D:36:6C:87:B3:88:80:E7:4F:F3:04
Authority key identifier: 03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2
Certificate issuer:       /CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
Certificate serial:       01936A469BBD437C94134266ED9F2F89CC6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
Manifest number:          01D2
Signing time:             Tue 26 Nov 2024 21:00:32 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:32 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:32 +0000
Files and hashes:         1: A1mTnOHGqpvru2WA4VbuvYcd87I.crl (hash: lfZfj817qS5OxmfCYkD8mCIF0SOBc7z54U0/q24LGCU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:9b:bd:43:7c:94:13:42:66:ed:9f:2f:89:cc:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0359939ce1c6aa9bebbb6580e156eebd871df3b2
        Validity
            Not Before: Nov 26 21:00:32 2024 GMT
            Not After : Nov 27 21:00:32 2024 GMT
        Subject: CN=7350e60cd8c05cde735d366c87b38880e74ff304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:fc:2a:b5:de:26:a0:83:a1:e0:6f:71:0f:78:
                    43:cf:eb:16:56:0c:89:83:0a:cd:99:cb:84:fe:65:
                    11:e6:30:fa:23:c5:93:8d:58:84:23:90:9a:2e:15:
                    97:bb:58:86:60:38:79:61:73:61:c7:14:b1:d4:59:
                    3c:d1:05:94:39:5e:26:fd:8d:2f:d2:eb:bf:3e:ce:
                    73:11:f6:c9:24:f7:da:71:d5:0b:04:e2:8b:17:30:
                    63:07:83:bc:40:df:b0:86:b8:da:a9:0a:fc:a3:ab:
                    d5:ec:b9:c1:b4:89:95:d7:d0:19:b4:90:b1:1b:25:
                    70:01:12:79:1c:e6:a8:57:f6:87:35:5b:bc:c4:aa:
                    c6:0e:05:a8:24:37:57:b1:4b:f8:13:75:0d:8e:b6:
                    fb:dd:5f:97:b4:7e:59:c1:48:de:3b:22:cc:cd:6a:
                    5e:7c:a1:db:8a:29:69:56:be:4e:52:5c:c9:6d:b6:
                    b2:8a:f2:1d:dc:02:c7:50:a0:e8:42:70:24:34:0a:
                    2c:87:1f:08:84:07:39:07:1a:4f:4e:0a:4f:0a:51:
                    65:d9:18:91:79:b1:74:58:37:c4:42:e2:9a:fb:4a:
                    62:7e:30:ab:89:5d:61:45:34:88:3b:28:5f:3f:40:
                    b6:7a:d5:c0:46:44:91:d8:2c:13:a8:31:bd:98:4a:
                    27:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:50:E6:0C:D8:C0:5C:DE:73:5D:36:6C:87:B3:88:80:E7:4F:F3:04
            X509v3 Authority Key Identifier:
                keyid:03:59:93:9C:E1:C6:AA:9B:EB:BB:65:80:E1:56:EE:BD:87:1D:F3:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1mTnOHGqpvru2WA4VbuvYcd87I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/65bb4c-b281-4b84-81c0-a962c2b7b153/1/A1mTnOHGqpvru2WA4VbuvYcd87I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         aa:f3:b8:ed:1c:27:4f:56:d3:8d:cb:06:b3:3a:3e:67:ff:2d:
         02:a3:18:68:58:2e:8f:aa:e0:6b:92:9b:09:da:85:da:24:6d:
         c0:10:bd:a7:6a:12:66:d9:fd:b1:ab:07:f3:bd:81:29:a2:ac:
         47:f5:55:55:88:a7:cf:b0:c6:7c:d7:fb:aa:bd:3d:1d:49:8f:
         f6:be:5a:8c:02:13:34:a9:a5:e1:e3:45:9d:12:52:53:5c:c3:
         d4:75:e5:49:ea:85:40:d0:9f:a2:b5:ed:2a:8a:d8:e2:b9:d8:
         81:07:07:46:e0:15:a5:a8:a8:19:1d:71:9d:cf:65:81:1f:40:
         3d:2d:e9:9d:43:ae:7e:d8:d8:9f:c7:d6:f6:8d:46:b9:3c:86:
         b6:4e:00:ed:63:6f:92:29:c8:ba:0b:63:70:c1:f1:fb:64:d3:
         13:16:ff:12:8c:22:90:23:74:8e:c6:86:cc:ae:ec:de:49:d0:
         27:06:31:09:f8:b7:57:5d:29:72:3d:40:db:85:9d:76:c0:8f:
         ed:e4:f8:85:3f:de:27:42:9b:67:95:1c:33:dc:89:92:bf:ad:
         ce:05:41:b5:c4:68:31:5b:69:64:a3:48:32:ae:71:d1:c7:5f:
         57:3a:c6:14:ba:71:e6:7e:d3:98:06:51:ac:e3:ef:b2:f6:3a:
         a4:0d:72:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRpu9Q3yUE0Jm7Z8vicxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTk5MzljZTFjNmFhOWJlYmJiNjU4MGUxNTZlZWJkODcx
ZGYzYjIwHhcNMjQxMTI2MjEwMDMyWhcNMjQxMTI3MjEwMDMyWjAzMTEwLwYDVQQD
Eyg3MzUwZTYwY2Q4YzA1Y2RlNzM1ZDM2NmM4N2IzODg4MGU3NGZmMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vwqtd4moIOh4G9xD3hDz+sWVgyJ
gwrNmcuE/mUR5jD6I8WTjViEI5CaLhWXu1iGYDh5YXNhxxSx1Fk80QWUOV4m/Y0v
0uu/Ps5zEfbJJPfacdULBOKLFzBjB4O8QN+whrjaqQr8o6vV7LnBtImV19AZtJCx
GyVwARJ5HOaoV/aHNVu8xKrGDgWoJDdXsUv4E3UNjrb73V+XtH5ZwUjeOyLMzWpe
fKHbiilpVr5OUlzJbbayivId3ALHUKDoQnAkNAoshx8IhAc5BxpPTgpPClFl2RiR
ebF0WDfEQuKa+0pifjCriV1hRTSIOyhfP0C2etXARkSR2CwTqDG9mEonmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHNQ5gzYwFzec102bIeziIDnT/MEMB8GA1UdIwQY
MBaAFANZk5zhxqqb67tlgOFW7r2HHfOyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAt
YTk2MmMyYjdiMTUzLzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS82NWJiNGMtYjI4MS00Yjg0LTgxYzAtYTk2MmMyYjdiMTUz
LzEvQTFtVG5PSEdxcHZydTJXQTRWYnV2WWNkODdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqvO47Rwn
T1bTjcsGszo+Z/8tAqMYaFguj6rga5KbCdqF2iRtwBC9p2oSZtn9sasH872BKaKs
R/VVVYinz7DGfNf7qr09HUmP9r5ajAITNKml4eNFnRJSU1zD1HXlSeqFQNCforXt
KorY4rnYgQcHRuAVpaioGR1xnc9lgR9APS3pnUOuftjYn8fW9o1GuTyGtk4A7WNv
kinIugtjcMHx+2TTExb/EowikCN0jsaGzK7s3knQJwYxCfi3V10pcj1A24WddsCP
7eT4hT/eJ0KbZ5UcM9yJkr+tzgVBtcRoMVtpZKNIMq5x0cdfVzrGFLpx5n7TmAZR
rOPvsvY6pA1y2Q==
-----END CERTIFICATE-----