Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
File:                     rh967y8S0HaqitWli8uNyvPwvUw.mft (raw, json)
Hash identifier:          JKJ/Lo2AmIuYjivEFymmAgymWtVCvvQUmT8dHsFXEBk=
Subject key identifier:   08:AB:3C:8A:0A:A0:51:D0:EE:27:99:0F:2D:55:3F:CD:48:38:19:4B
Authority key identifier: AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C
Certificate issuer:       /CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
Certificate serial:       0193572DFBE93BC726C6A6602556984D5B17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
Manifest number:          0EC0
Signing time:             Sat 23 Nov 2024 04:00:51 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:51 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:51 +0000
Files and hashes:         1: rh967y8S0HaqitWli8uNyvPwvUw.crl (hash: /v55N14cne1rHvElPyFsi97dQcDCZtwXZMKKcAYpxBo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:fb:e9:3b:c7:26:c6:a6:60:25:56:98:4d:5b:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1f7aef2f12d076aa8ad5a58bcb8dcaf3f0bd4c
        Validity
            Not Before: Nov 23 04:00:51 2024 GMT
            Not After : Nov 24 04:00:51 2024 GMT
        Subject: CN=08ab3c8a0aa051d0ee27990f2d553fcd4838194b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:01:62:d2:2f:da:9d:6d:6b:a4:df:64:8a:dd:
                    38:f2:06:b1:cc:7a:de:57:01:86:55:b5:3f:35:8b:
                    4e:f5:86:09:94:83:d3:5c:51:71:c1:d9:5c:84:82:
                    9e:c4:b8:4c:31:a8:9f:cd:e9:2e:75:69:5a:ee:b2:
                    35:56:ad:5b:dd:8a:30:4b:43:51:3b:fd:d3:25:58:
                    5c:28:9d:88:88:e5:ee:cc:b0:d2:43:28:82:1c:42:
                    19:88:96:d6:e6:5a:f3:32:8d:d9:09:62:a9:21:3d:
                    87:94:bc:06:dc:8b:23:1a:65:cc:ed:23:d5:47:1c:
                    66:74:8f:83:ac:ef:e9:5c:ed:d6:25:14:24:26:ba:
                    75:eb:d4:44:b2:25:07:9b:b0:fd:66:31:8b:ed:21:
                    20:1d:92:1b:08:3b:1d:3b:e5:f4:da:1a:fd:3b:02:
                    be:3d:43:d8:24:12:8f:db:b4:ad:d5:83:f8:02:5a:
                    97:7c:be:2c:be:1b:05:e9:df:ad:da:da:e3:94:29:
                    69:17:40:5e:5b:a2:95:87:48:b4:66:bc:cd:9a:08:
                    15:c3:cf:e2:55:80:d0:6a:ab:e6:a5:b5:12:57:54:
                    31:4b:ab:56:26:41:cf:a4:cb:92:a9:36:02:6b:79:
                    97:58:b7:90:22:aa:6a:8d:91:b6:62:de:e6:e8:f3:
                    c3:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:AB:3C:8A:0A:A0:51:D0:EE:27:99:0F:2D:55:3F:CD:48:38:19:4B
            X509v3 Authority Key Identifier:
                keyid:AE:1F:7A:EF:2F:12:D0:76:AA:8A:D5:A5:8B:CB:8D:CA:F3:F0:BD:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh967y8S0HaqitWli8uNyvPwvUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/f60d31-c748-4eb7-b781-098d3bd0b951/1/rh967y8S0HaqitWli8uNyvPwvUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:da:34:69:e3:13:16:22:16:e7:88:23:26:5d:4c:76:e7:f3:
         59:2f:f8:d2:c7:cd:54:46:6a:58:69:8e:b1:5d:6c:e5:c9:1d:
         e6:f8:9e:51:78:82:60:24:27:62:8d:22:b3:5c:94:40:cc:9f:
         36:d7:32:f9:10:4c:67:50:20:93:67:6e:f5:13:e6:0f:31:f4:
         76:bc:3d:a1:f8:b0:a2:3b:19:d1:62:7c:b2:e6:e1:9a:97:53:
         e8:79:f8:bb:4d:39:c1:d5:01:c2:40:c0:8b:59:7e:f2:45:80:
         9e:06:92:bd:78:47:ca:3a:d2:fa:33:1c:8a:19:67:d4:01:54:
         8b:98:94:30:92:54:52:1e:19:45:4d:75:cf:02:25:46:e5:6b:
         5a:0e:ac:fc:e0:e3:0a:3d:d6:28:08:d1:cb:54:40:1d:8d:0e:
         e0:8f:81:68:d5:9e:2d:ed:52:7e:5e:7b:25:6f:ad:8c:c3:57:
         32:e7:38:b0:4c:b5:e1:7d:f1:7b:d2:03:9e:2f:01:f4:1c:dd:
         7f:66:89:2a:eb:cd:19:46:44:1e:ac:c9:c6:6f:3e:04:d2:11:
         21:71:18:6c:94:e3:ed:d1:6d:64:c7:be:1c:ec:24:7d:e9:3b:
         be:1a:d5:2a:fa:39:59:e9:ab:00:7c:98:2e:91:08:29:90:91:
         ff:0f:dd:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLfvpO8cmxqZgJVaYTVsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWY3YWVmMmYxMmQwNzZhYThhZDVhNThiY2I4ZGNhZjNm
MGJkNGMwHhcNMjQxMTIzMDQwMDUxWhcNMjQxMTI0MDQwMDUxWjAzMTEwLwYDVQQD
EygwOGFiM2M4YTBhYTA1MWQwZWUyNzk5MGYyZDU1M2ZjZDQ4MzgxOTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgFi0i/anW1rpN9kit048gaxzHre
VwGGVbU/NYtO9YYJlIPTXFFxwdlchIKexLhMMaifzekudWla7rI1Vq1b3YowS0NR
O/3TJVhcKJ2IiOXuzLDSQyiCHEIZiJbW5lrzMo3ZCWKpIT2HlLwG3IsjGmXM7SPV
RxxmdI+DrO/pXO3WJRQkJrp169REsiUHm7D9ZjGL7SEgHZIbCDsdO+X02hr9OwK+
PUPYJBKP27St1YP4AlqXfL4svhsF6d+t2trjlClpF0BeW6KVh0i0ZrzNmggVw8/i
VYDQaqvmpbUSV1QxS6tWJkHPpMuSqTYCa3mXWLeQIqpqjZG2Yt7m6PPDiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAirPIoKoFHQ7ieZDy1VP81IOBlLMB8GA1UdIwQY
MBaAFK4feu8vEtB2qorVpYvLjcrz8L1MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEt
MDk4ZDNiZDBiOTUxLzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9mNjBkMzEtYzc0OC00ZWI3LWI3ODEtMDk4ZDNiZDBiOTUx
LzEvcmg5Njd5OFMwSGFxaXRXbGk4dU55dlB3dlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxdo0aeMT
FiIW54gjJl1MdufzWS/40sfNVEZqWGmOsV1s5ckd5vieUXiCYCQnYo0is1yUQMyf
Ntcy+RBMZ1Agk2du9RPmDzH0drw9ofiwojsZ0WJ8subhmpdT6Hn4u005wdUBwkDA
i1l+8kWAngaSvXhHyjrS+jMcihln1AFUi5iUMJJUUh4ZRU11zwIlRuVrWg6s/ODj
Cj3WKAjRy1RAHY0O4I+BaNWeLe1Sfl57JW+tjMNXMuc4sEy14X3xe9IDni8B9Bzd
f2aJKuvNGUZEHqzJxm8+BNIRIXEYbJTj7dFtZMe+HOwkfek7vhrVKvo5WemrAHyY
LpEIKZCR/w/dtw==
-----END CERTIFICATE-----