Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
File:                     XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft (raw, json)
Hash identifier:          Po8qGCBNSrpSfPktCDk97dsMelhvF5OdGrnQEwWGhag=
Subject key identifier:   BF:FB:40:BB:08:86:60:01:4B:F5:94:06:E2:F1:15:31:B5:7A:CD:C9
Authority key identifier: 5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A
Certificate issuer:       /CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
Certificate serial:       01936B2259960F760F3717673315027380F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
Manifest number:          75
Signing time:             Wed 27 Nov 2024 01:00:33 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:33 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:33 +0000
Files and hashes:         1: XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl (hash: N+cJgV80cmhi0j0AlxvqUZ0L5V5jsVpt/nuRaFh8kQQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:59:96:0f:76:0f:37:17:67:33:15:02:73:80:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dd6c1384b4a4ca501dd33c5f0d8580d4416eb3a
        Validity
            Not Before: Nov 27 01:00:33 2024 GMT
            Not After : Nov 28 01:00:33 2024 GMT
        Subject: CN=bffb40bb088660014bf59406e2f11531b57acdc9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:92:01:71:47:3e:12:ec:be:55:a7:da:d9:df:
                    b8:20:2f:f5:31:2c:07:f5:5d:4a:5f:0f:bc:90:a6:
                    9a:e7:93:01:a8:99:a3:3a:94:45:bb:7c:10:98:8b:
                    fc:46:c5:cd:9a:5c:2e:bb:58:5a:3c:37:28:ac:8b:
                    7a:38:2d:81:a3:aa:64:b4:47:00:a7:65:c7:1a:dd:
                    00:9a:62:e9:bd:f1:45:43:e5:fb:8b:8c:15:af:64:
                    f9:13:d2:3d:61:9e:49:8f:a0:76:2e:c9:80:7a:60:
                    90:a5:47:0a:4d:98:93:32:77:df:72:ce:64:9a:63:
                    17:5a:af:11:d7:1f:b5:94:57:3c:bf:cb:35:48:9e:
                    bc:a5:98:c9:8d:c2:54:9f:81:18:1d:94:0d:d1:63:
                    bf:74:27:51:2b:bc:19:5f:8e:31:cc:e2:f2:32:38:
                    a9:5c:c3:4d:f5:47:d5:05:8c:cf:7d:70:ac:64:59:
                    9c:e9:6d:71:26:d6:4d:69:22:3a:82:95:e0:0c:62:
                    cb:87:60:22:fd:c0:77:c0:da:ef:91:6f:a5:97:df:
                    ed:86:eb:a9:be:5c:c0:5f:e7:0f:9a:6e:e0:00:54:
                    b9:69:00:f4:92:00:ea:ac:29:5f:3f:12:8d:7b:de:
                    81:d5:49:f9:9f:29:8a:5f:57:37:e2:0a:9a:78:14:
                    78:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:FB:40:BB:08:86:60:01:4B:F5:94:06:E2:F1:15:31:B5:7A:CD:C9
            X509v3 Authority Key Identifier:
                keyid:5D:D6:C1:38:4B:4A:4C:A5:01:DD:33:C5:F0:D8:58:0D:44:16:EB:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XdbBOEtKTKUB3TPF8NhYDUQW6zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9157a9-04b0-41be-9c24-d82d06a87bfe/1/XdbBOEtKTKUB3TPF8NhYDUQW6zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:29:cb:fb:88:94:df:43:f1:2e:d9:e0:7c:da:13:64:03:33:
         42:a4:5f:c5:3d:14:8c:63:50:dd:24:43:96:44:ce:5d:c7:28:
         c0:7b:7a:ab:93:58:5b:bb:44:88:a4:e5:60:29:e8:24:43:93:
         84:f1:62:c1:7e:28:05:64:f5:57:b4:f8:7c:6d:48:4f:7c:4f:
         4f:93:36:e5:bc:d8:64:28:7c:e0:66:cb:3e:85:bb:87:f9:c1:
         b3:ed:0b:86:e6:63:a1:f6:4f:81:f2:e5:ae:e7:79:c0:81:c7:
         64:79:e0:e8:de:7b:a3:47:e5:1e:25:2c:a3:fc:d9:a9:29:f1:
         2d:ae:5b:59:e2:a7:cb:8f:59:8d:36:97:58:d2:07:c4:6b:2f:
         c3:09:b2:ef:80:8c:61:40:e4:1d:bd:4b:9a:1c:25:5f:f0:5f:
         d6:b5:51:d7:45:42:15:00:6b:c4:7f:4e:80:20:71:8e:45:fc:
         53:2f:a6:a6:9a:01:4f:00:f4:46:1a:f4:03:43:88:8d:ac:f3:
         ee:50:e5:7d:28:96:bb:92:17:a0:70:67:47:be:5b:1d:14:39:
         da:3b:33:f4:e4:af:12:dc:33:db:4f:29:6d:99:55:79:dc:7a:
         26:b5:2d:0d:a7:50:2f:f5:a0:46:85:a8:f8:c5:74:69:ae:df:
         94:64:df:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIlmWD3YPNxdnMxUCc4DxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZjMTM4NGI0YTRjYTUwMWRkMzNjNWYwZDg1ODBkNDQx
NmViM2EwHhcNMjQxMTI3MDEwMDMzWhcNMjQxMTI4MDEwMDMzWjAzMTEwLwYDVQQD
EyhiZmZiNDBiYjA4ODY2MDAxNGJmNTk0MDZlMmYxMTUzMWI1N2FjZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpIBcUc+Euy+Vafa2d+4IC/1MSwH
9V1KXw+8kKaa55MBqJmjOpRFu3wQmIv8RsXNmlwuu1haPDcorIt6OC2Bo6pktEcA
p2XHGt0AmmLpvfFFQ+X7i4wVr2T5E9I9YZ5Jj6B2LsmAemCQpUcKTZiTMnffcs5k
mmMXWq8R1x+1lFc8v8s1SJ68pZjJjcJUn4EYHZQN0WO/dCdRK7wZX44xzOLyMjip
XMNN9UfVBYzPfXCsZFmc6W1xJtZNaSI6gpXgDGLLh2Ai/cB3wNrvkW+ll9/thuup
vlzAX+cPmm7gAFS5aQD0kgDqrClfPxKNe96B1Un5nymKX1c34gqaeBR4SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/7QLsIhmABS/WUBuLxFTG1es3JMB8GA1UdIwQY
MBaAFF3WwThLSkylAd0zxfDYWA1EFus6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQt
ZDgyZDA2YTg3YmZlLzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85MTU3YTktMDRiMC00MWJlLTljMjQtZDgyZDA2YTg3YmZl
LzEvWGRiQk9FdEtUS1VCM1RQRjhOaFlEVVFXNnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHynL+4iU
30PxLtngfNoTZAMzQqRfxT0UjGNQ3SRDlkTOXccowHt6q5NYW7tEiKTlYCnoJEOT
hPFiwX4oBWT1V7T4fG1IT3xPT5M25bzYZCh84GbLPoW7h/nBs+0LhuZjofZPgfLl
rud5wIHHZHng6N57o0flHiUso/zZqSnxLa5bWeKny49ZjTaXWNIHxGsvwwmy74CM
YUDkHb1LmhwlX/Bf1rVR10VCFQBrxH9OgCBxjkX8Uy+mppoBTwD0Rhr0A0OIjazz
7lDlfSiWu5IXoHBnR75bHRQ52jsz9OSvEtwz208pbZlVedx6JrUtDadQL/WgRoWo
+MV0aa7flGTf4g==
-----END CERTIFICATE-----