Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
File:                     l213R7vhqAE1QKcW0lzHh_h9tmo.mft (raw, json)
Hash identifier:          94HE74+plw3ytennJvD/xZRqKJX4WmQEhIzYzPhuDo0=
Subject key identifier:   40:87:B9:77:1E:22:DC:40:12:31:14:31:54:49:5A:6A:D3:7B:05:8F
Authority key identifier: 97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A
Certificate issuer:       /CN=976d7747bbe1a8013540a716d25cc787f87db66a
Certificate serial:       019369DA97ABE19F83132E17C667622B5B18
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
Manifest number:          0A25
Signing time:             Tue 26 Nov 2024 19:02:33 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:33 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:33 +0000
Files and hashes:         1: l213R7vhqAE1QKcW0lzHh_h9tmo.crl (hash: fy8u67xP2k1MIEqgHbsXiOi9OTcKTZZxo2LYw7gJ65c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:97:ab:e1:9f:83:13:2e:17:c6:67:62:2b:5b:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=976d7747bbe1a8013540a716d25cc787f87db66a
        Validity
            Not Before: Nov 26 19:02:33 2024 GMT
            Not After : Nov 27 19:02:33 2024 GMT
        Subject: CN=4087b9771e22dc401231143154495a6ad37b058f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:92:5a:55:6b:b9:4e:3e:ab:d8:aa:44:84:49:
                    a5:0c:86:16:f2:42:9b:d1:57:3d:40:5c:a7:14:b6:
                    a8:95:36:75:8a:d9:48:f0:f0:2d:b7:44:95:ce:fd:
                    ef:81:3f:22:ea:3d:f6:bd:59:54:f3:a3:fa:5f:82:
                    18:38:17:e0:ce:0f:0d:7c:8e:8b:38:3b:46:82:bd:
                    df:ce:b7:98:cc:68:2c:a1:3d:a5:57:19:17:59:e9:
                    d5:73:05:dd:94:fa:ed:83:66:73:7f:3c:ac:7f:76:
                    0e:54:ce:93:53:2d:60:53:42:ef:40:d0:a2:5a:29:
                    98:d9:68:51:81:e3:d4:c8:9f:09:72:8e:d4:ff:6f:
                    98:7a:39:9e:1c:06:09:ee:9c:1c:07:09:33:99:07:
                    aa:1a:ae:87:33:40:86:ea:38:fd:3e:06:fc:99:dd:
                    a9:49:db:59:99:cd:cb:88:2a:b3:41:ad:12:f7:67:
                    7f:52:b3:d3:17:a8:2b:67:dd:f3:d1:8f:71:a8:7c:
                    ad:5d:18:fd:f7:9d:79:bc:5d:f9:5b:6e:1f:48:e0:
                    0b:9a:35:6d:52:ec:56:11:53:0d:a3:95:72:99:79:
                    4a:62:85:05:1c:0d:69:fc:d9:c1:81:3d:b6:52:a8:
                    9b:2a:f1:96:15:29:1a:d2:1f:81:ad:d4:52:3a:84:
                    c3:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:87:B9:77:1E:22:DC:40:12:31:14:31:54:49:5A:6A:D3:7B:05:8F
            X509v3 Authority Key Identifier:
                keyid:97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:f9:57:cd:46:9a:c4:74:c5:bd:ec:19:bd:ac:cb:cf:52:a0:
         26:21:4d:ed:4b:f0:ae:ce:ac:99:47:bd:ba:46:e8:16:da:0d:
         ec:51:12:25:7e:2f:d9:0c:13:15:a8:d7:e0:41:e9:16:cb:aa:
         ef:54:e2:6f:03:b3:2f:f3:e1:61:f3:23:e7:79:27:5a:ef:d0:
         ea:fa:c8:b8:f5:f4:df:7a:e0:d6:05:52:62:a4:29:6c:de:ba:
         da:29:2d:17:b6:7e:b5:aa:cf:db:9a:bb:f3:55:76:be:b0:ed:
         01:89:64:13:eb:a5:96:df:62:df:34:40:ae:c7:54:37:de:2d:
         a6:6b:4a:5d:e4:d2:c1:c4:c2:b3:99:87:5b:e0:e5:4f:22:05:
         c4:4f:57:d2:35:ad:37:61:7f:e0:96:4a:e1:95:0e:3e:c0:8f:
         06:34:ee:c5:e5:7a:76:68:de:ff:4a:c9:30:6b:09:cc:ce:89:
         11:b2:78:8e:dd:0a:dc:b6:b8:ee:e5:16:a9:d7:3f:c7:5e:0c:
         7a:f5:02:92:a1:ec:83:a3:bc:8a:2d:05:a5:b6:01:0e:69:8e:
         dc:85:7e:e3:98:8d:1b:f4:0f:07:6e:8d:3d:d3:39:ef:1d:67:
         98:bf:3f:1c:6f:6d:e5:f9:cd:15:d3:cc:a5:69:f8:1a:9a:4d:
         b0:fa:1e:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2per4Z+DEy4XxmdiK1sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmQ3NzQ3YmJlMWE4MDEzNTQwYTcxNmQyNWNjNzg3Zjg3
ZGI2NmEwHhcNMjQxMTI2MTkwMjMzWhcNMjQxMTI3MTkwMjMzWjAzMTEwLwYDVQQD
Eyg0MDg3Yjk3NzFlMjJkYzQwMTIzMTE0MzE1NDQ5NWE2YWQzN2IwNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZJaVWu5Tj6r2KpEhEmlDIYW8kKb
0Vc9QFynFLaolTZ1itlI8PAtt0SVzv3vgT8i6j32vVlU86P6X4IYOBfgzg8NfI6L
ODtGgr3fzreYzGgsoT2lVxkXWenVcwXdlPrtg2Zzfzysf3YOVM6TUy1gU0LvQNCi
WimY2WhRgePUyJ8Jco7U/2+YejmeHAYJ7pwcBwkzmQeqGq6HM0CG6jj9Pgb8md2p
SdtZmc3LiCqzQa0S92d/UrPTF6grZ93z0Y9xqHytXRj99515vF35W24fSOALmjVt
UuxWEVMNo5VymXlKYoUFHA1p/NnBgT22UqibKvGWFSka0h+BrdRSOoTD1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFECHuXceItxAEjEUMVRJWmrTewWPMB8GA1UdIwQY
MBaAFJdtd0e74agBNUCnFtJcx4f4fbZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5Mjct
ZDk5ODMyNjU3YTQ1LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5MjctZDk5ODMyNjU3YTQ1
LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu/lXzUaa
xHTFvewZvazLz1KgJiFN7Uvwrs6smUe9ukboFtoN7FESJX4v2QwTFajX4EHpFsuq
71TibwOzL/PhYfMj53knWu/Q6vrIuPX033rg1gVSYqQpbN662iktF7Z+tarP25q7
81V2vrDtAYlkE+ullt9i3zRArsdUN94tpmtKXeTSwcTCs5mHW+DlTyIFxE9X0jWt
N2F/4JZK4ZUOPsCPBjTuxeV6dmje/0rJMGsJzM6JEbJ4jt0K3La47uUWqdc/x14M
evUCkqHsg6O8ii0FpbYBDmmO3IV+45iNG/QPB26NPdM57x1nmL8/HG9t5fnNFdPM
pWn4GppNsPoeFA==
-----END CERTIFICATE-----