Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
File:                     QnqV1vkbZ2udcauK4RQZQY3jww4.mft (raw, json)
Hash identifier:          NeP2Liht6Jv+CzmrhJlwgHfPIk+m7xtjlYaEStvn+mY=
Subject key identifier:   8F:94:73:F6:36:0E:A5:13:D8:5A:24:28:B6:A5:8C:32:D0:C1:22:4F
Authority key identifier: 42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E
Certificate issuer:       /CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
Certificate serial:       01936A7DBDE8050D68BE2B5E54FF73EC3E4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
Manifest number:          0EAA
Signing time:             Tue 26 Nov 2024 22:00:45 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:45 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:45 +0000
Files and hashes:         1: QnqV1vkbZ2udcauK4RQZQY3jww4.crl (hash: P1Lg6HzzxSL0MQevCVzRUp0amJnHj5/F28dTplLEa5o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:bd:e8:05:0d:68:be:2b:5e:54:ff:73:ec:3e:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
        Validity
            Not Before: Nov 26 22:00:45 2024 GMT
            Not After : Nov 27 22:00:45 2024 GMT
        Subject: CN=8f9473f6360ea513d85a2428b6a58c32d0c1224f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:4d:4e:f1:08:5f:70:3e:75:ea:6d:b6:6d:b7:
                    6e:31:f1:89:40:29:d3:a8:d2:8d:66:b1:4b:43:88:
                    0c:9a:cf:4c:e1:80:52:9a:98:94:c6:4d:9e:b6:60:
                    d9:a7:e9:d0:f1:38:14:bc:bb:01:fc:f1:ae:e6:7b:
                    e8:32:28:34:e9:e2:cc:33:c8:24:76:e1:2c:8e:5f:
                    a4:de:11:2d:e4:43:22:d1:7b:98:6d:0f:55:e0:c5:
                    b6:35:11:8f:e3:4b:b3:e3:d1:3c:d7:06:d5:9d:17:
                    b3:de:2f:e1:f8:00:f1:94:e9:04:6c:e7:a7:59:11:
                    0b:97:4d:2f:1d:d2:99:f7:6d:0b:76:87:67:e1:ea:
                    fb:92:f3:b3:b1:16:b7:dc:89:bd:fb:82:02:93:d7:
                    36:09:49:75:c8:78:6f:1d:d3:6d:91:64:f8:df:00:
                    a1:ff:ec:ea:b4:cf:9b:65:f3:5c:60:7b:ca:53:a0:
                    57:5b:89:99:41:19:f3:c3:cb:5c:b3:50:a1:34:6f:
                    12:45:6e:15:6c:2d:dd:dc:e0:e3:ee:91:0f:b4:fe:
                    a0:af:50:21:9c:59:99:32:bb:29:13:05:84:28:2e:
                    34:92:c1:38:07:d4:9f:68:36:e3:46:21:42:3f:2a:
                    0a:44:20:66:d9:18:bf:47:65:c9:18:e9:c4:b9:f2:
                    05:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:94:73:F6:36:0E:A5:13:D8:5A:24:28:B6:A5:8C:32:D0:C1:22:4F
            X509v3 Authority Key Identifier:
                keyid:42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:cb:e0:a0:f1:19:83:f2:38:e7:41:76:68:de:32:74:3b:3a:
         f9:9b:d3:db:7a:36:8f:43:d8:0f:74:33:a7:6b:13:77:5f:6f:
         91:d9:63:3e:e1:b0:d0:84:6b:d7:89:7c:96:65:71:0e:2d:7a:
         f3:49:bd:2e:31:08:04:63:c3:75:63:be:9f:92:60:58:9d:c1:
         9b:22:1d:8e:f3:6a:e8:91:b4:5b:f5:3b:8d:e4:35:bd:41:e5:
         3e:5f:f0:e0:d5:fe:c2:17:d9:19:ef:c2:f0:59:9f:07:7d:2f:
         c3:22:57:f8:4f:a5:fc:a2:01:bc:21:e1:da:da:51:6c:5b:c8:
         8b:4e:6e:29:7d:a3:05:7b:e9:3e:eb:6c:0c:46:e2:a2:7f:82:
         6e:07:4a:c6:d4:d1:1d:03:2a:b7:87:2b:46:ae:54:8d:75:85:
         5b:ca:cd:3e:fd:d4:cf:48:bd:3e:1f:5e:21:39:f1:b7:8e:38:
         c3:fb:45:a3:1b:eb:a2:98:35:73:96:4c:4e:7c:14:3d:4d:73:
         ca:30:ce:26:38:03:f6:1f:64:e5:b1:dd:a1:d0:1c:09:d3:cf:
         5d:91:d8:38:c9:f0:b1:10:16:dd:59:6e:c5:be:81:e6:be:d6:
         e5:42:61:02:a7:1c:41:33:9e:25:6d:1a:da:3d:db:7c:6a:d9:
         37:b9:6d:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfb3oBQ1oviteVP9z7D5NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2E5NWQ2ZjkxYjY3NmI5ZDcxYWI4YWUxMTQxOTQxOGRl
M2MzMGUwHhcNMjQxMTI2MjIwMDQ1WhcNMjQxMTI3MjIwMDQ1WjAzMTEwLwYDVQQD
Eyg4Zjk0NzNmNjM2MGVhNTEzZDg1YTI0MjhiNmE1OGMzMmQwYzEyMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhU1O8QhfcD516m22bbduMfGJQCnT
qNKNZrFLQ4gMms9M4YBSmpiUxk2etmDZp+nQ8TgUvLsB/PGu5nvoMig06eLMM8gk
duEsjl+k3hEt5EMi0XuYbQ9V4MW2NRGP40uz49E81wbVnRez3i/h+ADxlOkEbOen
WRELl00vHdKZ920Ldodn4er7kvOzsRa33Im9+4ICk9c2CUl1yHhvHdNtkWT43wCh
/+zqtM+bZfNcYHvKU6BXW4mZQRnzw8tcs1ChNG8SRW4VbC3d3ODj7pEPtP6gr1Ah
nFmZMrspEwWEKC40ksE4B9SfaDbjRiFCPyoKRCBm2Ri/R2XJGOnEufIF1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+Uc/Y2DqUT2FokKLaljDLQwSJPMB8GA1UdIwQY
MBaAFEJ6ldb5G2drnXGriuEUGUGN48MOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYt
Y2U3YTUxYWEzMzE0LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYtY2U3YTUxYWEzMzE0
LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcMvgoPEZ
g/I450F2aN4ydDs6+ZvT23o2j0PYD3Qzp2sTd19vkdljPuGw0IRr14l8lmVxDi16
80m9LjEIBGPDdWO+n5JgWJ3BmyIdjvNq6JG0W/U7jeQ1vUHlPl/w4NX+whfZGe/C
8FmfB30vwyJX+E+l/KIBvCHh2tpRbFvIi05uKX2jBXvpPutsDEbion+CbgdKxtTR
HQMqt4crRq5UjXWFW8rNPv3Uz0i9Ph9eITnxt444w/tFoxvropg1c5ZMTnwUPU1z
yjDOJjgD9h9k5bHdodAcCdPPXZHYOMnwsRAW3Vluxb6B5r7W5UJhAqccQTOeJW0a
2j3bfGrZN7lt5g==
-----END CERTIFICATE-----