Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
File:                     KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json)
Hash identifier:          Cws4CFo2uv1f0Q8LifTRwTFAlw91ZIQ+tjyHexP7A6g=
Subject key identifier:   2B:A0:05:B6:9E:04:20:A0:6D:E6:D3:AD:B8:80:1C:80:1A:31:B6:DC
Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58
Certificate issuer:       /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
Certificate serial:       019357D2D415A0D89D515B868F9316328FBD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
Manifest number:          08F7
Signing time:             Sat 23 Nov 2024 07:00:54 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:54 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:54 +0000
Files and hashes:         1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: ZA16cK6r7n1fwkMv+H4f+87WUawiVAEnGQuTIlhVfQQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:d4:15:a0:d8:9d:51:5b:86:8f:93:16:32:8f:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858
        Validity
            Not Before: Nov 23 07:00:54 2024 GMT
            Not After : Nov 24 07:00:54 2024 GMT
        Subject: CN=2ba005b69e0420a06de6d3adb8801c801a31b6dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:44:6c:ca:a7:71:10:28:9c:38:51:84:4d:2a:
                    82:30:f6:71:cb:b9:22:9b:d8:12:bd:8e:f8:49:dd:
                    f9:0c:bd:1d:f8:d7:b7:ec:63:a1:58:ee:50:35:d2:
                    95:27:6d:8c:38:bd:89:22:46:5f:53:f5:c3:92:d1:
                    0a:40:d2:43:4a:23:ad:a4:0e:9e:47:20:c6:7e:eb:
                    c6:a2:a2:55:07:4b:f4:01:29:e4:cc:9d:07:2e:a5:
                    48:1e:e8:3d:69:97:cc:d1:d0:66:cd:39:a3:49:4e:
                    89:2f:b6:e5:c7:69:c9:dc:75:f4:5e:8d:0b:3e:f0:
                    2f:14:2f:49:59:a3:b1:5f:08:4f:c7:e5:45:54:57:
                    31:c9:a6:1f:81:ba:ff:7c:92:dc:98:5b:27:fb:32:
                    39:1f:63:05:5d:da:fc:da:08:8b:4e:7b:18:b9:d7:
                    25:6c:36:cf:56:af:4c:23:88:25:cc:8a:03:4f:92:
                    91:33:23:78:8b:a1:1b:c1:5a:5e:35:cc:e4:18:22:
                    4d:89:f5:86:76:dd:04:48:7f:a3:58:fc:b5:bd:bb:
                    30:fa:c2:7f:be:3e:ef:42:4c:08:32:45:0d:ff:3c:
                    e4:d0:cb:a9:a0:88:eb:00:ed:a0:2f:ea:0d:c4:68:
                    e3:65:c6:0f:7e:9c:4b:a7:cf:ea:2b:71:1f:ff:36:
                    b0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:A0:05:B6:9E:04:20:A0:6D:E6:D3:AD:B8:80:1C:80:1A:31:B6:DC
            X509v3 Authority Key Identifier:
                keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:5c:14:48:b7:12:66:77:0b:9a:06:06:4f:65:20:40:0b:eb:
         28:68:23:1b:fb:b0:78:4c:ff:8d:79:87:22:12:c6:ba:3b:5d:
         f6:00:53:3b:d3:dd:ac:c3:94:5c:0a:a8:19:16:61:6a:a4:de:
         65:24:86:a3:b2:b2:4e:4b:45:32:72:72:f9:38:a0:7e:86:4a:
         3b:b1:31:21:36:3c:ba:cc:bf:d0:45:c8:7f:ed:40:bf:26:bf:
         45:c7:67:10:b2:72:e6:87:6f:b0:71:c9:cf:b8:f5:b2:02:d4:
         7a:c2:aa:19:4b:b9:ea:81:cb:e6:19:a2:5d:06:1e:fc:63:4c:
         f7:72:e2:aa:22:57:db:10:38:4a:9f:e8:91:6d:35:c1:24:df:
         33:7f:16:7e:04:b2:92:b5:93:ef:cb:af:32:9e:0a:9a:fe:e3:
         8f:1a:22:ce:83:0d:67:5b:09:88:7e:f1:a8:4a:26:ba:aa:ae:
         98:1d:cb:9e:63:bf:2a:91:44:15:ce:9a:3f:16:21:b4:79:c1:
         72:96:6d:02:0f:aa:1c:cc:c7:f8:0c:08:86:c2:ca:9d:df:2f:
         1e:39:ca:f2:5a:42:14:b1:6a:b3:fe:09:1e:86:4f:a5:62:59:
         6e:ae:65:72:18:e4:c6:b6:53:75:b6:39:47:ec:30:ac:91:bc:
         11:50:b3:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0tQVoNidUVuGj5MWMo+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy
NTY4NTgwHhcNMjQxMTIzMDcwMDU0WhcNMjQxMTI0MDcwMDU0WjAzMTEwLwYDVQQD
EygyYmEwMDViNjllMDQyMGEwNmRlNmQzYWRiODgwMWM4MDFhMzFiNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60RsyqdxECicOFGETSqCMPZxy7ki
m9gSvY74Sd35DL0d+Ne37GOhWO5QNdKVJ22MOL2JIkZfU/XDktEKQNJDSiOtpA6e
RyDGfuvGoqJVB0v0ASnkzJ0HLqVIHug9aZfM0dBmzTmjSU6JL7blx2nJ3HX0Xo0L
PvAvFC9JWaOxXwhPx+VFVFcxyaYfgbr/fJLcmFsn+zI5H2MFXdr82giLTnsYudcl
bDbPVq9MI4glzIoDT5KRMyN4i6EbwVpeNczkGCJNifWGdt0ESH+jWPy1vbsw+sJ/
vj7vQkwIMkUN/zzk0MupoIjrAO2gL+oNxGjjZcYPfpxLp8/qK3Ef/zawWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCugBbaeBCCgbebTrbiAHIAaMbbcMB8GA1UdIwQY
MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt
ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz
LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKVwUSLcS
ZncLmgYGT2UgQAvrKGgjG/uweEz/jXmHIhLGujtd9gBTO9PdrMOUXAqoGRZhaqTe
ZSSGo7KyTktFMnJy+TigfoZKO7ExITY8usy/0EXIf+1Avya/RcdnELJy5odvsHHJ
z7j1sgLUesKqGUu56oHL5hmiXQYe/GNM93LiqiJX2xA4Sp/okW01wSTfM38WfgSy
krWT78uvMp4Kmv7jjxoizoMNZ1sJiH7xqEomuqqumB3LnmO/KpFEFc6aPxYhtHnB
cpZtAg+qHMzH+AwIhsLKnd8vHjnK8lpCFLFqs/4JHoZPpWJZbq5lchjkxrZTdbY5
R+wwrJG8EVCzMw==
-----END CERTIFICATE-----