Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
File:                     pCqe9isMK_HTQWU5sqBKJlmMLEM.mft (raw, json)
Hash identifier:          q0FloghVxMWDPKnoaB3Vm0h4TSCC7NQo724voKBrGMc=
Subject key identifier:   A3:4A:36:87:CE:14:64:3D:68:1B:2F:A3:DF:A5:F5:2E:88:6D:31:B7
Authority key identifier: A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43
Certificate issuer:       /CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
Certificate serial:       019238B90CC1A1BD30E0FE4048085076EBF6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
Manifest number:          12DB
Signing time:             Sat 28 Sep 2024 13:01:44 +0000
Manifest this update:     Sat 28 Sep 2024 13:01:44 +0000
Manifest next update:     Sun 29 Sep 2024 13:01:44 +0000
Files and hashes:         1: pCqe9isMK_HTQWU5sqBKJlmMLEM.crl (hash: g6kS3UHh8eqMAJL/hS+EC2cCtGm0yM0L5XYwzo1or0U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:38:b9:0c:c1:a1:bd:30:e0:fe:40:48:08:50:76:eb:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a42a9ef62b0c2bf1d3416539b2a04a26598c2c43
        Validity
            Not Before: Sep 28 13:01:44 2024 GMT
            Not After : Sep 29 13:01:44 2024 GMT
        Subject: CN=a34a3687ce14643d681b2fa3dfa5f52e886d31b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cb:87:34:12:e1:58:60:54:e5:93:f7:2c:7f:
                    a9:01:fb:47:e5:8d:29:d9:89:68:4a:76:68:fe:3b:
                    2c:e9:8b:b7:be:de:cb:6d:18:47:ae:be:c6:5f:ed:
                    82:36:04:ff:c9:75:25:f6:da:e5:f0:4d:10:50:d4:
                    30:1b:78:ab:ff:b2:18:15:09:63:50:26:d3:27:21:
                    5c:ba:09:ed:6e:ad:d2:88:00:db:dc:ed:92:51:bd:
                    f2:c4:20:18:d4:fa:1b:3b:53:34:9b:5f:6d:c3:81:
                    55:65:31:23:9c:02:fa:b6:62:ad:76:42:f0:6d:1d:
                    d9:55:6d:b3:82:f3:d4:96:8e:c7:90:05:0f:af:df:
                    58:43:11:4e:66:26:3d:32:f7:dc:41:15:3d:58:f4:
                    86:b3:54:c1:eb:5e:ff:a3:d7:92:05:4a:1b:6b:9e:
                    90:5b:01:ec:56:0f:77:86:4c:b2:79:fb:c7:c0:79:
                    b2:c2:11:58:87:22:90:7d:f2:0f:c2:ec:fe:22:c8:
                    b5:df:e8:1c:de:e9:40:1e:c0:d5:35:87:24:50:0c:
                    19:93:2a:b0:9f:7f:93:99:2b:e7:d7:2b:ce:f1:60:
                    41:23:c4:81:3b:4c:2d:86:85:1c:5e:1d:00:91:48:
                    73:69:7d:41:e8:72:61:be:8c:0a:f5:d3:25:a5:51:
                    7c:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:4A:36:87:CE:14:64:3D:68:1B:2F:A3:DF:A5:F5:2E:88:6D:31:B7
            X509v3 Authority Key Identifier:
                keyid:A4:2A:9E:F6:2B:0C:2B:F1:D3:41:65:39:B2:A0:4A:26:59:8C:2C:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCqe9isMK_HTQWU5sqBKJlmMLEM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d52ae-3928-449e-86eb-66f053f6a4f8/1/pCqe9isMK_HTQWU5sqBKJlmMLEM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:5d:84:71:2b:a8:f7:14:76:74:d0:71:ff:72:d6:8d:31:53:
         5a:aa:48:58:d7:c6:1e:5a:b8:89:4e:18:1e:3e:83:23:13:75:
         bd:c0:cd:2b:3e:4f:20:6a:6a:3b:37:2d:6e:1b:ba:0a:61:32:
         48:7b:05:fb:bd:5d:e3:40:44:87:6d:12:9a:29:42:2b:7f:2a:
         45:5f:39:c1:02:5e:3f:45:a5:cb:3c:20:c2:82:b0:61:8e:7d:
         13:69:57:e7:f9:e1:8d:c0:ba:1c:5b:a3:52:b8:1e:8f:0f:d0:
         21:40:d7:d7:3e:46:63:de:7a:e5:d8:dd:65:aa:ae:78:67:37:
         09:42:d8:e0:ed:e9:dd:06:aa:c9:4e:a9:aa:ae:49:8e:09:9b:
         eb:ef:f2:0e:20:fb:43:9f:95:82:ea:ba:85:c5:96:de:d7:fa:
         ca:17:9f:15:30:7d:98:45:7e:ce:bd:98:82:6f:09:42:1c:38:
         c3:2b:aa:1d:5f:19:4d:91:ad:7e:57:7f:d4:86:63:15:7f:f7:
         37:30:b9:cb:4f:a6:09:4c:3d:6f:44:45:86:69:dd:11:19:51:
         8b:a9:26:81:02:00:99:aa:ff:3c:eb:a5:5d:1c:32:e8:b9:7e:
         a4:56:a9:90:22:1f:32:e9:f2:0a:40:22:66:db:d5:b9:af:0d:
         2a:d0:52:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI4uQzBob0w4P5ASAhQduv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmE5ZWY2MmIwYzJiZjFkMzQxNjUzOWIyYTA0YTI2NTk4
YzJjNDMwHhcNMjQwOTI4MTMwMTQ0WhcNMjQwOTI5MTMwMTQ0WjAzMTEwLwYDVQQD
EyhhMzRhMzY4N2NlMTQ2NDNkNjgxYjJmYTNkZmE1ZjUyZTg4NmQzMWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsuHNBLhWGBU5ZP3LH+pAftH5Y0p
2YloSnZo/jss6Yu3vt7LbRhHrr7GX+2CNgT/yXUl9trl8E0QUNQwG3ir/7IYFQlj
UCbTJyFcugntbq3SiADb3O2SUb3yxCAY1PobO1M0m19tw4FVZTEjnAL6tmKtdkLw
bR3ZVW2zgvPUlo7HkAUPr99YQxFOZiY9MvfcQRU9WPSGs1TB617/o9eSBUoba56Q
WwHsVg93hkyyefvHwHmywhFYhyKQffIPwuz+Isi13+gc3ulAHsDVNYckUAwZkyqw
n3+TmSvn1yvO8WBBI8SBO0wthoUcXh0AkUhzaX1B6HJhvowK9dMlpVF8JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNKNofOFGQ9aBsvo9+l9S6IbTG3MB8GA1UdIwQY
MBaAFKQqnvYrDCvx00FlObKgSiZZjCxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWIt
NjZmMDUzZjZhNGY4LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8yZDUyYWUtMzkyOC00NDllLTg2ZWItNjZmMDUzZjZhNGY4
LzEvcENxZTlpc01LX0hUUVdVNXNxQktKbG1NTEVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvl2EcSuo
9xR2dNBx/3LWjTFTWqpIWNfGHlq4iU4YHj6DIxN1vcDNKz5PIGpqOzctbhu6CmEy
SHsF+71d40BEh20SmilCK38qRV85wQJeP0WlyzwgwoKwYY59E2lX5/nhjcC6HFuj
Urgejw/QIUDX1z5GY9565djdZaqueGc3CULY4O3p3QaqyU6pqq5Jjgmb6+/yDiD7
Q5+Vguq6hcWW3tf6yhefFTB9mEV+zr2Ygm8JQhw4wyuqHV8ZTZGtfld/1IZjFX/3
NzC5y0+mCUw9b0RFhmndERlRi6kmgQIAmar/POulXRwy6Ll+pFapkCIfMunyCkAi
ZtvVua8NKtBS/g==
-----END CERTIFICATE-----