Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
File:                     xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft (raw, json)
Hash identifier:          ngUUcRAfCISaLkyy3SVFg2dNhESXiAZNHyLiqSA5bMs=
Subject key identifier:   71:4A:54:E6:9A:02:6D:15:40:D3:75:48:D4:5B:59:61:34:2F:51:2D
Authority key identifier: C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B
Certificate issuer:       /CN=c6c00c553a54da05b93635a654cada03c6d9df2b
Certificate serial:       019357D234E0C4335DFA0380C11CC8C1EF62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
Manifest number:          0443
Signing time:             Sat 23 Nov 2024 07:00:13 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:13 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:13 +0000
Files and hashes:         1: xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl (hash: BKCizjNHHNoT4TnxAQiZqqStp/KIyNcoDxXnZdKQYVM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:34:e0:c4:33:5d:fa:03:80:c1:1c:c8:c1:ef:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c6c00c553a54da05b93635a654cada03c6d9df2b
        Validity
            Not Before: Nov 23 07:00:13 2024 GMT
            Not After : Nov 24 07:00:13 2024 GMT
        Subject: CN=714a54e69a026d1540d37548d45b5961342f512d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:34:1a:bf:af:01:fb:a8:4e:b7:7c:34:54:2c:
                    18:aa:8a:74:3d:2e:2b:c4:24:da:79:ab:58:cb:d8:
                    f7:2d:ce:a9:39:7f:d3:cb:6e:f8:f2:68:c2:d3:1c:
                    6e:7d:b8:3e:e4:54:49:5f:33:bf:35:ef:36:17:4e:
                    a2:cc:9f:5b:dd:ce:97:93:17:de:c5:ec:c6:cb:e7:
                    7d:8a:d6:be:60:bb:b3:83:b3:fe:f9:fa:3a:62:fc:
                    c1:ce:8d:5d:8b:2e:c9:84:54:12:68:99:14:39:88:
                    c9:62:2f:a2:49:5a:3c:40:07:c0:7c:b5:30:6f:5c:
                    19:52:84:23:5d:15:7c:93:cf:2c:a0:6f:7f:c4:78:
                    d6:ae:27:c9:e1:7f:31:93:f1:f8:ef:c2:fd:8d:b6:
                    e3:da:0d:6c:11:6c:62:bf:a1:fe:1b:b4:40:18:e1:
                    18:b1:1e:be:05:27:86:c6:e9:8e:82:ae:38:9e:4f:
                    73:b4:56:f6:70:46:d7:61:a8:55:bf:bb:91:aa:26:
                    01:fb:8a:fd:82:1a:7a:6d:26:32:77:4f:dd:09:38:
                    c9:a7:77:c3:79:69:ad:6d:57:65:8d:12:27:49:d3:
                    62:ec:63:72:22:25:b0:16:6d:41:3b:fe:52:8e:f2:
                    e3:39:c9:62:4d:69:e7:6e:0d:35:31:99:a6:7c:95:
                    78:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:4A:54:E6:9A:02:6D:15:40:D3:75:48:D4:5B:59:61:34:2F:51:2D
            X509v3 Authority Key Identifier:
                keyid:C6:C0:0C:55:3A:54:DA:05:B9:36:35:A6:54:CA:DA:03:C6:D9:DF:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsAMVTpU2gW5NjWmVMraA8bZ3ys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6fda1d-b96b-4cf9-bb68-3fbdd9dbbd92/1/xsAMVTpU2gW5NjWmVMraA8bZ3ys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:36:66:37:99:6a:0a:92:8d:7b:d1:d7:4b:82:9b:9c:ed:db:
         0e:6f:06:df:52:a0:5c:42:1a:96:f7:30:7e:19:33:30:cf:1e:
         9f:0d:21:76:76:4e:b5:a7:89:29:71:db:58:e1:06:81:f9:13:
         0d:30:1c:f7:70:bf:c6:2f:f7:37:1f:eb:cd:3b:8d:d1:f3:8d:
         3c:39:9b:72:d2:4b:8c:f2:2e:22:f7:06:3f:1a:de:59:4d:23:
         fb:28:1c:0d:cb:90:a9:a7:b7:65:b2:9d:dc:d3:79:cd:78:a0:
         ab:79:11:46:e8:bc:fe:c0:3b:dd:af:29:16:d8:fb:cd:ee:f5:
         52:32:dc:21:f5:e1:d1:f3:3d:1b:0e:60:10:f8:85:8e:e4:41:
         2f:e7:80:d5:cc:98:83:93:2e:be:44:3d:55:21:ce:5d:04:00:
         1b:ad:be:91:c3:4a:d2:24:44:3a:bc:c0:66:ce:b0:67:cd:79:
         00:ca:25:1a:c8:bf:1c:24:91:56:8b:a9:5e:1f:12:01:ee:41:
         95:75:04:62:5d:22:ef:c0:c7:d1:da:51:3d:51:59:eb:13:28:
         86:13:4e:2a:b3:cb:fe:44:04:72:3f:94:b3:c7:9c:24:a6:4f:
         77:15:ea:de:d7:cb:c0:08:12:f0:fd:8a:c6:83:3f:1b:15:ed:
         3a:5c:ee:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0jTgxDNd+gOAwRzIwe9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YzAwYzU1M2E1NGRhMDViOTM2MzVhNjU0Y2FkYTAzYzZk
OWRmMmIwHhcNMjQxMTIzMDcwMDEzWhcNMjQxMTI0MDcwMDEzWjAzMTEwLwYDVQQD
Eyg3MTRhNTRlNjlhMDI2ZDE1NDBkMzc1NDhkNDViNTk2MTM0MmY1MTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTQav68B+6hOt3w0VCwYqop0PS4r
xCTaeatYy9j3Lc6pOX/Ty2748mjC0xxufbg+5FRJXzO/Ne82F06izJ9b3c6Xkxfe
xezGy+d9ita+YLuzg7P++fo6YvzBzo1diy7JhFQSaJkUOYjJYi+iSVo8QAfAfLUw
b1wZUoQjXRV8k88soG9/xHjWrifJ4X8xk/H478L9jbbj2g1sEWxiv6H+G7RAGOEY
sR6+BSeGxumOgq44nk9ztFb2cEbXYahVv7uRqiYB+4r9ghp6bSYyd0/dCTjJp3fD
eWmtbVdljRInSdNi7GNyIiWwFm1BO/5SjvLjOcliTWnnbg01MZmmfJV4dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHFKVOaaAm0VQNN1SNRbWWE0L1EtMB8GA1UdIwQY
MBaAFMbADFU6VNoFuTY1plTK2gPG2d8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgt
M2ZiZGQ5ZGJiZDkyLzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82ZmRhMWQtYjk2Yi00Y2Y5LWJiNjgtM2ZiZGQ5ZGJiZDky
LzEveHNBTVZUcFUyZ1c1TmpXbVZNcmFBOGJaM3lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFjZmN5lq
CpKNe9HXS4KbnO3bDm8G31KgXEIalvcwfhkzMM8enw0hdnZOtaeJKXHbWOEGgfkT
DTAc93C/xi/3Nx/rzTuN0fONPDmbctJLjPIuIvcGPxreWU0j+ygcDcuQqae3ZbKd
3NN5zXigq3kRRui8/sA73a8pFtj7ze71UjLcIfXh0fM9Gw5gEPiFjuRBL+eA1cyY
g5MuvkQ9VSHOXQQAG62+kcNK0iREOrzAZs6wZ815AMolGsi/HCSRVoupXh8SAe5B
lXUEYl0i78DH0dpRPVFZ6xMohhNOKrPL/kQEcj+Us8ecJKZPdxXq3tfLwAgS8P2K
xoM/GxXtOlzujA==
-----END CERTIFICATE-----