Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          /Q+Qm8lzbbwgPCLAVs412g2kF0fh+csShlHRaC+R6EE=
Subject key identifier:   AF:32:3E:DF:78:77:4F:07:19:27:98:FF:B4:53:73:D3:69:8A:D8:89
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       0194078FD0B6B670AF87DD3B31A9FC0215BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          0EFE
Signing time:             Fri 27 Dec 2024 10:00:52 +0000
Manifest this update:     Fri 27 Dec 2024 10:00:52 +0000
Manifest next update:     Sat 28 Dec 2024 10:00:52 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: ZyZfNev3YHkjZjUXIRlaZxXTN3kR8BsjKB/yvuOFors=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 09:00:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:8f:d0:b6:b6:70:af:87:dd:3b:31:a9:fc:02:15:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Dec 27 10:00:52 2024 GMT
            Not After : Dec 28 10:00:52 2024 GMT
        Subject: CN=af323edf78774f07192798ffb45373d3698ad889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:55:68:88:6c:bf:c2:26:4b:3b:09:49:b1:33:
                    1f:fc:fa:3f:ad:c6:dc:5b:ee:d1:98:31:a4:c5:83:
                    74:1b:a3:d8:79:d4:7e:b3:0a:45:26:7a:c9:1e:48:
                    4f:4c:21:2e:e4:e2:1b:06:f7:a0:5e:4a:78:b3:1e:
                    31:dc:c1:9d:20:ff:cb:27:27:4d:6b:66:88:ad:e2:
                    24:c2:11:c6:25:9f:8e:46:4b:f7:d3:33:14:38:74:
                    7e:0f:d0:c1:59:5a:d2:55:2c:f9:a0:18:5d:88:48:
                    59:81:4d:a3:93:59:16:18:60:82:fc:e6:b6:61:1e:
                    ae:88:f7:a5:f0:ab:d7:4b:85:c7:e6:9b:4a:20:95:
                    d8:62:72:68:82:e7:02:40:1c:32:d4:69:9d:7e:97:
                    5d:0b:a0:c1:e8:69:58:6f:fe:6d:af:33:1d:c2:3a:
                    ac:04:70:bf:dd:46:35:04:47:50:fd:67:ee:36:6b:
                    2c:df:a8:77:f6:cb:e8:b3:42:e7:bd:c6:71:15:39:
                    66:f4:1b:e6:72:37:b1:49:e4:27:f0:59:e8:8b:fa:
                    3f:39:a4:6f:b7:0e:6c:2f:45:3c:0b:0d:24:2b:2f:
                    22:7b:f9:85:e2:47:13:3f:32:b7:6e:40:1c:7b:34:
                    e1:13:93:29:4b:5a:3e:37:0a:32:0a:b4:46:92:36:
                    2d:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:32:3E:DF:78:77:4F:07:19:27:98:FF:B4:53:73:D3:69:8A:D8:89
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:64:33:91:49:f1:0f:e3:91:f7:8c:56:ad:37:ef:91:49:d6:
         1c:c6:4d:b3:25:99:e1:68:cb:e8:65:a3:80:f8:5f:3c:92:50:
         49:24:6c:bb:f1:8f:f1:3c:ac:bc:17:dd:b4:26:52:52:d6:c6:
         b0:16:b7:70:66:3a:be:6e:63:4d:df:63:45:be:29:6e:66:a2:
         da:46:ac:93:f0:3b:64:8c:3f:49:7e:c5:f1:1b:fb:e3:f5:73:
         7d:dc:73:95:fe:c1:35:4e:07:6c:ed:68:29:c8:3c:f0:f0:d2:
         72:4c:5a:d1:24:c7:d2:c1:87:0d:4a:bc:12:93:b7:31:35:fc:
         fe:d4:09:a0:0a:a9:77:bf:1e:fb:d4:85:73:0c:e9:31:3e:a5:
         31:14:b8:28:af:4f:44:ab:61:27:ee:de:36:c7:5b:72:7f:6f:
         43:24:97:ed:c6:cc:da:1e:dc:a9:d7:53:90:02:e9:dc:4a:26:
         64:9d:b7:bb:52:e1:47:d7:64:99:88:f0:1d:b0:57:fc:cd:33:
         fa:51:a8:90:4e:0c:3f:21:cb:ed:0c:07:a8:f7:b4:43:69:d2:
         13:fb:36:b2:23:d8:82:fc:42:1b:a4:56:9c:9d:9e:6a:f1:d2:
         d6:24:37:3b:02:9a:08:b1:e6:5d:3a:7a:8d:01:b4:57:99:2f:
         80:23:24:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQHj9C2tnCvh907Man8AhW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjQxMjI3MTAwMDUyWhcNMjQxMjI4MTAwMDUyWjAzMTEwLwYDVQQD
EyhhZjMyM2VkZjc4Nzc0ZjA3MTkyNzk4ZmZiNDUzNzNkMzY5OGFkODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lVoiGy/wiZLOwlJsTMf/Po/rcbc
W+7RmDGkxYN0G6PYedR+swpFJnrJHkhPTCEu5OIbBvegXkp4sx4x3MGdIP/LJydN
a2aIreIkwhHGJZ+ORkv30zMUOHR+D9DBWVrSVSz5oBhdiEhZgU2jk1kWGGCC/Oa2
YR6uiPel8KvXS4XH5ptKIJXYYnJogucCQBwy1GmdfpddC6DB6GlYb/5trzMdwjqs
BHC/3UY1BEdQ/WfuNmss36h39svos0LnvcZxFTlm9BvmcjexSeQn8Fnoi/o/OaRv
tw5sL0U8Cw0kKy8ie/mF4kcTPzK3bkAcezThE5MpS1o+NwoyCrRGkjYtDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8yPt94d08HGSeY/7RTc9NpitiJMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWQzkUnx
D+OR94xWrTfvkUnWHMZNsyWZ4WjL6GWjgPhfPJJQSSRsu/GP8TysvBfdtCZSUtbG
sBa3cGY6vm5jTd9jRb4pbmai2kask/A7ZIw/SX7F8Rv74/Vzfdxzlf7BNU4HbO1o
Kcg88PDSckxa0STH0sGHDUq8EpO3MTX8/tQJoAqpd78e+9SFcwzpMT6lMRS4KK9P
RKthJ+7eNsdbcn9vQySX7cbM2h7cqddTkALp3EomZJ23u1LhR9dkmYjwHbBX/M0z
+lGokE4MPyHL7QwHqPe0Q2nSE/s2siPYgvxCG6RWnJ2eavHS1iQ3OwKaCLHmXTp6
jQG0V5kvgCMk3w==
-----END CERTIFICATE-----