Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
File:                     qhC-mR89uJUJcQwgZ233qKS_4bQ.mft (raw, json)
Hash identifier:          geT+5JHUJWnonHzY+c3PiH6T+XjoGzvZ4jWMQlw9S6I=
Subject key identifier:   FA:82:BE:07:87:94:A1:2A:4F:EC:6C:9B:98:2B:9C:C7:34:02:8C:F1
Authority key identifier: AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4
Certificate issuer:       /CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
Certificate serial:       01935764E76BFC4449E42B40EBBC5CCA8396
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
Manifest number:          077E
Signing time:             Sat 23 Nov 2024 05:00:50 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:50 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:50 +0000
Files and hashes:         1: qhC-mR89uJUJcQwgZ233qKS_4bQ.crl (hash: bTIfoeikNr1KBc9qHOu9270k4rlPQXFMTYu0HP35b+8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:e7:6b:fc:44:49:e4:2b:40:eb:bc:5c:ca:83:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aa10be991f3db89509710c20676df7a8a4bfe1b4
        Validity
            Not Before: Nov 23 05:00:50 2024 GMT
            Not After : Nov 24 05:00:50 2024 GMT
        Subject: CN=fa82be078794a12a4fec6c9b982b9cc734028cf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b7:93:d8:c6:59:7b:c5:ad:28:99:ff:fa:67:
                    4a:ae:44:8b:0a:58:b5:fa:b3:3b:70:41:2a:08:95:
                    32:16:80:73:dd:2f:ef:dd:ff:81:ac:93:a5:cc:6c:
                    cc:76:69:f7:8d:04:9c:42:ad:b1:e8:da:49:45:5e:
                    02:8e:23:f3:e5:fa:aa:9d:11:f7:73:eb:18:c2:65:
                    fb:48:ea:72:3a:1b:89:9d:77:52:b2:69:ac:e6:98:
                    1b:ac:36:78:0a:39:66:df:1f:be:85:57:ca:07:ab:
                    64:01:f6:f1:e6:e4:a8:fd:93:28:b2:92:55:dd:94:
                    26:a5:4c:68:c6:f6:d7:c8:34:81:f7:3c:20:9c:3a:
                    4c:e5:ce:23:3b:77:66:d5:0c:e2:23:4c:ce:66:04:
                    dc:89:a0:91:bf:ce:f0:65:29:b1:47:fd:34:f0:48:
                    d3:79:2b:09:c4:83:8f:9c:d8:d8:9c:33:e1:29:3d:
                    8a:08:c7:87:de:11:52:19:6c:7f:08:25:b8:45:4f:
                    95:8a:3e:17:81:57:74:c9:9b:51:f3:9f:b8:df:60:
                    a1:e2:39:8a:58:a1:83:0a:5e:cf:c5:ed:b5:44:d2:
                    f7:b3:b1:45:cd:0a:08:37:5f:db:16:e3:31:ab:54:
                    32:29:14:9f:93:0b:fb:a3:ff:d2:34:07:ba:ec:f6:
                    eb:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:82:BE:07:87:94:A1:2A:4F:EC:6C:9B:98:2B:9C:C7:34:02:8C:F1
            X509v3 Authority Key Identifier:
                keyid:AA:10:BE:99:1F:3D:B8:95:09:71:0C:20:67:6D:F7:A8:A4:BF:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qhC-mR89uJUJcQwgZ233qKS_4bQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235365-8d15-4125-9017-183e2e72301b/1/qhC-mR89uJUJcQwgZ233qKS_4bQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:be:5b:75:74:ce:e2:50:7e:4c:b2:8b:78:88:8a:8c:2b:12:
         8f:fc:d8:5c:56:f6:d9:3b:81:a8:36:c2:8c:8a:bb:61:0e:87:
         22:24:f2:fd:9f:09:1c:c9:63:09:80:82:53:62:78:71:6d:50:
         fe:a7:49:7b:b9:37:7b:1e:21:55:80:1b:1f:5a:a5:d2:68:d5:
         33:32:81:93:0b:f2:43:1d:8a:54:a2:2f:1a:1c:b2:3f:64:38:
         f7:cb:0e:b5:73:b6:ea:ae:3f:ba:41:8b:5e:83:79:9e:bd:62:
         b3:b8:2a:90:e4:bd:c3:d5:22:5d:31:da:ee:cf:fb:5c:69:1a:
         32:b9:2c:18:19:dd:25:2e:11:17:db:c1:89:22:13:e6:de:c0:
         24:3b:10:36:23:47:9e:33:c2:5f:53:e3:a7:b4:8e:73:c1:ce:
         d7:c2:55:73:f0:c4:13:ee:a7:88:b4:71:28:43:d6:a9:32:09:
         70:d6:7f:6f:c9:02:a1:78:48:30:f7:c4:e7:2e:5f:e4:84:8c:
         63:6f:70:e6:7f:58:3b:67:5b:ee:34:0a:ab:e0:8e:7c:07:27:
         b6:c0:72:ac:db:d5:4e:4f:c8:b8:c7:20:51:b1:72:d8:85:f5:
         39:e0:bc:1d:9d:89:8a:97:c1:35:6e:a3:65:64:12:88:16:63:
         69:7f:33:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZOdr/ERJ5CtA67xcyoOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMTBiZTk5MWYzZGI4OTUwOTcxMGMyMDY3NmRmN2E4YTRi
ZmUxYjQwHhcNMjQxMTIzMDUwMDUwWhcNMjQxMTI0MDUwMDUwWjAzMTEwLwYDVQQD
EyhmYTgyYmUwNzg3OTRhMTJhNGZlYzZjOWI5ODJiOWNjNzM0MDI4Y2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7eT2MZZe8WtKJn/+mdKrkSLCli1
+rM7cEEqCJUyFoBz3S/v3f+BrJOlzGzMdmn3jQScQq2x6NpJRV4CjiPz5fqqnRH3
c+sYwmX7SOpyOhuJnXdSsmms5pgbrDZ4Cjlm3x++hVfKB6tkAfbx5uSo/ZMospJV
3ZQmpUxoxvbXyDSB9zwgnDpM5c4jO3dm1QziI0zOZgTciaCRv87wZSmxR/008EjT
eSsJxIOPnNjYnDPhKT2KCMeH3hFSGWx/CCW4RU+Vij4XgVd0yZtR85+432Ch4jmK
WKGDCl7Pxe21RNL3s7FFzQoIN1/bFuMxq1QyKRSfkwv7o//SNAe67PbrGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqCvgeHlKEqT+xsm5grnMc0AozxMB8GA1UdIwQY
MBaAFKoQvpkfPbiVCXEMIGdt96ikv+G0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTct
MTgzZTJlNzIzMDFiLzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzNjUtOGQxNS00MTI1LTkwMTctMTgzZTJlNzIzMDFi
LzEvcWhDLW1SODl1SlVKY1F3Z1oyMzNxS1NfNGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASL5bdXTO
4lB+TLKLeIiKjCsSj/zYXFb22TuBqDbCjIq7YQ6HIiTy/Z8JHMljCYCCU2J4cW1Q
/qdJe7k3ex4hVYAbH1ql0mjVMzKBkwvyQx2KVKIvGhyyP2Q498sOtXO26q4/ukGL
XoN5nr1is7gqkOS9w9UiXTHa7s/7XGkaMrksGBndJS4RF9vBiSIT5t7AJDsQNiNH
njPCX1Pjp7SOc8HO18JVc/DEE+6niLRxKEPWqTIJcNZ/b8kCoXhIMPfE5y5f5ISM
Y29w5n9YO2db7jQKq+COfAcntsByrNvVTk/IuMcgUbFy2IX1OeC8HZ2JipfBNW6j
ZWQSiBZjaX8zZg==
-----END CERTIFICATE-----