Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
File:                     bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft (raw, json)
Hash identifier:          kLTvlvrLOh08fl6FOUqoutFSEDS8XndgqTKwpK3IlJI=
Subject key identifier:   73:81:53:42:D4:E8:9D:B3:F3:CA:1A:BA:72:00:A6:B7:F9:C9:67:6A
Authority key identifier: 6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD
Certificate issuer:       /CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
Certificate serial:       019356F6A732BF80956ECD0E703B3010BF66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 03:00:25 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:25 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:25 +0000
Files and hashes:         1: bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl (hash: 7QgZswvdVBrHojihz6DnQI7X72b/RI9oeN+D/YeemXM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:a7:32:bf:80:95:6e:cd:0e:70:3b:30:10:bf:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dda056c3b54e500ca19c8f5c4770ac3f450e4bd
        Validity
            Not Before: Nov 23 03:00:25 2024 GMT
            Not After : Nov 24 03:00:25 2024 GMT
        Subject: CN=73815342d4e89db3f3ca1aba7200a6b7f9c9676a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:4c:26:4c:42:57:6a:f1:01:0a:48:f4:66:b1:
                    cf:7c:9d:60:15:d8:ad:04:13:33:cc:3b:7f:00:97:
                    01:ab:77:fc:4f:76:54:48:21:4c:b9:eb:c3:d3:77:
                    4a:cf:cf:86:40:37:4b:bf:cf:20:bb:21:eb:eb:31:
                    fd:a3:ab:02:07:ac:4a:13:b9:84:be:07:f9:ba:5e:
                    5b:88:5e:12:f6:4a:c8:45:2b:a1:2a:a4:f9:03:2f:
                    24:47:7d:16:99:6e:99:1a:c0:13:2e:a2:ac:4b:91:
                    85:3e:d5:dd:3d:fb:e8:40:53:e5:77:76:df:f6:21:
                    26:9c:b6:b8:b7:31:79:97:dd:82:09:d8:e9:1a:25:
                    69:a0:8f:1c:c0:a4:1f:e9:a9:8a:c2:75:ef:c0:37:
                    42:18:42:94:b5:62:46:ee:29:e1:44:d1:84:01:d0:
                    ae:86:45:b9:f0:93:73:9c:73:db:4b:91:0f:65:e7:
                    fb:88:90:88:48:a2:83:80:8f:71:bc:fa:49:be:70:
                    5d:86:61:5d:78:9e:ea:8e:92:85:ee:bf:86:14:61:
                    6e:d6:43:46:58:a0:20:7c:c5:7e:9f:94:e9:09:a9:
                    ba:c9:4e:ad:c6:8f:57:e6:80:c8:91:66:91:a1:24:
                    7e:3c:36:5c:f1:a9:d9:18:eb:a0:f4:30:40:67:64:
                    7a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:81:53:42:D4:E8:9D:B3:F3:CA:1A:BA:72:00:A6:B7:F9:C9:67:6A
            X509v3 Authority Key Identifier:
                keyid:6D:DA:05:6C:3B:54:E5:00:CA:19:C8:F5:C4:77:0A:C3:F4:50:E4:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/db8ed5-37db-417e-9157-a3c3f9aa8608/1/bdoFbDtU5QDKGcj1xHcKw_RQ5L0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:09:0c:96:d6:ad:72:35:7c:81:66:e4:a7:4c:b2:19:1e:aa:
         07:da:d1:96:76:18:30:8c:5d:78:73:a5:36:c9:96:49:31:87:
         0a:43:9a:73:95:07:cc:21:8c:45:13:80:92:83:67:b6:83:34:
         2d:88:90:70:48:5b:8e:cb:79:51:10:84:55:6d:f3:7e:2f:b2:
         44:e1:5c:b7:6d:ac:2f:d9:23:f0:06:67:b9:b8:37:d6:dd:c7:
         9a:fe:7b:0e:be:88:36:ea:87:62:7e:7a:39:ec:e7:66:e6:9b:
         49:de:01:4d:f2:8b:d2:5c:bc:09:70:74:95:b0:59:af:3b:3a:
         29:d8:03:73:24:8e:75:85:a0:59:90:af:66:cb:51:36:6d:c0:
         f5:62:37:e2:f0:b6:56:11:42:65:ac:98:75:db:11:d8:e1:3a:
         36:fa:b7:ec:e3:6e:61:1e:fc:63:64:c9:1c:fc:d4:cc:0b:e7:
         dc:99:d5:15:ef:c0:f5:64:6e:45:5a:27:3b:f3:55:ee:62:57:
         06:db:19:8e:d5:0d:99:fa:b1:cd:98:61:26:3d:69:b9:b3:b5:
         e7:2b:bb:75:c0:ee:7f:1d:3e:94:6b:fa:7a:c4:87:70:3b:cd:
         8c:3d:fc:72:60:ea:63:d8:cf:81:33:90:35:1e:26:a1:09:73:
         d2:39:1f:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9qcyv4CVbs0OcDswEL9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGEwNTZjM2I1NGU1MDBjYTE5YzhmNWM0NzcwYWMzZjQ1
MGU0YmQwHhcNMjQxMTIzMDMwMDI1WhcNMjQxMTI0MDMwMDI1WjAzMTEwLwYDVQQD
Eyg3MzgxNTM0MmQ0ZTg5ZGIzZjNjYTFhYmE3MjAwYTZiN2Y5Yzk2NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUwmTEJXavEBCkj0ZrHPfJ1gFdit
BBMzzDt/AJcBq3f8T3ZUSCFMuevD03dKz8+GQDdLv88guyHr6zH9o6sCB6xKE7mE
vgf5ul5biF4S9krIRSuhKqT5Ay8kR30WmW6ZGsATLqKsS5GFPtXdPfvoQFPld3bf
9iEmnLa4tzF5l92CCdjpGiVpoI8cwKQf6amKwnXvwDdCGEKUtWJG7inhRNGEAdCu
hkW58JNznHPbS5EPZef7iJCISKKDgI9xvPpJvnBdhmFdeJ7qjpKF7r+GFGFu1kNG
WKAgfMV+n5TpCam6yU6txo9X5oDIkWaRoSR+PDZc8anZGOug9DBAZ2R6WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOBU0LU6J2z88oaunIAprf5yWdqMB8GA1UdIwQY
MBaAFG3aBWw7VOUAyhnI9cR3CsP0UOS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTct
YTNjM2Y5YWE4NjA4LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kYjhlZDUtMzdkYi00MTdlLTkxNTctYTNjM2Y5YWE4NjA4
LzEvYmRvRmJEdFU1UURLR2NqMXhIY0t3X1JRNUwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYwkMltat
cjV8gWbkp0yyGR6qB9rRlnYYMIxdeHOlNsmWSTGHCkOac5UHzCGMRROAkoNntoM0
LYiQcEhbjst5URCEVW3zfi+yROFct22sL9kj8AZnubg31t3Hmv57Dr6INuqHYn56
OeznZuabSd4BTfKL0ly8CXB0lbBZrzs6KdgDcySOdYWgWZCvZstRNm3A9WI34vC2
VhFCZayYddsR2OE6Nvq37ONuYR78Y2TJHPzUzAvn3JnVFe/A9WRuRVonO/NV7mJX
BtsZjtUNmfqxzZhhJj1pubO15yu7dcDufx0+lGv6esSHcDvNjD38cmDqY9jPgTOQ
NR4moQlz0jkfbQ==
-----END CERTIFICATE-----