Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
File:                     rl81puj7U5sZVMtDps516X-q4XU.mft (raw, json)
Hash identifier:          xDaaa1wPzH5MBQA0JBcJtPsXAqfHcGVnhgRPH2oTNSE=
Subject key identifier:   18:C9:38:23:7F:62:BE:F2:57:D6:FC:B4:51:76:95:8D:7F:1F:42:75
Authority key identifier: AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75
Certificate issuer:       /CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
Certificate serial:       01935878A0F2E0E13EFB232629218AAD4C6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
Manifest number:          0769
Signing time:             Sat 23 Nov 2024 10:02:00 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:00 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:00 +0000
Files and hashes:         1: rl81puj7U5sZVMtDps516X-q4XU.crl (hash: 5q6ludkIjoTK1fSakwgHH7R6WC2VO3JEB+MX6xoUQCk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:a0:f2:e0:e1:3e:fb:23:26:29:21:8a:ad:4c:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae5f35a6e8fb539b1954cb43a6ce75e97faae175
        Validity
            Not Before: Nov 23 10:02:00 2024 GMT
            Not After : Nov 24 10:02:00 2024 GMT
        Subject: CN=18c938237f62bef257d6fcb45176958d7f1f4275
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:10:8c:04:f1:e8:c5:61:e0:40:41:49:c6:3b:
                    4f:0a:94:7c:22:7b:9c:72:c9:e6:bb:d7:27:b1:2d:
                    1f:61:5c:4d:62:76:cb:54:ed:e9:33:38:b8:eb:2f:
                    63:f4:b7:32:3a:0b:7a:a3:14:c9:84:65:1c:8b:39:
                    c6:32:22:be:68:01:4f:dd:ac:bf:7a:f4:85:0b:21:
                    82:0f:e5:ef:4b:f0:d7:93:1f:e9:dd:40:48:03:ec:
                    46:a8:ca:c9:4b:b6:b8:c0:62:91:86:4a:20:a7:af:
                    63:dc:2c:2b:bb:5e:26:dd:68:ed:b9:9b:69:8f:e9:
                    12:7c:51:95:ef:bc:46:70:29:5f:75:4d:32:f1:10:
                    63:27:9f:77:ce:e4:77:dc:ce:e1:6e:5c:15:2a:ea:
                    ce:69:cc:79:9a:3c:0a:a0:fe:e9:18:4d:4e:f4:ae:
                    a0:7d:f3:e0:e8:ea:95:8d:35:63:9b:69:ae:48:15:
                    c7:c5:2a:57:e0:be:ae:e1:df:2e:94:11:33:59:8e:
                    ac:43:47:dd:1b:66:6a:f1:5f:3e:17:ba:f2:d1:b4:
                    c8:fe:b7:92:7e:aa:6e:9b:79:27:a8:b7:8a:8f:ad:
                    5f:51:5f:2e:9a:60:87:92:bf:3e:6d:c8:dc:b9:29:
                    4b:fe:01:2f:bd:b5:53:13:f6:4b:34:89:9b:09:31:
                    98:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:C9:38:23:7F:62:BE:F2:57:D6:FC:B4:51:76:95:8D:7F:1F:42:75
            X509v3 Authority Key Identifier:
                keyid:AE:5F:35:A6:E8:FB:53:9B:19:54:CB:43:A6:CE:75:E9:7F:AA:E1:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rl81puj7U5sZVMtDps516X-q4XU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/feb7e0-2b7e-426c-b037-2091cca8bc48/1/rl81puj7U5sZVMtDps516X-q4XU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:eb:90:75:68:3c:a7:8f:ee:4a:6d:4a:1c:3f:cb:de:91:3f:
         71:9d:f6:5c:07:99:6b:a7:cb:e2:13:62:fc:50:5a:e2:11:3b:
         fe:c6:5c:36:8e:73:96:c5:45:e5:a3:29:1e:85:18:c6:d7:81:
         bb:4e:62:c3:4f:0d:f8:c0:43:f9:f4:52:e0:11:a2:64:bd:18:
         08:dc:05:08:67:ed:e5:25:b8:8e:c7:a0:bd:03:3e:cb:cb:22:
         95:aa:1e:cc:16:4d:46:9c:1e:a7:b8:ca:5e:22:13:49:27:9c:
         c7:d4:5f:18:86:6a:cd:e2:f3:a0:af:a1:7c:96:dd:b7:44:0d:
         39:16:5c:1f:1f:9d:0e:ff:9a:4c:dc:92:22:7e:4d:08:54:d7:
         ae:bc:4c:79:64:22:35:78:9e:bc:29:a7:cb:0a:bd:e4:d3:fc:
         25:8e:7e:9f:8e:f0:75:5c:1e:60:7a:33:48:76:62:48:ec:4a:
         7e:2d:76:12:fe:42:be:c1:32:b8:f9:b3:d5:2d:b0:4c:2e:63:
         cf:da:d9:d6:84:35:7d:77:4a:b9:a2:7f:1b:d5:c8:09:b1:48:
         bc:80:f7:47:2c:89:3f:84:8e:a5:6a:34:92:8f:e0:b8:f5:a0:
         f9:98:63:e2:c2:f1:12:58:81:83:91:f5:79:03:53:b3:0e:38:
         9a:60:1c:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeKDy4OE++yMmKSGKrUxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNWYzNWE2ZThmYjUzOWIxOTU0Y2I0M2E2Y2U3NWU5N2Zh
YWUxNzUwHhcNMjQxMTIzMTAwMjAwWhcNMjQxMTI0MTAwMjAwWjAzMTEwLwYDVQQD
EygxOGM5MzgyMzdmNjJiZWYyNTdkNmZjYjQ1MTc2OTU4ZDdmMWY0Mjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxCMBPHoxWHgQEFJxjtPCpR8Inuc
csnmu9cnsS0fYVxNYnbLVO3pMzi46y9j9LcyOgt6oxTJhGUciznGMiK+aAFP3ay/
evSFCyGCD+XvS/DXkx/p3UBIA+xGqMrJS7a4wGKRhkogp69j3Cwru14m3WjtuZtp
j+kSfFGV77xGcClfdU0y8RBjJ593zuR33M7hblwVKurOacx5mjwKoP7pGE1O9K6g
ffPg6OqVjTVjm2muSBXHxSpX4L6u4d8ulBEzWY6sQ0fdG2Zq8V8+F7ry0bTI/reS
fqpum3knqLeKj61fUV8ummCHkr8+bcjcuSlL/gEvvbVTE/ZLNImbCTGYiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjJOCN/Yr7yV9b8tFF2lY1/H0J1MB8GA1UdIwQY
MBaAFK5fNabo+1ObGVTLQ6bOdel/quF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzct
MjA5MWNjYThiYzQ4LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mZWI3ZTAtMmI3ZS00MjZjLWIwMzctMjA5MWNjYThiYzQ4
LzEvcmw4MXB1ajdVNXNaVk10RHBzNTE2WC1xNFhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAneuQdWg8
p4/uSm1KHD/L3pE/cZ32XAeZa6fL4hNi/FBa4hE7/sZcNo5zlsVF5aMpHoUYxteB
u05iw08N+MBD+fRS4BGiZL0YCNwFCGft5SW4jsegvQM+y8silaoezBZNRpwep7jK
XiITSSecx9RfGIZqzeLzoK+hfJbdt0QNORZcHx+dDv+aTNySIn5NCFTXrrxMeWQi
NXievCmnywq95NP8JY5+n47wdVweYHozSHZiSOxKfi12Ev5CvsEyuPmz1S2wTC5j
z9rZ1oQ1fXdKuaJ/G9XICbFIvID3RyyJP4SOpWo0ko/guPWg+Zhj4sLxEliBg5H1
eQNTsw44mmAcPA==
-----END CERTIFICATE-----