Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
File:                     SVfItkDqWWxdEac7PSZu54w_Cds.mft (raw, json)
Hash identifier:          KRoFsiWq1v1CedrmQ45tfacQjjHdGD7nWyp7ybJA8j4=
Subject key identifier:   78:E7:CD:20:E9:B9:2C:FA:30:8B:F0:0B:AD:DF:9A:54:E0:71:51:3C
Authority key identifier: 49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB
Certificate issuer:       /CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
Certificate serial:       0193572DBED4DD11C1C8307A5D6681BC785C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
Manifest number:          05FF
Signing time:             Sat 23 Nov 2024 04:00:35 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:35 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:35 +0000
Files and hashes:         1: SVfItkDqWWxdEac7PSZu54w_Cds.crl (hash: wi0RHaV0xfyzOMnw4F6kZh41z/IvQ0sdRoT5YEMiTDI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:be:d4:dd:11:c1:c8:30:7a:5d:66:81:bc:78:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4957c8b640ea596c5d11a73b3d266ee78c3f09db
        Validity
            Not Before: Nov 23 04:00:35 2024 GMT
            Not After : Nov 24 04:00:35 2024 GMT
        Subject: CN=78e7cd20e9b92cfa308bf00baddf9a54e071513c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:bd:f8:79:8c:8b:ca:dc:ad:70:f4:e8:20:70:
                    44:da:d1:49:f9:1b:7d:74:60:75:11:92:8d:aa:b8:
                    02:71:7e:a1:c9:c4:dd:f9:6f:d0:48:01:4e:3e:1e:
                    fd:bc:84:ab:17:23:13:d0:ab:ac:8f:64:54:5d:09:
                    40:9f:f9:69:e6:b7:a8:24:34:c0:e0:67:85:96:7d:
                    02:fd:7c:33:9c:44:cd:91:c0:65:ce:2b:ec:3f:d5:
                    45:84:85:3e:f5:d1:4b:63:b2:c8:9f:11:2b:18:ab:
                    3c:19:d6:7f:05:3e:1d:7e:dc:44:4b:16:22:39:1e:
                    db:e4:6b:69:c1:3d:12:0a:ad:52:53:95:4a:8d:5c:
                    a2:c5:32:ca:6b:77:c1:3d:29:82:4c:af:04:3e:f5:
                    74:72:fc:92:f1:d3:54:b0:c7:c5:57:d7:7c:7d:97:
                    43:e1:56:ee:0b:e5:9f:41:79:94:bd:74:b9:fe:01:
                    fd:ad:79:ab:05:c4:66:3c:96:7a:fc:86:41:e1:2e:
                    50:c0:09:b6:23:0c:d4:d6:70:65:49:8f:df:ac:ab:
                    d8:ed:76:fc:46:e0:1e:d6:d2:18:f6:cf:7c:24:f9:
                    49:01:1d:6d:7d:4a:6b:ae:b2:88:a2:9d:d3:e9:66:
                    77:cb:51:19:90:09:ce:8b:c4:39:96:5f:0b:c3:68:
                    26:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:E7:CD:20:E9:B9:2C:FA:30:8B:F0:0B:AD:DF:9A:54:E0:71:51:3C
            X509v3 Authority Key Identifier:
                keyid:49:57:C8:B6:40:EA:59:6C:5D:11:A7:3B:3D:26:6E:E7:8C:3F:09:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVfItkDqWWxdEac7PSZu54w_Cds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0ceec3-482a-41a5-97eb-bfe1e173d8f0/1/SVfItkDqWWxdEac7PSZu54w_Cds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:ab:6a:41:f1:eb:56:59:36:68:9e:bd:9e:05:0d:f3:1e:50:
         67:55:8a:35:2d:4c:ae:1d:0a:7b:fa:90:fb:44:96:05:cb:20:
         80:fd:57:2b:da:30:9b:01:42:ab:7e:1d:6d:be:0f:60:7f:1b:
         29:81:b5:4d:3e:bf:15:31:6b:bc:1c:d9:d8:f8:33:24:f9:0a:
         e7:fb:88:d3:3e:14:38:97:f4:76:3f:80:71:17:d4:36:d6:dc:
         52:df:26:2c:12:6c:58:d0:dc:6f:5b:f8:45:79:31:72:34:54:
         0e:ca:50:e6:25:a0:0b:21:26:8b:6f:4b:e7:43:c4:46:9e:2c:
         d8:e0:42:6f:7e:e0:6b:66:c7:3b:36:35:a6:78:95:fc:57:03:
         43:cd:eb:2c:3e:86:04:7e:45:ab:b4:53:6c:20:81:7c:68:dc:
         08:6c:c4:b4:39:9e:de:e1:e4:f6:68:f5:f5:35:39:9d:f1:f4:
         56:1e:c3:be:59:e9:9c:6c:f0:30:4c:39:d9:e7:59:6b:4c:fc:
         48:06:be:a7:62:6e:c7:90:cb:2d:d1:8a:5c:ba:bd:70:2f:d7:
         22:bf:d2:1c:59:ab:22:d9:fc:03:fb:47:0a:ef:4f:b6:27:57:
         e5:92:bc:25:22:85:d9:af:95:07:e8:05:2a:c8:45:99:c7:83:
         31:c2:94:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLb7U3RHByDB6XWaBvHhcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTdjOGI2NDBlYTU5NmM1ZDExYTczYjNkMjY2ZWU3OGMz
ZjA5ZGIwHhcNMjQxMTIzMDQwMDM1WhcNMjQxMTI0MDQwMDM1WjAzMTEwLwYDVQQD
Eyg3OGU3Y2QyMGU5YjkyY2ZhMzA4YmYwMGJhZGRmOWE1NGUwNzE1MTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb34eYyLytytcPToIHBE2tFJ+Rt9
dGB1EZKNqrgCcX6hycTd+W/QSAFOPh79vISrFyMT0Kusj2RUXQlAn/lp5reoJDTA
4GeFln0C/XwznETNkcBlzivsP9VFhIU+9dFLY7LInxErGKs8GdZ/BT4dftxESxYi
OR7b5GtpwT0SCq1SU5VKjVyixTLKa3fBPSmCTK8EPvV0cvyS8dNUsMfFV9d8fZdD
4VbuC+WfQXmUvXS5/gH9rXmrBcRmPJZ6/IZB4S5QwAm2IwzU1nBlSY/frKvY7Xb8
RuAe1tIY9s98JPlJAR1tfUprrrKIop3T6WZ3y1EZkAnOi8Q5ll8Lw2gm0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHjnzSDpuSz6MIvwC63fmlTgcVE8MB8GA1UdIwQY
MBaAFElXyLZA6llsXRGnOz0mbueMPwnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWIt
YmZlMWUxNzNkOGYwLzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wY2VlYzMtNDgyYS00MWE1LTk3ZWItYmZlMWUxNzNkOGYw
LzEvU1ZmSXRrRHFXV3hkRWFjN1BTWnU1NHdfQ2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV6tqQfHr
Vlk2aJ69ngUN8x5QZ1WKNS1Mrh0Ke/qQ+0SWBcsggP1XK9owmwFCq34dbb4PYH8b
KYG1TT6/FTFrvBzZ2PgzJPkK5/uI0z4UOJf0dj+AcRfUNtbcUt8mLBJsWNDcb1v4
RXkxcjRUDspQ5iWgCyEmi29L50PERp4s2OBCb37ga2bHOzY1pniV/FcDQ83rLD6G
BH5Fq7RTbCCBfGjcCGzEtDme3uHk9mj19TU5nfH0Vh7DvlnpnGzwMEw52edZa0z8
SAa+p2Jux5DLLdGKXLq9cC/XIr/SHFmrItn8A/tHCu9PtidX5ZK8JSKF2a+VB+gF
KshFmceDMcKUgQ==
-----END CERTIFICATE-----