Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
File:                     h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft (raw, json)
Hash identifier:          VdzoPO5SWC2y+U7E4dSgt1H25srDtnlb6uQoG96zLxY=
Subject key identifier:   4F:AB:73:3C:DD:5A:F5:92:DE:BA:7F:59:A1:95:08:D9:44:DB:C1:55
Authority key identifier: 87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4
Certificate issuer:       /CN=87c0a7b43d42924917a590598b44325e4cc92ee4
Certificate serial:       01935764E460A284882BCFA2D83B7ABDED2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
Manifest number:          0745
Signing time:             Sat 23 Nov 2024 05:00:50 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:50 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:50 +0000
Files and hashes:         1: h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl (hash: hZ6zjMl58ahy58dPBXUqBO+EPPebW06YO1erTA+1W+A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:e4:60:a2:84:88:2b:cf:a2:d8:3b:7a:bd:ed:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87c0a7b43d42924917a590598b44325e4cc92ee4
        Validity
            Not Before: Nov 23 05:00:50 2024 GMT
            Not After : Nov 24 05:00:50 2024 GMT
        Subject: CN=4fab733cdd5af592deba7f59a19508d944dbc155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:15:46:92:03:5c:04:38:f5:f3:02:7e:1b:f6:
                    9f:ec:e3:0f:13:b1:a4:0c:85:26:4d:f4:55:e5:e9:
                    32:00:0c:2c:01:d8:87:f1:f3:65:e4:2b:99:c9:b4:
                    1a:98:8e:e8:89:eb:30:f1:83:cb:d8:57:e8:66:e3:
                    75:e4:0b:2b:33:fc:0d:cd:e9:56:02:c7:7a:aa:f1:
                    bd:ec:82:b9:d3:86:7f:11:53:4c:33:7f:08:49:c1:
                    1e:40:cd:a7:15:89:3d:3b:93:2e:0a:5c:b5:34:dd:
                    14:36:4a:d5:56:e2:6f:74:b1:77:a5:d3:cf:d3:90:
                    57:4b:66:f0:05:92:f9:04:d0:f0:b0:8e:93:91:75:
                    7b:82:91:5f:dd:87:7b:6e:c8:80:fd:40:92:62:de:
                    f6:58:d3:97:0c:21:e7:43:ef:71:a6:8b:6f:bd:91:
                    be:ae:c6:81:a1:b7:8c:cc:2f:f2:ec:78:a2:57:88:
                    05:1f:4a:8c:88:cf:e9:d2:2b:df:70:fc:52:f4:cb:
                    2c:76:34:d6:b6:2f:8f:b1:3b:fa:05:cb:61:6d:7f:
                    73:43:b0:e1:a1:49:88:3b:56:70:af:36:11:e1:0d:
                    18:43:74:32:87:12:a2:26:c8:e8:63:48:21:d2:96:
                    4b:fc:1e:3b:00:93:52:84:87:f5:a8:ec:77:2a:3d:
                    d2:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:AB:73:3C:DD:5A:F5:92:DE:BA:7F:59:A1:95:08:D9:44:DB:C1:55
            X509v3 Authority Key Identifier:
                keyid:87:C0:A7:B4:3D:42:92:49:17:A5:90:59:8B:44:32:5E:4C:C9:2E:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h8CntD1CkkkXpZBZi0QyXkzJLuQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a0083c-d0a8-4d8a-94b4-735625e0d297/1/h8CntD1CkkkXpZBZi0QyXkzJLuQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:fb:c5:52:5d:d1:2e:53:e3:5a:53:bb:2c:b1:5a:f9:93:2f:
         6d:27:2e:ab:e2:9d:f9:3a:27:b5:0e:70:a7:d5:24:94:47:ad:
         9d:80:10:25:b1:86:0c:b6:15:59:d9:71:13:1c:fd:9a:1b:89:
         98:52:ab:87:21:01:9d:11:59:1a:1a:99:d0:c9:d1:3b:f6:fb:
         d5:61:d6:69:c7:bd:88:70:4e:fe:53:84:12:75:f2:03:66:3c:
         88:20:6d:f9:8e:47:d7:4f:db:dd:e4:c8:f4:4e:36:2c:57:a1:
         87:6a:a9:be:b1:5c:90:5a:db:57:65:aa:9e:16:e2:be:22:f6:
         2d:a8:be:0a:b5:d8:e4:fe:7f:f2:4a:ef:a2:2c:dc:80:5f:7e:
         80:a1:0e:19:dc:eb:f4:f9:cd:65:1d:76:24:96:eb:de:f5:5e:
         27:7f:59:a2:51:62:29:a1:36:1f:5f:61:03:79:ed:72:d6:68:
         ec:f3:27:87:4d:54:e1:18:bd:ce:18:73:18:9b:2b:14:52:15:
         3d:fd:e3:d6:7b:2a:73:91:1c:e1:59:18:ed:3c:d6:0e:f2:88:
         6e:7c:53:85:fb:19:5e:7b:d9:5e:b1:29:60:5b:72:90:a6:a0:
         75:6c:00:a4:8b:84:68:ec:e4:99:ac:a8:db:a4:b8:15:ff:ac:
         62:4b:da:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZORgooSIK8+i2Dt6ve0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YzBhN2I0M2Q0MjkyNDkxN2E1OTA1OThiNDQzMjVlNGNj
OTJlZTQwHhcNMjQxMTIzMDUwMDUwWhcNMjQxMTI0MDUwMDUwWjAzMTEwLwYDVQQD
Eyg0ZmFiNzMzY2RkNWFmNTkyZGViYTdmNTlhMTk1MDhkOTQ0ZGJjMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhVGkgNcBDj18wJ+G/af7OMPE7Gk
DIUmTfRV5ekyAAwsAdiH8fNl5CuZybQamI7oiesw8YPL2FfoZuN15AsrM/wNzelW
Asd6qvG97IK504Z/EVNMM38IScEeQM2nFYk9O5MuCly1NN0UNkrVVuJvdLF3pdPP
05BXS2bwBZL5BNDwsI6TkXV7gpFf3Yd7bsiA/UCSYt72WNOXDCHnQ+9xpotvvZG+
rsaBobeMzC/y7HiiV4gFH0qMiM/p0ivfcPxS9MssdjTWti+PsTv6BcthbX9zQ7Dh
oUmIO1ZwrzYR4Q0YQ3QyhxKiJsjoY0gh0pZL/B47AJNShIf1qOx3Kj3SbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE+rczzdWvWS3rp/WaGVCNlE28FVMB8GA1UdIwQY
MBaAFIfAp7Q9QpJJF6WQWYtEMl5MyS7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQt
NzM1NjI1ZTBkMjk3LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hMDA4M2MtZDBhOC00ZDhhLTk0YjQtNzM1NjI1ZTBkMjk3
LzEvaDhDbnREMUNra2tYcFpCWmkwUXlYa3pKTHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmfvFUl3R
LlPjWlO7LLFa+ZMvbScuq+Kd+TontQ5wp9UklEetnYAQJbGGDLYVWdlxExz9mhuJ
mFKrhyEBnRFZGhqZ0MnRO/b71WHWace9iHBO/lOEEnXyA2Y8iCBt+Y5H10/b3eTI
9E42LFehh2qpvrFckFrbV2WqnhbiviL2Lai+CrXY5P5/8krvoizcgF9+gKEOGdzr
9PnNZR12JJbr3vVeJ39ZolFiKaE2H19hA3ntctZo7PMnh01U4Ri9zhhzGJsrFFIV
Pf3j1nsqc5Ec4VkY7TzWDvKIbnxThfsZXnvZXrEpYFtykKagdWwApIuEaOzkmayo
26S4Ff+sYkvaRg==
-----END CERTIFICATE-----