Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
File:                     aEdQ3w66d01LTWROyOM1CPj1OP4.mft (raw, json)
Hash identifier:          MjM0CO9DYq+kNVYCrs/SRdwmYfk9AodKYQOMHGrFsxM=
Subject key identifier:   9B:81:AF:51:D2:7C:8B:A1:B1:BB:F9:9A:FF:37:F4:30:C4:1A:AA:9B
Authority key identifier: 68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE
Certificate issuer:       /CN=684750df0eba774d4b4d644ec8e33508f8f538fe
Certificate serial:       0193572DEF43066A32D32F5B24F3E2F062F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
Manifest number:          041A
Signing time:             Sat 23 Nov 2024 04:00:48 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:48 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:48 +0000
Files and hashes:         1: aEdQ3w66d01LTWROyOM1CPj1OP4.crl (hash: 8/zB93+Yh2bj24rNsBv4HEeu82TLL0Q76oC2xEU2ne4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:ef:43:06:6a:32:d3:2f:5b:24:f3:e2:f0:62:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=684750df0eba774d4b4d644ec8e33508f8f538fe
        Validity
            Not Before: Nov 23 04:00:48 2024 GMT
            Not After : Nov 24 04:00:48 2024 GMT
        Subject: CN=9b81af51d27c8ba1b1bbf99aff37f430c41aaa9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:dc:bd:7f:6e:5b:d5:6f:70:01:3a:92:3a:d3:
                    52:5e:53:df:6e:69:7d:95:4e:6a:40:1d:a7:57:56:
                    f8:15:bc:41:c7:ef:c5:99:b4:f7:21:bf:fe:f0:45:
                    86:77:c8:20:62:0b:fa:38:47:8c:a7:a5:6c:bb:32:
                    a5:71:57:af:a7:5a:bb:46:cb:02:2f:f5:21:48:d7:
                    05:02:a3:e7:5a:7e:ba:c3:c3:ce:2e:01:db:e6:99:
                    51:14:11:83:57:13:48:36:c2:43:11:8a:82:c1:98:
                    9d:65:f0:3b:27:b5:d5:8a:3b:45:2b:0f:47:8f:53:
                    fa:f2:35:c2:ce:70:a9:0c:35:14:89:cf:53:47:a1:
                    5d:58:13:85:c3:3f:09:46:cc:07:64:0f:0e:df:b5:
                    ec:ae:99:23:2a:ad:ab:4e:dc:75:8c:d9:2d:48:29:
                    3f:67:5d:2f:70:fb:19:7b:4f:91:d2:ac:46:57:5f:
                    06:67:c8:70:53:87:a1:3a:51:46:51:66:95:85:45:
                    96:81:84:a8:34:f3:21:56:1d:25:25:82:a8:0c:37:
                    4b:09:7c:8b:a4:0e:2d:36:d8:e2:6f:24:ed:4d:11:
                    b0:8b:5f:2d:07:e8:89:12:12:fc:e3:17:d5:92:3f:
                    5d:62:9f:19:d6:6c:36:01:2c:75:09:32:22:bf:1d:
                    75:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:81:AF:51:D2:7C:8B:A1:B1:BB:F9:9A:FF:37:F4:30:C4:1A:AA:9B
            X509v3 Authority Key Identifier:
                keyid:68:47:50:DF:0E:BA:77:4D:4B:4D:64:4E:C8:E3:35:08:F8:F5:38:FE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aEdQ3w66d01LTWROyOM1CPj1OP4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9901fe-52c1-4d5b-9e0f-d325f6863343/1/aEdQ3w66d01LTWROyOM1CPj1OP4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:6c:8b:9a:af:da:c2:e0:f7:a3:b5:af:fd:f8:43:aa:73:f1:
         91:54:78:3c:88:7a:e9:20:15:6f:64:22:d9:c8:93:14:66:db:
         c5:9d:60:7d:78:c8:cc:f7:bf:1f:e1:31:7e:f0:0f:d1:71:7f:
         b8:e5:ff:63:4f:d7:d4:1f:4c:94:2e:49:59:c0:0f:e3:35:bc:
         40:23:cb:fe:ac:b5:71:fa:61:b8:85:1a:0b:a3:37:82:86:2b:
         35:9e:aa:f9:17:a6:c2:5e:61:2b:ac:51:e0:63:db:b7:0f:5d:
         e4:05:6b:1f:0e:d0:ad:cc:0b:73:f2:d5:de:c7:92:bf:66:f8:
         16:9c:22:b2:26:62:68:b5:f1:18:51:49:1b:c4:29:b7:aa:61:
         06:ab:26:b1:40:78:9b:ab:54:37:e8:23:92:bf:18:24:88:52:
         9a:14:e5:35:ee:5c:14:f3:3c:c9:de:12:17:11:11:d3:f6:b5:
         39:e7:5b:10:8a:96:0a:f6:b4:23:28:b7:8c:1d:89:4d:42:24:
         3f:36:20:27:a6:92:44:5c:e8:ae:03:5a:e5:29:c8:92:e5:56:
         02:b1:c0:0c:dd:6b:5a:93:6e:a4:6b:69:dd:6f:8e:35:92:9b:
         02:03:c8:82:bb:8a:90:8e:59:71:13:b5:8d:d3:f8:ff:5a:df:
         07:24:24:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLe9DBmoy0y9bJPPi8GL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NDc1MGRmMGViYTc3NGQ0YjRkNjQ0ZWM4ZTMzNTA4Zjhm
NTM4ZmUwHhcNMjQxMTIzMDQwMDQ4WhcNMjQxMTI0MDQwMDQ4WjAzMTEwLwYDVQQD
Eyg5YjgxYWY1MWQyN2M4YmExYjFiYmY5OWFmZjM3ZjQzMGM0MWFhYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdy9f25b1W9wATqSOtNSXlPfbml9
lU5qQB2nV1b4FbxBx+/FmbT3Ib/+8EWGd8ggYgv6OEeMp6VsuzKlcVevp1q7RssC
L/UhSNcFAqPnWn66w8POLgHb5plRFBGDVxNINsJDEYqCwZidZfA7J7XVijtFKw9H
j1P68jXCznCpDDUUic9TR6FdWBOFwz8JRswHZA8O37XsrpkjKq2rTtx1jNktSCk/
Z10vcPsZe0+R0qxGV18GZ8hwU4ehOlFGUWaVhUWWgYSoNPMhVh0lJYKoDDdLCXyL
pA4tNtjibyTtTRGwi18tB+iJEhL84xfVkj9dYp8Z1mw2ASx1CTIivx11wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJuBr1HSfIuhsbv5mv839DDEGqqbMB8GA1UdIwQY
MBaAFGhHUN8OundNS01kTsjjNQj49Tj+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYt
ZDMyNWY2ODYzMzQzLzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85OTAxZmUtNTJjMS00ZDViLTllMGYtZDMyNWY2ODYzMzQz
LzEvYUVkUTN3NjZkMDFMVFdST3lPTTFDUGoxT1A0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARmyLmq/a
wuD3o7Wv/fhDqnPxkVR4PIh66SAVb2Qi2ciTFGbbxZ1gfXjIzPe/H+ExfvAP0XF/
uOX/Y0/X1B9MlC5JWcAP4zW8QCPL/qy1cfphuIUaC6M3goYrNZ6q+Remwl5hK6xR
4GPbtw9d5AVrHw7QrcwLc/LV3seSv2b4FpwisiZiaLXxGFFJG8Qpt6phBqsmsUB4
m6tUN+gjkr8YJIhSmhTlNe5cFPM8yd4SFxER0/a1OedbEIqWCva0Iyi3jB2JTUIk
PzYgJ6aSRFzorgNa5SnIkuVWArHADN1rWpNupGtp3W+ONZKbAgPIgruKkI5ZcRO1
jdP4/1rfByQkwA==
-----END CERTIFICATE-----