Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
File:                     XKiGCq68SoHT0ibUI4c-M8OICqo.mft (raw, json)
Hash identifier:          FJIuPEl4Qc8Aa7qoQgH91wQmW2Vn1fvJU9H/pkyERM4=
Subject key identifier:   77:34:82:09:32:10:A2:6D:45:21:34:37:8B:94:85:E0:14:1E:47:B1
Authority key identifier: 5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA
Certificate issuer:       /CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
Certificate serial:       019369D9C228A2039B05E366ADD6016EEA3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
Manifest number:          07F3
Signing time:             Tue 26 Nov 2024 19:01:38 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:38 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:38 +0000
Files and hashes:         1: XKiGCq68SoHT0ibUI4c-M8OICqo.crl (hash: Aq67fHeC5ugFNZhdr1eKjVlM/5oqNSoDosCt83AGFoc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:c2:28:a2:03:9b:05:e3:66:ad:d6:01:6e:ea:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ca8860aaebc4a81d3d226d423873e33c3880aaa
        Validity
            Not Before: Nov 26 19:01:38 2024 GMT
            Not After : Nov 27 19:01:38 2024 GMT
        Subject: CN=773482093210a26d452134378b9485e0141e47b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:89:98:5c:55:99:63:df:5f:f7:89:b9:c7:b1:
                    88:9a:8c:9a:07:c2:2e:71:d0:ee:b6:c0:22:5a:e0:
                    32:c4:0c:be:9f:46:f9:c3:cf:18:9d:b1:5e:f8:a6:
                    84:7a:be:e7:a6:25:f0:74:c6:a2:20:f8:f7:be:32:
                    3a:9d:f8:ce:33:1c:c6:00:4f:9a:15:23:02:e1:02:
                    f1:2f:22:c6:e4:eb:66:94:e5:91:a7:a8:a7:90:68:
                    f5:bc:df:85:3f:d1:f9:91:e1:46:50:ae:93:03:7d:
                    72:ce:53:ed:68:6a:70:d7:6b:b0:ff:a4:77:32:83:
                    68:d6:33:4a:12:2c:c7:6e:f3:0f:81:2b:2b:32:41:
                    32:f6:49:3e:42:7f:02:92:d4:e9:bc:92:40:e9:f6:
                    f7:14:e4:d2:d4:e1:66:b4:1c:c3:7a:23:06:85:75:
                    57:b0:79:a3:9d:e6:7b:19:82:51:2b:fb:49:03:30:
                    91:73:b6:db:0c:3a:98:b9:18:af:2e:c0:cd:33:4d:
                    e3:aa:cf:f1:61:7c:81:a1:57:51:6b:63:a6:23:1d:
                    7f:98:d2:9a:ca:0a:7e:0f:bd:ec:65:9b:b4:63:15:
                    8f:ba:82:24:8c:db:fa:57:63:06:77:cf:3f:6b:1e:
                    bc:ad:4b:00:d7:05:72:8a:93:58:26:9c:46:b3:f6:
                    19:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:34:82:09:32:10:A2:6D:45:21:34:37:8B:94:85:E0:14:1E:47:B1
            X509v3 Authority Key Identifier:
                keyid:5C:A8:86:0A:AE:BC:4A:81:D3:D2:26:D4:23:87:3E:33:C3:88:0A:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XKiGCq68SoHT0ibUI4c-M8OICqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/7980b4-cd44-4597-857d-62d13b031419/1/XKiGCq68SoHT0ibUI4c-M8OICqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:c7:31:ba:11:7b:13:39:b6:a0:55:41:cd:e0:e8:aa:57:dd:
         5a:a4:38:80:1e:01:f3:39:f2:f3:90:e3:a2:6b:cc:f1:f2:0a:
         2f:41:f1:05:a1:e9:8f:62:0a:34:83:bd:c1:ce:23:bb:59:11:
         df:7b:7e:c2:76:43:3e:a4:f7:2a:6e:2d:25:ed:e4:46:53:36:
         98:d9:a0:5b:d5:7e:e3:d4:6f:de:4a:12:12:2c:65:a1:5e:98:
         1b:d0:28:a3:0a:e7:14:59:00:69:a6:4c:3e:0e:5e:8c:e7:15:
         bd:be:ba:bb:b7:57:4e:b0:29:65:cd:99:68:65:f0:ca:a5:86:
         13:a7:36:b0:4e:ef:bd:d3:71:87:c7:7f:02:d3:4d:f8:85:ef:
         51:23:5b:1f:f3:e9:e4:4e:b3:2c:46:e6:14:c3:4c:bc:f6:2a:
         f4:69:f6:e8:73:89:b5:58:4f:5b:44:7c:e3:2f:d1:ce:9e:93:
         f4:57:d3:cc:fa:46:84:08:f0:66:98:52:53:ed:5d:bd:64:b9:
         dc:35:0e:a3:17:3c:3b:47:c5:70:8e:14:b1:90:bf:da:73:a2:
         92:35:93:99:91:cb:d8:13:79:d2:fc:5f:b3:29:7b:a2:fd:35:
         b1:b7:00:b2:1b:86:e3:ef:e1:fa:b3:f7:a0:83:14:d7:5c:16:
         75:0a:0c:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2cIoogObBeNmrdYBbuo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYTg4NjBhYWViYzRhODFkM2QyMjZkNDIzODczZTMzYzM4
ODBhYWEwHhcNMjQxMTI2MTkwMTM4WhcNMjQxMTI3MTkwMTM4WjAzMTEwLwYDVQQD
Eyg3NzM0ODIwOTMyMTBhMjZkNDUyMTM0Mzc4Yjk0ODVlMDE0MWU0N2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmImYXFWZY99f94m5x7GImoyaB8Iu
cdDutsAiWuAyxAy+n0b5w88YnbFe+KaEer7npiXwdMaiIPj3vjI6nfjOMxzGAE+a
FSMC4QLxLyLG5OtmlOWRp6inkGj1vN+FP9H5keFGUK6TA31yzlPtaGpw12uw/6R3
MoNo1jNKEizHbvMPgSsrMkEy9kk+Qn8CktTpvJJA6fb3FOTS1OFmtBzDeiMGhXVX
sHmjneZ7GYJRK/tJAzCRc7bbDDqYuRivLsDNM03jqs/xYXyBoVdRa2OmIx1/mNKa
ygp+D73sZZu0YxWPuoIkjNv6V2MGd88/ax68rUsA1wVyipNYJpxGs/YZCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHc0ggkyEKJtRSE0N4uUheAUHkexMB8GA1UdIwQY
MBaAFFyohgquvEqB09Im1COHPjPDiAqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2Qt
NjJkMTNiMDMxNDE5LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC83OTgwYjQtY2Q0NC00NTk3LTg1N2QtNjJkMTNiMDMxNDE5
LzEvWEtpR0NxNjhTb0hUMGliVUk0Yy1NOE9JQ3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU8cxuhF7
Ezm2oFVBzeDoqlfdWqQ4gB4B8zny85DjomvM8fIKL0HxBaHpj2IKNIO9wc4ju1kR
33t+wnZDPqT3Km4tJe3kRlM2mNmgW9V+49Rv3koSEixloV6YG9AoowrnFFkAaaZM
Pg5ejOcVvb66u7dXTrApZc2ZaGXwyqWGE6c2sE7vvdNxh8d/AtNN+IXvUSNbH/Pp
5E6zLEbmFMNMvPYq9Gn26HOJtVhPW0R84y/Rzp6T9FfTzPpGhAjwZphSU+1dvWS5
3DUOoxc8O0fFcI4UsZC/2nOikjWTmZHL2BN50vxfsyl7ov01sbcAshuG4+/h+rP3
oIMU11wWdQoMEg==
-----END CERTIFICATE-----