Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
File:                     AFA0jPYGQvVOyQck3niqoD3NOOE.mft (raw, json)
Hash identifier:          MCgnDs2hMtRxKvDqwMkYbfjlVlXcCGv6SDExWQZLfFo=
Subject key identifier:   F9:50:22:88:7B:B7:CF:1E:53:C3:14:D0:A5:FC:AF:41:4F:FA:85:5E
Authority key identifier: 00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1
Certificate issuer:       /CN=0050348cf60642f54ec90724de78aaa03dcd38e1
Certificate serial:       0194064654C9C22AA6567D98FEDD8AB41A0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
Manifest number:          0B77
Signing time:             Fri 27 Dec 2024 04:00:59 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:59 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:59 +0000
Files and hashes:         1: AFA0jPYGQvVOyQck3niqoD3NOOE.crl (hash: LpZ1re25Zwcks0EBQQ2I6h91bEHTD6FrGJt+JlhMpVA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:54:c9:c2:2a:a6:56:7d:98:fe:dd:8a:b4:1a:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0050348cf60642f54ec90724de78aaa03dcd38e1
        Validity
            Not Before: Dec 27 04:00:59 2024 GMT
            Not After : Dec 28 04:00:59 2024 GMT
        Subject: CN=f95022887bb7cf1e53c314d0a5fcaf414ffa855e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:39:61:ea:13:13:d8:e2:7c:9c:10:b3:d9:08:
                    e0:33:ec:10:e7:d3:ec:6c:47:48:8c:d3:dd:1e:39:
                    d8:20:c7:cc:80:78:64:9c:e8:6b:01:8d:25:87:aa:
                    4b:be:97:69:dc:fb:7c:9d:f5:b5:ad:d4:7c:9e:56:
                    81:fc:10:92:9c:41:75:2c:f4:f7:96:81:54:9e:d0:
                    63:2e:18:e8:3d:f2:3a:13:ab:c1:ca:ed:c1:03:72:
                    52:f9:10:c0:ed:07:18:f4:fa:5c:fd:d7:35:98:78:
                    9e:23:bc:ac:fd:03:63:f4:d4:64:69:d1:06:9b:7b:
                    80:cb:bc:e4:79:f5:72:bd:90:f5:bc:90:77:93:64:
                    57:de:68:4c:91:a5:be:61:94:0a:39:b5:7b:f0:ae:
                    3c:8d:be:7e:1b:d9:67:8e:35:d7:42:a5:c3:b8:2e:
                    e9:8a:7b:8a:96:2c:c4:b0:57:06:78:cf:d7:6a:74:
                    dc:1e:e0:11:e1:db:3a:4c:68:7b:f1:9e:23:31:97:
                    e9:b3:50:46:12:4a:d9:8f:f1:94:12:29:31:2c:ca:
                    7d:f5:5f:14:22:b8:ef:a2:0e:34:93:b1:60:83:80:
                    0d:3c:3f:df:6d:32:4b:80:7e:33:26:fe:e7:0c:ee:
                    03:9d:94:83:5c:a2:b0:ef:ee:39:8d:dd:67:71:cd:
                    15:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:50:22:88:7B:B7:CF:1E:53:C3:14:D0:A5:FC:AF:41:4F:FA:85:5E
            X509v3 Authority Key Identifier:
                keyid:00:50:34:8C:F6:06:42:F5:4E:C9:07:24:DE:78:AA:A0:3D:CD:38:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AFA0jPYGQvVOyQck3niqoD3NOOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/f124b2-474e-45a0-b73a-e54b06a93526/1/AFA0jPYGQvVOyQck3niqoD3NOOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:0f:76:22:b3:99:f7:1f:66:2a:fe:79:db:78:dd:d8:44:5c:
         6a:ce:4d:0e:1d:96:b6:19:3f:ea:9d:f2:31:f6:8a:21:e6:07:
         3e:2b:25:82:a2:cb:01:f1:0b:2b:a8:87:3f:72:0e:1d:f0:e6:
         78:98:f0:d8:d9:0d:c1:58:36:e2:1c:47:e1:24:a3:93:63:ad:
         1a:e2:af:fd:c4:a8:11:7e:5f:d3:10:e2:c2:8c:dc:65:aa:10:
         ba:b1:e7:38:74:40:33:ef:31:c6:1b:ad:ce:aa:90:ea:0b:f9:
         ea:28:12:9f:0e:e0:09:b2:08:1f:93:ef:65:6a:75:7e:9b:f8:
         a2:b0:73:8c:3a:a0:fe:45:09:3d:09:07:1c:d5:3a:71:dd:a2:
         f1:8d:14:31:37:92:6b:e3:06:a4:ff:a9:1b:0d:a1:16:4b:e2:
         a3:bd:34:57:a4:71:62:14:cc:70:bc:6d:9e:a2:c0:95:06:87:
         d8:3f:77:81:e0:76:5b:9f:2a:68:02:66:15:76:6b:9a:80:d1:
         90:6d:4d:50:99:04:44:ea:b0:66:35:2b:43:d7:cc:bc:88:f8:
         1b:7d:4a:13:98:ff:f6:b3:fa:26:a4:e0:8b:75:24:38:ba:db:
         eb:6f:0b:78:86:42:31:fd:f2:a1:41:9e:a7:93:2b:c0:79:46:
         80:31:a1:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRlTJwiqmVn2Y/t2KtBoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNTAzNDhjZjYwNjQyZjU0ZWM5MDcyNGRlNzhhYWEwM2Rj
ZDM4ZTEwHhcNMjQxMjI3MDQwMDU5WhcNMjQxMjI4MDQwMDU5WjAzMTEwLwYDVQQD
EyhmOTUwMjI4ODdiYjdjZjFlNTNjMzE0ZDBhNWZjYWY0MTRmZmE4NTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszlh6hMT2OJ8nBCz2QjgM+wQ59Ps
bEdIjNPdHjnYIMfMgHhknOhrAY0lh6pLvpdp3Pt8nfW1rdR8nlaB/BCSnEF1LPT3
loFUntBjLhjoPfI6E6vByu3BA3JS+RDA7QcY9Ppc/dc1mHieI7ys/QNj9NRkadEG
m3uAy7zkefVyvZD1vJB3k2RX3mhMkaW+YZQKObV78K48jb5+G9lnjjXXQqXDuC7p
inuKlizEsFcGeM/XanTcHuAR4ds6TGh78Z4jMZfps1BGEkrZj/GUEikxLMp99V8U
Irjvog40k7Fgg4ANPD/fbTJLgH4zJv7nDO4DnZSDXKKw7+45jd1ncc0VtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlQIoh7t88eU8MU0KX8r0FP+oVeMB8GA1UdIwQY
MBaAFABQNIz2BkL1TskHJN54qqA9zTjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2Et
ZTU0YjA2YTkzNTI2LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mMTI0YjItNDc0ZS00NWEwLWI3M2EtZTU0YjA2YTkzNTI2
LzEvQUZBMGpQWUdRdlZPeVFjazNuaXFvRDNOT09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAA92IrOZ
9x9mKv5523jd2ERcas5NDh2Wthk/6p3yMfaKIeYHPislgqLLAfELK6iHP3IOHfDm
eJjw2NkNwVg24hxH4SSjk2OtGuKv/cSoEX5f0xDiwozcZaoQurHnOHRAM+8xxhut
zqqQ6gv56igSnw7gCbIIH5PvZWp1fpv4orBzjDqg/kUJPQkHHNU6cd2i8Y0UMTeS
a+MGpP+pGw2hFkvio700V6RxYhTMcLxtnqLAlQaH2D93geB2W58qaAJmFXZrmoDR
kG1NUJkEROqwZjUrQ9fMvIj4G31KE5j/9rP6JqTgi3UkOLrb628LeIZCMf3yoUGe
p5MrwHlGgDGh5Q==
-----END CERTIFICATE-----