Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          8B9OD+8xu/y0tIHKoC5Cv3caWl8ei8HGg1m8UCH+d/w=
Subject key identifier:   CA:11:9A:5C:D3:82:17:15:72:BB:F8:4A:B0:F1:CE:A9:75:15:CC:ED
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       0193568959838922ECDF339F388A3663F092
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          0E9C
Signing time:             Sat 23 Nov 2024 01:01:02 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:02 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:02 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: AD8afI3Ocf8E31L1oCvrYhHX1mGhI2gyJMoT9pIrVNw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:59:83:89:22:ec:df:33:9f:38:8a:36:63:f0:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: Nov 23 01:01:02 2024 GMT
            Not After : Nov 24 01:01:02 2024 GMT
        Subject: CN=ca119a5cd382171572bbf84ab0f1cea97515cced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ec:5a:29:5a:7f:b2:12:41:8e:0d:8a:fb:6c:
                    20:2f:26:32:0f:af:21:ef:bf:89:ca:f9:6f:e7:79:
                    a6:3c:29:db:ed:33:ca:f8:b4:80:bf:ff:b6:a7:ba:
                    f9:e3:ee:d4:a9:b5:76:1b:a9:d2:e9:d1:08:63:6b:
                    c6:38:96:40:04:8e:dd:5f:22:f0:aa:42:39:53:92:
                    3d:e2:de:f6:8f:01:3a:ae:31:53:17:aa:85:a4:ad:
                    a0:a3:27:df:0c:01:4c:e8:ec:5b:f8:ce:77:c2:8a:
                    df:e1:45:7c:21:fc:e2:2a:a7:ee:89:51:1a:3d:89:
                    d3:30:d9:c5:8c:04:1b:0d:63:34:04:04:78:1e:de:
                    5a:c2:99:0f:76:34:3b:fc:63:5c:e5:88:8a:a2:00:
                    40:16:3e:d2:7c:b9:2e:2e:a6:de:58:57:11:a2:dc:
                    21:e4:23:cb:78:73:ad:90:55:d0:89:00:25:f0:50:
                    e3:d1:8d:0e:9f:8d:f8:2c:29:b6:3c:38:9d:20:0b:
                    56:92:60:08:f5:c5:b9:63:e5:54:ef:fd:12:57:30:
                    d6:8d:33:2e:b5:c7:85:c4:b5:43:1b:43:cf:a9:87:
                    b9:10:56:89:cf:2b:3e:38:e3:64:58:f3:d5:b1:51:
                    af:fc:3d:fe:d5:a2:42:85:fe:ff:10:da:6a:cf:36:
                    e5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:11:9A:5C:D3:82:17:15:72:BB:F8:4A:B0:F1:CE:A9:75:15:CC:ED
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:47:a7:71:71:c8:88:70:66:27:09:71:a5:39:eb:21:ac:71:
         7c:60:1e:9b:95:0a:80:10:4f:46:78:12:2d:e4:25:c1:95:e6:
         b9:39:ec:c7:56:64:37:35:ea:2b:5d:36:0e:5d:f1:d6:02:0b:
         2b:94:93:16:a1:e1:0d:72:28:9d:ca:af:fd:2a:62:ba:2a:2f:
         ba:1b:14:3c:06:1d:50:68:1b:70:ca:13:c9:9f:15:12:51:22:
         91:e7:59:ae:39:91:08:14:1e:d8:22:5c:b1:ea:a0:5d:fc:74:
         89:78:2c:50:94:8a:4a:8a:3a:ff:50:5c:70:62:bf:2e:fe:b0:
         b8:9a:ab:c6:4b:2e:18:f8:90:20:6d:ba:8c:a4:f1:45:a6:38:
         0d:66:6c:c2:e8:26:cc:5c:48:ba:b0:71:1b:cc:e7:b0:c5:4f:
         89:69:f3:81:b8:00:9e:76:c9:2e:8e:22:5b:1a:7b:d9:5c:89:
         f1:40:ca:a5:cd:1d:1a:eb:ca:8d:3c:88:c4:e0:63:58:b1:d8:
         6f:04:c5:c8:52:ce:1a:d6:a0:1a:3a:68:d1:76:e2:24:0c:2e:
         19:b9:f6:28:5c:dd:7e:37:de:2c:cd:d2:2a:1d:bf:52:33:30:
         f4:8a:e0:61:8c:2a:c6:76:19:b2:ba:f7:41:9c:fc:db:d9:15:
         a9:1c:94:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiVmDiSLs3zOfOIo2Y/CSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjQxMTIzMDEwMTAyWhcNMjQxMTI0MDEwMTAyWjAzMTEwLwYDVQQD
EyhjYTExOWE1Y2QzODIxNzE1NzJiYmY4NGFiMGYxY2VhOTc1MTVjY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5exaKVp/shJBjg2K+2wgLyYyD68h
77+Jyvlv53mmPCnb7TPK+LSAv/+2p7r54+7UqbV2G6nS6dEIY2vGOJZABI7dXyLw
qkI5U5I94t72jwE6rjFTF6qFpK2goyffDAFM6Oxb+M53worf4UV8IfziKqfuiVEa
PYnTMNnFjAQbDWM0BAR4Ht5awpkPdjQ7/GNc5YiKogBAFj7SfLkuLqbeWFcRotwh
5CPLeHOtkFXQiQAl8FDj0Y0On434LCm2PDidIAtWkmAI9cW5Y+VU7/0SVzDWjTMu
tceFxLVDG0PPqYe5EFaJzys+OONkWPPVsVGv/D3+1aJChf7/ENpqzzblvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMoRmlzTghcVcrv4SrDxzql1FcztMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABUencXHI
iHBmJwlxpTnrIaxxfGAem5UKgBBPRngSLeQlwZXmuTnsx1ZkNzXqK102Dl3x1gIL
K5STFqHhDXIoncqv/SpiuiovuhsUPAYdUGgbcMoTyZ8VElEikedZrjmRCBQe2CJc
seqgXfx0iXgsUJSKSoo6/1BccGK/Lv6wuJqrxksuGPiQIG26jKTxRaY4DWZswugm
zFxIurBxG8znsMVPiWnzgbgAnnbJLo4iWxp72VyJ8UDKpc0dGuvKjTyIxOBjWLHY
bwTFyFLOGtagGjpo0XbiJAwuGbn2KFzdfjfeLM3SKh2/UjMw9IrgYYwqxnYZsrr3
QZz829kVqRyU7A==
-----END CERTIFICATE-----