Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
File:                     u8v1S15m1hoXV2yMc2vyZy47mho.mft (raw, json)
Hash identifier:          LA/31D6MWwuJhftA8uOB4h2OsDlGM4vcTSpvdU3tvf0=
Subject key identifier:   91:60:B6:84:0A:17:2A:D7:30:52:8E:D5:D8:2A:0F:BD:F2:FF:ED:82
Authority key identifier: BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A
Certificate issuer:       /CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
Certificate serial:       01935764C5D41795590EB6389E46661C72E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
Manifest number:          04D3
Signing time:             Sat 23 Nov 2024 05:00:42 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:42 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:42 +0000
Files and hashes:         1: u8v1S15m1hoXV2yMc2vyZy47mho.crl (hash: GTTtsDDYYm4aSFUC0kVsM5YdXBkBeZk4CAa6ZetCx2w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:c5:d4:17:95:59:0e:b6:38:9e:46:66:1c:72:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bbcbf54b5e66d61a17576c8c736bf2672e3b9a1a
        Validity
            Not Before: Nov 23 05:00:42 2024 GMT
            Not After : Nov 24 05:00:42 2024 GMT
        Subject: CN=9160b6840a172ad730528ed5d82a0fbdf2ffed82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:91:c6:10:64:df:5f:c2:0e:2a:57:f7:f4:bd:
                    36:9a:24:d0:53:b6:b8:97:5b:17:fd:ec:87:bc:2f:
                    2b:1d:1f:98:f0:55:56:f5:9e:32:13:70:86:21:78:
                    62:fc:26:f6:cb:fa:d6:77:46:21:d5:29:59:c3:09:
                    e3:71:b5:31:de:73:28:16:f5:74:0d:b0:06:c0:20:
                    31:26:19:4e:34:aa:d9:2e:93:39:d0:25:2c:a9:4e:
                    f3:a0:29:d4:b1:4f:f8:83:bc:5f:c7:f2:ca:21:29:
                    33:4b:4a:a4:f3:b6:91:80:c2:e7:65:61:35:cc:87:
                    00:7c:5e:21:fc:9c:6b:40:1d:d5:af:c5:eb:1b:c6:
                    54:e0:79:1c:1b:c1:ad:b9:f5:1b:7d:ac:5c:d1:1f:
                    fc:1a:32:02:ee:98:0f:2c:ea:72:9d:03:cd:c7:5d:
                    7b:9a:2d:31:29:e2:2f:65:8d:8f:79:a6:2c:08:36:
                    6a:d9:58:8b:f8:ce:7d:db:a1:76:d7:26:57:52:0a:
                    bc:b8:93:c2:f9:03:db:6d:85:8a:0b:2c:81:98:e9:
                    7d:a0:96:7c:2d:ee:8c:18:b8:14:70:b3:cc:5d:63:
                    c1:16:7b:7e:22:35:25:25:92:86:ce:55:0b:af:90:
                    33:6a:43:04:71:d9:71:39:9c:7b:7e:ec:74:eb:ce:
                    57:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:60:B6:84:0A:17:2A:D7:30:52:8E:D5:D8:2A:0F:BD:F2:FF:ED:82
            X509v3 Authority Key Identifier:
                keyid:BB:CB:F5:4B:5E:66:D6:1A:17:57:6C:8C:73:6B:F2:67:2E:3B:9A:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8v1S15m1hoXV2yMc2vyZy47mho.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/916742-51f9-4eb4-a195-29fd80ba4bf1/1/u8v1S15m1hoXV2yMc2vyZy47mho.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:3e:84:bb:53:b9:95:14:13:16:df:14:76:82:46:69:35:67:
         96:8e:1b:22:42:61:75:15:b5:10:3b:95:8e:89:2d:74:3f:b8:
         7f:88:88:65:72:14:4b:8d:12:fa:7e:d7:43:14:44:68:06:b7:
         e5:ce:ff:79:0a:38:92:6b:ce:d0:b7:e8:46:cf:6b:10:da:ee:
         35:f8:3d:54:1c:f6:e3:cd:d9:d9:36:ff:d3:38:76:fb:cf:8c:
         f7:84:72:60:79:9a:22:c3:ab:53:2d:ba:8e:33:f1:81:8e:b7:
         4c:7a:a8:22:af:52:25:08:2b:c7:d3:26:3d:a1:63:d8:69:37:
         41:d3:63:6c:e2:11:e2:f5:9a:59:98:67:bb:77:c5:43:f0:cc:
         fa:ca:f0:8d:20:a2:80:10:65:5d:0b:d7:af:f2:b5:23:67:ca:
         e9:66:7b:c4:ed:44:49:75:c9:38:35:9e:15:7c:77:d7:c5:c6:
         28:91:cc:48:4c:98:93:93:3d:52:98:71:d2:fd:d4:5a:9f:ce:
         a8:80:32:a9:5c:c7:e4:f6:f7:9f:05:63:b6:db:40:92:54:c8:
         6d:97:0a:fb:aa:88:8b:1b:6c:a9:9a:54:b1:dd:50:4d:77:93:
         d3:39:5c:4d:80:7b:90:9c:5c:d8:a0:76:b1:b0:ce:35:bf:54:
         19:7f:cb:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZMXUF5VZDrY4nkZmHHLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2JmNTRiNWU2NmQ2MWExNzU3NmM4YzczNmJmMjY3MmUz
YjlhMWEwHhcNMjQxMTIzMDUwMDQyWhcNMjQxMTI0MDUwMDQyWjAzMTEwLwYDVQQD
Eyg5MTYwYjY4NDBhMTcyYWQ3MzA1MjhlZDVkODJhMGZiZGYyZmZlZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25HGEGTfX8IOKlf39L02miTQU7a4
l1sX/eyHvC8rHR+Y8FVW9Z4yE3CGIXhi/Cb2y/rWd0Yh1SlZwwnjcbUx3nMoFvV0
DbAGwCAxJhlONKrZLpM50CUsqU7zoCnUsU/4g7xfx/LKISkzS0qk87aRgMLnZWE1
zIcAfF4h/JxrQB3Vr8XrG8ZU4HkcG8GtufUbfaxc0R/8GjIC7pgPLOpynQPNx117
mi0xKeIvZY2PeaYsCDZq2ViL+M5926F21yZXUgq8uJPC+QPbbYWKCyyBmOl9oJZ8
Le6MGLgUcLPMXWPBFnt+IjUlJZKGzlULr5AzakMEcdlxOZx7fux0685XLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFgtoQKFyrXMFKO1dgqD73y/+2CMB8GA1UdIwQY
MBaAFLvL9UteZtYaF1dsjHNr8mcuO5oaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUt
MjlmZDgwYmE0YmYxLzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85MTY3NDItNTFmOS00ZWI0LWExOTUtMjlmZDgwYmE0YmYx
LzEvdTh2MVMxNW0xaG9YVjJ5TWMydnlaeTQ3bWhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWz6Eu1O5
lRQTFt8UdoJGaTVnlo4bIkJhdRW1EDuVjoktdD+4f4iIZXIUS40S+n7XQxREaAa3
5c7/eQo4kmvO0LfoRs9rENruNfg9VBz2483Z2Tb/0zh2+8+M94RyYHmaIsOrUy26
jjPxgY63THqoIq9SJQgrx9MmPaFj2Gk3QdNjbOIR4vWaWZhnu3fFQ/DM+srwjSCi
gBBlXQvXr/K1I2fK6WZ7xO1ESXXJODWeFXx318XGKJHMSEyYk5M9Uphx0v3UWp/O
qIAyqVzH5Pb3nwVjtttAklTIbZcK+6qIixtsqZpUsd1QTXeT0zlcTYB7kJxc2KB2
sbDONb9UGX/L8Q==
-----END CERTIFICATE-----