Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
File:                     pxTGIdV85C4lCT7OhXvbh146zqo.mft (raw, json)
Hash identifier:          q41D0YFQKTy5K2jIXIKcFdLgA/YRy9M1/aZqjJ/D3eM=
Subject key identifier:   75:37:4A:36:E4:4D:E9:D9:61:2E:2C:87:83:04:C0:0D:CF:48:31:3F
Authority key identifier: A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA
Certificate issuer:       /CN=a714c621d57ce42e25093ece857bdb875e3aceaa
Certificate serial:       019360D55613D2B9528D9C70F7A2ABDF4857
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
Manifest number:          43
Signing time:             Mon 25 Nov 2024 01:00:14 +0000
Manifest this update:     Mon 25 Nov 2024 01:00:14 +0000
Manifest next update:     Tue 26 Nov 2024 01:00:14 +0000
Files and hashes:         1: pxTGIdV85C4lCT7OhXvbh146zqo.crl (hash: zL1t7ekDbZ8J2lRCYKvTTxsDznOxty8WXVgrsATaW9o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 01:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:60:d5:56:13:d2:b9:52:8d:9c:70:f7:a2:ab:df:48:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a714c621d57ce42e25093ece857bdb875e3aceaa
        Validity
            Not Before: Nov 25 01:00:14 2024 GMT
            Not After : Nov 26 01:00:14 2024 GMT
        Subject: CN=75374a36e44de9d9612e2c878304c00dcf48313f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:73:72:63:22:0b:1c:fe:62:7b:b2:fa:29:22:
                    b5:c2:8a:fa:b9:6c:4a:f4:c5:34:6d:e2:3f:c3:5f:
                    8e:c2:fa:7b:7a:84:78:58:b4:ba:49:0e:56:a9:d5:
                    0c:51:6a:7f:03:04:38:8a:d7:d5:83:2b:4d:22:15:
                    96:c6:9c:c5:67:fe:70:3d:c1:b4:f4:d6:71:e4:fb:
                    b3:35:f1:73:00:9f:71:46:8e:03:13:a4:fb:54:19:
                    41:3f:9b:a6:b7:87:6f:43:e7:9d:3f:8c:fb:fb:3a:
                    29:b1:65:a1:a9:8f:eb:a3:c5:02:ac:6d:d6:9a:07:
                    e4:8d:19:14:f6:01:cd:c7:b2:8e:91:8f:80:7d:b1:
                    c9:bc:18:ed:4e:80:e6:37:cb:a0:4a:8c:9e:bd:96:
                    5a:46:44:66:87:65:32:16:6a:a2:87:63:6e:5c:09:
                    12:a0:25:fc:48:ff:7a:53:35:99:0d:d3:32:81:db:
                    2c:d8:9d:39:00:12:38:11:e1:35:3d:09:25:89:ac:
                    07:91:e9:eb:b9:83:4a:20:47:92:7a:38:c7:33:05:
                    cc:8a:7b:19:f1:f5:7a:21:c4:36:b2:f7:81:96:fd:
                    19:29:a8:f1:b1:39:ec:c2:02:9a:e3:d6:2e:82:53:
                    9a:86:01:21:69:2f:37:d9:13:98:64:66:9c:0b:1e:
                    d1:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:37:4A:36:E4:4D:E9:D9:61:2E:2C:87:83:04:C0:0D:CF:48:31:3F
            X509v3 Authority Key Identifier:
                keyid:A7:14:C6:21:D5:7C:E4:2E:25:09:3E:CE:85:7B:DB:87:5E:3A:CE:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxTGIdV85C4lCT7OhXvbh146zqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/0d2819-7c42-4a9a-8c8b-18055d2c44be/1/pxTGIdV85C4lCT7OhXvbh146zqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:d6:c6:0a:94:3b:59:f4:3d:fe:d3:87:77:8f:36:d3:0b:09:
         83:79:a0:fd:1a:70:5e:e3:b7:2a:81:55:a3:a3:15:e9:09:fb:
         21:65:0f:fd:d0:c2:07:f5:e8:a1:7b:00:69:ef:1c:6f:36:f4:
         af:64:b7:2d:5b:c9:67:3e:ec:61:dd:3f:d6:5f:66:0a:18:40:
         94:92:c3:e8:41:2e:25:56:48:51:7b:d2:0b:cf:43:ea:0a:c7:
         52:16:2e:1e:ee:04:9c:a4:5c:c8:33:7c:6f:51:01:3e:ea:d8:
         d2:ce:fe:83:2c:9d:d3:61:a7:61:d1:b2:f2:1e:1e:8e:27:16:
         c6:9f:52:c0:d8:12:d3:78:45:5a:b8:ba:3a:d8:b1:47:11:fe:
         17:f8:51:8a:da:8c:dc:aa:2c:fc:06:29:6f:ac:7e:d2:f3:97:
         5a:2f:66:a7:56:fd:c4:20:4c:7a:1e:2b:04:fe:41:87:80:b4:
         b9:e7:72:03:eb:fe:3f:8f:3f:88:fa:9c:d0:65:63:f7:78:71:
         0b:2c:7b:34:40:db:73:8e:a8:a1:08:a0:c6:a1:9c:9b:a5:6c:
         c8:c9:c7:8d:4e:43:31:57:8c:34:de:b5:29:7f:cb:cf:55:14:
         46:7c:6a:d3:cc:91:55:30:52:7a:bb:c1:62:5d:ed:8e:3c:62:
         66:5f:7e:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNg1VYT0rlSjZxw96Kr30hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MTRjNjIxZDU3Y2U0MmUyNTA5M2VjZTg1N2JkYjg3NWUz
YWNlYWEwHhcNMjQxMTI1MDEwMDE0WhcNMjQxMTI2MDEwMDE0WjAzMTEwLwYDVQQD
Eyg3NTM3NGEzNmU0NGRlOWQ5NjEyZTJjODc4MzA0YzAwZGNmNDgzMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23NyYyILHP5ie7L6KSK1wor6uWxK
9MU0beI/w1+Owvp7eoR4WLS6SQ5WqdUMUWp/AwQ4itfVgytNIhWWxpzFZ/5wPcG0
9NZx5PuzNfFzAJ9xRo4DE6T7VBlBP5umt4dvQ+edP4z7+zopsWWhqY/ro8UCrG3W
mgfkjRkU9gHNx7KOkY+AfbHJvBjtToDmN8ugSoyevZZaRkRmh2UyFmqih2NuXAkS
oCX8SP96UzWZDdMygdss2J05ABI4EeE1PQkliawHkenruYNKIEeSejjHMwXMinsZ
8fV6IcQ2sveBlv0ZKajxsTnswgKa49YuglOahgEhaS832ROYZGacCx7RYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHU3SjbkTenZYS4sh4MEwA3PSDE/MB8GA1UdIwQY
MBaAFKcUxiHVfOQuJQk+zoV724deOs6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGIt
MTgwNTVkMmM0NGJlLzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8wZDI4MTktN2M0Mi00YTlhLThjOGItMTgwNTVkMmM0NGJl
LzEvcHhUR0lkVjg1QzRsQ1Q3T2hYdmJoMTQ2enFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvNbGCpQ7
WfQ9/tOHd4820wsJg3mg/RpwXuO3KoFVo6MV6Qn7IWUP/dDCB/XooXsAae8cbzb0
r2S3LVvJZz7sYd0/1l9mChhAlJLD6EEuJVZIUXvSC89D6grHUhYuHu4EnKRcyDN8
b1EBPurY0s7+gyyd02GnYdGy8h4ejicWxp9SwNgS03hFWri6OtixRxH+F/hRitqM
3Kos/AYpb6x+0vOXWi9mp1b9xCBMeh4rBP5Bh4C0uedyA+v+P48/iPqc0GVj93hx
Cyx7NEDbc46ooQigxqGcm6VsyMnHjU5DMVeMNN61KX/Lz1UURnxq08yRVTBServB
Yl3tjjxiZl9+RQ==
-----END CERTIFICATE-----