Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          hORzMDKBKzg7BRkG+91Gdxqwmyf8TmSa/DW0ySGqCf0=
Subject key identifier:   26:09:06:0B:FC:5F:C4:C4:C1:31:2B:EE:26:8A:5A:A4:5F:A9:24:A6
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       0193609F11B2FEDC484DB99E8705E417614B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          03C2
Signing time:             Mon 25 Nov 2024 00:00:57 +0000
Manifest this update:     Mon 25 Nov 2024 00:00:57 +0000
Manifest next update:     Tue 26 Nov 2024 00:00:57 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: ZcFg0S9pmXJL9ZqaNCJWNadU6uLh+Qbile73LSCuN20=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 00:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:60:9f:11:b2:fe:dc:48:4d:b9:9e:87:05:e4:17:61:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Nov 25 00:00:57 2024 GMT
            Not After : Nov 26 00:00:57 2024 GMT
        Subject: CN=2609060bfc5fc4c4c1312bee268a5aa45fa924a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:44:78:75:b7:91:b6:45:63:0d:c5:43:9f:a0:
                    b0:58:e9:43:ef:6e:85:25:69:e0:90:e3:2e:88:7e:
                    76:f2:5c:e8:36:ab:d7:49:41:26:85:f9:6f:fb:11:
                    47:2f:65:2c:01:2a:e6:6e:90:a8:fe:84:5a:42:4c:
                    3b:5a:27:68:d6:b5:66:7e:40:73:99:9d:cc:aa:4c:
                    11:2c:dc:16:07:c4:f0:69:60:8b:17:67:8d:5b:08:
                    38:b3:2e:8b:90:f2:89:1f:4f:24:4d:c4:3d:cf:c7:
                    0f:c4:e5:8f:20:73:02:a4:6d:37:b8:96:d0:05:13:
                    b4:b4:c6:09:ac:fc:e8:9e:1a:3e:d7:a0:21:ef:4e:
                    1b:ab:f6:a4:c6:0a:50:02:6e:32:04:d8:f4:57:0f:
                    b6:0a:21:f0:da:c3:6d:2d:88:0e:50:95:0b:80:3b:
                    27:66:c3:33:11:9a:01:e9:11:89:be:b8:6c:f4:d2:
                    7b:96:99:e6:3f:e0:6a:ff:cd:fb:ab:ea:97:2f:fc:
                    3a:f8:74:5f:ee:c3:1e:e9:56:f0:d9:82:fd:fa:1d:
                    bf:b0:84:9d:10:24:50:9a:37:5d:84:96:e5:50:04:
                    a6:27:ba:97:66:4a:b7:35:f5:e3:13:18:f4:fd:ca:
                    ee:34:2c:0a:9c:cb:40:f8:9d:5b:4a:5e:ae:c3:04:
                    9b:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:09:06:0B:FC:5F:C4:C4:C1:31:2B:EE:26:8A:5A:A4:5F:A9:24:A6
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:53:50:11:93:af:d1:da:21:5a:c4:2d:58:0d:ad:16:de:3b:
         b4:bf:bb:71:2d:69:f5:b5:f9:b9:04:3b:f6:a6:9e:8c:95:66:
         2b:1b:24:fd:24:83:f0:57:78:71:66:94:8e:bf:e5:83:5b:87:
         fc:03:45:0b:ee:d3:e6:b5:16:0c:c3:8f:16:99:02:42:e3:7b:
         1d:8e:19:50:48:15:32:ae:ed:51:36:60:c9:1e:ec:9d:c8:af:
         58:6e:72:d7:d2:25:d8:09:63:e6:aa:8d:d0:0a:ac:df:99:41:
         fe:8e:73:e2:d4:f0:a3:4f:c5:a3:79:c8:6f:9b:8f:b2:bc:4f:
         d0:f7:d0:3d:6f:9e:39:4d:0c:ef:79:cb:11:57:42:42:d7:93:
         ee:d2:9a:c0:38:03:25:2c:92:36:21:92:2f:89:b3:1b:2d:5b:
         6d:2b:5e:2b:92:33:2e:0e:07:f6:49:5d:24:a4:e1:1c:63:54:
         88:e9:19:82:b2:e9:9e:5c:07:1b:de:19:2e:a6:f5:36:b2:d6:
         dd:13:27:de:d9:3a:44:35:81:fd:ec:4a:f2:fa:a9:85:d6:57:
         97:50:6c:8a:be:39:f4:f6:13:f3:9b:fb:c8:24:3d:13:a9:38:
         f5:4c:27:e1:70:f9:4b:0e:94:2d:47:38:30:8b:d3:ee:d3:7a:
         be:4b:54:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNgnxGy/txITbmehwXkF2FLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjQxMTI1MDAwMDU3WhcNMjQxMTI2MDAwMDU3WjAzMTEwLwYDVQQD
EygyNjA5MDYwYmZjNWZjNGM0YzEzMTJiZWUyNjhhNWFhNDVmYTkyNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUR4dbeRtkVjDcVDn6CwWOlD726F
JWngkOMuiH528lzoNqvXSUEmhflv+xFHL2UsASrmbpCo/oRaQkw7Wido1rVmfkBz
mZ3MqkwRLNwWB8TwaWCLF2eNWwg4sy6LkPKJH08kTcQ9z8cPxOWPIHMCpG03uJbQ
BRO0tMYJrPzonho+16Ah704bq/akxgpQAm4yBNj0Vw+2CiHw2sNtLYgOUJULgDsn
ZsMzEZoB6RGJvrhs9NJ7lpnmP+Bq/837q+qXL/w6+HRf7sMe6Vbw2YL9+h2/sISd
ECRQmjddhJblUASmJ7qXZkq3NfXjExj0/cruNCwKnMtA+J1bSl6uwwSb7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCYJBgv8X8TEwTEr7iaKWqRfqSSmMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlNQEZOv
0dohWsQtWA2tFt47tL+7cS1p9bX5uQQ79qaejJVmKxsk/SSD8Fd4cWaUjr/lg1uH
/ANFC+7T5rUWDMOPFpkCQuN7HY4ZUEgVMq7tUTZgyR7sncivWG5y19Il2Alj5qqN
0Aqs35lB/o5z4tTwo0/Fo3nIb5uPsrxP0PfQPW+eOU0M73nLEVdCQteT7tKawDgD
JSySNiGSL4mzGy1bbSteK5IzLg4H9kldJKThHGNUiOkZgrLpnlwHG94ZLqb1NrLW
3RMn3tk6RDWB/exK8vqphdZXl1Bsir459PYT85v7yCQ9E6k49Uwn4XD5Sw6ULUc4
MIvT7tN6vktUJQ==
-----END CERTIFICATE-----