Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
File:                     xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json)
Hash identifier:          xYSM0ilWOBqGTQIppVxH2WLhzUsgNGAjAvgo9GI+Eqs=
Subject key identifier:   39:F9:63:8D:8B:54:E5:7B:DD:3C:23:7B:6D:85:EF:DC:8F:D9:3C:02
Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
Certificate issuer:       /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Certificate serial:       019357D24F2CCBF948B38B85ACAD98AE9421
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
Manifest number:          05A1
Signing time:             Sat 23 Nov 2024 07:00:20 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:20 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:20 +0000
Files and hashes:         1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: aCZDwrR/bxUdIErUkeR+hS5J19YqXnnhKzH7mtYLOVQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:4f:2c:cb:f9:48:b3:8b:85:ac:ad:98:ae:94:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
        Validity
            Not Before: Nov 23 07:00:20 2024 GMT
            Not After : Nov 24 07:00:20 2024 GMT
        Subject: CN=39f9638d8b54e57bdd3c237b6d85efdc8fd93c02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:64:a6:65:41:23:3e:73:e6:b2:66:16:d9:f0:
                    99:d0:34:ed:30:d2:3b:14:ef:b5:f3:a8:98:d5:ce:
                    b3:c6:c5:a5:b7:0f:b2:e3:6e:32:5b:88:bd:44:bc:
                    1b:e9:9b:29:80:aa:af:06:75:06:79:98:8b:7a:ea:
                    c5:b2:8a:70:d0:0f:d9:74:4f:cc:dc:61:19:21:5d:
                    77:b9:91:f3:29:00:49:1a:60:3a:e8:fb:c3:9f:2d:
                    86:70:87:dd:07:7b:81:fa:55:bc:7f:9f:3c:26:70:
                    59:fa:39:a8:19:28:2e:6e:d5:df:2c:ac:1d:c3:4f:
                    67:71:02:c4:73:8e:5a:e7:69:5b:f8:d6:e5:03:f8:
                    e6:2f:7f:81:2d:48:43:11:b0:66:c8:4f:79:30:f0:
                    a1:44:d7:6a:63:60:af:57:dd:43:fc:30:36:52:c3:
                    cd:ed:54:06:8c:9a:66:1e:3e:e2:71:69:92:bc:cd:
                    8b:3e:b7:c4:31:2a:9a:ed:0b:63:57:15:d6:13:4e:
                    ec:eb:88:2c:03:c9:78:54:d6:23:25:44:07:3a:15:
                    94:e4:0a:b7:3f:42:2f:ac:73:c7:63:49:10:d4:52:
                    80:b5:d8:cf:4b:d3:85:f7:a2:59:f9:bc:d8:20:8a:
                    be:0c:96:5d:ca:b4:9b:48:54:92:12:cf:d7:86:3b:
                    6c:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:F9:63:8D:8B:54:E5:7B:DD:3C:23:7B:6D:85:EF:DC:8F:D9:3C:02
            X509v3 Authority Key Identifier:
                keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:3f:44:92:5c:a2:7f:c0:16:c9:8b:d7:f6:d8:de:21:c3:b6:
         e3:42:9f:78:85:19:08:c7:dd:0c:da:a3:4c:c3:6f:5b:74:87:
         84:6e:57:75:fd:8f:cb:80:b3:74:6d:c9:20:87:98:a1:0f:3e:
         ce:4e:ca:b3:f0:fe:9f:d2:a0:53:2d:13:7b:0e:c0:51:db:27:
         18:7b:0d:c1:a3:8b:d2:87:4f:68:f0:ac:f4:3c:36:e1:f5:02:
         1b:7d:ca:19:6f:8e:5f:09:46:9f:2f:ae:1b:da:66:ea:5b:ac:
         e8:b2:c9:40:63:dd:67:7e:df:b9:82:9f:38:91:db:49:11:71:
         59:26:aa:1e:5d:4d:f7:60:d1:56:3b:25:4b:9a:e5:fa:8d:d3:
         5e:c4:06:47:ee:e4:a1:08:c5:24:72:31:d8:58:de:95:26:c2:
         21:5d:c6:3b:c4:25:e5:12:6b:6c:47:45:08:d3:61:3c:ef:37:
         c3:1a:49:fc:5d:54:a0:58:d7:de:91:48:8c:07:83:4b:89:6c:
         ad:ae:45:d9:52:48:37:60:f4:85:02:e1:8b:bc:d0:99:7b:f1:
         dc:2d:13:68:0e:eb:fe:90:a5:16:d1:b3:77:98:12:33:31:ce:
         08:96:b0:5b:14:cb:ae:96:f8:a7:99:e3:87:e7:58:5f:be:d6:
         d9:84:b4:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0k8sy/lIs4uFrK2YrpQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5
NzQ1ZTkwHhcNMjQxMTIzMDcwMDIwWhcNMjQxMTI0MDcwMDIwWjAzMTEwLwYDVQQD
EygzOWY5NjM4ZDhiNTRlNTdiZGQzYzIzN2I2ZDg1ZWZkYzhmZDkzYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGSmZUEjPnPmsmYW2fCZ0DTtMNI7
FO+186iY1c6zxsWltw+y424yW4i9RLwb6ZspgKqvBnUGeZiLeurFsopw0A/ZdE/M
3GEZIV13uZHzKQBJGmA66PvDny2GcIfdB3uB+lW8f588JnBZ+jmoGSgubtXfLKwd
w09ncQLEc45a52lb+NblA/jmL3+BLUhDEbBmyE95MPChRNdqY2CvV91D/DA2UsPN
7VQGjJpmHj7icWmSvM2LPrfEMSqa7QtjVxXWE07s64gsA8l4VNYjJUQHOhWU5Aq3
P0IvrHPHY0kQ1FKAtdjPS9OF96JZ+bzYIIq+DJZdyrSbSFSSEs/XhjtsCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDn5Y42LVOV73Twje22F79yP2TwCMB8GA1UdIwQY
MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut
YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz
LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsj9Eklyi
f8AWyYvX9tjeIcO240KfeIUZCMfdDNqjTMNvW3SHhG5Xdf2Py4CzdG3JIIeYoQ8+
zk7Ks/D+n9KgUy0Tew7AUdsnGHsNwaOL0odPaPCs9Dw24fUCG33KGW+OXwlGny+u
G9pm6lus6LLJQGPdZ37fuYKfOJHbSRFxWSaqHl1N92DRVjslS5rl+o3TXsQGR+7k
oQjFJHIx2FjelSbCIV3GO8Ql5RJrbEdFCNNhPO83wxpJ/F1UoFjX3pFIjAeDS4ls
ra5F2VJIN2D0hQLhi7zQmXvx3C0TaA7r/pClFtGzd5gSMzHOCJawWxTLrpb4p5nj
h+dYX77W2YS0fw==
-----END CERTIFICATE-----