Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          yoM6lktaUXsHCCEWfsLSZ0KcfKtKh6UTcRUNvBvEBSs=
Subject key identifier:   22:63:A0:23:0A:EB:5D:53:A7:58:D4:38:DC:B0:07:37:B4:3F:CD:6B
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       019406473014A6845349B7E56C853D624B9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          13C9
Signing time:             Fri 27 Dec 2024 04:01:56 +0000
Manifest this update:     Fri 27 Dec 2024 04:01:56 +0000
Manifest next update:     Sat 28 Dec 2024 04:01:56 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: gR7m37E8qw1M8Z9ItIZ3qaj3ZoZVGxFTo03EJMQtAgk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:47:30:14:a6:84:53:49:b7:e5:6c:85:3d:62:4b:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: Dec 27 04:01:56 2024 GMT
            Not After : Dec 28 04:01:56 2024 GMT
        Subject: CN=2263a0230aeb5d53a758d438dcb00737b43fcd6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8b:95:33:d3:9c:13:64:18:ff:62:47:9f:36:
                    82:07:be:fe:ce:ff:eb:d0:66:de:48:0d:eb:2a:22:
                    1c:12:9b:18:71:c1:2f:ca:ac:c0:db:83:07:96:70:
                    a2:15:9c:01:51:9a:33:e5:e7:ec:16:1c:37:59:19:
                    a4:f1:1c:f8:b3:20:04:8e:46:44:1b:0a:5c:e9:4d:
                    13:64:02:64:b1:7f:7b:cd:82:fe:00:29:43:97:00:
                    0e:33:e0:ee:3f:d8:06:5d:88:b5:01:f9:cc:29:5b:
                    d6:fe:a3:bc:29:69:c6:bc:e7:92:13:9a:bc:f7:91:
                    45:77:12:15:f4:9d:ed:fd:d7:43:80:fd:15:c5:01:
                    e1:e2:6a:9a:7b:d9:8a:23:c2:81:d4:6f:06:91:0d:
                    3b:ab:60:67:1a:f2:90:50:ae:58:6e:cb:86:8d:07:
                    fb:74:a5:d1:08:62:15:7a:7b:71:49:b5:9e:34:3c:
                    30:8a:92:35:a6:b8:d0:0e:1c:b4:14:3b:ff:66:f0:
                    19:e3:62:63:8a:ca:9d:bb:8b:08:1c:d6:9a:dc:33:
                    77:61:3a:1a:2d:58:85:c6:68:93:0e:e4:a1:f7:2b:
                    b5:00:b5:d5:ac:75:29:0b:47:ca:9d:5d:3b:b5:3c:
                    6f:91:e4:fa:d4:8f:3e:0d:e2:02:45:b1:12:91:a1:
                    3d:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:63:A0:23:0A:EB:5D:53:A7:58:D4:38:DC:B0:07:37:B4:3F:CD:6B
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:15:34:2c:53:94:f7:58:8b:f2:66:f2:3f:56:f7:db:48:b7:
         51:e2:fc:48:6a:1f:4b:ba:d2:7f:7b:c2:71:56:32:24:e5:af:
         03:4d:05:3e:d6:a1:dc:51:1c:9a:6b:5f:75:8f:42:a1:e0:8e:
         18:3b:66:46:1b:19:7a:40:c9:33:23:34:7b:96:1b:1b:f6:82:
         73:8e:49:c0:74:1e:82:47:6a:74:2b:e3:2b:94:6f:4b:6c:7b:
         57:f3:16:0d:f2:70:8b:60:06:62:e6:32:63:a8:49:be:f2:f9:
         5b:8c:5e:0e:10:67:f2:48:4f:b3:0c:37:c4:58:53:0b:cd:cd:
         e1:29:19:74:3c:e6:59:45:91:12:82:2b:b1:0e:8c:7f:b2:73:
         4e:7e:15:8b:c1:66:87:71:cb:d6:de:78:e3:1a:04:c4:c7:a5:
         ad:fe:8d:8f:a6:45:a7:93:51:62:85:f9:8c:68:94:b1:5c:3d:
         25:9f:02:20:f7:72:c6:c0:d0:a2:91:28:b9:23:4b:e9:54:ca:
         c2:00:fe:23:72:5a:2c:02:4c:05:29:4f:14:50:d9:05:5f:8e:
         dd:e5:c2:fc:f4:0f:7e:74:15:fe:34:7e:da:18:6b:a2:b1:12:
         18:5d:31:fe:5c:08:f8:7b:b6:93:57:42:12:5e:d1:a9:7c:5a:
         94:92:4c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRzAUpoRTSbflbIU9YkucMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjQxMjI3MDQwMTU2WhcNMjQxMjI4MDQwMTU2WjAzMTEwLwYDVQQD
EygyMjYzYTAyMzBhZWI1ZDUzYTc1OGQ0MzhkY2IwMDczN2I0M2ZjZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYuVM9OcE2QY/2JHnzaCB77+zv/r
0GbeSA3rKiIcEpsYccEvyqzA24MHlnCiFZwBUZoz5efsFhw3WRmk8Rz4syAEjkZE
Gwpc6U0TZAJksX97zYL+AClDlwAOM+DuP9gGXYi1AfnMKVvW/qO8KWnGvOeSE5q8
95FFdxIV9J3t/ddDgP0VxQHh4mqae9mKI8KB1G8GkQ07q2BnGvKQUK5YbsuGjQf7
dKXRCGIVentxSbWeNDwwipI1prjQDhy0FDv/ZvAZ42Jjisqdu4sIHNaa3DN3YToa
LViFxmiTDuSh9yu1ALXVrHUpC0fKnV07tTxvkeT61I8+DeICRbESkaE9VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCJjoCMK611Tp1jUONywBze0P81rMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeBU0LFOU
91iL8mbyP1b320i3UeL8SGofS7rSf3vCcVYyJOWvA00FPtah3FEcmmtfdY9CoeCO
GDtmRhsZekDJMyM0e5YbG/aCc45JwHQegkdqdCvjK5RvS2x7V/MWDfJwi2AGYuYy
Y6hJvvL5W4xeDhBn8khPsww3xFhTC83N4SkZdDzmWUWREoIrsQ6Mf7JzTn4Vi8Fm
h3HL1t544xoExMelrf6Nj6ZFp5NRYoX5jGiUsVw9JZ8CIPdyxsDQopEouSNL6VTK
wgD+I3JaLAJMBSlPFFDZBV+O3eXC/PQPfnQV/jR+2hhrorESGF0x/lwI+Hu2k1dC
El7RqXxalJJMEw==
-----END CERTIFICATE-----