Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
File:                     VGgc0JnIW-caIjUMsT8EglwB-PA.mft (raw, json)
Hash identifier:          JxRnZAbTL83eksInHFUMl1ucThLWUkxMWM4/GRWvcpg=
Subject key identifier:   1B:B0:14:94:69:3B:93:B1:1A:68:B2:1D:CC:76:67:9A:2A:BC:47:44
Authority key identifier: 54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0
Certificate issuer:       /CN=54681cd099c85be71a22350cb13f04825c01f8f0
Certificate serial:       019365FCD29799B4D7439F9D85EE2E417A5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
Manifest number:          09D1
Signing time:             Tue 26 Nov 2024 01:01:27 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:27 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:27 +0000
Files and hashes:         1: VGgc0JnIW-caIjUMsT8EglwB-PA.crl (hash: 91aZrq7qssGpj4sm7Htm2V1b3gD5kCa4NJ99Dgcg+60=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:d2:97:99:b4:d7:43:9f:9d:85:ee:2e:41:7a:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=54681cd099c85be71a22350cb13f04825c01f8f0
        Validity
            Not Before: Nov 26 01:01:27 2024 GMT
            Not After : Nov 27 01:01:27 2024 GMT
        Subject: CN=1bb01494693b93b11a68b21dcc76679a2abc4744
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:58:90:13:2f:cd:4f:56:55:4f:a5:87:ad:09:
                    fa:1f:83:ba:60:d7:b6:c8:02:a8:8d:e5:71:f3:3b:
                    bc:7e:23:91:d1:0b:9e:f0:1d:78:19:93:61:c2:d7:
                    81:41:09:3d:c4:52:71:b6:c5:ef:3f:6a:ba:fe:68:
                    3d:96:c8:2b:d7:8b:72:49:c7:05:13:f2:7d:63:e5:
                    e8:67:9f:2e:16:dd:c0:11:94:9c:19:74:fa:73:64:
                    e7:c8:09:69:85:28:50:23:a0:c4:ef:9e:34:b2:62:
                    88:86:d4:6f:5c:21:68:8a:b6:8c:04:6a:01:02:a4:
                    2f:40:b2:54:6f:15:81:4a:63:c4:a2:38:55:f1:20:
                    fe:4e:51:5c:2d:96:78:24:be:cb:70:7d:01:6c:92:
                    48:79:1c:31:56:8b:8a:41:89:44:68:fa:3a:0f:b7:
                    23:26:db:7f:bf:ba:72:ff:6e:29:ba:28:14:0d:67:
                    a3:47:87:3e:1d:c9:d1:45:73:ce:4e:1a:23:6d:a4:
                    31:04:09:11:6e:20:cf:1a:e2:c7:c0:5d:02:8e:de:
                    41:77:77:89:e9:91:4b:3d:be:6e:00:51:ae:a4:95:
                    fb:22:f7:f2:5a:82:cb:43:13:04:c4:d5:7c:62:2c:
                    ad:7a:2b:9d:be:5f:0c:1c:48:73:56:48:80:5b:52:
                    67:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:B0:14:94:69:3B:93:B1:1A:68:B2:1D:CC:76:67:9A:2A:BC:47:44
            X509v3 Authority Key Identifier:
                keyid:54:68:1C:D0:99:C8:5B:E7:1A:22:35:0C:B1:3F:04:82:5C:01:F8:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGgc0JnIW-caIjUMsT8EglwB-PA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/085013-dd3d-4ca7-ba79-c88283f8f117/1/VGgc0JnIW-caIjUMsT8EglwB-PA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:b3:64:2b:fc:ed:5e:ff:3d:d0:76:3e:38:c0:4f:aa:66:58:
         b2:fb:35:a9:82:25:45:4a:0f:11:4a:be:7c:c2:41:6c:33:d9:
         3c:13:72:6a:23:1a:02:f6:63:f1:64:c9:e6:7f:bd:c8:13:d2:
         d7:2e:f6:4e:e7:52:d3:e3:50:96:f2:a0:5d:3f:80:fb:4b:8e:
         98:f7:22:39:8d:48:6d:b2:39:94:a5:dd:e1:95:60:74:ff:78:
         5f:23:ea:b6:0c:fe:69:5a:f5:6b:7e:bb:e7:3d:56:1f:b9:2a:
         f3:1e:47:a1:07:dc:3e:03:c2:2c:a5:5b:50:f7:a8:eb:7d:85:
         66:bb:e7:84:d5:0b:91:16:b6:04:c5:6d:de:c3:8d:6e:dd:31:
         4e:8e:15:ba:3f:50:95:61:ce:a0:4c:bb:22:bc:fb:35:aa:c5:
         73:c0:82:e5:b0:31:74:33:e2:d4:63:ec:1d:c1:ee:40:bd:fb:
         fb:e3:40:5e:06:49:a9:30:85:e4:ca:62:04:2e:46:05:e2:08:
         fd:1e:5b:ee:4d:c5:ec:b4:52:82:e4:40:10:57:02:66:d4:70:
         79:ac:49:45:98:5a:58:26:0b:73:d2:e5:78:c4:6b:00:86:4e:
         d0:b2:08:0b:4d:c9:d8:ef:4f:63:53:ba:91:a2:d2:5d:4a:1e:
         40:f1:a2:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/NKXmbTXQ5+dhe4uQXpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgxY2QwOTljODViZTcxYTIyMzUwY2IxM2YwNDgyNWMw
MWY4ZjAwHhcNMjQxMTI2MDEwMTI3WhcNMjQxMTI3MDEwMTI3WjAzMTEwLwYDVQQD
EygxYmIwMTQ5NDY5M2I5M2IxMWE2OGIyMWRjYzc2Njc5YTJhYmM0NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5liQEy/NT1ZVT6WHrQn6H4O6YNe2
yAKojeVx8zu8fiOR0Que8B14GZNhwteBQQk9xFJxtsXvP2q6/mg9lsgr14tySccF
E/J9Y+XoZ58uFt3AEZScGXT6c2TnyAlphShQI6DE7540smKIhtRvXCFoiraMBGoB
AqQvQLJUbxWBSmPEojhV8SD+TlFcLZZ4JL7LcH0BbJJIeRwxVouKQYlEaPo6D7cj
Jtt/v7py/24puigUDWejR4c+HcnRRXPOThojbaQxBAkRbiDPGuLHwF0Cjt5Bd3eJ
6ZFLPb5uAFGupJX7IvfyWoLLQxMExNV8Yiyteiudvl8MHEhzVkiAW1JncQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBuwFJRpO5OxGmiyHcx2Z5oqvEdEMB8GA1UdIwQY
MBaAFFRoHNCZyFvnGiI1DLE/BIJcAfjwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzkt
Yzg4MjgzZjhmMTE3LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wODUwMTMtZGQzZC00Y2E3LWJhNzktYzg4MjgzZjhmMTE3
LzEvVkdnYzBKbklXLWNhSWpVTXNUOEVnbHdCLVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY7NkK/zt
Xv890HY+OMBPqmZYsvs1qYIlRUoPEUq+fMJBbDPZPBNyaiMaAvZj8WTJ5n+9yBPS
1y72TudS0+NQlvKgXT+A+0uOmPciOY1IbbI5lKXd4ZVgdP94XyPqtgz+aVr1a367
5z1WH7kq8x5HoQfcPgPCLKVbUPeo632FZrvnhNULkRa2BMVt3sONbt0xTo4Vuj9Q
lWHOoEy7Irz7NarFc8CC5bAxdDPi1GPsHcHuQL37++NAXgZJqTCF5MpiBC5GBeII
/R5b7k3F7LRSguRAEFcCZtRweaxJRZhaWCYLc9LleMRrAIZO0LIIC03J2O9PY1O6
kaLSXUoeQPGipQ==
-----END CERTIFICATE-----