Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
File:                     ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json)
Hash identifier:          7jE2tcXTqEQXWfgYxICspdHhVcUf/+g5/FYslGzHNp0=
Subject key identifier:   66:34:D8:4E:F5:EF:17:B1:73:55:2A:DD:0C:A9:FD:15:76:44:89:E3
Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72
Certificate issuer:       /CN=92cae11de774daef052742463ce954f521c6d272
Certificate serial:       019369DA9591D6C78672238176BE897E5F09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
Manifest number:          0D73
Signing time:             Tue 26 Nov 2024 19:02:32 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:32 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:32 +0000
Files and hashes:         1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: 6RZOforql95mm96kSqQu4xsabPlgt++/Fm9VHAu0f4I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:95:91:d6:c7:86:72:23:81:76:be:89:7e:5f:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92cae11de774daef052742463ce954f521c6d272
        Validity
            Not Before: Nov 26 19:02:32 2024 GMT
            Not After : Nov 27 19:02:32 2024 GMT
        Subject: CN=6634d84ef5ef17b173552add0ca9fd15764489e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:fe:7b:99:00:3d:1f:43:64:e3:4c:e8:cb:64:
                    26:b5:98:f5:f5:c5:09:c1:86:dd:58:ff:47:91:47:
                    fd:16:a0:c6:29:b1:90:92:ef:84:ae:bc:56:08:93:
                    f5:f0:59:e5:79:6b:cc:ec:a4:f6:39:71:32:23:c7:
                    f4:05:c6:ef:29:52:fd:12:18:2d:34:e1:7c:78:5b:
                    88:cf:2e:ac:9f:4f:93:f3:55:51:07:b9:b5:c8:b7:
                    91:ae:5c:64:2c:08:e6:62:74:ed:66:da:51:48:79:
                    9f:a6:80:dc:a9:f5:4a:c4:78:22:17:be:9b:48:7b:
                    fe:3f:2f:39:4c:0d:14:f5:89:af:18:b4:25:15:31:
                    8d:55:74:1c:78:2b:f9:7a:f9:70:d7:63:41:12:35:
                    cc:e2:bc:d2:f9:ac:d1:65:68:5b:5d:23:b8:ac:67:
                    8f:a6:cb:b8:a6:c5:6c:05:a6:13:a9:6c:2b:2f:d9:
                    7c:f2:41:12:96:59:b7:f4:2b:23:6a:d7:12:b9:28:
                    74:ed:ca:05:b6:37:35:7c:04:6d:58:35:85:b5:15:
                    de:05:eb:c5:1a:ae:06:e6:05:2a:b4:47:1d:e8:5a:
                    a0:fe:74:ac:21:26:ff:a1:2d:93:d5:b3:72:e9:e5:
                    3f:38:d3:b8:94:17:25:02:75:43:a1:93:f4:84:86:
                    74:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:34:D8:4E:F5:EF:17:B1:73:55:2A:DD:0C:A9:FD:15:76:44:89:E3
            X509v3 Authority Key Identifier:
                keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:b6:d4:cf:3e:bd:ec:77:66:66:40:ca:0e:7c:da:ae:98:34:
         0c:a9:3b:bc:2a:f8:c9:75:01:b9:aa:ee:92:b7:d2:32:0e:42:
         59:33:09:8c:5a:1b:4a:dc:87:76:29:38:c7:38:0a:1e:a4:b5:
         45:a1:1e:fb:87:96:ea:40:9d:07:c4:04:a6:6b:9b:6b:44:83:
         a3:a7:32:a6:a9:36:e8:5a:e8:d3:65:40:85:3c:4b:a0:0a:e1:
         f9:93:59:cd:bc:0f:d7:9c:23:0b:59:bb:2c:27:af:fa:e3:57:
         e4:70:11:2c:e6:16:26:48:b2:f9:35:1c:5c:74:29:8b:aa:75:
         c8:a1:1d:cb:ce:94:10:1b:b6:32:29:62:ae:9a:3f:ea:25:9b:
         e3:e1:19:1d:d7:12:05:b7:29:e6:b8:eb:15:2c:14:c7:dd:f9:
         5a:eb:5e:c1:35:8a:3a:eb:4d:03:1b:eb:1d:fa:ea:4d:04:9e:
         78:dd:80:e0:9b:27:9c:b7:29:3f:d8:45:28:af:d1:dc:12:0e:
         0d:ce:bc:c9:02:a2:56:ef:35:19:04:06:50:9c:dc:90:18:d9:
         98:89:7a:41:db:13:63:1d:47:6b:9f:16:12:2d:41:0f:6b:cd:
         e9:ed:86:b6:bd:40:de:7f:2f:0a:d0:76:f5:a5:e8:bb:f4:7b:
         75:dd:16:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2pWR1seGciOBdr6Jfl8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj
NmQyNzIwHhcNMjQxMTI2MTkwMjMyWhcNMjQxMTI3MTkwMjMyWjAzMTEwLwYDVQQD
Eyg2NjM0ZDg0ZWY1ZWYxN2IxNzM1NTJhZGQwY2E5ZmQxNTc2NDQ4OWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwv57mQA9H0Nk40zoy2QmtZj19cUJ
wYbdWP9HkUf9FqDGKbGQku+ErrxWCJP18FnleWvM7KT2OXEyI8f0BcbvKVL9Ehgt
NOF8eFuIzy6sn0+T81VRB7m1yLeRrlxkLAjmYnTtZtpRSHmfpoDcqfVKxHgiF76b
SHv+Py85TA0U9YmvGLQlFTGNVXQceCv5evlw12NBEjXM4rzS+azRZWhbXSO4rGeP
psu4psVsBaYTqWwrL9l88kESllm39CsjatcSuSh07coFtjc1fARtWDWFtRXeBevF
Gq4G5gUqtEcd6Fqg/nSsISb/oS2T1bNy6eU/ONO4lBclAnVDoZP0hIZ0vQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGY02E717xexc1Uq3Qyp/RV2RInjMB8GA1UdIwQY
MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt
ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4
LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLbUzz69
7HdmZkDKDnzarpg0DKk7vCr4yXUBuarukrfSMg5CWTMJjFobStyHdik4xzgKHqS1
RaEe+4eW6kCdB8QEpmuba0SDo6cypqk26Fro02VAhTxLoArh+ZNZzbwP15wjC1m7
LCev+uNX5HARLOYWJkiy+TUcXHQpi6p1yKEdy86UEBu2Milirpo/6iWb4+EZHdcS
Bbcp5rjrFSwUx935WutewTWKOutNAxvrHfrqTQSeeN2A4JsnnLcpP9hFKK/R3BIO
Dc68yQKiVu81GQQGUJzckBjZmIl6QdsTYx1Ha58WEi1BD2vN6e2Gtr1A3n8vCtB2
9aXou/R7dd0W3A==
-----END CERTIFICATE-----