Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
File:                     MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json)
Hash identifier:          sBk3/2Qy+u990z6tzxgfmEAj12qZRn5EMN5aUHgqbwA=
Subject key identifier:   23:F7:0D:99:7A:B0:57:46:E3:C3:EF:F8:C4:4E:6F:D2:02:E4:70:2F
Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58
Certificate issuer:       /CN=30aab02b654e915cadca339292e28c15c47df858
Certificate serial:       0191F9A2F920BED2B0320E8DC563070EA0FE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
Manifest number:          011E
Signing time:             Mon 16 Sep 2024 07:01:32 +0000
Manifest this update:     Mon 16 Sep 2024 07:01:32 +0000
Manifest next update:     Tue 17 Sep 2024 07:01:32 +0000
Files and hashes:         1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: lhCuheUm1M0KVVkQecYUW4fW00+rc0MZf11RMely4y4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:f9:a2:f9:20:be:d2:b0:32:0e:8d:c5:63:07:0e:a0:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30aab02b654e915cadca339292e28c15c47df858
        Validity
            Not Before: Sep 16 07:01:32 2024 GMT
            Not After : Sep 17 07:01:32 2024 GMT
        Subject: CN=23f70d997ab05746e3c3eff8c44e6fd202e4702f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:30:ff:b8:55:20:fa:74:07:b8:f3:1a:48:3e:
                    c1:8e:c5:72:c1:bd:a4:96:26:82:b0:50:12:00:86:
                    81:39:5f:94:98:bb:d4:d4:4d:9c:8d:48:da:d2:77:
                    bb:7e:98:5f:42:c2:fb:82:9c:f2:7d:4d:c9:fd:8d:
                    86:9a:28:a7:8e:ab:d2:4b:11:80:7b:76:ad:f0:5f:
                    4c:6a:0a:dc:43:80:f5:94:01:bc:60:c5:bc:88:74:
                    da:08:b7:10:70:c4:4e:65:cb:39:39:27:66:64:64:
                    86:8c:ad:05:e0:e7:84:dc:c1:02:7f:ec:44:22:3d:
                    2e:b0:ff:6e:e6:02:eb:a9:cd:01:c5:13:55:16:68:
                    d9:f5:cb:a5:7f:35:98:56:3a:39:86:8e:eb:b8:b9:
                    9d:22:e4:6f:ee:81:4b:b5:ee:1c:99:c5:51:4f:30:
                    b1:93:b1:bf:55:73:73:26:ea:a7:f8:55:a7:11:5f:
                    14:c5:a7:1f:6e:36:e6:ee:b4:ad:3b:db:90:f0:3f:
                    82:e9:eb:69:a1:c4:3b:c0:25:66:2e:61:02:2c:17:
                    20:c4:38:a4:a3:21:86:b1:d1:c4:f0:58:b7:a3:c3:
                    52:30:09:10:5e:de:bc:c9:5f:5c:00:ac:85:12:7c:
                    4e:e1:95:7c:11:21:aa:22:f7:75:b5:b2:b6:48:12:
                    a9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:F7:0D:99:7A:B0:57:46:E3:C3:EF:F8:C4:4E:6F:D2:02:E4:70:2F
            X509v3 Authority Key Identifier:
                keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:8c:f7:bc:49:bc:0b:57:05:e7:42:6b:14:97:f3:bc:b6:1f:
         57:33:26:3b:61:ac:3b:64:6e:bf:17:9a:55:db:fe:d7:2a:c9:
         5f:54:e7:11:a3:ad:5e:33:18:85:09:31:5e:15:a1:6e:c3:8e:
         3e:f4:78:d9:36:1b:f3:de:ea:37:17:1d:5a:0e:36:4f:0d:b1:
         29:3a:51:6b:e5:bd:c2:59:67:c0:16:80:8e:1b:94:e7:51:07:
         61:03:6f:75:56:c0:e6:dc:86:cf:d4:cd:7f:ad:b0:5b:46:ab:
         a5:33:cb:0c:e7:ab:11:66:37:d7:91:45:e8:0b:e2:2b:e7:df:
         0f:0d:76:8f:b3:65:ff:6b:f7:a1:15:02:f9:ab:3e:12:90:c4:
         d2:de:80:68:9f:7a:a0:ad:c2:9e:fd:f0:e5:54:98:e1:15:86:
         19:8a:2d:8a:13:ec:13:82:b3:1a:87:99:9e:ca:b5:b8:b6:81:
         75:21:09:df:a4:81:5a:54:98:e3:ad:3e:48:2d:ed:18:f6:d7:
         53:1c:87:17:fa:33:13:16:33:5b:68:d9:cf:ed:20:61:37:57:
         70:57:92:c9:b0:d6:b3:de:28:fe:73:80:9c:ac:7a:35:bd:cc:
         b1:35:56:01:f9:4f:05:1a:b4:71:57:66:5d:2e:3c:bd:77:6c:
         ee:97:f9:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH5ovkgvtKwMg6NxWMHDqD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3
ZGY4NTgwHhcNMjQwOTE2MDcwMTMyWhcNMjQwOTE3MDcwMTMyWjAzMTEwLwYDVQQD
EygyM2Y3MGQ5OTdhYjA1NzQ2ZTNjM2VmZjhjNDRlNmZkMjAyZTQ3MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjD/uFUg+nQHuPMaSD7BjsVywb2k
liaCsFASAIaBOV+UmLvU1E2cjUja0ne7fphfQsL7gpzyfU3J/Y2GmiinjqvSSxGA
e3at8F9MagrcQ4D1lAG8YMW8iHTaCLcQcMROZcs5OSdmZGSGjK0F4OeE3MECf+xE
Ij0usP9u5gLrqc0BxRNVFmjZ9culfzWYVjo5ho7ruLmdIuRv7oFLte4cmcVRTzCx
k7G/VXNzJuqn+FWnEV8Uxacfbjbm7rStO9uQ8D+C6etpocQ7wCVmLmECLBcgxDik
oyGGsdHE8Fi3o8NSMAkQXt68yV9cAKyFEnxO4ZV8ESGqIvd1tbK2SBKpzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCP3DZl6sFdG48Pv+MROb9IC5HAvMB8GA1UdIwQY
MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt
YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux
LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4z3vEm8
C1cF50JrFJfzvLYfVzMmO2GsO2RuvxeaVdv+1yrJX1TnEaOtXjMYhQkxXhWhbsOO
PvR42TYb897qNxcdWg42Tw2xKTpRa+W9wllnwBaAjhuU51EHYQNvdVbA5tyGz9TN
f62wW0arpTPLDOerEWY315FF6AviK+ffDw12j7Nl/2v3oRUC+as+EpDE0t6AaJ96
oK3Cnv3w5VSY4RWGGYotihPsE4KzGoeZnsq1uLaBdSEJ36SBWlSY460+SC3tGPbX
UxyHF/ozExYzW2jZz+0gYTdXcFeSybDWs94o/nOAnKx6Nb3MsTVWAflPBRq0cVdm
XS48vXds7pf5kQ==
-----END CERTIFICATE-----