Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
File:                     IlVxaqH0w8EChxihwzHiKzOerXw.mft (raw, json)
Hash identifier:          zQCYh26azNPCeYLwUd94RFLv2RFlYkon3DtF01g9xw0=
Subject key identifier:   69:44:00:FA:6C:67:30:4B:BE:7A:C8:10:4E:8E:28:3E:C9:D6:68:79
Authority key identifier: 22:55:71:6A:A1:F4:C3:C1:02:87:18:A1:C3:31:E2:2B:33:9E:AD:7C
Certificate issuer:       /CN=2255716aa1f4c3c1028718a1c331e22b339ead7c
Certificate serial:       01935764E5861A79A286572F5B351DF28E96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
Manifest number:          0FF2
Signing time:             Sat 23 Nov 2024 05:00:50 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:50 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:50 +0000
Files and hashes:         1: IlVxaqH0w8EChxihwzHiKzOerXw.crl (hash: lwFTMjmgOMH3m7Y8pdhCUn+532HS11oA0ZojPqZgJsA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:e5:86:1a:79:a2:86:57:2f:5b:35:1d:f2:8e:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2255716aa1f4c3c1028718a1c331e22b339ead7c
        Validity
            Not Before: Nov 23 05:00:50 2024 GMT
            Not After : Nov 24 05:00:50 2024 GMT
        Subject: CN=694400fa6c67304bbe7ac8104e8e283ec9d66879
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:81:4c:3e:c5:00:7d:30:3e:28:d4:0c:ff:9d:
                    30:2c:eb:94:6d:c0:d1:c8:57:94:94:bb:74:97:c0:
                    25:d1:93:04:80:44:9d:75:31:11:1f:5c:61:16:dd:
                    5d:bc:c2:06:a9:7b:43:f5:8b:21:ba:76:24:19:43:
                    36:80:d8:e7:47:85:f9:80:5d:6a:ce:7c:dd:d3:f8:
                    f5:37:ac:5a:3f:44:ae:76:e4:c4:db:64:43:d2:a2:
                    de:9e:af:11:9c:04:68:93:c8:cd:1c:50:97:6e:87:
                    31:63:bd:a8:1b:7e:cc:52:6b:0a:97:08:26:c5:ad:
                    67:8e:74:ce:66:fe:33:48:81:51:eb:f0:52:89:4d:
                    3e:ab:f3:4c:a7:ac:c7:d7:99:6a:cd:82:d1:0c:30:
                    34:cd:0e:f4:eb:8e:7f:2d:e5:a3:4c:90:49:09:50:
                    7e:f8:7a:b8:c0:2e:ea:da:5d:46:5b:99:e6:5a:b4:
                    37:00:7d:8c:e9:1e:ba:89:3a:c2:4d:98:e4:e1:be:
                    fa:94:54:8d:d0:8f:cc:31:37:56:43:0a:c6:bb:19:
                    16:82:f7:5f:ae:05:b7:29:2d:e0:6a:df:0d:23:b3:
                    d2:35:2e:4b:44:e1:17:c4:35:e3:9e:02:88:43:c9:
                    1d:4a:b9:68:0f:87:6e:51:c9:8d:2f:3e:7d:d2:82:
                    f6:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:44:00:FA:6C:67:30:4B:BE:7A:C8:10:4E:8E:28:3E:C9:D6:68:79
            X509v3 Authority Key Identifier:
                keyid:22:55:71:6A:A1:F4:C3:C1:02:87:18:A1:C3:31:E2:2B:33:9E:AD:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IlVxaqH0w8EChxihwzHiKzOerXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/cbf67b-a65a-42a3-8908-07369e14cade/1/IlVxaqH0w8EChxihwzHiKzOerXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:61:05:e7:b2:8d:9b:8f:f3:c1:f5:55:80:c4:c8:bf:a3:d9:
         ff:e8:c7:9e:c5:14:11:d7:33:42:94:92:0a:ac:68:59:15:30:
         7f:bf:b6:1b:2d:db:94:6f:df:73:0f:02:1f:7a:cb:f8:de:50:
         ce:d1:f2:4c:32:30:20:b0:c6:ac:9a:f1:d5:22:a5:31:cb:99:
         b2:f7:5d:d4:a0:ae:6a:8b:11:59:5c:85:16:a8:d9:f1:bb:b6:
         e9:79:0d:bd:ba:ee:b2:3b:4f:e0:b7:91:90:ad:29:77:ae:fa:
         a6:49:2b:a3:1e:59:3c:dc:77:b8:42:e8:18:f5:96:90:9c:0b:
         15:6d:18:af:51:50:3c:4d:04:e1:8c:ea:85:ca:93:6e:6d:3e:
         94:cf:44:a7:8c:e9:91:52:d4:74:6f:fb:56:ea:b7:86:49:14:
         9c:b3:cb:4a:50:76:1c:9c:5f:03:11:14:5c:05:22:bd:81:0f:
         82:ed:b4:56:02:dd:85:6b:2b:c9:41:ce:4e:0d:43:68:2e:0c:
         10:4e:c8:ce:4d:94:6d:db:af:d7:ce:3b:31:56:a5:e2:34:fd:
         92:36:59:20:bb:3e:72:d8:b8:c0:73:2f:e3:60:82:7b:53:6c:
         8b:82:4a:bc:62:34:79:f0:05:e5:9f:44:e6:0c:a8:51:35:98:
         5d:e7:3a:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZOWGGnmihlcvWzUd8o6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNTU3MTZhYTFmNGMzYzEwMjg3MThhMWMzMzFlMjJiMzM5
ZWFkN2MwHhcNMjQxMTIzMDUwMDUwWhcNMjQxMTI0MDUwMDUwWjAzMTEwLwYDVQQD
Eyg2OTQ0MDBmYTZjNjczMDRiYmU3YWM4MTA0ZThlMjgzZWM5ZDY2ODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYFMPsUAfTA+KNQM/50wLOuUbcDR
yFeUlLt0l8Al0ZMEgESddTERH1xhFt1dvMIGqXtD9YshunYkGUM2gNjnR4X5gF1q
znzd0/j1N6xaP0SuduTE22RD0qLenq8RnARok8jNHFCXbocxY72oG37MUmsKlwgm
xa1njnTOZv4zSIFR6/BSiU0+q/NMp6zH15lqzYLRDDA0zQ70645/LeWjTJBJCVB+
+Hq4wC7q2l1GW5nmWrQ3AH2M6R66iTrCTZjk4b76lFSN0I/MMTdWQwrGuxkWgvdf
rgW3KS3gat8NI7PSNS5LROEXxDXjngKIQ8kdSrloD4duUcmNLz590oL2nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGlEAPpsZzBLvnrIEE6OKD7J1mh5MB8GA1UdIwQY
MBaAFCJVcWqh9MPBAocYocMx4isznq18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jYmY2N2ItYTY1YS00MmEzLTg5MDgt
MDczNjllMTRjYWRlLzEvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jYmY2N2ItYTY1YS00MmEzLTg5MDgtMDczNjllMTRjYWRl
LzEvSWxWeGFxSDB3OEVDaHhpaHd6SGlLek9lclh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoWEF57KN
m4/zwfVVgMTIv6PZ/+jHnsUUEdczQpSSCqxoWRUwf7+2Gy3blG/fcw8CH3rL+N5Q
ztHyTDIwILDGrJrx1SKlMcuZsvdd1KCuaosRWVyFFqjZ8bu26XkNvbrusjtP4LeR
kK0pd676pkkrox5ZPNx3uELoGPWWkJwLFW0Yr1FQPE0E4YzqhcqTbm0+lM9Ep4zp
kVLUdG/7Vuq3hkkUnLPLSlB2HJxfAxEUXAUivYEPgu20VgLdhWsryUHOTg1DaC4M
EE7Izk2Ubduv1847MVal4jT9kjZZILs+cti4wHMv42CCe1Nsi4JKvGI0efAF5Z9E
5gyoUTWYXec6vQ==
-----END CERTIFICATE-----