Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
File:                     JfgKOI5PDiZBTOq-q036hBkdgUA.mft (raw, json)
Hash identifier:          YBOEi9Jq4sJtCF5TqvTPSZL/c/4hcTBcJVkatxbQvzw=
Subject key identifier:   13:81:FE:2D:5A:50:36:87:A0:9A:5E:3A:28:B9:9E:AA:31:2A:25:3D
Authority key identifier: 25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40
Certificate issuer:       /CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
Certificate serial:       01936A46D942814D47F27B81A6185B410BF1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
Manifest number:          1283
Signing time:             Tue 26 Nov 2024 21:00:48 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:48 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:48 +0000
Files and hashes:         1: JfgKOI5PDiZBTOq-q036hBkdgUA.crl (hash: JeZUhpLQIcqocv1i6DMMssfp5OlCZuetEnZ7X8fBzYE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:d9:42:81:4d:47:f2:7b:81:a6:18:5b:41:0b:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25f80a388e4f0e26414ceabeab4dfa84191d8140
        Validity
            Not Before: Nov 26 21:00:48 2024 GMT
            Not After : Nov 27 21:00:48 2024 GMT
        Subject: CN=1381fe2d5a503687a09a5e3a28b99eaa312a253d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:09:91:09:6c:92:e2:e5:b9:48:32:33:a9:fa:
                    83:b5:07:c3:5b:80:8c:5c:d1:ba:50:d5:04:75:22:
                    3b:dd:7c:22:14:68:51:d6:b7:36:39:17:f4:41:ae:
                    bb:84:69:8f:62:42:22:e2:e1:3c:52:73:6f:3c:22:
                    57:ea:b2:83:04:ed:65:5d:b2:2d:74:07:a9:de:40:
                    c4:f6:fa:94:1d:41:b4:cf:1d:81:39:30:8a:53:30:
                    41:49:ed:35:da:93:7f:ed:72:73:db:3a:3c:ca:01:
                    35:96:fa:c5:4b:0a:81:d3:2f:bc:bc:52:1a:e8:a7:
                    82:d2:f3:b4:31:ac:a0:0f:3e:6d:9f:1d:10:29:19:
                    d5:bf:81:6e:2b:bc:18:e3:3d:ea:95:77:88:70:30:
                    ac:d0:ee:00:91:14:91:7d:21:a2:90:5e:3d:8b:bf:
                    47:8b:63:4d:c6:4d:61:d5:02:44:84:f9:4c:4c:e0:
                    12:24:20:f2:ed:31:ab:5a:ba:96:27:a4:8c:b5:d0:
                    db:04:57:c5:ee:9f:30:31:3d:04:0a:eb:df:47:77:
                    93:5a:3b:b6:82:e1:f7:c2:3a:b1:73:f4:dc:77:cc:
                    b5:09:44:90:62:1a:75:7c:d3:25:39:e7:4c:74:69:
                    8f:71:d0:93:99:4d:26:45:44:22:71:8d:8c:35:96:
                    2b:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:81:FE:2D:5A:50:36:87:A0:9A:5E:3A:28:B9:9E:AA:31:2A:25:3D
            X509v3 Authority Key Identifier:
                keyid:25:F8:0A:38:8E:4F:0E:26:41:4C:EA:BE:AB:4D:FA:84:19:1D:81:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JfgKOI5PDiZBTOq-q036hBkdgUA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/20cfa4-e08b-4b70-9362-97dc7b535b1d/1/JfgKOI5PDiZBTOq-q036hBkdgUA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:8b:48:a7:8d:80:59:a9:fd:84:48:cc:e9:62:6a:f3:45:59:
         e7:f0:bf:7e:cc:76:f6:6b:4e:18:cc:43:07:fb:c9:03:8d:8a:
         23:5a:ce:75:64:3c:c9:00:33:57:cd:71:ff:56:61:40:77:5e:
         37:27:53:c7:cb:31:00:86:39:3e:80:b8:4d:5e:7f:be:b3:54:
         26:74:f4:09:9a:f2:ab:87:84:46:d3:ce:3d:dd:ae:0d:7b:21:
         b6:a4:41:22:f7:70:ef:dd:30:6a:1b:d9:79:db:a9:24:83:4b:
         5e:c5:c4:6f:b1:91:38:f9:a9:e9:f9:c1:61:57:82:92:b3:9f:
         3c:f0:50:13:9d:7e:7a:a1:ae:0e:77:35:7f:35:6b:a2:51:20:
         df:87:df:3c:c9:67:74:d0:d5:ed:04:6b:23:6f:d0:31:dc:7b:
         17:1f:4c:b3:3d:07:6a:e0:5b:c9:59:de:94:31:2f:43:69:17:
         fa:c7:87:9e:47:1c:91:12:5b:4a:1b:c8:56:ae:3d:25:08:27:
         be:1b:1c:dd:8e:03:91:43:67:60:42:05:e6:b8:1f:57:a7:cc:
         09:31:a5:60:3b:71:45:9f:7f:45:a7:a0:fd:25:1e:1b:46:a3:
         1f:30:1a:68:72:73:12:01:7d:45:40:90:4d:ab:9f:81:0e:e4:
         aa:0f:73:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRtlCgU1H8nuBphhbQQvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZjgwYTM4OGU0ZjBlMjY0MTRjZWFiZWFiNGRmYTg0MTkx
ZDgxNDAwHhcNMjQxMTI2MjEwMDQ4WhcNMjQxMTI3MjEwMDQ4WjAzMTEwLwYDVQQD
EygxMzgxZmUyZDVhNTAzNjg3YTA5YTVlM2EyOGI5OWVhYTMxMmEyNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAmRCWyS4uW5SDIzqfqDtQfDW4CM
XNG6UNUEdSI73XwiFGhR1rc2ORf0Qa67hGmPYkIi4uE8UnNvPCJX6rKDBO1lXbIt
dAep3kDE9vqUHUG0zx2BOTCKUzBBSe012pN/7XJz2zo8ygE1lvrFSwqB0y+8vFIa
6KeC0vO0MaygDz5tnx0QKRnVv4FuK7wY4z3qlXeIcDCs0O4AkRSRfSGikF49i79H
i2NNxk1h1QJEhPlMTOASJCDy7TGrWrqWJ6SMtdDbBFfF7p8wMT0ECuvfR3eTWju2
guH3wjqxc/Tcd8y1CUSQYhp1fNMlOedMdGmPcdCTmU0mRUQicY2MNZYrLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBOB/i1aUDaHoJpeOii5nqoxKiU9MB8GA1UdIwQY
MBaAFCX4CjiOTw4mQUzqvqtN+oQZHYFAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjIt
OTdkYzdiNTM1YjFkLzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8yMGNmYTQtZTA4Yi00YjcwLTkzNjItOTdkYzdiNTM1YjFk
LzEvSmZnS09JNVBEaVpCVE9xLXEwMzZoQmtkZ1VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4tIp42A
Wan9hEjM6WJq80VZ5/C/fsx29mtOGMxDB/vJA42KI1rOdWQ8yQAzV81x/1ZhQHde
NydTx8sxAIY5PoC4TV5/vrNUJnT0CZryq4eERtPOPd2uDXshtqRBIvdw790wahvZ
edupJINLXsXEb7GROPmp6fnBYVeCkrOfPPBQE51+eqGuDnc1fzVrolEg34ffPMln
dNDV7QRrI2/QMdx7Fx9Msz0HauBbyVnelDEvQ2kX+seHnkcckRJbShvIVq49JQgn
vhsc3Y4DkUNnYEIF5rgfV6fMCTGlYDtxRZ9/Raeg/SUeG0ajHzAaaHJzEgF9RUCQ
TaufgQ7kqg9zIA==
-----END CERTIFICATE-----