Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          fzCO7P6o6uPxe4g+8i8UNWrl2+HMveC/NmwV7G1kyh0=
Subject key identifier:   00:C4:95:5B:CB:52:96:0C:8F:7C:B6:4D:D6:67:5C:F1:B4:06:51:AB
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       019356F6EC0BBE92C2A24E361C8D18775846
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          03C3
Signing time:             Sat 23 Nov 2024 03:00:42 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:42 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:42 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: gLv5yCzW0RR6ywvz2hGnLM30Vkwa9a9pPTT0K6oXcwA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:ec:0b:be:92:c2:a2:4e:36:1c:8d:18:77:58:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: Nov 23 03:00:42 2024 GMT
            Not After : Nov 24 03:00:42 2024 GMT
        Subject: CN=00c4955bcb52960c8f7cb64dd6675cf1b40651ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:14:cf:3f:07:a5:64:c3:8b:42:6d:e3:46:1c:
                    6e:ac:3d:d2:f4:0d:01:3f:11:7a:16:45:b5:63:5f:
                    86:3a:59:e5:df:35:17:c9:70:da:2c:82:03:13:23:
                    94:cc:b7:63:08:fd:66:72:8a:fb:ed:c9:01:a6:bd:
                    f4:0c:9e:1f:f8:ac:ee:02:40:83:38:c8:7c:69:49:
                    cf:f7:c8:08:77:03:5d:2a:2a:9a:d9:4e:51:eb:21:
                    e6:33:7c:02:8e:55:dd:a3:5f:5b:08:20:09:4f:f9:
                    19:e2:6f:26:1c:cf:e3:64:a8:cd:e3:fb:a6:ef:26:
                    a1:23:3a:56:fa:67:c7:73:9f:63:a4:98:04:2a:70:
                    8a:9d:bb:5b:a8:03:bc:04:c2:29:e3:88:a3:d2:c9:
                    4e:0f:48:86:68:4b:27:40:7a:94:2a:5c:eb:d8:56:
                    6b:4d:c8:25:46:9a:c3:cf:63:b6:46:80:4d:a8:11:
                    22:66:d4:80:53:45:fd:67:cd:5f:ce:8f:3e:ce:d1:
                    56:60:f4:a7:62:82:24:86:af:24:4b:84:9c:fd:ac:
                    e1:da:e4:bc:25:f3:90:43:24:00:e6:46:df:98:67:
                    e9:05:e2:4e:cd:84:c3:ee:15:d9:ce:19:2d:3e:29:
                    61:57:dc:24:5a:92:e9:15:c1:cf:4d:49:a3:18:9d:
                    98:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:C4:95:5B:CB:52:96:0C:8F:7C:B6:4D:D6:67:5C:F1:B4:06:51:AB
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         73:ba:5f:21:f0:fc:1e:a9:a5:7f:8b:89:b3:e2:35:f9:ed:be:
         5c:b7:22:0b:8c:68:c7:0e:99:56:2c:ef:c7:ca:d6:1d:54:71:
         c8:86:6f:c7:c8:9c:f6:4e:26:10:8a:4f:fc:04:2b:a7:dc:9c:
         7b:9d:ef:08:aa:3d:00:a2:85:55:f4:a3:a7:04:e6:c9:2b:dc:
         67:0e:04:91:5b:e3:05:15:4a:e8:38:33:1e:94:01:dc:f4:98:
         4f:0d:2b:75:72:c9:12:57:6c:78:60:43:e3:46:a7:4f:12:32:
         f2:a1:76:78:07:e9:2c:95:7a:72:8b:3e:4d:1c:94:fb:09:5d:
         01:b9:3f:9a:6d:30:bd:cd:0b:c3:dc:a2:69:92:6a:b6:13:3f:
         a4:72:7b:f1:14:66:e6:19:5b:40:fa:60:96:16:71:8a:48:95:
         da:ab:87:0a:91:fd:5f:e1:5f:3f:6d:47:d2:4f:0e:f9:c4:d2:
         bf:a9:7d:09:da:39:7c:92:44:9c:5a:93:fb:3f:01:3e:a7:e4:
         69:55:a3:0f:6f:59:e3:da:3e:65:6c:51:49:20:af:a2:bc:94:
         dd:ce:3a:e2:dd:52:68:f3:6d:e1:3f:39:01:ba:07:ad:ec:3b:
         d1:d9:54:62:34:7c:eb:19:2f:71:58:aa:1a:8a:72:cb:67:9a:
         de:e7:10:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9uwLvpLCok42HI0Yd1hGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjQxMTIzMDMwMDQyWhcNMjQxMTI0MDMwMDQyWjAzMTEwLwYDVQQD
EygwMGM0OTU1YmNiNTI5NjBjOGY3Y2I2NGRkNjY3NWNmMWI0MDY1MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBTPPwelZMOLQm3jRhxurD3S9A0B
PxF6FkW1Y1+GOlnl3zUXyXDaLIIDEyOUzLdjCP1mcor77ckBpr30DJ4f+KzuAkCD
OMh8aUnP98gIdwNdKiqa2U5R6yHmM3wCjlXdo19bCCAJT/kZ4m8mHM/jZKjN4/um
7yahIzpW+mfHc59jpJgEKnCKnbtbqAO8BMIp44ij0slOD0iGaEsnQHqUKlzr2FZr
TcglRprDz2O2RoBNqBEiZtSAU0X9Z81fzo8+ztFWYPSnYoIkhq8kS4Sc/azh2uS8
JfOQQyQA5kbfmGfpBeJOzYTD7hXZzhktPilhV9wkWpLpFcHPTUmjGJ2YtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFADElVvLUpYMj3y2TdZnXPG0BlGrMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc7pfIfD8
Hqmlf4uJs+I1+e2+XLciC4xoxw6ZVizvx8rWHVRxyIZvx8ic9k4mEIpP/AQrp9yc
e53vCKo9AKKFVfSjpwTmySvcZw4EkVvjBRVK6DgzHpQB3PSYTw0rdXLJEldseGBD
40anTxIy8qF2eAfpLJV6cos+TRyU+wldAbk/mm0wvc0Lw9yiaZJqthM/pHJ78RRm
5hlbQPpglhZxikiV2quHCpH9X+FfP21H0k8O+cTSv6l9Cdo5fJJEnFqT+z8BPqfk
aVWjD29Z49o+ZWxRSSCvoryU3c464t1SaPNt4T85AboHrew70dlUYjR86xkvcViq
Gopyy2ea3ucQaQ==
-----END CERTIFICATE-----