Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
File:                     SQtgyL0tnQHwq1ocTApT4dczn2U.mft (raw, json)
Hash identifier:          SPUW8HcTxVzuuj++JFIdGdIhK16ZRRz6hTuHw9+RUvk=
Subject key identifier:   0D:A0:01:11:68:A4:A6:E7:8E:24:98:1E:61:70:0F:D4:E6:08:8D:0B
Authority key identifier: 49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65
Certificate issuer:       /CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
Certificate serial:       0193587745557FED2D541B0707147CE7C874
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
Manifest number:          0F59
Signing time:             Sat 23 Nov 2024 10:00:31 +0000
Manifest this update:     Sat 23 Nov 2024 10:00:31 +0000
Manifest next update:     Sun 24 Nov 2024 10:00:31 +0000
Files and hashes:         1: SQtgyL0tnQHwq1ocTApT4dczn2U.crl (hash: OOwDq5yzs8w9frgwTXWUnd+0lNSXVc24aZpSxVrVO78=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:45:55:7f:ed:2d:54:1b:07:07:14:7c:e7:c8:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490b60c8bd2d9d01f0ab5a1c4c0a53e1d7339f65
        Validity
            Not Before: Nov 23 10:00:31 2024 GMT
            Not After : Nov 24 10:00:31 2024 GMT
        Subject: CN=0da0011168a4a6e78e24981e61700fd4e6088d0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f6:84:23:55:c8:aa:7f:fb:8e:94:d0:05:11:
                    bc:ff:22:96:e1:42:09:ef:37:1a:27:5e:ed:b0:68:
                    16:e0:9f:74:57:cc:cf:1f:44:dd:05:47:00:b3:ab:
                    b0:87:2d:bf:54:ce:50:32:36:56:be:c5:08:fa:df:
                    44:06:78:54:2b:57:43:8e:28:59:11:7f:f2:11:7b:
                    7d:1c:18:80:4e:25:15:04:dc:99:63:b8:0c:5f:f1:
                    20:b6:fb:19:c8:af:22:22:8d:7d:d4:88:8b:78:db:
                    f4:7c:34:35:0d:c7:92:66:dc:bd:20:e2:2c:95:77:
                    a9:77:52:34:d7:00:03:9e:d7:d1:aa:23:7e:f2:8b:
                    dd:39:13:5a:de:e4:91:a2:72:90:25:a9:32:25:03:
                    ff:31:d5:54:80:e8:fc:9d:27:6e:5b:eb:9d:c2:4b:
                    08:c2:7c:15:e5:ee:b1:9a:39:e2:51:00:1e:99:2c:
                    cb:7c:11:99:57:3e:1c:2a:98:8c:97:b7:4f:64:6e:
                    60:1f:ab:95:aa:29:cc:a4:a9:35:6a:bb:07:8f:6a:
                    d7:cb:a8:e9:45:91:0c:10:88:47:75:ac:0a:5c:e5:
                    84:a9:ad:97:ef:5d:05:65:87:41:f5:76:0e:ed:72:
                    90:0b:d0:dd:6f:28:0e:a3:72:71:4a:9b:b1:24:be:
                    b8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:A0:01:11:68:A4:A6:E7:8E:24:98:1E:61:70:0F:D4:E6:08:8D:0B
            X509v3 Authority Key Identifier:
                keyid:49:0B:60:C8:BD:2D:9D:01:F0:AB:5A:1C:4C:0A:53:E1:D7:33:9F:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQtgyL0tnQHwq1ocTApT4dczn2U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/926b57-cc12-48fc-b996-92a4be85c11d/1/SQtgyL0tnQHwq1ocTApT4dczn2U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:09:f0:c5:1d:7c:e7:43:5e:bb:e4:3d:d5:37:4d:68:25:a2:
         c8:08:8b:f7:2a:f5:6d:8a:99:c8:30:79:c9:d0:81:ab:df:06:
         a7:1f:34:01:bb:08:71:d6:1b:9b:6e:25:15:75:33:da:02:62:
         e3:a8:f2:3a:fa:ab:c2:0a:2e:ec:75:6a:c1:14:73:19:bb:1a:
         8e:9c:50:23:44:2e:77:d1:cc:b5:31:8e:41:7c:97:3c:75:58:
         4c:1b:ca:3e:70:ac:48:de:82:63:30:e5:c4:da:d8:c4:06:a5:
         64:63:0b:af:0e:d0:33:1d:87:c4:eb:7c:aa:cc:73:5d:92:88:
         67:07:5c:1d:92:d8:7d:5a:51:df:59:71:99:24:ee:3e:3a:bf:
         1b:8a:35:f9:ee:96:76:d0:7d:0d:3a:2d:0e:0f:10:29:e0:48:
         36:ac:19:8f:98:f4:e7:42:1c:52:09:f4:05:1b:c8:42:52:86:
         77:9f:f2:74:19:7d:8d:51:8e:69:b5:a6:ff:9b:81:44:08:32:
         01:3f:ba:eb:3e:d9:92:57:9e:ca:cd:85:5f:4d:2b:34:cd:81:
         10:15:6f:cd:93:78:37:a4:66:35:72:3b:ec:50:09:a2:a3:89:
         c1:5c:5f:90:cd:df:1f:46:33:7e:06:d3:06:7c:49:cc:91:e5:
         9d:80:2b:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd0VVf+0tVBsHBxR858h0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGI2MGM4YmQyZDlkMDFmMGFiNWExYzRjMGE1M2UxZDcz
MzlmNjUwHhcNMjQxMTIzMTAwMDMxWhcNMjQxMTI0MTAwMDMxWjAzMTEwLwYDVQQD
EygwZGEwMDExMTY4YTRhNmU3OGUyNDk4MWU2MTcwMGZkNGU2MDg4ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvaEI1XIqn/7jpTQBRG8/yKW4UIJ
7zcaJ17tsGgW4J90V8zPH0TdBUcAs6uwhy2/VM5QMjZWvsUI+t9EBnhUK1dDjihZ
EX/yEXt9HBiATiUVBNyZY7gMX/EgtvsZyK8iIo191IiLeNv0fDQ1DceSZty9IOIs
lXepd1I01wADntfRqiN+8ovdORNa3uSRonKQJakyJQP/MdVUgOj8nSduW+udwksI
wnwV5e6xmjniUQAemSzLfBGZVz4cKpiMl7dPZG5gH6uVqinMpKk1arsHj2rXy6jp
RZEMEIhHdawKXOWEqa2X710FZYdB9XYO7XKQC9DdbygOo3JxSpuxJL64SwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA2gARFopKbnjiSYHmFwD9TmCI0LMB8GA1UdIwQY
MBaAFEkLYMi9LZ0B8KtaHEwKU+HXM59lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYt
OTJhNGJlODVjMTFkLzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85MjZiNTctY2MxMi00OGZjLWI5OTYtOTJhNGJlODVjMTFk
LzEvU1F0Z3lMMHRuUUh3cTFvY1RBcFQ0ZGN6bjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmwnwxR18
50Neu+Q91TdNaCWiyAiL9yr1bYqZyDB5ydCBq98Gpx80AbsIcdYbm24lFXUz2gJi
46jyOvqrwgou7HVqwRRzGbsajpxQI0Qud9HMtTGOQXyXPHVYTBvKPnCsSN6CYzDl
xNrYxAalZGMLrw7QMx2HxOt8qsxzXZKIZwdcHZLYfVpR31lxmSTuPjq/G4o1+e6W
dtB9DTotDg8QKeBINqwZj5j050IcUgn0BRvIQlKGd5/ydBl9jVGOabWm/5uBRAgy
AT+66z7Zkleeys2FX00rNM2BEBVvzZN4N6RmNXI77FAJoqOJwVxfkM3fH0YzfgbT
BnxJzJHlnYArgA==
-----END CERTIFICATE-----