Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          uhZvWyTFUyYRpBdKC/zkfdIoHJS/bR5e6W37qEbQi3c=
Subject key identifier:   D4:B7:D8:55:02:63:FD:A2:45:98:F5:A4:FD:C0:68:F3:61:FC:BA:8B
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       01940722131091B76EAAE6CCC1FA4DCB4E51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0A9B
Signing time:             Fri 27 Dec 2024 08:01:01 +0000
Manifest this update:     Fri 27 Dec 2024 08:01:01 +0000
Manifest next update:     Sat 28 Dec 2024 08:01:01 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: ezp+BGIvHJ/B5NFNmLL13NAiPc/yGKqGT7mqmv71Y/4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 08:01:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:22:13:10:91:b7:6e:aa:e6:cc:c1:fa:4d:cb:4e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Dec 27 08:01:01 2024 GMT
            Not After : Dec 28 08:01:01 2024 GMT
        Subject: CN=d4b7d8550263fda24598f5a4fdc068f361fcba8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:18:8c:2d:f3:2c:51:42:d7:81:59:92:f0:87:
                    99:77:98:34:66:15:80:15:71:64:59:9e:ca:90:04:
                    3e:7b:ec:d2:1d:1b:6e:5a:da:ff:13:dc:db:fd:57:
                    b9:81:1c:85:1e:f2:63:29:b6:4e:42:67:5b:38:d7:
                    19:0c:36:78:7a:5e:1d:ec:61:4d:38:58:47:d3:77:
                    f1:73:1c:5b:28:95:aa:e5:05:52:fd:20:41:d5:ea:
                    b4:83:a9:8c:1c:7b:c2:95:32:01:a0:17:d3:b7:ce:
                    eb:26:5a:e5:12:3e:5d:b5:f3:40:72:5f:d8:9d:28:
                    9d:41:03:9f:72:54:0c:ff:7e:ce:36:31:cd:02:96:
                    13:32:51:0c:2b:13:cc:f7:cd:1d:d7:7b:ad:8f:45:
                    12:2a:f9:23:5e:31:c3:c2:28:1f:58:10:28:62:ea:
                    9a:34:aa:e5:67:33:ce:f9:3d:6d:fd:cb:cd:80:8f:
                    d4:5c:ff:a7:cd:53:dc:17:a8:e9:34:8b:f6:1b:b3:
                    dd:66:bc:5a:5e:ba:95:a7:e5:91:04:84:93:d9:1b:
                    d5:04:96:88:4b:b2:52:bc:c8:62:f2:a4:f4:8a:b1:
                    fc:ff:9f:c4:ec:e6:cb:ee:cc:84:3b:df:04:eb:cb:
                    91:94:a0:e7:f5:a6:5a:33:8a:0d:0f:62:2f:b1:b9:
                    08:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B7:D8:55:02:63:FD:A2:45:98:F5:A4:FD:C0:68:F3:61:FC:BA:8B
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:61:b9:e6:5b:25:2c:46:5b:3a:99:4a:97:6b:0b:8b:c6:f6:
         fa:cc:31:2a:0c:21:13:9f:f5:09:33:91:f1:2d:44:10:d5:7c:
         a8:2e:02:3e:45:da:e4:cc:a8:17:45:28:e3:44:93:f3:5e:48:
         94:0e:bd:0e:27:cf:b0:82:70:1d:b7:eb:d3:30:fe:81:96:63:
         8a:59:53:57:44:3c:7e:a5:45:f4:7b:46:61:8e:1f:52:7d:93:
         ac:cd:f7:9f:38:55:10:ab:e3:04:51:8a:fc:9e:0a:37:fc:cb:
         dd:58:87:10:cb:bd:ef:f4:08:e1:86:09:19:f1:2e:23:7e:7b:
         8c:a1:d5:5d:d7:d7:fd:a0:fb:e8:6f:33:a6:bf:93:15:5d:f7:
         62:ba:af:fc:b8:11:28:ba:7d:af:5e:f5:9d:6d:f4:3a:a9:7d:
         37:91:9f:fd:b9:62:d8:3d:cc:cc:24:58:e1:73:ac:24:63:4a:
         f4:62:ce:b6:49:ae:1f:90:74:e7:49:46:66:a4:e2:5a:f7:cc:
         38:e9:8a:12:43:47:84:08:b1:89:6e:7d:ac:0c:00:21:16:da:
         2b:f9:aa:24:bc:fd:04:b2:6a:f4:f9:ac:f4:8c:bb:95:d8:cc:
         30:cf:60:ca:df:c1:88:dd:27:cb:ef:7f:a6:1e:74:48:c5:56:
         92:18:ac:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQHIhMQkbduqubMwfpNy05RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjQxMjI3MDgwMTAxWhcNMjQxMjI4MDgwMTAxWjAzMTEwLwYDVQQD
EyhkNGI3ZDg1NTAyNjNmZGEyNDU5OGY1YTRmZGMwNjhmMzYxZmNiYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxiMLfMsUULXgVmS8IeZd5g0ZhWA
FXFkWZ7KkAQ+e+zSHRtuWtr/E9zb/Ve5gRyFHvJjKbZOQmdbONcZDDZ4el4d7GFN
OFhH03fxcxxbKJWq5QVS/SBB1eq0g6mMHHvClTIBoBfTt87rJlrlEj5dtfNAcl/Y
nSidQQOfclQM/37ONjHNApYTMlEMKxPM980d13utj0USKvkjXjHDwigfWBAoYuqa
NKrlZzPO+T1t/cvNgI/UXP+nzVPcF6jpNIv2G7PdZrxaXrqVp+WRBIST2RvVBJaI
S7JSvMhi8qT0irH8/5/E7ObL7syEO98E68uRlKDn9aZaM4oND2IvsbkIzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNS32FUCY/2iRZj1pP3AaPNh/LqLMB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb2G55lsl
LEZbOplKl2sLi8b2+swxKgwhE5/1CTOR8S1EENV8qC4CPkXa5MyoF0Uo40ST815I
lA69DifPsIJwHbfr0zD+gZZjillTV0Q8fqVF9HtGYY4fUn2TrM33nzhVEKvjBFGK
/J4KN/zL3ViHEMu97/QI4YYJGfEuI357jKHVXdfX/aD76G8zpr+TFV33Yrqv/LgR
KLp9r171nW30Oql9N5Gf/bli2D3MzCRY4XOsJGNK9GLOtkmuH5B050lGZqTiWvfM
OOmKEkNHhAixiW59rAwAIRbaK/mqJLz9BLJq9Pms9Iy7ldjMMM9gyt/BiN0ny+9/
ph50SMVWkhissg==
-----END CERTIFICATE-----