Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
File:                     TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json)
Hash identifier:          1wIlKsWcp3n5ATM+LKuKQwSn6kHOD3m7FrYr0gU4Doo=
Subject key identifier:   4C:1A:BC:CD:F9:42:F5:01:D9:F7:61:AF:96:D5:33:36:DE:6B:E7:C5
Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C
Certificate issuer:       /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
Certificate serial:       0193580926D1D1CDF1569E6609C6ECDB7C8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
Manifest number:          0B
Signing time:             Sat 23 Nov 2024 08:00:14 +0000
Manifest this update:     Sat 23 Nov 2024 08:00:14 +0000
Manifest next update:     Sun 24 Nov 2024 08:00:14 +0000
Files and hashes:         1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: lAqHaNQBuQ1Ulf8EetX4QtZUFUJE/ovOKmEp5GOgtlM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:09:26:d1:d1:cd:f1:56:9e:66:09:c6:ec:db:7c:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c
        Validity
            Not Before: Nov 23 08:00:14 2024 GMT
            Not After : Nov 24 08:00:14 2024 GMT
        Subject: CN=4c1abccdf942f501d9f761af96d53336de6be7c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:0b:59:94:b4:75:47:f4:39:94:31:96:cf:95:
                    f2:39:8a:ac:a1:7a:33:36:7a:f5:69:31:a9:94:ae:
                    8f:82:51:a0:17:9d:e3:19:cf:dc:d1:67:2a:4c:2e:
                    41:ae:dc:1c:1f:70:73:b2:c3:69:2c:36:0e:cc:53:
                    d9:45:3b:49:77:1c:15:49:7b:29:a8:2e:3f:78:5f:
                    4f:39:0e:15:68:0c:ad:a4:cb:13:23:da:7f:ac:3c:
                    16:65:a9:26:53:d1:3b:89:40:1b:06:c8:e0:df:6d:
                    47:55:d1:81:85:fc:95:32:a7:cb:8f:49:43:cd:76:
                    88:a8:ac:61:2b:39:c0:e6:f2:52:b6:b9:30:8e:c7:
                    74:a3:55:57:32:8c:2e:ce:b6:a5:53:b5:a9:26:36:
                    09:a2:59:a4:c9:78:02:b5:f9:c0:f4:df:91:b6:39:
                    88:43:ef:b6:18:25:92:21:7d:8b:62:3f:08:ab:bf:
                    03:6f:d2:e5:30:a7:c0:66:88:e4:80:06:95:02:12:
                    a6:42:72:f7:71:9b:ed:b9:97:e9:6b:9d:66:47:55:
                    4a:6e:96:d3:e3:fd:46:d8:51:e7:d5:83:89:79:db:
                    0f:ba:a8:6a:42:20:77:cc:f6:7d:d9:c0:d1:5e:d0:
                    d5:38:20:d4:cd:3e:d2:23:33:87:f5:36:db:35:bd:
                    7e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:1A:BC:CD:F9:42:F5:01:D9:F7:61:AF:96:D5:33:36:DE:6B:E7:C5
            X509v3 Authority Key Identifier:
                keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:f4:29:12:bb:0e:b4:09:f4:12:17:0c:c3:b9:f9:8e:e4:5d:
         86:b3:c1:ff:76:58:59:da:26:ef:28:36:2e:ac:86:5d:ef:67:
         b8:58:82:f6:63:a1:ee:b2:d9:19:dc:29:51:30:78:7d:05:0f:
         a8:0c:26:81:90:10:1d:c6:c8:02:ad:a2:e5:32:2b:6f:c5:ca:
         36:b1:54:21:1c:f7:4a:ed:d7:14:0e:4d:c6:f7:2e:c2:ba:6b:
         8b:1a:e7:ae:8f:94:ac:22:80:49:60:4a:9e:5f:4c:4b:9f:70:
         2b:d3:32:c9:22:14:d8:49:2f:2c:f7:be:ce:c1:01:e3:a7:6f:
         70:5f:65:ba:27:a1:db:eb:29:2a:fd:a7:b3:9a:1b:7a:bb:44:
         75:1d:d7:a6:4c:27:cc:30:d7:ad:ca:95:bf:82:77:81:cd:66:
         5c:de:ee:19:78:54:bc:e1:ee:3a:c0:68:e2:d0:cc:8f:7e:61:
         3b:63:2b:c4:e2:12:12:e2:0f:3f:da:a9:28:b4:ba:75:3d:ac:
         a7:aa:c8:37:83:bc:bc:22:54:75:e8:f0:64:cf:72:f7:82:45:
         31:da:ad:59:51:3d:dc:28:93:28:3d:e6:be:90:5e:8d:d5:fc:
         70:ca:8c:94:d2:13:90:84:96:7c:de:ca:24:c5:89:fc:48:3d:
         d5:62:a3:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYCSbR0c3xVp5mCcbs23yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh
NTE0OGMwHhcNMjQxMTIzMDgwMDE0WhcNMjQxMTI0MDgwMDE0WjAzMTEwLwYDVQQD
Eyg0YzFhYmNjZGY5NDJmNTAxZDlmNzYxYWY5NmQ1MzMzNmRlNmJlN2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwtZlLR1R/Q5lDGWz5XyOYqsoXoz
Nnr1aTGplK6PglGgF53jGc/c0WcqTC5BrtwcH3BzssNpLDYOzFPZRTtJdxwVSXsp
qC4/eF9POQ4VaAytpMsTI9p/rDwWZakmU9E7iUAbBsjg321HVdGBhfyVMqfLj0lD
zXaIqKxhKznA5vJStrkwjsd0o1VXMowuzralU7WpJjYJolmkyXgCtfnA9N+RtjmI
Q++2GCWSIX2LYj8Iq78Db9LlMKfAZojkgAaVAhKmQnL3cZvtuZfpa51mR1VKbpbT
4/1G2FHn1YOJedsPuqhqQiB3zPZ92cDRXtDVOCDUzT7SIzOH9TbbNb1+QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwavM35QvUB2fdhr5bVMzbea+fFMB8GA1UdIwQY
MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct
NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz
LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVvQpErsO
tAn0EhcMw7n5juRdhrPB/3ZYWdom7yg2LqyGXe9nuFiC9mOh7rLZGdwpUTB4fQUP
qAwmgZAQHcbIAq2i5TIrb8XKNrFUIRz3Su3XFA5Nxvcuwrprixrnro+UrCKASWBK
nl9MS59wK9MyySIU2EkvLPe+zsEB46dvcF9luieh2+spKv2ns5obertEdR3Xpkwn
zDDXrcqVv4J3gc1mXN7uGXhUvOHuOsBo4tDMj35hO2MrxOISEuIPP9qpKLS6dT2s
p6rIN4O8vCJUdejwZM9y94JFMdqtWVE93CiTKD3mvpBejdX8cMqMlNITkISWfN7K
JMWJ/Eg91WKjGQ==
-----END CERTIFICATE-----