Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          Wi2J15iemRF7u/Lr5U/n/8xVmxhykt/trmw7MzQRlZE=
Subject key identifier:   58:FA:2F:9D:62:F4:28:01:73:B8:A0:9A:81:B0:A8:6E:07:5C:37:42
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       01936B22C4F742792635F4AE70B741012B57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          130A
Signing time:             Wed 27 Nov 2024 01:01:00 +0000
Manifest this update:     Wed 27 Nov 2024 01:01:00 +0000
Manifest next update:     Thu 28 Nov 2024 01:01:00 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: 6OAJgaB1qDbPIFwxhlQRhl1mlnkgEu2gafJ6h25kkCM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:c4:f7:42:79:26:35:f4:ae:70:b7:41:01:2b:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: Nov 27 01:01:00 2024 GMT
            Not After : Nov 28 01:01:00 2024 GMT
        Subject: CN=58fa2f9d62f4280173b8a09a81b0a86e075c3742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:e8:d5:d6:cd:74:28:c4:a6:bb:a6:a9:c8:c0:
                    1b:8d:c0:2d:6f:4e:d4:32:c0:53:9d:62:12:d1:b4:
                    ea:c8:5c:64:9b:1b:37:29:c2:48:ad:43:40:2c:c5:
                    16:de:e8:59:b3:28:6e:69:33:84:19:6f:e4:0b:f6:
                    ff:33:fc:ca:01:08:88:94:c8:25:be:ea:cb:93:7d:
                    36:2d:0b:a4:5c:7b:dd:75:ef:02:64:bb:60:9b:1a:
                    fd:f6:03:5f:f3:12:51:e9:5d:38:e0:dc:23:af:c9:
                    30:e9:98:6d:14:24:d0:74:c3:71:33:fe:05:a4:3d:
                    e6:fc:8c:b4:01:07:df:c2:75:ca:34:1e:c2:3b:73:
                    42:fc:aa:67:f7:8c:29:c2:49:bd:bc:5a:01:1d:57:
                    cb:c5:33:64:4b:d1:45:77:60:75:9f:5b:ff:d1:93:
                    7a:aa:fd:ab:86:b5:db:9f:af:09:66:cc:56:6e:12:
                    73:07:5a:85:42:9a:9f:01:fa:46:39:ac:b3:eb:34:
                    3f:80:0a:07:89:71:86:e8:c2:8f:aa:d4:7b:3d:0e:
                    b6:2a:7b:66:3b:ac:38:7c:c5:53:a5:2a:70:c5:c1:
                    97:4f:c4:d2:5b:8d:9e:70:b0:91:ac:57:2f:5a:0e:
                    fa:3b:2d:4e:51:cf:51:e8:af:2a:41:11:ce:59:18:
                    f2:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:FA:2F:9D:62:F4:28:01:73:B8:A0:9A:81:B0:A8:6E:07:5C:37:42
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:24:58:a7:9b:e1:74:02:d3:4d:41:db:72:0e:a8:81:01:f9:
         b5:04:6b:ff:78:73:83:38:cf:71:54:e2:ee:93:98:86:f5:7a:
         74:44:dc:79:01:3f:61:a9:4b:f1:27:ed:9b:a4:61:c6:cc:f1:
         b4:50:ef:24:7a:56:e3:34:d1:d7:78:0b:41:9e:7b:c6:e3:01:
         d2:5f:1a:46:ea:c6:f6:9a:d4:bb:82:3d:58:cd:fc:71:e9:5b:
         74:ed:d1:64:f0:a8:13:ce:c6:45:42:e2:41:af:48:54:e6:35:
         6a:ef:e0:60:a0:0d:a1:ed:31:ce:34:cf:0a:02:6f:bb:17:b8:
         1b:c1:a2:cf:23:fe:17:e8:ea:79:ed:11:ff:ce:46:e3:fb:b3:
         6e:07:aa:91:c9:89:ae:b7:7a:a6:f9:e1:80:7c:62:cb:4a:28:
         3c:5f:32:c4:7e:2a:84:3c:fc:e5:cd:4e:0d:e9:14:64:83:b8:
         06:94:05:24:fa:20:bb:3b:a5:5e:cd:4f:c4:59:36:0c:d4:38:
         2e:78:70:30:b8:57:c2:8a:62:0a:0a:c6:56:6f:90:11:d7:be:
         08:5c:eb:80:84:68:f8:0d:53:40:59:4e:be:32:a0:6e:db:5b:
         19:30:7c:b6:f3:9b:11:d7:e1:2c:a9:2d:90:ee:a4:c2:a0:a6:
         75:01:2c:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIsT3QnkmNfSucLdBAStXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjQxMTI3MDEwMTAwWhcNMjQxMTI4MDEwMTAwWjAzMTEwLwYDVQQD
Eyg1OGZhMmY5ZDYyZjQyODAxNzNiOGEwOWE4MWIwYTg2ZTA3NWMzNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OjV1s10KMSmu6apyMAbjcAtb07U
MsBTnWIS0bTqyFxkmxs3KcJIrUNALMUW3uhZsyhuaTOEGW/kC/b/M/zKAQiIlMgl
vurLk302LQukXHvdde8CZLtgmxr99gNf8xJR6V044Nwjr8kw6ZhtFCTQdMNxM/4F
pD3m/Iy0AQffwnXKNB7CO3NC/Kpn94wpwkm9vFoBHVfLxTNkS9FFd2B1n1v/0ZN6
qv2rhrXbn68JZsxWbhJzB1qFQpqfAfpGOayz6zQ/gAoHiXGG6MKPqtR7PQ62Kntm
O6w4fMVTpSpwxcGXT8TSW42ecLCRrFcvWg76Oy1OUc9R6K8qQRHOWRjyvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFj6L51i9CgBc7igmoGwqG4HXDdCMB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlCRYp5vh
dALTTUHbcg6ogQH5tQRr/3hzgzjPcVTi7pOYhvV6dETceQE/YalL8Sftm6Rhxszx
tFDvJHpW4zTR13gLQZ57xuMB0l8aRurG9prUu4I9WM38celbdO3RZPCoE87GRULi
Qa9IVOY1au/gYKANoe0xzjTPCgJvuxe4G8GizyP+F+jqee0R/85G4/uzbgeqkcmJ
rrd6pvnhgHxiy0ooPF8yxH4qhDz85c1ODekUZIO4BpQFJPoguzulXs1PxFk2DNQ4
LnhwMLhXwopiCgrGVm+QEde+CFzrgIRo+A1TQFlOvjKgbttbGTB8tvObEdfhLKkt
kO6kwqCmdQEsaQ==
-----END CERTIFICATE-----