Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
File:                     D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft (raw, json)
Hash identifier:          maRu/IuBr7ALzul6PeN/udI7EsCWVdpgb5NhJ348hxw=
Subject key identifier:   2F:89:F2:BE:86:92:A8:06:9C:8A:50:6C:BE:3F:61:99:03:65:87:1F
Authority key identifier: 0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77
Certificate issuer:       /CN=0f79760520b7c15c2e4260308272b849f88ed677
Certificate serial:       01923926959D80ED600472888B4DEAE198FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
Manifest number:          12DC
Signing time:             Sat 28 Sep 2024 15:01:22 +0000
Manifest this update:     Sat 28 Sep 2024 15:01:22 +0000
Manifest next update:     Sun 29 Sep 2024 15:01:22 +0000
Files and hashes:         1: D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl (hash: dwLWqHTbJdPAGEgNRHW1m6aGS27mGWlLrugZX+AF7kY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 07:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:39:26:95:9d:80:ed:60:04:72:88:8b:4d:ea:e1:98:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f79760520b7c15c2e4260308272b849f88ed677
        Validity
            Not Before: Sep 28 15:01:22 2024 GMT
            Not After : Sep 29 15:01:22 2024 GMT
        Subject: CN=2f89f2be8692a8069c8a506cbe3f61990365871f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f1:e2:fb:06:35:88:eb:5f:52:ad:23:16:6c:
                    c7:86:2b:42:94:1d:e5:9a:ea:6e:33:0e:d9:0e:3f:
                    3a:d4:ee:00:ae:a5:64:41:e8:d2:78:14:4b:0f:b8:
                    2a:82:9d:fd:db:ad:c3:6f:b4:05:24:e6:19:4a:c1:
                    ec:9e:54:b8:c5:12:34:fc:4e:0f:74:3e:d8:9a:82:
                    20:97:8f:0b:d0:be:86:de:9c:f6:54:83:7f:0f:d7:
                    f7:b6:69:f2:ee:4f:4b:a7:11:0f:c0:80:23:b7:81:
                    61:1e:d6:1d:99:99:7f:3f:1b:75:e6:85:db:bf:1c:
                    ed:86:76:7f:38:2a:e5:9f:0c:ee:73:c4:a9:8d:2f:
                    04:aa:4c:ac:39:92:78:dc:d9:0a:b1:7c:b6:71:2a:
                    46:a8:03:6c:e7:28:99:91:06:4f:34:94:e9:5e:bb:
                    9b:a6:cf:ce:22:16:18:5d:e7:52:15:11:a5:f9:bd:
                    85:7d:49:e5:00:dc:67:80:11:02:8b:b4:30:61:b0:
                    78:b4:7f:8a:72:52:17:7d:4d:41:06:c5:18:ea:67:
                    31:da:75:9a:80:14:0a:80:04:1f:92:60:b5:bc:14:
                    e5:06:e1:64:4c:38:6a:ab:71:c4:2e:27:38:e2:df:
                    e1:3e:1f:33:ca:2b:fe:d4:7e:b0:93:d5:68:52:7b:
                    b1:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:89:F2:BE:86:92:A8:06:9C:8A:50:6C:BE:3F:61:99:03:65:87:1F
            X509v3 Authority Key Identifier:
                keyid:0F:79:76:05:20:B7:C1:5C:2E:42:60:30:82:72:B8:49:F8:8E:D6:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3l2BSC3wVwuQmAwgnK4SfiO1nc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f8474b-5aeb-4058-9f4e-0042425bab1a/1/D3l2BSC3wVwuQmAwgnK4SfiO1nc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:38:47:c4:15:d7:fc:6a:d1:cd:e1:02:26:57:8a:8d:5a:40:
         35:68:26:5d:c7:93:32:52:a5:9f:3e:f1:b2:04:2b:2c:5e:6f:
         dd:d3:ec:55:f4:dc:13:37:c1:37:78:81:c7:67:dd:16:fa:7d:
         c6:80:8f:f8:f2:8a:9f:3f:20:bf:59:bd:5e:e7:75:5f:5a:a9:
         e6:19:7a:d6:cd:03:d9:71:c6:df:4b:13:e5:fc:43:7d:2f:3d:
         c3:42:be:0d:24:bc:19:a3:2f:93:06:c1:4a:56:e4:7a:cd:bb:
         be:01:be:5a:56:d5:f1:fc:d1:ed:cf:be:18:fb:7a:e4:66:94:
         f3:ef:e4:b1:7f:d9:d8:d2:8b:7e:24:24:eb:35:08:c7:0a:0d:
         c5:d0:30:dd:fa:6c:b3:42:8d:27:34:3c:6c:d9:1e:7e:08:75:
         4d:a2:eb:96:c0:08:92:15:fd:a3:1c:0a:e1:a1:ed:9f:6f:e4:
         ea:45:4c:37:6c:ea:4a:4e:e9:d3:ac:c2:26:37:c7:9e:14:85:
         ab:84:34:23:b6:9b:f4:d2:d6:2d:fc:5a:05:c6:1f:c5:dc:bd:
         09:e6:e1:c6:e5:1a:2f:c0:90:3f:35:c1:21:25:a3:9e:c9:d5:
         36:87:10:33:f7:9c:29:12:bf:50:c0:ae:7d:71:ac:3c:01:f8:
         ba:49:b0:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI5JpWdgO1gBHKIi03q4Zj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzk3NjA1MjBiN2MxNWMyZTQyNjAzMDgyNzJiODQ5Zjg4
ZWQ2NzcwHhcNMjQwOTI4MTUwMTIyWhcNMjQwOTI5MTUwMTIyWjAzMTEwLwYDVQQD
EygyZjg5ZjJiZTg2OTJhODA2OWM4YTUwNmNiZTNmNjE5OTAzNjU4NzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPHi+wY1iOtfUq0jFmzHhitClB3l
mupuMw7ZDj861O4ArqVkQejSeBRLD7gqgp39263Db7QFJOYZSsHsnlS4xRI0/E4P
dD7YmoIgl48L0L6G3pz2VIN/D9f3tmny7k9LpxEPwIAjt4FhHtYdmZl/Pxt15oXb
vxzthnZ/OCrlnwzuc8SpjS8EqkysOZJ43NkKsXy2cSpGqANs5yiZkQZPNJTpXrub
ps/OIhYYXedSFRGl+b2FfUnlANxngBECi7QwYbB4tH+KclIXfU1BBsUY6mcx2nWa
gBQKgAQfkmC1vBTlBuFkTDhqq3HELic44t/hPh8zyiv+1H6wk9VoUnux+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+J8r6GkqgGnIpQbL4/YZkDZYcfMB8GA1UdIwQY
MBaAFA95dgUgt8FcLkJgMIJyuEn4jtZ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUt
MDA0MjQyNWJhYjFhLzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mODQ3NGItNWFlYi00MDU4LTlmNGUtMDA0MjQyNWJhYjFh
LzEvRDNsMkJTQzN3Vnd1UW1Bd2duSzRTZmlPMW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcDhHxBXX
/GrRzeECJleKjVpANWgmXceTMlKlnz7xsgQrLF5v3dPsVfTcEzfBN3iBx2fdFvp9
xoCP+PKKnz8gv1m9Xud1X1qp5hl61s0D2XHG30sT5fxDfS89w0K+DSS8GaMvkwbB
Slbkes27vgG+WlbV8fzR7c++GPt65GaU8+/ksX/Z2NKLfiQk6zUIxwoNxdAw3fps
s0KNJzQ8bNkefgh1TaLrlsAIkhX9oxwK4aHtn2/k6kVMN2zqSk7p06zCJjfHnhSF
q4Q0I7ab9NLWLfxaBcYfxdy9CebhxuUaL8CQPzXBISWjnsnVNocQM/ecKRK/UMCu
fXGsPAH4ukmw1Q==
-----END CERTIFICATE-----