Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          lcx8FnsTphBBx+tsYftT/tNnCJIeVqCTojHyEGTFZ/U=
Subject key identifier:   B7:07:1B:A5:83:5A:27:E8:87:03:2E:22:F5:07:56:06:15:CA:07:63
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       019369D967D0E91723F86A6BA1230816996A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 19:01:15 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:15 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:15 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: jBC44IzWVavAcWUG8AXRa56QgAWy7T709UaIk+W6b8I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:67:d0:e9:17:23:f8:6a:6b:a1:23:08:16:99:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: Nov 26 19:01:15 2024 GMT
            Not After : Nov 27 19:01:15 2024 GMT
        Subject: CN=b7071ba5835a27e887032e22f507560615ca0763
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:7b:85:07:f1:e9:6a:c5:a8:53:00:1b:5b:f4:
                    52:4c:fc:6f:e3:0d:b4:0d:71:9e:b0:34:ba:45:67:
                    be:5f:e3:19:50:45:2d:65:08:69:47:2a:62:22:21:
                    0a:0c:16:56:6f:a0:b8:a2:18:6c:bc:ee:00:84:aa:
                    5e:b4:77:4d:4b:67:b2:14:b9:b5:0d:8e:cc:b8:53:
                    f9:f5:49:b8:b9:82:66:13:c6:38:9b:4c:8d:be:37:
                    90:9b:f1:03:f5:ff:e6:0f:b7:aa:75:78:3e:63:a1:
                    c5:e9:57:58:b2:ee:53:c7:50:0f:64:50:41:8f:b5:
                    29:e0:15:79:4a:29:6b:e9:e2:f7:d1:54:f0:03:5f:
                    69:1b:9a:c5:3a:80:f2:a1:0d:5d:fe:e4:65:30:ca:
                    1f:7a:3f:a0:98:4c:60:89:75:81:09:52:73:6d:28:
                    34:17:25:dc:5b:d3:b5:17:bb:8c:a4:96:6f:8c:ff:
                    19:dd:23:7a:c3:d7:64:b8:a3:0c:87:1d:c3:ef:69:
                    80:bc:77:20:c4:1b:35:4a:3c:ad:a4:3f:e3:d7:cb:
                    b8:9e:15:a0:04:b0:b5:48:a5:43:d0:bf:cf:7b:07:
                    48:2b:c7:ff:41:eb:c9:d9:03:00:d4:a2:8e:30:ed:
                    c3:f0:85:70:19:5f:ee:72:f7:e8:ec:4b:ec:dc:87:
                    be:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:07:1B:A5:83:5A:27:E8:87:03:2E:22:F5:07:56:06:15:CA:07:63
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:3d:63:b3:a2:97:11:c9:fc:99:93:52:d6:e8:c7:5e:96:59:
         4c:7a:ee:04:ae:31:11:02:43:f7:b9:7e:ba:02:49:8c:37:34:
         ad:4c:14:ca:81:89:b6:31:54:44:e4:5e:13:7a:1e:82:11:02:
         9a:14:21:36:e5:02:48:d5:97:0b:7f:da:22:73:4b:81:f1:a8:
         e1:21:1b:e9:07:8a:d7:db:dd:d1:4a:df:09:82:1b:28:6c:c0:
         03:d1:85:f3:c6:2b:a6:6e:f1:a2:d3:79:f4:48:85:65:8e:e7:
         2a:b2:c3:ca:1b:86:cf:f7:05:ad:dd:d6:fe:84:bd:43:1e:49:
         67:ec:fb:2c:75:15:d9:33:04:f5:7e:91:9b:b3:94:a1:b9:6a:
         bc:60:2f:6b:19:a9:a9:9b:07:fe:5e:19:7b:9d:5d:47:76:3b:
         f1:85:e9:e8:98:31:ee:9b:e9:25:b7:7f:f3:3c:7d:3a:7d:97:
         72:aa:96:7d:fd:4f:9e:ec:9a:a9:9b:d7:5c:f2:1d:a2:62:30:
         c5:fa:43:c3:12:10:b8:cb:94:82:a6:26:17:b3:07:b0:db:86:
         95:60:52:4e:37:ad:4c:ea:4f:44:f8:8a:77:73:d1:9a:db:9a:
         76:92:cc:25:43:07:9e:5a:6f:b0:2b:48:50:da:5c:fb:26:e2:
         6e:c9:23:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2WfQ6Rcj+GproSMIFplqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjQxMTI2MTkwMTE1WhcNMjQxMTI3MTkwMTE1WjAzMTEwLwYDVQQD
EyhiNzA3MWJhNTgzNWEyN2U4ODcwMzJlMjJmNTA3NTYwNjE1Y2EwNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXuFB/HpasWoUwAbW/RSTPxv4w20
DXGesDS6RWe+X+MZUEUtZQhpRypiIiEKDBZWb6C4ohhsvO4AhKpetHdNS2eyFLm1
DY7MuFP59Um4uYJmE8Y4m0yNvjeQm/ED9f/mD7eqdXg+Y6HF6VdYsu5Tx1APZFBB
j7Up4BV5Silr6eL30VTwA19pG5rFOoDyoQ1d/uRlMMofej+gmExgiXWBCVJzbSg0
FyXcW9O1F7uMpJZvjP8Z3SN6w9dkuKMMhx3D72mAvHcgxBs1SjytpD/j18u4nhWg
BLC1SKVD0L/PewdIK8f/QevJ2QMA1KKOMO3D8IVwGV/ucvfo7Evs3Ie+xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcHG6WDWifohwMuIvUHVgYVygdjMB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZD1js6KX
Ecn8mZNS1ujHXpZZTHruBK4xEQJD97l+ugJJjDc0rUwUyoGJtjFUROReE3oeghEC
mhQhNuUCSNWXC3/aInNLgfGo4SEb6QeK19vd0UrfCYIbKGzAA9GF88Yrpm7xotN5
9EiFZY7nKrLDyhuGz/cFrd3W/oS9Qx5JZ+z7LHUV2TME9X6Rm7OUoblqvGAvaxmp
qZsH/l4Ze51dR3Y78YXp6Jgx7pvpJbd/8zx9On2XcqqWff1PnuyaqZvXXPIdomIw
xfpDwxIQuMuUgqYmF7MHsNuGlWBSTjetTOpPRPiKd3PRmtuadpLMJUMHnlpvsCtI
UNpc+ybibskjAw==
-----END CERTIFICATE-----