Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
File:                     bdEoKnfiVmUBaNLlZWrvzprWouw.mft (raw, json)
Hash identifier:          qL2fz0VLIB906Rh6rek//dGqyi/BhmivqFtIuhN5FTk=
Subject key identifier:   13:0E:8F:7F:97:CC:22:2E:30:C8:68:65:44:C3:A4:FA:42:48:F8:E1
Authority key identifier: 6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC
Certificate issuer:       /CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
Certificate serial:       019356BFB7C7841BC5175C4985EE1D1828BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
Manifest number:          01A5
Signing time:             Sat 23 Nov 2024 02:00:25 +0000
Manifest this update:     Sat 23 Nov 2024 02:00:25 +0000
Manifest next update:     Sun 24 Nov 2024 02:00:25 +0000
Files and hashes:         1: bdEoKnfiVmUBaNLlZWrvzprWouw.crl (hash: xnrfcbIerVYoLETpoxG+A3oldOY9ZbkoibCfJmBk/y8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:bf:b7:c7:84:1b:c5:17:5c:49:85:ee:1d:18:28:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dd1282a77e256650168d2e5656aefce9ad6a2ec
        Validity
            Not Before: Nov 23 02:00:25 2024 GMT
            Not After : Nov 24 02:00:25 2024 GMT
        Subject: CN=130e8f7f97cc222e30c8686544c3a4fa4248f8e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:50:27:26:f7:f7:66:b9:5b:67:f1:6f:9f:15:
                    76:c2:7f:6f:fc:ce:84:e1:43:f6:fb:e1:ed:8e:84:
                    e9:ef:05:66:ec:6b:9c:68:c6:78:5b:0b:09:65:47:
                    b6:6a:f4:55:9c:50:ce:49:09:8b:94:70:aa:9a:53:
                    d7:0f:d3:78:29:b7:33:7f:d9:91:ad:2e:36:06:b7:
                    6f:f1:e6:f3:fd:ce:6a:40:8a:ec:30:59:30:30:5d:
                    e5:7d:f8:6b:91:e5:70:88:3d:95:bd:c4:22:e2:19:
                    eb:75:53:31:a2:ef:e7:11:a0:74:bc:68:22:d7:8f:
                    77:3a:f6:e3:8b:ef:5a:27:c1:00:78:2e:fc:34:dd:
                    79:2d:3b:78:2e:c8:88:01:80:40:47:03:58:6d:5e:
                    e5:7e:80:d5:09:c4:05:dc:78:a4:f9:9c:a9:5c:64:
                    46:2a:5e:5b:db:96:6b:43:2e:3e:3a:5f:4a:c9:7d:
                    29:84:f7:ec:ce:fa:c2:dd:d3:0c:df:bc:c8:f5:af:
                    5f:f0:08:1b:3c:5a:2a:d4:62:a3:8a:2b:a0:17:0e:
                    59:ca:84:c1:ed:ef:c9:16:a8:ca:eb:ad:c4:d0:71:
                    8c:fe:0a:03:ce:2c:2e:64:9f:d7:22:c5:78:3d:3a:
                    52:c8:13:f8:75:47:6e:96:80:f3:cc:43:1f:72:39:
                    c7:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:0E:8F:7F:97:CC:22:2E:30:C8:68:65:44:C3:A4:FA:42:48:F8:E1
            X509v3 Authority Key Identifier:
                keyid:6D:D1:28:2A:77:E2:56:65:01:68:D2:E5:65:6A:EF:CE:9A:D6:A2:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bdEoKnfiVmUBaNLlZWrvzprWouw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a773b1-5f36-4e80-a398-e0233b7c60aa/1/bdEoKnfiVmUBaNLlZWrvzprWouw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:b9:5e:34:7b:b0:d9:c9:26:3c:b1:17:61:98:5d:a6:e6:d1:
         02:7f:a5:32:ae:13:d4:38:1e:77:e4:5e:0e:d5:ab:6f:54:66:
         68:3b:2e:39:27:ed:0f:01:75:07:ec:5b:9b:fb:20:08:33:33:
         91:57:9b:b7:a0:96:56:4f:9b:92:f9:05:9d:11:02:ee:3b:55:
         03:b7:c7:3b:31:69:54:b1:45:17:8a:1f:36:b5:ca:1f:bf:71:
         22:28:76:8e:19:81:33:7d:25:c3:82:c9:62:be:40:0b:17:77:
         ca:ac:5c:40:2e:63:1f:4e:f9:33:e2:61:76:d1:d8:ab:1a:f1:
         cb:16:5f:93:b3:a9:44:5b:bb:63:4a:06:15:05:4d:71:29:cb:
         e8:fc:20:76:6d:48:82:d0:b8:25:c0:97:5d:02:8c:39:f0:0d:
         75:7c:2c:91:0f:df:9a:f0:e0:45:bd:45:4d:38:a8:64:c4:03:
         f3:55:ee:14:28:75:e5:05:ac:85:a2:c5:4a:e0:ec:f9:9f:85:
         4c:19:81:e1:99:ea:59:85:2e:c4:cb:3a:02:a6:2f:33:91:3d:
         32:72:5b:30:c5:0b:df:9b:1b:a0:5a:e7:35:7d:f1:35:35:16:
         ba:24:83:27:88:42:9e:8a:d7:21:7a:d5:4f:40:4b:79:65:28:
         1e:cf:5d:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWv7fHhBvFF1xJhe4dGCi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZDEyODJhNzdlMjU2NjUwMTY4ZDJlNTY1NmFlZmNlOWFk
NmEyZWMwHhcNMjQxMTIzMDIwMDI1WhcNMjQxMTI0MDIwMDI1WjAzMTEwLwYDVQQD
EygxMzBlOGY3Zjk3Y2MyMjJlMzBjODY4NjU0NGMzYTRmYTQyNDhmOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFAnJvf3ZrlbZ/FvnxV2wn9v/M6E
4UP2++HtjoTp7wVm7GucaMZ4WwsJZUe2avRVnFDOSQmLlHCqmlPXD9N4Kbczf9mR
rS42Brdv8ebz/c5qQIrsMFkwMF3lffhrkeVwiD2VvcQi4hnrdVMxou/nEaB0vGgi
1493Ovbji+9aJ8EAeC78NN15LTt4LsiIAYBARwNYbV7lfoDVCcQF3Hik+ZypXGRG
Kl5b25ZrQy4+Ol9KyX0phPfszvrC3dMM37zI9a9f8AgbPFoq1GKjiiugFw5ZyoTB
7e/JFqjK663E0HGM/goDziwuZJ/XIsV4PTpSyBP4dUduloDzzEMfcjnHLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMOj3+XzCIuMMhoZUTDpPpCSPjhMB8GA1UdIwQY
MBaAFG3RKCp34lZlAWjS5WVq786a1qLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgt
ZTAyMzNiN2M2MGFhLzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNzczYjEtNWYzNi00ZTgwLWEzOTgtZTAyMzNiN2M2MGFh
LzEvYmRFb0tuZmlWbVVCYU5MbFpXcnZ6cHJXb3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXLleNHuw
2ckmPLEXYZhdpubRAn+lMq4T1Dged+ReDtWrb1RmaDsuOSftDwF1B+xbm/sgCDMz
kVebt6CWVk+bkvkFnREC7jtVA7fHOzFpVLFFF4ofNrXKH79xIih2jhmBM30lw4LJ
Yr5ACxd3yqxcQC5jH075M+JhdtHYqxrxyxZfk7OpRFu7Y0oGFQVNcSnL6Pwgdm1I
gtC4JcCXXQKMOfANdXwskQ/fmvDgRb1FTTioZMQD81XuFCh15QWshaLFSuDs+Z+F
TBmB4ZnqWYUuxMs6AqYvM5E9MnJbMMUL35sboFrnNX3xNTUWuiSDJ4hCnorXIXrV
T0BLeWUoHs9dcw==
-----END CERTIFICATE-----