Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
File:                     pr640lzi1AsMuuWcEeKSvTcXDfo.mft (raw, json)
Hash identifier:          ANmEUVOowemlgdOsPZMgXwkvr1KGNEvVZVHL0PmXtTw=
Subject key identifier:   85:A1:D2:B6:2F:83:45:4F:ED:FF:1B:9D:EF:6C:93:3E:01:97:21:33
Authority key identifier: A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA
Certificate issuer:       /CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
Certificate serial:       01935952D93F645257C8666D50B996ED6ABB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
Manifest number:          0D6A
Signing time:             Sat 23 Nov 2024 14:00:21 +0000
Manifest this update:     Sat 23 Nov 2024 14:00:21 +0000
Manifest next update:     Sun 24 Nov 2024 14:00:21 +0000
Files and hashes:         1: pr640lzi1AsMuuWcEeKSvTcXDfo.crl (hash: sg1GNHyk+X0v3zBXtX5vjFjDbk89g49fgAsR/wz8JsQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 14:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:59:52:d9:3f:64:52:57:c8:66:6d:50:b9:96:ed:6a:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6beb8d25ce2d40b0cbae59c11e292bd37170dfa
        Validity
            Not Before: Nov 23 14:00:21 2024 GMT
            Not After : Nov 24 14:00:21 2024 GMT
        Subject: CN=85a1d2b62f83454fedff1b9def6c933e01972133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:77:38:3a:e7:d5:47:53:72:9f:95:6e:78:8d:
                    21:05:a6:0b:0b:27:0a:a7:68:70:2e:18:4b:ee:a1:
                    26:df:41:25:65:cc:cc:f0:2d:bc:b7:8b:61:ef:18:
                    72:fe:1a:2e:6c:89:91:0c:5d:fe:64:05:1b:75:70:
                    4e:61:d3:c8:39:e6:f9:86:6b:84:53:19:f1:8d:04:
                    f7:a6:24:cf:2f:7f:c8:d2:7b:a3:87:6f:a3:02:0c:
                    e6:9f:3c:26:46:ec:6f:0c:c9:e5:49:0b:75:5c:ca:
                    1b:1f:8c:d9:24:a3:29:bb:22:e5:b6:c3:29:aa:f9:
                    56:62:41:15:13:bf:ef:31:a1:d5:60:7a:c4:af:63:
                    70:8b:24:00:83:d8:ba:4c:99:a1:bf:a5:c8:cd:19:
                    6c:cf:9a:09:b1:3f:18:d9:d0:a6:bc:62:95:e2:a5:
                    18:08:ac:b4:19:fe:37:6d:5b:4b:01:b9:9c:37:39:
                    ec:d4:ca:75:36:93:fb:e1:2f:0d:0d:39:fe:3a:aa:
                    12:1a:f4:e1:14:11:5c:99:c2:1a:95:0c:b4:c0:d1:
                    5e:35:7c:b6:42:f9:b5:ec:6c:d4:19:f3:fb:39:cd:
                    eb:d0:ed:ee:6d:85:58:b7:16:a6:d1:db:e8:aa:aa:
                    90:9f:62:fd:e1:c4:75:47:93:99:4e:96:a2:8b:d4:
                    e3:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:A1:D2:B6:2F:83:45:4F:ED:FF:1B:9D:EF:6C:93:3E:01:97:21:33
            X509v3 Authority Key Identifier:
                keyid:A6:BE:B8:D2:5C:E2:D4:0B:0C:BA:E5:9C:11:E2:92:BD:37:17:0D:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pr640lzi1AsMuuWcEeKSvTcXDfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/5424d9-5348-4f6f-9390-45a40a21b8d3/1/pr640lzi1AsMuuWcEeKSvTcXDfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:ea:62:9d:8a:df:2b:ad:29:bf:2b:ba:fc:1d:18:b3:e6:11:
         ec:d7:7b:74:9c:c8:76:ad:c7:28:a5:bf:a2:2b:3f:c5:f9:48:
         9e:e0:8b:1c:10:d2:1f:11:eb:36:4f:1d:1c:e0:21:6b:b4:d2:
         cf:02:2c:2f:28:3a:97:94:32:ad:77:92:7c:78:e9:97:70:8a:
         3e:6b:2a:46:27:dd:43:a5:7c:0e:e9:6e:1a:6e:8e:77:5e:ff:
         86:d4:41:fa:16:e3:af:a8:b1:90:5f:af:db:a6:99:ad:c8:a1:
         cd:a6:24:e0:1f:71:5e:35:1e:df:db:98:93:3c:d6:02:54:cc:
         99:3b:40:56:91:b8:c9:f9:07:1d:12:f6:2d:ca:bb:84:c4:22:
         bd:3f:85:d4:2a:7b:a0:1a:fd:3e:07:4e:e8:af:f1:dd:3a:56:
         71:6b:58:b0:63:a1:7b:33:be:1f:3c:cc:fa:a3:c2:1e:11:2a:
         8d:f1:31:e9:4b:81:a2:b7:99:d7:d7:73:dd:12:8b:28:8f:6a:
         fa:59:c5:df:b1:59:b0:13:1b:49:1b:ad:bf:18:76:bf:82:2b:
         9e:0a:3b:39:40:e0:fc:cd:21:67:aa:6f:73:7a:1a:7f:bd:8a:
         09:ad:c6:8a:2c:dc:cb:33:8b:30:8d:5a:42:a3:58:1e:49:65:
         9f:e0:c9:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNZUtk/ZFJXyGZtULmW7Wq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YmViOGQyNWNlMmQ0MGIwY2JhZTU5YzExZTI5MmJkMzcx
NzBkZmEwHhcNMjQxMTIzMTQwMDIxWhcNMjQxMTI0MTQwMDIxWjAzMTEwLwYDVQQD
Eyg4NWExZDJiNjJmODM0NTRmZWRmZjFiOWRlZjZjOTMzZTAxOTcyMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Xc4OufVR1Nyn5VueI0hBaYLCycK
p2hwLhhL7qEm30ElZczM8C28t4th7xhy/houbImRDF3+ZAUbdXBOYdPIOeb5hmuE
UxnxjQT3piTPL3/I0nujh2+jAgzmnzwmRuxvDMnlSQt1XMobH4zZJKMpuyLltsMp
qvlWYkEVE7/vMaHVYHrEr2NwiyQAg9i6TJmhv6XIzRlsz5oJsT8Y2dCmvGKV4qUY
CKy0Gf43bVtLAbmcNzns1Mp1NpP74S8NDTn+OqoSGvThFBFcmcIalQy0wNFeNXy2
Qvm17GzUGfP7Oc3r0O3ubYVYtxam0dvoqqqQn2L94cR1R5OZTpaii9TjwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIWh0rYvg0VP7f8bne9skz4BlyEzMB8GA1UdIwQY
MBaAFKa+uNJc4tQLDLrlnBHikr03Fw36MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAt
NDVhNDBhMjFiOGQzLzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS81NDI0ZDktNTM0OC00ZjZmLTkzOTAtNDVhNDBhMjFiOGQz
LzEvcHI2NDBsemkxQXNNdXVXY0VlS1N2VGNYRGZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANepinYrf
K60pvyu6/B0Ys+YR7Nd7dJzIdq3HKKW/ois/xflInuCLHBDSHxHrNk8dHOAha7TS
zwIsLyg6l5QyrXeSfHjpl3CKPmsqRifdQ6V8DuluGm6Od17/htRB+hbjr6ixkF+v
26aZrcihzaYk4B9xXjUe39uYkzzWAlTMmTtAVpG4yfkHHRL2Lcq7hMQivT+F1Cp7
oBr9PgdO6K/x3TpWcWtYsGOhezO+HzzM+qPCHhEqjfEx6UuBoreZ19dz3RKLKI9q
+lnF37FZsBMbSRutvxh2v4Irngo7OUDg/M0hZ6pvc3oaf72KCa3GiizcyzOLMI1a
QqNYHklln+DJPg==
-----END CERTIFICATE-----