Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
File:                     0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json)
Hash identifier:          oL2LnR7VmDFdRPRQ2jaquSo1iSqRGNuuIYAJPhFYO4s=
Subject key identifier:   35:27:C1:27:CD:57:64:67:D4:F5:24:FD:7B:5A:46:15:CA:45:03:2B
Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD
Certificate issuer:       /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
Certificate serial:       019405A169068ABB61747C134CB53810711D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
Manifest number:          13C8
Signing time:             Fri 27 Dec 2024 01:00:51 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:51 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:51 +0000
Files and hashes:         1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: rBJDK3i5fAv2Wrn8bSGOwe8TYRS+eZhzJUPsuyefptY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 01:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a1:69:06:8a:bb:61:74:7c:13:4c:b5:38:10:71:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
        Validity
            Not Before: Dec 27 01:00:51 2024 GMT
            Not After : Dec 28 01:00:51 2024 GMT
        Subject: CN=3527c127cd576467d4f524fd7b5a4615ca45032b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:43:d3:b5:c3:99:8c:30:da:63:4c:40:29:11:
                    93:97:d0:e0:ac:6e:ac:ed:d5:c6:6e:81:e5:1a:41:
                    60:a9:2e:9d:bf:ee:a8:45:53:de:8d:18:cb:9e:bf:
                    65:f7:6c:d0:36:70:76:a4:4d:24:96:ae:c3:a1:1f:
                    c9:d8:41:fb:89:fa:78:b2:b4:49:b5:9a:c7:a2:99:
                    a9:8d:5c:44:76:7f:19:85:9c:9b:b2:94:e7:4c:49:
                    b1:7e:ab:e7:c7:bf:bc:12:c0:26:e0:5d:44:b6:14:
                    c5:bc:b5:d9:c3:34:1c:e4:33:5a:88:fc:15:9a:18:
                    14:7f:21:d8:0a:e7:22:f5:51:6a:dc:66:be:bf:ec:
                    a4:8f:24:b3:23:c4:cd:63:60:8e:48:ae:e0:53:46:
                    a2:c4:7f:c3:dc:71:9d:7b:8a:c7:83:44:b8:37:cb:
                    6e:ae:19:4f:f8:22:56:3c:ab:c3:d1:37:18:54:a2:
                    2f:7e:0f:75:cd:19:06:46:b4:94:74:b6:58:50:aa:
                    55:76:8d:6b:df:c8:56:73:80:26:bf:94:19:81:28:
                    53:0f:e0:78:ea:2b:ef:70:22:44:00:b9:fb:7c:b1:
                    7d:27:ab:df:3c:c5:8c:7d:c1:7e:98:3d:11:9d:11:
                    9a:f2:e7:6d:1f:00:2c:19:ab:28:a1:c6:c5:b0:75:
                    15:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:27:C1:27:CD:57:64:67:D4:F5:24:FD:7B:5A:46:15:CA:45:03:2B
            X509v3 Authority Key Identifier:
                keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:48:09:b1:ce:a0:07:c7:75:0a:5e:7a:f2:0b:16:c8:eb:84:
         4d:0d:da:97:ba:d6:a5:4c:62:fc:5d:27:64:73:b2:2a:4e:49:
         a7:35:42:2f:ae:a2:60:8d:39:ec:45:e0:83:05:3a:3b:35:b5:
         d3:9b:dd:20:e8:5e:01:ee:94:45:71:84:48:12:79:9e:c5:cf:
         a5:1e:71:63:64:3e:4a:13:7f:40:f9:ef:19:8e:6e:fa:8e:e3:
         c3:b3:15:6c:51:69:9c:6d:9a:85:49:a6:ed:65:67:d7:f7:74:
         74:03:8c:4d:ac:6d:02:8d:ca:3a:23:94:f2:17:11:4a:ef:b1:
         bb:1e:04:82:3d:bf:9d:b2:58:05:f1:54:85:6b:b8:28:6b:25:
         3f:7a:04:65:db:c6:6d:86:4b:0d:da:29:33:b0:6b:e7:37:33:
         dc:c5:09:dc:6c:99:33:ac:2e:52:f5:d5:3e:b8:fd:07:94:83:
         1e:01:fe:7e:c5:37:af:de:ef:f7:ac:0c:42:4d:c6:7c:d6:67:
         88:76:4d:ac:7b:ec:b2:34:12:1a:42:b5:28:e3:9b:e7:7e:f8:
         ba:a1:c8:2d:6a:64:1b:2f:e7:d8:5f:33:78:0d:59:db:2b:3f:
         da:02:8f:cc:6c:a3:87:61:03:96:09:b6:1a:7f:8d:9d:06:95:
         f0:7c:89:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoWkGirthdHwTTLU4EHEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk
ZGI1YWQwHhcNMjQxMjI3MDEwMDUxWhcNMjQxMjI4MDEwMDUxWjAzMTEwLwYDVQQD
EygzNTI3YzEyN2NkNTc2NDY3ZDRmNTI0ZmQ3YjVhNDYxNWNhNDUwMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokPTtcOZjDDaY0xAKRGTl9DgrG6s
7dXGboHlGkFgqS6dv+6oRVPejRjLnr9l92zQNnB2pE0klq7DoR/J2EH7ifp4srRJ
tZrHopmpjVxEdn8ZhZybspTnTEmxfqvnx7+8EsAm4F1EthTFvLXZwzQc5DNaiPwV
mhgUfyHYCuci9VFq3Ga+v+ykjySzI8TNY2COSK7gU0aixH/D3HGde4rHg0S4N8tu
rhlP+CJWPKvD0TcYVKIvfg91zRkGRrSUdLZYUKpVdo1r38hWc4Amv5QZgShTD+B4
6ivvcCJEALn7fLF9J6vfPMWMfcF+mD0RnRGa8udtHwAsGasoocbFsHUVfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUnwSfNV2Rn1PUk/XtaRhXKRQMrMB8GA1UdIwQY
MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt
ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4
LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT0gJsc6g
B8d1Cl568gsWyOuETQ3al7rWpUxi/F0nZHOyKk5JpzVCL66iYI057EXggwU6OzW1
05vdIOheAe6URXGESBJ5nsXPpR5xY2Q+ShN/QPnvGY5u+o7jw7MVbFFpnG2ahUmm
7WVn1/d0dAOMTaxtAo3KOiOU8hcRSu+xux4Egj2/nbJYBfFUhWu4KGslP3oEZdvG
bYZLDdopM7Br5zcz3MUJ3GyZM6wuUvXVPrj9B5SDHgH+fsU3r97v96wMQk3GfNZn
iHZNrHvssjQSGkK1KOOb5374uqHILWpkGy/n2F8zeA1Z2ys/2gKPzGyjh2EDlgm2
Gn+NnQaV8HyJdQ==
-----END CERTIFICATE-----