Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
File:                     s1IytLD6jIPU_4wSROhk67yt1os.mft (raw, json)
Hash identifier:          +maxmbU58skFWtj6cjwRTDeJfsqOMZURg7hedv3mrt8=
Subject key identifier:   FF:88:DE:CE:50:55:6B:1C:56:A3:FE:AC:6A:F7:06:63:F8:8E:D1:25
Authority key identifier: B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B
Certificate issuer:       /CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
Certificate serial:       019358783167F0DF210CEE5A1E12B57AD01E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
Manifest number:          0DE9
Signing time:             Sat 23 Nov 2024 10:01:32 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:32 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:32 +0000
Files and hashes:         1: s1IytLD6jIPU_4wSROhk67yt1os.crl (hash: mOje5/DXaObKooE56PJdM1o1ZSRb3F/+B8MCvg3Mes4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:31:67:f0:df:21:0c:ee:5a:1e:12:b5:7a:d0:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b35232b4b0fa8c83d4ff8c1244e864ebbcadd68b
        Validity
            Not Before: Nov 23 10:01:32 2024 GMT
            Not After : Nov 24 10:01:32 2024 GMT
        Subject: CN=ff88dece50556b1c56a3feac6af70663f88ed125
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:42:61:26:65:c8:4d:93:d1:fb:9b:3e:80:1f:
                    eb:2e:ca:96:87:96:08:06:79:1e:bb:fe:e8:c3:09:
                    26:e7:3b:c2:fe:aa:33:0c:ba:a2:40:c4:0f:1b:a7:
                    58:50:8a:9b:a3:44:54:5c:d1:57:6b:df:a8:ec:13:
                    e2:19:c9:a7:d7:e9:a5:73:e4:22:42:bc:52:d0:6e:
                    0d:12:88:3d:97:36:ee:ff:69:e2:36:7a:80:87:34:
                    18:8c:38:81:c2:8e:b0:8b:0e:60:5d:c0:25:18:db:
                    6a:f1:4f:05:e7:3e:a6:5c:bb:49:52:9d:2d:51:07:
                    0a:1c:80:a8:2d:89:28:96:40:6c:9c:08:e5:82:c6:
                    fd:cd:42:78:da:bb:22:74:76:25:45:b9:50:c6:0a:
                    6e:2a:a6:f3:9c:73:7e:5d:82:c3:1b:89:e5:83:6e:
                    e9:6b:82:98:14:0b:65:37:c8:68:df:98:f1:73:64:
                    29:14:9a:d3:c0:68:4a:f6:71:2e:1a:6c:f9:ec:ee:
                    b3:b2:f6:e1:aa:e3:c1:1d:b4:f0:4a:dc:bb:b1:2c:
                    5e:20:d8:c9:63:1c:a1:f3:d5:a1:93:7f:79:f7:2a:
                    73:fd:d6:0e:8b:f4:85:12:c0:d5:7f:34:3e:c8:4c:
                    27:81:ff:36:29:fe:64:d2:37:32:91:58:1f:7e:34:
                    16:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:88:DE:CE:50:55:6B:1C:56:A3:FE:AC:6A:F7:06:63:F8:8E:D1:25
            X509v3 Authority Key Identifier:
                keyid:B3:52:32:B4:B0:FA:8C:83:D4:FF:8C:12:44:E8:64:EB:BC:AD:D6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s1IytLD6jIPU_4wSROhk67yt1os.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/bd9fd8-a346-459e-838a-b9122e521058/1/s1IytLD6jIPU_4wSROhk67yt1os.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ab:63:4f:b7:83:4a:ba:b8:9a:4b:d7:ad:a0:50:75:11:56:
         da:90:7a:70:ef:f1:1b:a9:06:eb:52:88:6b:a9:95:3f:dc:04:
         6f:6e:38:2b:76:61:99:ef:3e:6d:17:39:ac:f6:32:85:2e:a8:
         f7:e7:e6:16:ac:81:e5:67:62:ba:9a:69:71:58:49:84:87:45:
         4c:ed:92:2c:b0:03:db:89:4d:1d:77:ce:4c:62:7e:c8:08:f8:
         a7:11:26:3f:7e:fe:a5:37:05:fe:32:ca:e9:c2:00:03:96:5c:
         cf:f8:b7:cd:92:a4:9f:04:22:c8:ea:16:66:20:2f:db:75:c1:
         cb:4c:e1:92:57:69:ce:f5:95:0b:91:21:a2:c6:b6:1c:a4:50:
         3b:9f:97:b2:ce:e3:3c:b7:da:76:12:ef:b9:e7:27:89:a1:3e:
         f6:a1:44:5a:77:89:2d:a7:17:55:f6:07:06:ea:87:8c:fa:e3:
         e2:0d:af:47:ea:1c:24:25:fc:0b:9a:76:34:5f:9c:4e:c0:87:
         c0:c4:2d:39:7e:aa:ee:e0:35:dc:ea:02:02:2c:55:5a:ce:ad:
         c7:a2:44:a3:fc:4b:04:79:60:4f:ad:19:85:83:66:5a:ce:73:
         42:46:8a:4a:46:f0:78:ad:8b:79:06:8f:51:aa:72:b6:2d:35:
         2e:a4:59:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeDFn8N8hDO5aHhK1etAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNTIzMmI0YjBmYThjODNkNGZmOGMxMjQ0ZTg2NGViYmNh
ZGQ2OGIwHhcNMjQxMTIzMTAwMTMyWhcNMjQxMTI0MTAwMTMyWjAzMTEwLwYDVQQD
EyhmZjg4ZGVjZTUwNTU2YjFjNTZhM2ZlYWM2YWY3MDY2M2Y4OGVkMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEJhJmXITZPR+5s+gB/rLsqWh5YI
Bnkeu/7owwkm5zvC/qozDLqiQMQPG6dYUIqbo0RUXNFXa9+o7BPiGcmn1+mlc+Qi
QrxS0G4NEog9lzbu/2niNnqAhzQYjDiBwo6wiw5gXcAlGNtq8U8F5z6mXLtJUp0t
UQcKHICoLYkolkBsnAjlgsb9zUJ42rsidHYlRblQxgpuKqbznHN+XYLDG4nlg27p
a4KYFAtlN8ho35jxc2QpFJrTwGhK9nEuGmz57O6zsvbhquPBHbTwSty7sSxeINjJ
Yxyh89Whk3959ypz/dYOi/SFEsDVfzQ+yEwngf82Kf5k0jcykVgffjQWpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+I3s5QVWscVqP+rGr3BmP4jtElMB8GA1UdIwQY
MBaAFLNSMrSw+oyD1P+MEkToZOu8rdaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEt
YjkxMjJlNTIxMDU4LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iZDlmZDgtYTM0Ni00NTllLTgzOGEtYjkxMjJlNTIxMDU4
LzEvczFJeXRMRDZqSVBVXzR3U1JPaGs2N3l0MW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZatjT7eD
Srq4mkvXraBQdRFW2pB6cO/xG6kG61KIa6mVP9wEb244K3Zhme8+bRc5rPYyhS6o
9+fmFqyB5WdiupppcVhJhIdFTO2SLLAD24lNHXfOTGJ+yAj4pxEmP37+pTcF/jLK
6cIAA5Zcz/i3zZKknwQiyOoWZiAv23XBy0zhkldpzvWVC5Ehosa2HKRQO5+Xss7j
PLfadhLvuecniaE+9qFEWneJLacXVfYHBuqHjPrj4g2vR+ocJCX8C5p2NF+cTsCH
wMQtOX6q7uA13OoCAixVWs6tx6JEo/xLBHlgT60ZhYNmWs5zQkaKSkbweK2LeQaP
Uapyti01LqRZDg==
-----END CERTIFICATE-----