Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
File:                     _yBr0QgxynN4dWteFhc4lqYLAZE.mft (raw, json)
Hash identifier:          x3haMal+Cbopb/XiHwYV9hSQljYMeu3gre/S4vPqjKE=
Subject key identifier:   6C:BD:D3:38:89:5D:53:9F:67:59:F6:13:CF:14:9D:7D:A1:A2:44:8B
Authority key identifier: FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91
Certificate issuer:       /CN=ff206bd10831ca7378756b5e16173896a60b0191
Certificate serial:       01935688DFDA3047E9541A3DC87B4D8FE113
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
Manifest number:          0B30
Signing time:             Sat 23 Nov 2024 01:00:30 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:30 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:30 +0000
Files and hashes:         1: _yBr0QgxynN4dWteFhc4lqYLAZE.crl (hash: ZL7rM9UXf0j8G8g2voquseWsANvMHAXQYCM/QPqr3Eo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:df:da:30:47:e9:54:1a:3d:c8:7b:4d:8f:e1:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff206bd10831ca7378756b5e16173896a60b0191
        Validity
            Not Before: Nov 23 01:00:30 2024 GMT
            Not After : Nov 24 01:00:30 2024 GMT
        Subject: CN=6cbdd338895d539f6759f613cf149d7da1a2448b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:c0:ec:cb:0e:26:f2:5c:86:92:21:33:74:3d:
                    80:1e:6a:67:2d:2c:72:69:11:ad:73:07:e8:6f:58:
                    0c:4c:2d:2c:63:2a:42:d9:78:68:10:72:d7:5d:92:
                    42:29:23:c1:28:8a:7f:e3:22:94:ef:f1:f2:cd:da:
                    c8:1e:1d:59:d3:a6:9b:f8:af:13:e8:a0:21:05:bf:
                    c4:6c:4e:71:34:15:c0:fa:50:0e:18:c8:a4:7b:14:
                    1b:21:66:dc:11:87:06:be:3c:65:4b:0c:50:50:90:
                    2b:12:61:79:d0:03:29:f5:fa:93:36:66:85:6d:bb:
                    1a:72:78:97:5b:84:42:7b:0e:18:a6:b9:df:45:58:
                    7c:bc:ea:8b:66:96:af:e4:2e:d7:f6:d7:80:b5:b4:
                    89:54:c4:d2:2d:e1:f7:e5:66:3d:83:5a:bc:ac:bf:
                    4d:24:70:96:b5:47:23:a0:b1:2e:0a:ac:d1:8a:d8:
                    b0:e0:d2:0c:20:1d:24:a4:be:82:15:c6:13:e3:a6:
                    06:d5:1e:ea:98:0f:c0:4d:40:f0:97:37:e5:3b:d6:
                    e6:b8:7f:ff:7c:6c:b2:9f:53:42:8d:03:94:71:77:
                    31:ef:6b:e0:1e:62:a9:bc:9e:76:6e:e4:fe:80:50:
                    1b:4b:81:3f:07:3e:56:53:99:88:bd:4f:03:6d:06:
                    c6:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:BD:D3:38:89:5D:53:9F:67:59:F6:13:CF:14:9D:7D:A1:A2:44:8B
            X509v3 Authority Key Identifier:
                keyid:FF:20:6B:D1:08:31:CA:73:78:75:6B:5E:16:17:38:96:A6:0B:01:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_yBr0QgxynN4dWteFhc4lqYLAZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/a35d37-7447-4cf4-982f-50f398bb26e9/1/_yBr0QgxynN4dWteFhc4lqYLAZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:67:f5:dc:6b:ed:b6:00:38:16:cc:b0:9e:99:7d:60:22:6c:
         9e:94:c9:77:f5:84:89:f8:23:60:14:55:d5:d9:ed:fe:c6:8c:
         7d:0a:ee:db:8a:f4:be:57:b7:6c:4f:0e:b2:31:cb:05:4d:dc:
         43:5b:c6:9e:58:c4:73:bb:9a:98:7a:5b:79:5f:34:90:0e:9e:
         f4:c1:2a:7b:a2:0b:5c:a8:a0:73:8a:13:9c:61:29:18:6f:b1:
         ea:81:61:24:cd:09:2b:61:12:8b:25:2b:d0:3e:cb:78:90:a3:
         53:b8:05:e3:d2:a1:fd:24:a6:a2:ae:7d:f8:87:98:64:45:29:
         94:30:cb:d0:81:71:23:36:20:4c:28:22:41:46:b9:62:c6:48:
         17:5b:75:c1:52:db:6b:fe:d3:85:25:fe:96:4d:9a:6f:ae:e9:
         7e:02:b0:3f:a4:76:07:04:b7:a1:b5:79:30:d5:d9:a0:fc:c8:
         b6:f3:ad:44:5d:96:a5:ee:e7:37:32:eb:06:f3:e3:f4:50:11:
         13:35:3d:8a:1b:31:4f:95:d9:27:1b:47:19:0d:c5:77:c7:7b:
         28:ef:f3:19:b3:05:c1:ba:ca:da:ee:00:bb:48:f3:8e:06:1e:
         ec:32:23:ba:ff:0f:54:56:0c:1b:dc:a5:0b:51:d5:7b:5b:c4:
         42:87:4f:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiN/aMEfpVBo9yHtNj+ETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMjA2YmQxMDgzMWNhNzM3ODc1NmI1ZTE2MTczODk2YTYw
YjAxOTEwHhcNMjQxMTIzMDEwMDMwWhcNMjQxMTI0MDEwMDMwWjAzMTEwLwYDVQQD
Eyg2Y2JkZDMzODg5NWQ1MzlmNjc1OWY2MTNjZjE0OWQ3ZGExYTI0NDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sDsyw4m8lyGkiEzdD2AHmpnLSxy
aRGtcwfob1gMTC0sYypC2XhoEHLXXZJCKSPBKIp/4yKU7/HyzdrIHh1Z06ab+K8T
6KAhBb/EbE5xNBXA+lAOGMikexQbIWbcEYcGvjxlSwxQUJArEmF50AMp9fqTNmaF
bbsacniXW4RCew4YprnfRVh8vOqLZpav5C7X9teAtbSJVMTSLeH35WY9g1q8rL9N
JHCWtUcjoLEuCqzRitiw4NIMIB0kpL6CFcYT46YG1R7qmA/ATUDwlzflO9bmuH//
fGyyn1NCjQOUcXcx72vgHmKpvJ52buT+gFAbS4E/Bz5WU5mIvU8DbQbGKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGy90ziJXVOfZ1n2E88UnX2hokSLMB8GA1UdIwQY
MBaAFP8ga9EIMcpzeHVrXhYXOJamCwGRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYt
NTBmMzk4YmIyNmU5LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9hMzVkMzctNzQ0Ny00Y2Y0LTk4MmYtNTBmMzk4YmIyNmU5
LzEvX3lCcjBRZ3h5bk40ZFd0ZUZoYzRscVlMQVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWf13Gvt
tgA4Fsywnpl9YCJsnpTJd/WEifgjYBRV1dnt/saMfQru24r0vle3bE8OsjHLBU3c
Q1vGnljEc7uamHpbeV80kA6e9MEqe6ILXKigc4oTnGEpGG+x6oFhJM0JK2ESiyUr
0D7LeJCjU7gF49Kh/SSmoq59+IeYZEUplDDL0IFxIzYgTCgiQUa5YsZIF1t1wVLb
a/7ThSX+lk2ab67pfgKwP6R2BwS3obV5MNXZoPzItvOtRF2Wpe7nNzLrBvPj9FAR
EzU9ihsxT5XZJxtHGQ3Fd8d7KO/zGbMFwbrK2u4Au0jzjgYe7DIjuv8PVFYMG9yl
C1HVe1vEQodPxQ==
-----END CERTIFICATE-----