Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
File:                     3EviU3WUInayZECX3D1ah1r7ivE.mft (raw, json)
Hash identifier:          DN1C2gfTsobtaijS3I7LhfyFy/1OJwvrmze/9uXqd50=
Subject key identifier:   A5:BC:3B:32:EB:35:9B:A2:F9:65:8E:71:09:13:D6:AD:A9:25:1D:69
Authority key identifier: DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1
Certificate issuer:       /CN=dc4be25375942276b2644097dc3d5a875afb8af1
Certificate serial:       01935688E929D17BC01754B26748FF9C3F03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
Manifest number:          0625
Signing time:             Sat 23 Nov 2024 01:00:33 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:33 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:33 +0000
Files and hashes:         1: 3EviU3WUInayZECX3D1ah1r7ivE.crl (hash: GEEJha01k5VdFo/W8rE7GBIeJcz6mTA0lzt6oGIEfG0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:e9:29:d1:7b:c0:17:54:b2:67:48:ff:9c:3f:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc4be25375942276b2644097dc3d5a875afb8af1
        Validity
            Not Before: Nov 23 01:00:33 2024 GMT
            Not After : Nov 24 01:00:33 2024 GMT
        Subject: CN=a5bc3b32eb359ba2f9658e710913d6ada9251d69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:59:6d:20:0f:15:d8:6e:83:af:ae:fc:84:9f:
                    54:62:4c:dd:7f:be:d3:a4:83:3f:6a:94:34:74:ef:
                    6f:26:d8:fe:f3:de:35:5c:a4:e8:ae:01:f8:31:63:
                    d3:5e:80:d3:7a:82:48:03:6b:18:c2:33:d0:0d:bd:
                    34:f8:41:46:cf:ce:c6:33:6e:17:6b:8e:7c:a4:06:
                    f5:c8:6b:9f:0f:b2:2d:cd:47:0a:34:0c:35:cc:d2:
                    c5:35:51:77:69:2f:bd:53:ee:01:aa:84:2f:42:c7:
                    85:9a:ac:5f:eb:ac:53:e4:76:79:b8:2c:06:c4:5e:
                    d8:ab:bb:2a:64:ab:57:3f:d8:b4:fc:38:b0:43:2a:
                    67:1f:ed:e2:b1:51:3b:45:87:79:e8:60:d7:43:f9:
                    52:08:56:e2:55:74:7c:82:0d:17:62:37:2b:63:d9:
                    d4:ba:6a:68:73:6c:7b:11:28:60:70:ce:00:86:34:
                    d2:de:16:1a:3b:74:c0:ad:71:4c:41:10:3b:b5:7f:
                    44:91:85:50:e6:a3:b0:e3:a3:e5:af:45:a9:10:44:
                    74:c1:07:ce:e5:83:06:10:56:54:bd:7f:7f:48:a9:
                    b1:70:de:be:2f:dd:a2:9f:36:32:db:6c:17:be:c0:
                    07:d1:e1:60:a5:0d:f1:93:6e:f8:78:b4:44:1a:69:
                    74:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:BC:3B:32:EB:35:9B:A2:F9:65:8E:71:09:13:D6:AD:A9:25:1D:69
            X509v3 Authority Key Identifier:
                keyid:DC:4B:E2:53:75:94:22:76:B2:64:40:97:DC:3D:5A:87:5A:FB:8A:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EviU3WUInayZECX3D1ah1r7ivE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/53d100-9976-494b-ae21-0b851038a5de/1/3EviU3WUInayZECX3D1ah1r7ivE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:c6:60:b7:ec:57:cf:2e:4f:5e:ac:db:f4:c8:78:fb:33:3f:
         e4:50:56:09:f3:4e:2f:06:52:83:00:e9:9c:93:1c:87:66:be:
         a3:15:e0:52:3b:2a:9c:dc:1a:13:11:e5:d2:0e:0b:88:03:8a:
         8b:d0:bb:98:28:11:bb:3e:57:c8:63:38:7f:57:29:02:1f:56:
         fe:07:07:81:6e:e3:ce:4b:22:91:f6:46:d3:25:7e:e4:f2:03:
         64:d6:87:65:37:2d:f2:77:25:82:cb:a8:bc:07:b3:98:0c:c5:
         10:3c:77:d7:cf:3b:ca:7c:29:ec:c1:21:fa:22:3b:2c:46:a9:
         9d:72:6d:dc:30:9c:23:37:b7:f5:e6:e5:66:01:b8:32:f4:7c:
         b4:52:99:ec:45:af:aa:d9:58:38:d9:a9:79:72:a7:75:c3:c9:
         5a:0a:71:e6:1b:a0:2c:3e:0f:16:0b:87:ae:da:3b:35:f5:0d:
         fc:a6:35:90:ec:bc:7b:64:e1:c3:fb:8a:ba:42:7d:38:47:36:
         f2:85:2c:9f:e4:c3:e6:b0:e5:10:47:78:f1:18:78:57:aa:84:
         26:23:d5:25:64:eb:a7:06:23:e9:48:4b:84:8b:a3:b7:cf:b4:
         3a:8c:91:d4:c9:66:92:2e:09:13:ab:c7:01:a5:0c:ea:f5:22:
         a5:c8:60:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiOkp0XvAF1SyZ0j/nD8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGJlMjUzNzU5NDIyNzZiMjY0NDA5N2RjM2Q1YTg3NWFm
YjhhZjEwHhcNMjQxMTIzMDEwMDMzWhcNMjQxMTI0MDEwMDMzWjAzMTEwLwYDVQQD
EyhhNWJjM2IzMmViMzU5YmEyZjk2NThlNzEwOTEzZDZhZGE5MjUxZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FltIA8V2G6Dr678hJ9UYkzdf77T
pIM/apQ0dO9vJtj+8941XKTorgH4MWPTXoDTeoJIA2sYwjPQDb00+EFGz87GM24X
a458pAb1yGufD7ItzUcKNAw1zNLFNVF3aS+9U+4BqoQvQseFmqxf66xT5HZ5uCwG
xF7Yq7sqZKtXP9i0/DiwQypnH+3isVE7RYd56GDXQ/lSCFbiVXR8gg0XYjcrY9nU
umpoc2x7EShgcM4AhjTS3hYaO3TArXFMQRA7tX9EkYVQ5qOw46Plr0WpEER0wQfO
5YMGEFZUvX9/SKmxcN6+L92inzYy22wXvsAH0eFgpQ3xk274eLREGml0CwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKW8OzLrNZui+WWOcQkT1q2pJR1pMB8GA1UdIwQY
MBaAFNxL4lN1lCJ2smRAl9w9Woda+4rxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEt
MGI4NTEwMzhhNWRlLzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC81M2QxMDAtOTk3Ni00OTRiLWFlMjEtMGI4NTEwMzhhNWRl
LzEvM0V2aVUzV1VJbmF5WkVDWDNEMWFoMXI3aXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsZgt+xX
zy5PXqzb9Mh4+zM/5FBWCfNOLwZSgwDpnJMch2a+oxXgUjsqnNwaExHl0g4LiAOK
i9C7mCgRuz5XyGM4f1cpAh9W/gcHgW7jzksikfZG0yV+5PIDZNaHZTct8nclgsuo
vAezmAzFEDx31887ynwp7MEh+iI7LEapnXJt3DCcIze39eblZgG4MvR8tFKZ7EWv
qtlYONmpeXKndcPJWgpx5hugLD4PFguHrto7NfUN/KY1kOy8e2Thw/uKukJ9OEc2
8oUsn+TD5rDlEEd48Rh4V6qEJiPVJWTrpwYj6UhLhIujt8+0OoyR1Mlmki4JE6vH
AaUM6vUipchg5g==
-----END CERTIFICATE-----