Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
File:                     UTNdj7orxzOYOV-90-DW8_89G2Q.mft (raw, json)
Hash identifier:          ae4jrjlimP6pu+kQS3Bn6WY8BBsVnG91MiTt3semtQU=
Subject key identifier:   DD:FD:BE:89:E9:E9:90:6F:FB:93:B1:5A:42:AC:C6:71:A6:9B:BD:40
Authority key identifier: 51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64
Certificate issuer:       /CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
Certificate serial:       0193576471D6F77DCCDCFDC4CD15E343F685
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
Manifest number:          0F05
Signing time:             Sat 23 Nov 2024 05:00:20 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:20 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:20 +0000
Files and hashes:         1: UTNdj7orxzOYOV-90-DW8_89G2Q.crl (hash: Nn8mpL5nwdXQXxQ/vuCl3JCKXJiBdKugfxIiJVhFhhI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:71:d6:f7:7d:cc:dc:fd:c4:cd:15:e3:43:f6:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51335d8fba2bc73398395fbdd3e0d6f3ff3d1b64
        Validity
            Not Before: Nov 23 05:00:20 2024 GMT
            Not After : Nov 24 05:00:20 2024 GMT
        Subject: CN=ddfdbe89e9e9906ffb93b15a42acc671a69bbd40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:c9:ba:41:da:a1:ae:5a:ff:b2:4d:e7:5e:b5:
                    62:7f:a0:73:cd:9f:53:45:2b:d0:7a:40:1a:ad:f7:
                    c2:28:03:b2:ed:c8:88:fd:f9:cf:f2:53:09:4e:4a:
                    90:5e:a2:b2:e4:d9:54:65:f0:31:35:8c:fd:94:66:
                    c2:95:8b:58:6a:d2:f7:f9:3a:bc:da:2a:4e:0f:01:
                    08:1a:db:ca:44:2b:a5:9a:bf:28:43:a3:66:2e:9a:
                    d9:d2:ee:1b:2b:98:6b:26:d2:6a:44:50:fc:04:c2:
                    c9:27:fd:ef:fb:79:5f:91:ab:3b:90:24:da:6f:40:
                    7c:50:d9:8c:5d:17:00:96:99:b7:14:4e:4d:c7:c6:
                    f4:50:8f:53:0e:aa:ca:55:16:fb:03:6e:3f:91:db:
                    84:4a:4a:de:00:f4:46:61:94:fb:61:37:23:19:c6:
                    5c:b5:ce:75:d5:ea:34:63:ab:1e:a7:02:7c:c0:75:
                    1d:b3:7d:97:e9:94:96:c6:79:d7:84:5b:7c:60:8f:
                    db:ad:8c:1e:fb:8e:3f:6e:cd:59:57:1e:6c:92:2c:
                    fe:ca:4c:50:0a:9e:17:46:e0:22:05:d2:e7:1a:cc:
                    10:f0:b1:60:b2:f0:d0:37:b4:d5:93:f4:c9:75:10:
                    00:e0:cd:39:1c:3e:12:09:de:91:b2:61:6c:5f:92:
                    fd:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:FD:BE:89:E9:E9:90:6F:FB:93:B1:5A:42:AC:C6:71:A6:9B:BD:40
            X509v3 Authority Key Identifier:
                keyid:51:33:5D:8F:BA:2B:C7:33:98:39:5F:BD:D3:E0:D6:F3:FF:3D:1B:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UTNdj7orxzOYOV-90-DW8_89G2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/42b317-12c8-4dd1-9c55-bfa969e567b1/1/UTNdj7orxzOYOV-90-DW8_89G2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:d0:05:fe:d7:23:32:69:7a:4a:5d:ca:80:f1:68:4b:d7:e5:
         8e:c2:10:f2:a0:87:3e:da:ff:51:ee:2a:3f:68:40:ae:d1:19:
         4b:9a:f4:48:bc:62:6a:94:5f:c6:0a:60:72:df:84:4c:63:df:
         79:7f:9c:be:1b:4b:7e:88:6a:1b:09:51:bd:ad:0b:21:f3:93:
         41:60:55:85:aa:4c:ae:a0:6a:6c:fa:06:87:61:2b:3b:6d:93:
         02:81:d0:82:71:d3:28:76:c3:cd:fb:e6:a2:63:d6:46:72:08:
         ed:89:b1:bb:dd:da:33:40:e3:82:18:8d:c8:d7:d3:c3:04:25:
         d4:c9:27:1c:14:ff:79:14:e9:b5:e9:ec:0a:3b:9d:f9:d2:4a:
         c3:84:92:ea:51:3a:37:f6:1c:5a:d7:6b:eb:0d:a4:12:2c:90:
         a3:3a:76:11:0a:34:92:ea:d6:e7:85:45:8c:83:67:a8:fe:d5:
         9f:10:c5:fb:10:02:97:a7:55:30:14:ab:e3:0f:7a:18:36:1e:
         13:07:37:82:7c:66:db:72:b1:44:cc:f1:4f:99:32:fb:9e:d8:
         d3:f5:fa:68:c1:e8:10:f1:63:1f:b2:57:d8:d1:f2:b4:78:35:
         fa:21:c6:a9:d8:f3:52:1f:70:17:06:98:05:a8:38:47:41:0d:
         03:c0:6e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZHHW933M3P3EzRXjQ/aFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMzM1ZDhmYmEyYmM3MzM5ODM5NWZiZGQzZTBkNmYzZmYz
ZDFiNjQwHhcNMjQxMTIzMDUwMDIwWhcNMjQxMTI0MDUwMDIwWjAzMTEwLwYDVQQD
EyhkZGZkYmU4OWU5ZTk5MDZmZmI5M2IxNWE0MmFjYzY3MWE2OWJiZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8m6Qdqhrlr/sk3nXrVif6BzzZ9T
RSvQekAarffCKAOy7ciI/fnP8lMJTkqQXqKy5NlUZfAxNYz9lGbClYtYatL3+Tq8
2ipODwEIGtvKRCulmr8oQ6NmLprZ0u4bK5hrJtJqRFD8BMLJJ/3v+3lfkas7kCTa
b0B8UNmMXRcAlpm3FE5Nx8b0UI9TDqrKVRb7A24/kduESkreAPRGYZT7YTcjGcZc
tc511eo0Y6sepwJ8wHUds32X6ZSWxnnXhFt8YI/brYwe+44/bs1ZVx5skiz+ykxQ
Cp4XRuAiBdLnGswQ8LFgsvDQN7TVk/TJdRAA4M05HD4SCd6RsmFsX5L9pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN39vonp6ZBv+5OxWkKsxnGmm71AMB8GA1UdIwQY
MBaAFFEzXY+6K8czmDlfvdPg1vP/PRtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUt
YmZhOTY5ZTU2N2IxLzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS80MmIzMTctMTJjOC00ZGQxLTljNTUtYmZhOTY5ZTU2N2Ix
LzEvVVROZGo3b3J4ek9ZT1YtOTAtRFc4Xzg5RzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9AF/tcj
Mml6Sl3KgPFoS9fljsIQ8qCHPtr/Ue4qP2hArtEZS5r0SLxiapRfxgpgct+ETGPf
eX+cvhtLfohqGwlRva0LIfOTQWBVhapMrqBqbPoGh2ErO22TAoHQgnHTKHbDzfvm
omPWRnII7Ymxu93aM0DjghiNyNfTwwQl1MknHBT/eRTptensCjud+dJKw4SS6lE6
N/YcWtdr6w2kEiyQozp2EQo0kurW54VFjINnqP7VnxDF+xACl6dVMBSr4w96GDYe
Ewc3gnxm23KxRMzxT5ky+57Y0/X6aMHoEPFjH7JX2NHytHg1+iHGqdjzUh9wFwaY
Bag4R0ENA8BuIg==
-----END CERTIFICATE-----