Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
File:                     QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft (raw, json)
Hash identifier:          Ev6hVEdWakRDLS8FEYmMcPSCcQm+NVuR2XJ3/82x2y8=
Subject key identifier:   0E:43:8A:1F:AA:3D:02:7E:38:59:31:88:CE:ED:9E:DB:2B:C3:CC:DB
Authority key identifier: 41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C
Certificate issuer:       /CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
Certificate serial:       01935688ED18FDD5C5BBFDD38D3F894A9DF8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
Manifest number:          1301
Signing time:             Sat 23 Nov 2024 01:00:34 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:34 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:34 +0000
Files and hashes:         1: QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl (hash: NVDLd6To8iTe59FSQDdIAlbGZXvX980q8mImIB1V8D8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:ed:18:fd:d5:c5:bb:fd:d3:8d:3f:89:4a:9d:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41785cb5fc6b40fdf14f72a6d25f4143c17c317c
        Validity
            Not Before: Nov 23 01:00:34 2024 GMT
            Not After : Nov 24 01:00:34 2024 GMT
        Subject: CN=0e438a1faa3d027e38593188ceed9edb2bc3ccdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:09:9d:fe:cd:2e:84:7b:01:17:48:59:55:f0:
                    40:65:13:3c:9f:3d:44:d4:d8:f1:04:ed:a4:2c:70:
                    ed:b6:74:42:f1:ad:ce:0d:1a:a1:b3:6a:b0:aa:d7:
                    05:b4:54:dd:2c:14:fe:c9:00:54:71:bc:3a:a2:0e:
                    7f:42:38:62:d3:44:1c:ca:18:3f:d1:33:ec:17:d1:
                    0b:b9:37:b3:4f:a3:e2:99:ac:4f:11:0e:97:c4:2f:
                    9f:86:c3:90:42:02:f3:eb:6d:5e:35:78:3c:b4:e0:
                    04:6d:a7:53:89:14:3e:c7:d4:60:d6:9c:f7:9b:01:
                    3a:87:39:ed:a8:e0:70:f5:19:ab:4c:73:f6:44:ed:
                    42:84:86:9c:49:b1:42:1e:4f:9d:46:82:9e:e0:05:
                    65:84:77:1a:77:49:10:c5:18:b5:b3:ab:9e:91:dd:
                    50:71:13:c2:3e:a0:df:28:0f:58:50:38:3a:0f:38:
                    65:6b:bf:53:b6:da:82:11:fc:93:4c:10:d1:1b:22:
                    4a:e5:b0:34:a3:90:62:35:09:6f:02:0c:15:1f:2a:
                    c4:0e:60:14:9a:fa:32:7d:07:78:1f:a3:24:88:0d:
                    0b:79:90:d6:1f:d0:40:56:07:b0:11:aa:61:a9:65:
                    28:ba:2b:a7:fe:9e:68:a8:1b:78:15:3d:55:02:db:
                    a2:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:43:8A:1F:AA:3D:02:7E:38:59:31:88:CE:ED:9E:DB:2B:C3:CC:DB
            X509v3 Authority Key Identifier:
                keyid:41:78:5C:B5:FC:6B:40:FD:F1:4F:72:A6:D2:5F:41:43:C1:7C:31:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXhctfxrQP3xT3Km0l9BQ8F8MXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/ae3840-7dda-482e-a24e-e46ec5b9b06c/1/QXhctfxrQP3xT3Km0l9BQ8F8MXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:37:cd:0e:a1:12:f1:95:c2:c6:87:39:10:d0:c3:32:cf:1a:
         27:73:b3:c6:88:11:7e:cf:c1:98:66:fb:61:7c:64:97:f8:20:
         0e:8c:e0:c2:6c:ac:44:51:05:87:4d:ea:18:14:b2:67:b5:82:
         9d:ec:47:84:a4:35:9c:81:3c:ac:8e:01:4a:6d:ec:06:0a:0a:
         d6:b3:c2:71:da:e0:aa:ae:69:b9:4d:77:20:67:90:11:28:73:
         a0:44:3b:e6:a3:29:ab:95:18:7f:8d:49:16:fa:a5:3a:84:d2:
         08:bd:68:c9:bd:2e:6f:bd:9f:64:23:8c:5c:d2:aa:d3:d5:46:
         95:11:bc:19:0d:32:c9:21:3c:bc:93:9a:48:24:24:52:03:43:
         d0:85:85:5d:72:1f:8d:4a:fb:c6:43:05:cf:07:7a:76:9d:d2:
         53:d3:12:65:bf:ac:d5:d5:a5:1b:9d:61:2e:f2:b1:09:2a:b4:
         02:2a:39:21:39:46:ef:94:b1:26:13:89:da:e6:09:8c:88:c9:
         fd:ff:46:b9:32:77:73:74:c3:67:e8:d4:82:2b:85:16:72:a8:
         97:2f:09:99:5d:c3:26:8e:2f:98:cd:e4:80:c0:05:19:42:d4:
         de:8c:d6:1a:7a:a2:5f:e4:b2:9f:4d:04:1b:20:59:a1:7c:58:
         59:9a:de:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiO0Y/dXFu/3TjT+JSp34MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzg1Y2I1ZmM2YjQwZmRmMTRmNzJhNmQyNWY0MTQzYzE3
YzMxN2MwHhcNMjQxMTIzMDEwMDM0WhcNMjQxMTI0MDEwMDM0WjAzMTEwLwYDVQQD
EygwZTQzOGExZmFhM2QwMjdlMzg1OTMxODhjZWVkOWVkYjJiYzNjY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwmd/s0uhHsBF0hZVfBAZRM8nz1E
1NjxBO2kLHDttnRC8a3ODRqhs2qwqtcFtFTdLBT+yQBUcbw6og5/Qjhi00Qcyhg/
0TPsF9ELuTezT6PimaxPEQ6XxC+fhsOQQgLz621eNXg8tOAEbadTiRQ+x9Rg1pz3
mwE6hzntqOBw9RmrTHP2RO1ChIacSbFCHk+dRoKe4AVlhHcad0kQxRi1s6uekd1Q
cRPCPqDfKA9YUDg6Dzhla79TttqCEfyTTBDRGyJK5bA0o5BiNQlvAgwVHyrEDmAU
mvoyfQd4H6MkiA0LeZDWH9BAVgewEaphqWUouiun/p5oqBt4FT1VAtui/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA5Dih+qPQJ+OFkxiM7tntsrw8zbMB8GA1UdIwQY
MBaAFEF4XLX8a0D98U9yptJfQUPBfDF8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUt
ZTQ2ZWM1YjliMDZjLzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9hZTM4NDAtN2RkYS00ODJlLWEyNGUtZTQ2ZWM1YjliMDZj
LzEvUVhoY3RmeHJRUDN4VDNLbTBsOUJROEY4TVh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIDfNDqES
8ZXCxoc5ENDDMs8aJ3OzxogRfs/BmGb7YXxkl/ggDozgwmysRFEFh03qGBSyZ7WC
nexHhKQ1nIE8rI4BSm3sBgoK1rPCcdrgqq5puU13IGeQEShzoEQ75qMpq5UYf41J
FvqlOoTSCL1oyb0ub72fZCOMXNKq09VGlRG8GQ0yySE8vJOaSCQkUgND0IWFXXIf
jUr7xkMFzwd6dp3SU9MSZb+s1dWlG51hLvKxCSq0Aio5ITlG75SxJhOJ2uYJjIjJ
/f9GuTJ3c3TDZ+jUgiuFFnKoly8JmV3DJo4vmM3kgMAFGULU3ozWGnqiX+Syn00E
GyBZoXxYWZreyQ==
-----END CERTIFICATE-----