Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
File:                     sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft (raw, json)
Hash identifier:          8vW6NccFRR8TiAk78HdzBb9WFqZDPVUu97QcTQ3E12o=
Subject key identifier:   AB:C4:DA:CE:AC:48:A7:F9:24:C2:D7:98:11:35:01:A6:DD:3A:A1:29
Authority key identifier: B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B
Certificate issuer:       /CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
Certificate serial:       01936A0F89E2D1005262E42183313A26682E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
Manifest number:          19
Signing time:             Tue 26 Nov 2024 20:00:23 +0000
Manifest this update:     Tue 26 Nov 2024 20:00:23 +0000
Manifest next update:     Wed 27 Nov 2024 20:00:23 +0000
Files and hashes:         1: sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl (hash: 6QtzpTTkrkVHzGjS60FjU9zsf/tht5L2sTs371nhPVo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:0f:89:e2:d1:00:52:62:e4:21:83:31:3a:26:68:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2a85371e92f39a2be424760b04e47ad9da3ed3b
        Validity
            Not Before: Nov 26 20:00:23 2024 GMT
            Not After : Nov 27 20:00:23 2024 GMT
        Subject: CN=abc4daceac48a7f924c2d798113501a6dd3aa129
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ea:a5:03:56:48:fc:52:51:13:d0:10:59:7e:
                    36:30:01:00:47:92:09:55:11:37:66:dd:4b:73:b5:
                    28:6b:46:33:22:ef:6f:fa:aa:44:1d:74:22:cb:ae:
                    31:4d:dc:7b:23:7f:e4:37:0a:5d:a3:7f:c1:0b:ef:
                    d7:c9:41:67:bc:f4:1e:81:98:86:46:46:32:37:7c:
                    be:43:44:f8:6d:ea:fb:35:eb:19:a2:29:b8:f1:2c:
                    b6:df:75:2c:81:f2:aa:2d:23:c8:62:45:38:1d:2f:
                    dd:9d:8c:9c:e8:97:3a:58:65:c2:eb:1a:f8:0b:62:
                    fe:c8:dd:d0:31:ea:c7:79:94:88:66:0f:40:5e:4e:
                    4f:da:23:76:3e:ba:36:d4:6e:45:55:04:c6:05:82:
                    33:bf:19:f8:99:14:e7:29:a7:2c:1d:39:fc:61:43:
                    ce:84:43:68:f1:8b:b8:17:66:9f:6c:09:74:8d:3a:
                    1c:5b:b6:9d:72:74:12:18:91:d0:0f:bf:ab:72:7a:
                    f7:54:62:24:59:28:a9:a6:63:01:ba:5f:98:c3:96:
                    63:e3:b6:e9:3e:8c:2e:2d:2a:e0:ee:df:72:ee:42:
                    bb:c6:5d:59:9a:8f:90:fa:d4:ef:74:99:b5:8a:93:
                    4b:57:ba:2b:2e:a5:be:e4:49:f7:54:70:28:a7:3f:
                    4c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:C4:DA:CE:AC:48:A7:F9:24:C2:D7:98:11:35:01:A6:DD:3A:A1:29
            X509v3 Authority Key Identifier:
                keyid:B2:A8:53:71:E9:2F:39:A2:BE:42:47:60:B0:4E:47:AD:9D:A3:ED:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/f5d730-f8eb-4f80-9a9c-9abe4e6c2be1/1/sqhTcekvOaK-QkdgsE5HrZ2j7Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:79:d5:63:db:c5:a1:45:8d:18:83:e8:71:52:e7:24:f5:a8:
         fd:35:44:ad:41:74:73:f4:20:be:e0:64:06:10:60:1e:a9:d7:
         11:38:19:75:c8:5b:e9:c9:7a:52:bc:54:1a:0f:e1:d6:bb:85:
         c3:16:0e:a2:82:88:44:2b:e2:92:28:ea:ca:89:2e:8e:6e:3c:
         bf:3b:b0:91:62:08:eb:a5:29:3b:4a:7d:34:b9:30:96:a6:4d:
         5b:c6:00:22:82:81:12:04:d4:52:63:fd:96:b4:8b:5f:4b:bd:
         2c:eb:21:27:de:4f:bc:ec:e6:87:cd:e9:71:96:e7:b5:b5:9b:
         a9:8b:a0:74:c5:b3:31:47:6b:11:9c:f7:e0:59:76:d0:30:f6:
         00:b7:1e:10:0e:d3:37:5b:16:29:9c:43:56:5f:68:1b:1f:99:
         e1:8d:6a:46:49:ab:5e:f8:62:72:7f:70:04:27:1a:26:3d:0f:
         8b:9b:ca:28:1a:c3:a2:21:95:3f:bb:d3:4e:06:a9:fd:46:23:
         20:d3:dc:0e:e5:4c:de:ee:12:21:92:e0:72:e7:96:c9:93:86:
         57:23:4e:db:7e:16:b0:fc:48:09:c7:6a:7b:a5:d3:5c:f3:ae:
         51:94:10:29:1c:cd:80:49:97:c7:16:fa:3d:da:17:95:cb:ca:
         22:6e:a3:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqD4ni0QBSYuQhgzE6JmguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTg1MzcxZTkyZjM5YTJiZTQyNDc2MGIwNGU0N2FkOWRh
M2VkM2IwHhcNMjQxMTI2MjAwMDIzWhcNMjQxMTI3MjAwMDIzWjAzMTEwLwYDVQQD
EyhhYmM0ZGFjZWFjNDhhN2Y5MjRjMmQ3OTgxMTM1MDFhNmRkM2FhMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OqlA1ZI/FJRE9AQWX42MAEAR5IJ
VRE3Zt1Lc7Uoa0YzIu9v+qpEHXQiy64xTdx7I3/kNwpdo3/BC+/XyUFnvPQegZiG
RkYyN3y+Q0T4ber7NesZoim48Sy233UsgfKqLSPIYkU4HS/dnYyc6Jc6WGXC6xr4
C2L+yN3QMerHeZSIZg9AXk5P2iN2Pro21G5FVQTGBYIzvxn4mRTnKacsHTn8YUPO
hENo8Yu4F2afbAl0jTocW7adcnQSGJHQD7+rcnr3VGIkWSippmMBul+Yw5Zj47bp
PowuLSrg7t9y7kK7xl1Zmo+Q+tTvdJm1ipNLV7orLqW+5En3VHAopz9M+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvE2s6sSKf5JMLXmBE1AabdOqEpMB8GA1UdIwQY
MBaAFLKoU3HpLzmivkJHYLBOR62do+07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMt
OWFiZTRlNmMyYmUxLzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9mNWQ3MzAtZjhlYi00ZjgwLTlhOWMtOWFiZTRlNmMyYmUx
LzEvc3FoVGNla3ZPYUstUWtkZ3NFNUhyWjJqN1RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY3nVY9vF
oUWNGIPocVLnJPWo/TVErUF0c/QgvuBkBhBgHqnXETgZdchb6cl6UrxUGg/h1ruF
wxYOooKIRCvikijqyokujm48vzuwkWII66UpO0p9NLkwlqZNW8YAIoKBEgTUUmP9
lrSLX0u9LOshJ95PvOzmh83pcZbntbWbqYugdMWzMUdrEZz34Fl20DD2ALceEA7T
N1sWKZxDVl9oGx+Z4Y1qRkmrXvhicn9wBCcaJj0Pi5vKKBrDoiGVP7vTTgap/UYj
INPcDuVM3u4SIZLgcueWyZOGVyNO234WsPxICcdqe6XTXPOuUZQQKRzNgEmXxxb6
PdoXlcvKIm6jAg==
-----END CERTIFICATE-----