Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          cxCt5DTMQuUMsj5t57egKsGpdDJXCpbsoxdZ99IJw3g=
Subject key identifier:   63:4C:D8:CC:6B:46:9D:F7:69:18:38:45:73:AE:39:44:5E:EC:77:A5
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       01901BFF45CAD8C73C598C37F05E756F5579
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          0A21
Signing time:             Sat 15 Jun 2024 13:03:52 +0000
Manifest this update:     Sat 15 Jun 2024 13:03:52 +0000
Manifest next update:     Sun 16 Jun 2024 13:03:52 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: ekob4hlibSftIHbxlbFbXuS2TIF3Ks0tWBh9A5ndVhk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1b:ff:45:ca:d8:c7:3c:59:8c:37:f0:5e:75:6f:55:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: Jun 15 13:03:52 2024 GMT
            Not After : Jun 16 13:03:52 2024 GMT
        Subject: CN=634cd8cc6b469df76918384573ae39445eec77a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:65:55:94:d7:ce:90:ae:5d:37:62:2c:4a:dc:
                    4c:98:6d:47:6c:16:1d:0f:9b:a5:c9:1e:e6:3b:c1:
                    b2:4a:35:33:8d:12:60:bd:0d:0a:13:68:d3:73:90:
                    97:ad:25:30:6e:9d:29:2f:32:43:58:20:b1:7b:09:
                    aa:0d:c9:c7:61:de:17:8f:0f:19:98:8d:31:3f:c2:
                    4e:9b:b8:2c:31:c2:c5:d9:85:8d:1c:3a:49:ee:fe:
                    4b:4c:6b:a2:42:22:db:df:70:0f:37:b1:c4:e8:4d:
                    61:0d:65:4d:4a:47:5f:26:02:ba:59:2b:33:32:d5:
                    db:eb:3e:9a:a3:2e:dc:45:b9:41:4e:a3:c7:82:02:
                    dd:80:6c:4d:c0:dd:34:76:f4:ea:ff:08:64:d0:0b:
                    bf:fe:26:a3:cd:f2:7a:65:36:4c:c1:7b:b1:c9:cd:
                    da:c7:7c:a8:1e:92:78:98:fd:7f:34:b6:cc:8b:e2:
                    87:44:13:0d:86:d5:3a:5c:06:49:5e:8b:f7:db:e8:
                    fd:41:6f:8b:0c:e3:37:eb:65:2b:ba:e2:35:90:b4:
                    65:5b:54:a3:03:27:c5:0f:04:e3:53:ee:2f:f9:51:
                    74:23:4d:7b:dc:0d:bd:ea:5b:3b:bb:81:5c:4e:aa:
                    93:60:c9:dd:eb:bb:7f:b8:00:c7:6e:eb:54:4e:98:
                    f1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:4C:D8:CC:6B:46:9D:F7:69:18:38:45:73:AE:39:44:5E:EC:77:A5
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:39:c8:c4:10:91:53:1b:03:15:5b:4e:3b:45:54:27:fc:7e:
         60:7c:ed:11:90:79:fa:5c:e3:bb:cf:6e:52:bc:1e:a2:eb:34:
         33:e4:55:d2:27:1d:b3:33:31:93:73:05:80:72:ee:0a:c7:68:
         b2:b6:e5:0d:48:4e:41:21:da:1c:e1:45:8f:d5:40:8d:5f:ec:
         a1:91:17:dd:45:4f:f3:0d:31:e8:cc:df:30:64:ca:fc:42:84:
         80:c1:17:08:9b:cf:35:db:8a:12:b9:b0:d2:dc:57:f0:13:07:
         fc:1b:fc:5d:e7:66:5a:ca:58:69:f1:29:52:4c:e9:c0:da:a0:
         58:75:97:82:94:84:04:99:e2:74:82:bf:e5:04:b1:83:4d:44:
         b4:4c:02:e3:01:5f:f3:50:dd:fa:70:ab:31:d7:88:55:57:89:
         1e:a3:5c:cb:af:99:d9:7e:b9:f5:6e:14:69:2a:48:21:3b:cf:
         ee:55:04:a2:be:76:d0:b5:1f:78:0c:67:cb:e8:04:a8:7e:bd:
         65:ab:af:ca:7e:a1:51:33:9a:d6:26:39:a8:94:53:2f:6d:f4:
         50:ee:ce:d7:17:7d:f7:44:95:4b:b8:0d:30:c4:aa:5e:64:b2:
         99:27:14:6e:34:12:88:f1:40:b6:43:c5:60:31:f6:ea:a9:1e:
         79:39:0d:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAb/0XK2Mc8WYw38F51b1V5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjQwNjE1MTMwMzUyWhcNMjQwNjE2MTMwMzUyWjAzMTEwLwYDVQQD
Eyg2MzRjZDhjYzZiNDY5ZGY3NjkxODM4NDU3M2FlMzk0NDVlZWM3N2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWVVlNfOkK5dN2IsStxMmG1HbBYd
D5ulyR7mO8GySjUzjRJgvQ0KE2jTc5CXrSUwbp0pLzJDWCCxewmqDcnHYd4Xjw8Z
mI0xP8JOm7gsMcLF2YWNHDpJ7v5LTGuiQiLb33APN7HE6E1hDWVNSkdfJgK6WSsz
MtXb6z6aoy7cRblBTqPHggLdgGxNwN00dvTq/whk0Au//iajzfJ6ZTZMwXuxyc3a
x3yoHpJ4mP1/NLbMi+KHRBMNhtU6XAZJXov32+j9QW+LDOM362UruuI1kLRlW1Sj
AyfFDwTjU+4v+VF0I0173A296ls7u4FcTqqTYMnd67t/uADHbutUTpjxYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGNM2MxrRp33aRg4RXOuOURe7HelMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoDnIxBCR
UxsDFVtOO0VUJ/x+YHztEZB5+lzju89uUrweous0M+RV0icdszMxk3MFgHLuCsdo
srblDUhOQSHaHOFFj9VAjV/soZEX3UVP8w0x6MzfMGTK/EKEgMEXCJvPNduKErmw
0txX8BMH/Bv8XedmWspYafEpUkzpwNqgWHWXgpSEBJnidIK/5QSxg01EtEwC4wFf
81Dd+nCrMdeIVVeJHqNcy6+Z2X659W4UaSpIITvP7lUEor520LUfeAxny+gEqH69
Zauvyn6hUTOa1iY5qJRTL230UO7O1xd990SVS7gNMMSqXmSymScUbjQSiPFAtkPF
YDH26qkeeTkNdg==
-----END CERTIFICATE-----