Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
File:                     Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft (raw, json)
Hash identifier:          oj+qU2X9EbWH5K8W5AdYYYJwEMTWD59UjdG+z6u5l1A=
Subject key identifier:   44:C4:09:C1:D5:99:D4:B8:D7:A3:D1:36:33:A8:20:7B:32:1C:24:C7
Authority key identifier: 67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56
Certificate issuer:       /CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
Certificate serial:       01936A4702536967F0780C9B6D60C1EA8B2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
Manifest number:          09FC
Signing time:             Tue 26 Nov 2024 21:00:58 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:58 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:58 +0000
Files and hashes:         1: Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl (hash: BsNqPNFIrZ/AoYa3HKA1BYbVuvQyIBEls0qKMOef038=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:47:02:53:69:67:f0:78:0c:9b:6d:60:c1:ea:8b:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
        Validity
            Not Before: Nov 26 21:00:58 2024 GMT
            Not After : Nov 27 21:00:58 2024 GMT
        Subject: CN=44c409c1d599d4b8d7a3d13633a8207b321c24c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:53:2a:89:33:4a:ad:90:2a:57:a7:ea:af:dc:
                    fd:22:ff:59:cb:18:69:4d:be:bb:f4:1d:5e:cf:d2:
                    d6:87:c6:b6:6f:15:4f:ff:b2:49:37:80:97:97:cb:
                    17:3f:0d:7b:c9:b3:1a:6b:ff:bf:8f:36:a6:71:c4:
                    e1:7a:a2:dd:7f:1c:56:80:73:44:03:b7:ad:c6:38:
                    50:00:9e:93:87:b9:6a:d9:7d:e9:3e:40:d5:4a:fe:
                    85:83:41:92:45:ad:55:27:4e:0f:49:b6:cd:03:bb:
                    47:2e:a3:09:d5:62:f3:fa:d9:d5:69:cb:f4:d9:47:
                    1f:45:1f:59:9a:a4:e0:22:1c:6a:63:f9:10:44:e3:
                    44:27:e2:84:32:35:8a:78:e1:33:c3:08:a6:bd:da:
                    2a:c5:2d:a8:3b:80:06:19:98:d1:49:7a:5e:3e:96:
                    2a:79:eb:68:1d:81:b9:de:7f:72:39:81:cb:22:e1:
                    18:5a:52:48:29:fc:51:c0:15:fd:93:7f:49:80:e4:
                    ec:45:9f:89:a3:5c:6c:62:b4:40:46:81:20:89:09:
                    13:03:42:a7:35:b1:52:a0:fd:e8:20:e3:a7:7c:27:
                    9b:1a:ac:cd:fa:03:44:d5:7b:99:db:a1:2d:48:c1:
                    a6:ef:e6:85:17:d8:85:27:16:ff:55:fc:3e:34:a0:
                    4d:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:C4:09:C1:D5:99:D4:B8:D7:A3:D1:36:33:A8:20:7B:32:1C:24:C7
            X509v3 Authority Key Identifier:
                keyid:67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:6c:55:d4:44:e1:01:fc:ff:af:92:c1:12:90:44:7f:77:7f:
         fd:80:23:3d:1c:af:1d:2b:43:a0:f3:44:26:cb:4d:fd:95:84:
         bc:13:2f:6e:6f:c7:65:e8:3b:e8:a8:6e:e7:0c:a6:e9:44:fc:
         6c:82:73:55:33:ec:03:c7:25:b9:f9:bc:2c:1c:49:e8:fc:c1:
         f8:68:85:3a:86:07:b4:b1:be:08:8b:0a:65:e2:8a:46:95:32:
         2f:0c:de:ee:23:fc:15:2a:42:7c:e7:5b:c1:a0:e5:72:4d:14:
         41:ad:6e:9b:6f:98:7f:7d:9d:a0:8c:9d:c2:27:b3:18:4f:64:
         b3:b4:94:eb:a7:93:6f:d8:b0:48:81:67:71:f1:df:2e:85:4e:
         05:73:74:35:f7:97:70:4a:0f:bb:14:ce:6a:7d:6f:9b:ec:cc:
         a0:d9:92:1a:5f:ab:36:bb:15:a0:45:33:e0:e6:27:ce:b1:05:
         66:ac:8c:39:2a:c2:4c:0e:7f:77:a8:00:52:31:6a:f7:42:97:
         43:41:70:a0:25:93:4c:60:2b:ab:6d:e9:73:85:69:ac:42:5e:
         89:96:32:3c:e9:67:6b:d1:2e:47:d0:ca:78:30:0f:de:91:b1:
         2a:71:08:a2:45:80:a7:37:78:02:2b:2a:f1:7c:fc:47:b7:35:
         0a:2a:49:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRwJTaWfweAybbWDB6osqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NmZiYjU3N2M5M2RjNDVkNDhmMDE5OWIxOWQxY2E3YTIx
MzdjNTYwHhcNMjQxMTI2MjEwMDU4WhcNMjQxMTI3MjEwMDU4WjAzMTEwLwYDVQQD
Eyg0NGM0MDljMWQ1OTlkNGI4ZDdhM2QxMzYzM2E4MjA3YjMyMWMyNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlMqiTNKrZAqV6fqr9z9Iv9Zyxhp
Tb679B1ez9LWh8a2bxVP/7JJN4CXl8sXPw17ybMaa/+/jzamccTheqLdfxxWgHNE
A7etxjhQAJ6Th7lq2X3pPkDVSv6Fg0GSRa1VJ04PSbbNA7tHLqMJ1WLz+tnVacv0
2UcfRR9ZmqTgIhxqY/kQRONEJ+KEMjWKeOEzwwimvdoqxS2oO4AGGZjRSXpePpYq
eetoHYG53n9yOYHLIuEYWlJIKfxRwBX9k39JgOTsRZ+Jo1xsYrRARoEgiQkTA0Kn
NbFSoP3oIOOnfCebGqzN+gNE1XuZ26EtSMGm7+aFF9iFJxb/Vfw+NKBNuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFETECcHVmdS416PRNjOoIHsyHCTHMB8GA1UdIwQY
MBaAFGdvu1d8k9xF1I8BmbGdHKeiE3xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYt
MWNkZTczMWU2ZmRmLzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYtMWNkZTczMWU2ZmRm
LzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2xV1ETh
Afz/r5LBEpBEf3d//YAjPRyvHStDoPNEJstN/ZWEvBMvbm/HZeg76Khu5wym6UT8
bIJzVTPsA8clufm8LBxJ6PzB+GiFOoYHtLG+CIsKZeKKRpUyLwze7iP8FSpCfOdb
waDlck0UQa1um2+Yf32doIydwiezGE9ks7SU66eTb9iwSIFncfHfLoVOBXN0NfeX
cEoPuxTOan1vm+zMoNmSGl+rNrsVoEUz4OYnzrEFZqyMOSrCTA5/d6gAUjFq90KX
Q0FwoCWTTGArq23pc4VprEJeiZYyPOlna9EuR9DKeDAP3pGxKnEIokWApzd4Aisq
8Xz8R7c1CipJ0A==
-----END CERTIFICATE-----