Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
File:                     Th1cISsoF0fIw-xuhm4Vs5TFu98.mft (raw, json)
Hash identifier:          iIQ5vuU12/BQXPE2v3aVSva/wNTtnluJKhtLGOcLHj4=
Subject key identifier:   EB:E7:79:76:33:8A:B3:25:64:07:99:0F:82:9C:A7:07:F4:29:7B:65
Authority key identifier: 4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF
Certificate issuer:       /CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
Certificate serial:       01938B88FDE03FB4088DAC6408C4E140542B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
Manifest number:          0AC4
Signing time:             Tue 03 Dec 2024 08:00:31 +0000
Manifest this update:     Tue 03 Dec 2024 08:00:31 +0000
Manifest next update:     Wed 04 Dec 2024 08:00:31 +0000
Files and hashes:         1: Th1cISsoF0fIw-xuhm4Vs5TFu98.crl (hash: HrgZSk2w0WoWiWopUD3PMhW69ZUHbM5PkyPKa+IYFoE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 04 Dec 2024 08:00:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:8b:88:fd:e0:3f:b4:08:8d:ac:64:08:c4:e1:40:54:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e1d5c212b281747c8c3ec6e866e15b394c5bbdf
        Validity
            Not Before: Dec  3 08:00:31 2024 GMT
            Not After : Dec  4 08:00:31 2024 GMT
        Subject: CN=ebe77976338ab3256407990f829ca707f4297b65
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:d9:e8:b3:1f:0d:30:bf:4a:a3:c8:2e:b4:89:
                    82:48:ae:62:39:9b:ac:6f:ca:b7:98:fe:0d:67:0d:
                    96:00:d2:65:a5:e8:53:29:47:9a:1c:e5:2b:26:00:
                    ab:38:29:4f:dc:24:3a:2a:ee:f5:e2:44:20:f8:6f:
                    e1:e9:d5:1f:4d:59:77:c5:83:93:de:9c:b0:5f:bc:
                    54:35:1c:c7:90:41:e6:9a:51:8e:cb:2c:12:de:39:
                    c5:64:63:cb:08:7f:c4:10:5f:e1:c6:e9:aa:e8:b8:
                    79:17:25:7b:bf:e7:0f:0a:6f:08:20:a5:b7:75:fb:
                    f2:df:94:4f:ba:75:43:d9:65:d8:65:a2:c0:76:93:
                    a7:61:11:96:73:52:0d:6b:31:c0:fa:53:7b:99:42:
                    cf:45:9b:85:c5:78:b2:e1:d9:11:e2:24:62:f4:7d:
                    c6:04:7c:7b:56:b5:73:ec:68:ff:de:b5:19:a0:15:
                    2b:44:e4:68:89:ff:34:34:55:3d:bf:26:67:2f:1e:
                    1d:1a:78:ac:59:c4:2c:d4:c9:00:72:e5:6d:75:fa:
                    5c:78:c4:4e:4d:8f:1d:3d:07:59:e3:72:2b:36:ac:
                    81:16:e3:c3:4b:40:8a:30:5d:8d:b9:43:2b:9e:e7:
                    14:2c:10:e5:8e:3d:c4:be:09:bc:1a:6f:36:18:5b:
                    a9:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:E7:79:76:33:8A:B3:25:64:07:99:0F:82:9C:A7:07:F4:29:7B:65
            X509v3 Authority Key Identifier:
                keyid:4E:1D:5C:21:2B:28:17:47:C8:C3:EC:6E:86:6E:15:B3:94:C5:BB:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Th1cISsoF0fIw-xuhm4Vs5TFu98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/06/277503-82e3-4c17-9699-712e2761daf5/1/Th1cISsoF0fIw-xuhm4Vs5TFu98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:68:6d:95:ff:d5:6c:7d:a0:94:53:90:8b:00:36:28:f6:3a:
         31:5f:8b:4e:59:28:5e:dd:dc:2a:50:ce:ef:5d:05:c4:27:b6:
         6b:84:ff:ab:5d:82:8b:5d:ef:d7:db:f5:7c:ce:d5:e8:11:e9:
         97:fd:69:fa:7b:5b:01:73:17:d7:ec:20:78:98:2c:60:3f:ca:
         d5:ed:b6:15:78:1e:e7:42:a1:3a:13:20:e5:a1:4e:f8:c0:9c:
         79:31:03:11:ec:f4:36:10:7b:65:be:c6:33:a8:c8:18:61:33:
         c0:51:d7:e6:eb:01:cc:5d:34:a4:29:0a:54:80:da:fd:67:51:
         a1:7d:97:37:bf:bd:5e:54:07:fe:b2:f8:f6:cc:28:7b:08:a3:
         d1:d3:07:01:1c:b5:a7:6d:94:0d:51:b0:1e:60:2b:30:98:ac:
         bb:d1:e9:19:84:81:d7:a7:0c:60:e3:06:87:cc:19:e4:c5:9f:
         aa:f3:39:73:2c:a7:36:d7:81:ca:56:cf:5f:01:f6:47:0b:ae:
         28:fd:ff:d0:45:2b:0c:55:00:f3:6e:76:52:3b:96:af:3e:e2:
         e8:95:32:be:30:b7:a4:1a:c9:9e:78:ac:18:d4:9d:c1:12:bd:
         71:b0:00:00:6f:db:04:ca:e6:76:8d:2a:e3:2d:eb:29:bb:8f:
         03:d8:5b:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZOLiP3gP7QIjaxkCMThQFQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMWQ1YzIxMmIyODE3NDdjOGMzZWM2ZTg2NmUxNWIzOTRj
NWJiZGYwHhcNMjQxMjAzMDgwMDMxWhcNMjQxMjA0MDgwMDMxWjAzMTEwLwYDVQQD
EyhlYmU3Nzk3NjMzOGFiMzI1NjQwNzk5MGY4MjljYTcwN2Y0Mjk3YjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39nosx8NML9Ko8gutImCSK5iOZus
b8q3mP4NZw2WANJlpehTKUeaHOUrJgCrOClP3CQ6Ku714kQg+G/h6dUfTVl3xYOT
3pywX7xUNRzHkEHmmlGOyywS3jnFZGPLCH/EEF/hxumq6Lh5FyV7v+cPCm8IIKW3
dfvy35RPunVD2WXYZaLAdpOnYRGWc1INazHA+lN7mULPRZuFxXiy4dkR4iRi9H3G
BHx7VrVz7Gj/3rUZoBUrRORoif80NFU9vyZnLx4dGnisWcQs1MkAcuVtdfpceMRO
TY8dPQdZ43IrNqyBFuPDS0CKMF2NuUMrnucULBDljj3Evgm8Gm82GFupLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvneXYzirMlZAeZD4Kcpwf0KXtlMB8GA1UdIwQY
MBaAFE4dXCErKBdHyMPsboZuFbOUxbvfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTkt
NzEyZTI3NjFkYWY1LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8yNzc1MDMtODJlMy00YzE3LTk2OTktNzEyZTI3NjFkYWY1
LzEvVGgxY0lTc29GMGZJdy14dWhtNFZzNVRGdTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYWhtlf/V
bH2glFOQiwA2KPY6MV+LTlkoXt3cKlDO710FxCe2a4T/q12Ci13v19v1fM7V6BHp
l/1p+ntbAXMX1+wgeJgsYD/K1e22FXge50KhOhMg5aFO+MCceTEDEez0NhB7Zb7G
M6jIGGEzwFHX5usBzF00pCkKVIDa/WdRoX2XN7+9XlQH/rL49swoewij0dMHARy1
p22UDVGwHmArMJisu9HpGYSB16cMYOMGh8wZ5MWfqvM5cyynNteBylbPXwH2Rwuu
KP3/0EUrDFUA8252UjuWrz7i6JUyvjC3pBrJnnisGNSdwRK9cbAAAG/bBMrmdo0q
4y3rKbuPA9hbJQ==
-----END CERTIFICATE-----