Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
File:                     4PcIYcfPbv530i_HBJvpbGdopQA.mft (raw, json)
Hash identifier:          LFgJ/8wYW/XEKBkap5uax7PTuKXTUzL+XcbJ50UEIrQ=
Subject key identifier:   8A:9F:E0:E6:7D:C9:3A:38:70:1E:10:62:BA:2D:0B:2B:7C:39:E0:24
Authority key identifier: E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00
Certificate issuer:       /CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
Certificate serial:       019369344483DCB4E303EF710470D901A614
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
Manifest number:          033E
Signing time:             Tue 26 Nov 2024 16:00:53 +0000
Manifest this update:     Tue 26 Nov 2024 16:00:53 +0000
Manifest next update:     Wed 27 Nov 2024 16:00:53 +0000
Files and hashes:         1: 4PcIYcfPbv530i_HBJvpbGdopQA.crl (hash: RzFiUUiZHtbaNbEOA95IdK3gkJwrVValFMFvMA/B0xE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 16:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:34:44:83:dc:b4:e3:03:ef:71:04:70:d9:01:a6:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0f70861c7cf6efe77d22fc7049be96c6768a500
        Validity
            Not Before: Nov 26 16:00:53 2024 GMT
            Not After : Nov 27 16:00:53 2024 GMT
        Subject: CN=8a9fe0e67dc93a38701e1062ba2d0b2b7c39e024
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:87:63:5b:42:e5:b3:20:64:a1:ec:d3:23:13:
                    e3:28:e9:75:b7:c0:15:cd:27:a0:e6:5c:04:7c:10:
                    bf:40:9f:51:ed:eb:cc:a1:fa:01:6e:7f:9a:d8:8a:
                    3f:b4:fa:3a:3f:43:71:83:05:e4:88:96:27:36:da:
                    42:49:26:a8:c2:b0:2a:ff:69:3f:ae:d9:7e:89:cd:
                    b6:19:62:62:d1:5f:ad:11:99:75:60:23:c3:d5:7f:
                    1a:30:0b:97:85:e4:da:d9:66:be:de:4b:59:8e:9d:
                    b8:5e:c2:ed:1d:58:1c:f2:1e:21:ea:d5:5d:7d:a0:
                    bf:12:52:37:fa:2c:37:e1:d8:9a:c4:ab:6b:be:61:
                    de:89:0a:38:81:96:fc:e4:23:9f:92:b9:5f:5a:33:
                    cc:dc:41:52:b5:f0:fe:1e:ec:62:b9:c2:7a:89:ec:
                    1c:0f:fc:a8:97:d6:a2:20:4e:d2:c8:97:4c:a4:fe:
                    cf:34:bb:dd:4a:1c:13:7e:a4:e4:d8:71:4a:26:2e:
                    89:b2:bc:8f:be:f7:75:5d:d4:db:f9:60:b7:62:02:
                    ea:c8:61:91:22:c0:a4:6f:28:30:8c:92:8c:9a:06:
                    7f:b0:70:5e:fa:fb:1a:c0:eb:46:7f:53:26:0e:e0:
                    f0:09:7d:3a:9f:a7:54:52:80:1d:df:db:bb:55:93:
                    79:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:9F:E0:E6:7D:C9:3A:38:70:1E:10:62:BA:2D:0B:2B:7C:39:E0:24
            X509v3 Authority Key Identifier:
                keyid:E0:F7:08:61:C7:CF:6E:FE:77:D2:2F:C7:04:9B:E9:6C:67:68:A5:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4PcIYcfPbv530i_HBJvpbGdopQA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/542830-cc49-415a-97b6-4473c0b1e046/1/4PcIYcfPbv530i_HBJvpbGdopQA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:4f:dc:e7:87:ad:76:09:c6:41:6d:a2:47:30:63:a8:c0:cd:
         c2:9a:ea:53:d1:d3:82:89:d7:59:7f:69:fb:49:26:ed:03:9c:
         8e:8a:48:71:30:5f:8d:65:99:12:84:41:9b:5a:11:5c:fd:6c:
         60:76:5b:23:92:87:76:a8:89:48:22:83:4c:c3:51:9d:1c:a6:
         07:70:4c:84:30:14:68:d2:25:b0:f1:5e:b2:fb:2b:09:ec:92:
         94:d2:11:58:9b:11:ee:45:55:7e:04:be:fb:3d:47:ec:00:21:
         40:cb:12:07:f6:e2:78:e5:b3:72:6c:75:50:58:34:02:82:da:
         60:db:67:6b:68:ca:75:71:16:6b:86:40:e1:ab:3b:db:23:b3:
         d1:a5:b6:85:14:56:43:e1:1d:fe:af:3d:27:ae:18:b9:43:77:
         81:77:ad:bd:4a:5c:cb:3e:0a:78:0b:12:e9:e7:04:99:54:d7:
         50:9c:bc:a7:02:6e:9b:08:c9:88:5b:29:6a:a7:17:97:21:d9:
         83:0d:f4:00:92:11:a4:36:66:1b:fd:45:a8:fd:b2:71:b7:da:
         60:ee:97:33:99:f9:c4:2a:99:26:ee:20:83:ce:b4:fe:2a:d5:
         ac:e5:5e:b3:fc:a6:31:c0:db:22:b0:1a:27:1e:12:1f:2e:41:
         6d:25:96:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpNESD3LTjA+9xBHDZAaYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZjcwODYxYzdjZjZlZmU3N2QyMmZjNzA0OWJlOTZjNjc2
OGE1MDAwHhcNMjQxMTI2MTYwMDUzWhcNMjQxMTI3MTYwMDUzWjAzMTEwLwYDVQQD
Eyg4YTlmZTBlNjdkYzkzYTM4NzAxZTEwNjJiYTJkMGIyYjdjMzllMDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IdjW0LlsyBkoezTIxPjKOl1t8AV
zSeg5lwEfBC/QJ9R7evMofoBbn+a2Io/tPo6P0NxgwXkiJYnNtpCSSaowrAq/2k/
rtl+ic22GWJi0V+tEZl1YCPD1X8aMAuXheTa2Wa+3ktZjp24XsLtHVgc8h4h6tVd
faC/ElI3+iw34diaxKtrvmHeiQo4gZb85COfkrlfWjPM3EFStfD+HuxiucJ6iewc
D/yol9aiIE7SyJdMpP7PNLvdShwTfqTk2HFKJi6JsryPvvd1XdTb+WC3YgLqyGGR
IsCkbygwjJKMmgZ/sHBe+vsawOtGf1MmDuDwCX06n6dUUoAd39u7VZN5qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIqf4OZ9yTo4cB4QYrotCyt8OeAkMB8GA1UdIwQY
MBaAFOD3CGHHz27+d9IvxwSb6WxnaKUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYt
NDQ3M2MwYjFlMDQ2LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81NDI4MzAtY2M0OS00MTVhLTk3YjYtNDQ3M2MwYjFlMDQ2
LzEvNFBjSVljZlBidjUzMGlfSEJKdnBiR2RvcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH0/c54et
dgnGQW2iRzBjqMDNwprqU9HTgonXWX9p+0km7QOcjopIcTBfjWWZEoRBm1oRXP1s
YHZbI5KHdqiJSCKDTMNRnRymB3BMhDAUaNIlsPFesvsrCeySlNIRWJsR7kVVfgS+
+z1H7AAhQMsSB/bieOWzcmx1UFg0AoLaYNtna2jKdXEWa4ZA4as72yOz0aW2hRRW
Q+Ed/q89J64YuUN3gXetvUpcyz4KeAsS6ecEmVTXUJy8pwJumwjJiFspaqcXlyHZ
gw30AJIRpDZmG/1FqP2ycbfaYO6XM5n5xCqZJu4gg860/irVrOVes/ymMcDbIrAa
Jx4SHy5BbSWWZg==
-----END CERTIFICATE-----