Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
File:                     3pj4NjKYKX-6uupodyArXEQOWpA.mft (raw, json)
Hash identifier:          5XCFmDSvPBXrCR75sUMI5FtxjYkYcscNOXGqkCrXzRY=
Subject key identifier:   0E:3E:A0:3B:7B:34:0F:6F:F5:03:A1:D7:1D:C0:8A:DF:AC:1C:63:3A
Authority key identifier: DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90
Certificate issuer:       /CN=de98f8363298297fbabaea6877202b5c440e5a90
Certificate serial:       019369DA7E885000954C79531F3B34736A79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
Manifest number:          0A0A
Signing time:             Tue 26 Nov 2024 19:02:27 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:27 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:27 +0000
Files and hashes:         1: 3pj4NjKYKX-6uupodyArXEQOWpA.crl (hash: XtIuMaiQlr0LbxYBlofqqaLh2x0LbanltVwSjtgVOQ0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:7e:88:50:00:95:4c:79:53:1f:3b:34:73:6a:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de98f8363298297fbabaea6877202b5c440e5a90
        Validity
            Not Before: Nov 26 19:02:27 2024 GMT
            Not After : Nov 27 19:02:27 2024 GMT
        Subject: CN=0e3ea03b7b340f6ff503a1d71dc08adfac1c633a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:f4:65:23:e5:dc:7f:06:ba:0b:60:f7:9b:d0:
                    dc:aa:2b:4b:c3:3e:9b:72:bd:81:35:e2:55:04:1a:
                    d3:38:5d:dc:8c:19:d8:41:82:1a:4e:4a:c5:46:91:
                    0c:8f:e9:b3:0a:ae:84:64:65:32:f7:6a:ec:71:88:
                    a2:a3:28:6d:9f:55:58:1b:b5:84:40:57:40:4c:23:
                    ba:91:48:b9:05:3b:4d:e1:b0:84:cf:b8:45:f2:04:
                    ca:9d:6c:11:b7:a8:ab:b8:2a:6a:1d:0d:24:57:6a:
                    9c:23:2b:9f:27:3c:d5:54:a8:53:3c:f9:82:25:14:
                    43:c0:92:e6:57:25:47:a6:85:a0:58:f2:3a:22:b8:
                    89:0d:bc:84:8b:53:f4:72:49:5c:ec:64:d4:af:06:
                    75:ae:6b:df:86:85:5d:39:97:04:d5:55:e9:ce:21:
                    22:a9:cf:ca:d6:68:01:ae:83:94:10:91:64:ec:73:
                    47:41:cc:69:05:90:8b:ea:98:c0:95:1d:ee:43:6e:
                    94:ae:2e:11:17:e1:5b:4f:c7:fc:8d:20:59:72:b1:
                    44:7c:2b:d1:3e:17:fa:21:97:6a:68:14:70:79:fc:
                    ed:61:17:6a:13:f5:1d:a4:47:d2:90:e9:59:5f:e4:
                    48:d3:87:9e:45:53:55:d6:f2:ba:a2:45:b0:13:14:
                    56:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:3E:A0:3B:7B:34:0F:6F:F5:03:A1:D7:1D:C0:8A:DF:AC:1C:63:3A
            X509v3 Authority Key Identifier:
                keyid:DE:98:F8:36:32:98:29:7F:BA:BA:EA:68:77:20:2B:5C:44:0E:5A:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pj4NjKYKX-6uupodyArXEQOWpA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/680e29-7d83-4558-b411-e7fbd50e0349/1/3pj4NjKYKX-6uupodyArXEQOWpA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:ea:5a:e7:d5:f6:06:49:46:40:5b:3b:c7:29:13:a5:df:5c:
         66:ca:87:76:7a:04:a9:53:dd:d4:66:4d:04:76:0a:3d:86:6b:
         e0:61:44:a9:2b:6a:95:aa:30:f3:80:06:6e:71:d7:2d:3b:94:
         e4:a0:9c:71:88:36:2f:93:2e:61:ee:74:25:d8:32:17:82:35:
         21:15:04:fa:42:86:bc:9a:6f:0c:28:75:0f:e3:59:4b:f1:d1:
         d8:d0:ed:f7:db:f6:4f:37:3d:ae:9b:b1:0b:8c:31:48:99:e0:
         1f:47:5b:18:ca:50:a1:35:f3:26:0a:4d:a9:12:c7:8b:96:af:
         2f:a8:19:05:d4:76:37:10:cf:6c:d0:54:3c:a5:73:20:4c:f9:
         2c:57:86:f7:a9:89:0e:0a:5d:43:33:03:4c:d1:35:aa:18:3d:
         02:e6:d8:61:c3:e1:94:09:53:96:2b:ad:9a:4f:6d:9b:f6:6e:
         61:d8:45:78:b8:6a:df:18:84:ab:5c:83:23:1d:f8:52:20:06:
         87:72:33:e7:02:d8:8b:76:c3:92:21:fd:09:d3:2e:31:cd:a9:
         8d:25:a6:82:62:4d:b7:af:45:22:54:f3:f5:85:ca:cd:08:8c:
         7b:ab:71:d8:b2:aa:67:c7:c4:c4:2d:ad:59:b3:15:30:93:e1:
         fc:d3:8b:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2n6IUACVTHlTHzs0c2p5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlOThmODM2MzI5ODI5N2ZiYWJhZWE2ODc3MjAyYjVjNDQw
ZTVhOTAwHhcNMjQxMTI2MTkwMjI3WhcNMjQxMTI3MTkwMjI3WjAzMTEwLwYDVQQD
EygwZTNlYTAzYjdiMzQwZjZmZjUwM2ExZDcxZGMwOGFkZmFjMWM2MzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PRlI+Xcfwa6C2D3m9DcqitLwz6b
cr2BNeJVBBrTOF3cjBnYQYIaTkrFRpEMj+mzCq6EZGUy92rscYiioyhtn1VYG7WE
QFdATCO6kUi5BTtN4bCEz7hF8gTKnWwRt6iruCpqHQ0kV2qcIyufJzzVVKhTPPmC
JRRDwJLmVyVHpoWgWPI6IriJDbyEi1P0cklc7GTUrwZ1rmvfhoVdOZcE1VXpziEi
qc/K1mgBroOUEJFk7HNHQcxpBZCL6pjAlR3uQ26Uri4RF+FbT8f8jSBZcrFEfCvR
Phf6IZdqaBRwefztYRdqE/UdpEfSkOlZX+RI04eeRVNV1vK6okWwExRWtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4+oDt7NA9v9QOh1x3Ait+sHGM6MB8GA1UdIwQY
MBaAFN6Y+DYymCl/urrqaHcgK1xEDlqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEt
ZTdmYmQ1MGUwMzQ5LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS82ODBlMjktN2Q4My00NTU4LWI0MTEtZTdmYmQ1MGUwMzQ5
LzEvM3BqNE5qS1lLWC02dXVwb2R5QXJYRVFPV3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU+pa59X2
BklGQFs7xykTpd9cZsqHdnoEqVPd1GZNBHYKPYZr4GFEqStqlaow84AGbnHXLTuU
5KCccYg2L5MuYe50JdgyF4I1IRUE+kKGvJpvDCh1D+NZS/HR2NDt99v2Tzc9rpux
C4wxSJngH0dbGMpQoTXzJgpNqRLHi5avL6gZBdR2NxDPbNBUPKVzIEz5LFeG96mJ
DgpdQzMDTNE1qhg9AubYYcPhlAlTliutmk9tm/ZuYdhFeLhq3xiEq1yDIx34UiAG
h3Iz5wLYi3bDkiH9CdMuMc2pjSWmgmJNt69FIlTz9YXKzQiMe6tx2LKqZ8fExC2t
WbMVMJPh/NOLFw==
-----END CERTIFICATE-----