Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
File:                     xfFStqDQBGJ9KF2Hmqg-WEYast8.mft (raw, json)
Hash identifier:          iQ3i9Lip9j5a46+Kk5SE9yR1RdHfqWhisOEuaQ4PmHY=
Subject key identifier:   0C:DA:A0:F8:79:03:E7:4F:8A:1F:76:48:6C:8E:B8:A9:0A:4B:74:CD
Authority key identifier: C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF
Certificate issuer:       /CN=c5f152b6a0d004627d285d879aa83e58461ab2df
Certificate serial:       019358786B45118D884EBA1C28A437A99D27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
Manifest number:          0F92
Signing time:             Sat 23 Nov 2024 10:01:46 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:46 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:46 +0000
Files and hashes:         1: xfFStqDQBGJ9KF2Hmqg-WEYast8.crl (hash: HuP9SIvni8CJfrQqXXJo2fuhU3DB6qtnnvNl45q5Fc0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:6b:45:11:8d:88:4e:ba:1c:28:a4:37:a9:9d:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c5f152b6a0d004627d285d879aa83e58461ab2df
        Validity
            Not Before: Nov 23 10:01:46 2024 GMT
            Not After : Nov 24 10:01:46 2024 GMT
        Subject: CN=0cdaa0f87903e74f8a1f76486c8eb8a90a4b74cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:30:bf:a9:38:a8:70:20:4c:60:ce:a2:ac:0a:
                    6b:5e:65:a1:d4:15:0d:44:25:32:e5:42:7e:46:4f:
                    81:50:6a:28:48:72:05:a7:5c:13:af:a1:a8:14:9a:
                    a9:b3:ed:0e:6a:20:ac:a4:76:4b:01:ff:7a:1a:b9:
                    ca:03:1c:4a:9e:78:22:e3:7f:03:f7:06:dc:78:72:
                    e8:87:cb:89:97:4d:7d:cf:3c:ec:c3:7e:81:17:98:
                    7c:01:f0:db:66:d9:5d:21:6b:dd:a0:db:1a:e5:54:
                    ad:b9:b4:22:4f:d1:fa:98:66:f2:d6:73:db:47:17:
                    ca:92:b2:b7:23:04:4c:52:c1:d5:53:ad:a8:81:00:
                    f5:d7:f1:5c:a5:3f:4e:74:48:29:f9:d6:1d:9b:19:
                    e8:c8:75:6a:3b:db:01:c5:7c:62:66:bb:5f:e5:22:
                    f3:4f:d4:40:55:1e:b3:77:87:a3:7c:d9:79:f7:e5:
                    64:e6:fd:57:49:71:ae:31:dc:90:16:50:ce:6d:42:
                    87:ad:31:ef:c5:37:24:ae:8d:a9:e3:47:52:4e:e9:
                    8e:17:e4:27:20:9d:4c:1f:b1:47:22:dd:87:b0:f9:
                    89:46:5d:c6:88:60:1e:48:02:87:8a:24:1d:90:4f:
                    40:14:fb:47:99:7a:cb:3a:52:f1:f1:2d:12:e1:58:
                    ff:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:DA:A0:F8:79:03:E7:4F:8A:1F:76:48:6C:8E:B8:A9:0A:4B:74:CD
            X509v3 Authority Key Identifier:
                keyid:C5:F1:52:B6:A0:D0:04:62:7D:28:5D:87:9A:A8:3E:58:46:1A:B2:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xfFStqDQBGJ9KF2Hmqg-WEYast8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/53ad5a-0a37-4f65-a6c6-737e78c87012/1/xfFStqDQBGJ9KF2Hmqg-WEYast8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         db:46:4f:8b:97:64:f2:a7:01:f1:02:84:0d:e1:9b:89:1a:f0:
         21:89:f1:04:af:8f:de:2f:37:76:6d:f7:b6:d2:74:96:3b:67:
         c4:c0:c0:54:5d:46:2c:bc:93:cd:3f:89:94:d1:58:b0:18:93:
         cb:81:06:0d:b8:09:67:04:39:41:51:10:28:f8:db:4b:47:df:
         8c:ba:67:3c:35:5d:7d:88:2c:b3:0a:19:73:0d:18:56:de:ef:
         af:e7:a0:82:72:6c:65:16:0e:90:70:31:2a:f2:7d:09:c1:0e:
         2e:fe:3f:4d:7e:4e:57:ed:8d:51:35:db:bd:6d:2d:12:48:02:
         e7:18:83:f7:c5:49:80:f0:f7:80:1c:53:43:ec:48:ab:6b:5f:
         37:aa:54:9c:8d:00:a7:e3:cf:85:b5:3e:7c:05:cd:66:e1:ce:
         17:03:2e:61:cb:26:e3:b6:23:14:62:b4:38:7f:20:a0:cb:c2:
         fb:5a:86:45:84:5a:a7:4a:c3:a8:32:07:95:34:6a:1a:40:2d:
         2c:d2:4d:47:1d:bf:3c:6e:ec:f7:5a:08:bd:ff:e6:bb:61:26:
         2a:6d:52:d5:ce:6f:cc:12:c4:a8:e2:46:b9:4e:7e:58:74:0a:
         1f:c5:f5:27:3f:4e:ef:5c:36:da:68:d1:18:a3:69:b0:9f:2d:
         45:fb:e8:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeGtFEY2ITrocKKQ3qZ0nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZjE1MmI2YTBkMDA0NjI3ZDI4NWQ4NzlhYTgzZTU4NDYx
YWIyZGYwHhcNMjQxMTIzMTAwMTQ2WhcNMjQxMTI0MTAwMTQ2WjAzMTEwLwYDVQQD
EygwY2RhYTBmODc5MDNlNzRmOGExZjc2NDg2YzhlYjhhOTBhNGI3NGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDC/qTiocCBMYM6irAprXmWh1BUN
RCUy5UJ+Rk+BUGooSHIFp1wTr6GoFJqps+0OaiCspHZLAf96GrnKAxxKnngi438D
9wbceHLoh8uJl019zzzsw36BF5h8AfDbZtldIWvdoNsa5VStubQiT9H6mGby1nPb
RxfKkrK3IwRMUsHVU62ogQD11/FcpT9OdEgp+dYdmxnoyHVqO9sBxXxiZrtf5SLz
T9RAVR6zd4ejfNl59+Vk5v1XSXGuMdyQFlDObUKHrTHvxTckro2p40dSTumOF+Qn
IJ1MH7FHIt2HsPmJRl3GiGAeSAKHiiQdkE9AFPtHmXrLOlLx8S0S4Vj/UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzaoPh5A+dPih92SGyOuKkKS3TNMB8GA1UdIwQY
MBaAFMXxUrag0ARifShdh5qoPlhGGrLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYt
NzM3ZTc4Yzg3MDEyLzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81M2FkNWEtMGEzNy00ZjY1LWE2YzYtNzM3ZTc4Yzg3MDEy
LzEveGZGU3RxRFFCR0o5S0YySG1xZy1XRVlhc3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA20ZPi5dk
8qcB8QKEDeGbiRrwIYnxBK+P3i83dm33ttJ0ljtnxMDAVF1GLLyTzT+JlNFYsBiT
y4EGDbgJZwQ5QVEQKPjbS0ffjLpnPDVdfYgsswoZcw0YVt7vr+eggnJsZRYOkHAx
KvJ9CcEOLv4/TX5OV+2NUTXbvW0tEkgC5xiD98VJgPD3gBxTQ+xIq2tfN6pUnI0A
p+PPhbU+fAXNZuHOFwMuYcsm47YjFGK0OH8goMvC+1qGRYRap0rDqDIHlTRqGkAt
LNJNRx2/PG7s91oIvf/mu2EmKm1S1c5vzBLEqOJGuU5+WHQKH8X1Jz9O71w22mjR
GKNpsJ8tRfvoVw==
-----END CERTIFICATE-----