Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          AXRYaQZh6gfFmpQ4NCO/bgGmMh/8AFu50CpRu7bnWX8=
Subject key identifier:   61:ED:22:EC:2C:2F:6C:75:0C:B1:E5:5D:54:AC:82:BE:A7:70:56:E0
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       019356F6941A439FE18152EBEAC9C68DF4FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          0586
Signing time:             Sat 23 Nov 2024 03:00:20 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:20 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:20 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: NKOoqOR6i1BEib7qApOsJjA3TpJvYU9ZtG/PCOrtQ0M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:94:1a:43:9f:e1:81:52:eb:ea:c9:c6:8d:f4:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: Nov 23 03:00:20 2024 GMT
            Not After : Nov 24 03:00:20 2024 GMT
        Subject: CN=61ed22ec2c2f6c750cb1e55d54ac82bea77056e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:4c:fe:ec:5e:db:f6:c9:1e:46:8d:1e:11:ea:
                    72:fe:54:f8:fc:4e:c5:fd:38:1e:a5:04:ef:58:31:
                    aa:2f:b8:f3:cd:b5:d8:e3:b3:23:ff:54:a2:91:05:
                    2d:e3:9e:f4:fd:e8:80:88:1d:8f:08:d3:6b:0d:7c:
                    a8:37:26:dc:8e:c5:b6:c4:2f:b4:5f:2f:f2:82:5b:
                    46:59:b5:ce:6f:00:56:56:02:cd:03:51:57:63:7a:
                    a6:30:c0:25:1e:41:85:f6:0a:4a:c2:f5:12:eb:9d:
                    6e:3f:90:26:05:ae:07:ed:db:74:9c:f9:a1:99:ea:
                    36:aa:39:1e:bd:8c:2a:99:7d:f7:08:a5:55:79:d7:
                    b7:cd:9e:12:26:1a:86:ca:8a:1c:cf:08:48:1e:00:
                    b7:d0:e2:9b:28:3c:81:21:75:62:c4:4c:b5:2b:48:
                    f6:65:b4:94:ef:f4:cb:3e:90:82:71:3e:45:6a:21:
                    53:3a:8f:4c:93:6f:be:65:7f:8b:e7:24:cd:e7:3d:
                    75:60:f2:4a:5f:c9:a1:b3:84:d9:51:01:d1:7a:59:
                    1c:da:00:57:d6:f1:51:99:a1:ad:48:70:8e:f9:0b:
                    e3:fb:02:6a:bb:21:b8:62:fc:47:81:b8:b8:53:4e:
                    fc:d3:58:99:63:5b:2c:b7:7c:5d:5b:44:19:41:b4:
                    31:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:ED:22:EC:2C:2F:6C:75:0C:B1:E5:5D:54:AC:82:BE:A7:70:56:E0
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         48:dc:36:52:8c:18:3e:66:16:24:1b:f6:cb:43:4c:2f:f8:99:
         7e:fa:ab:e2:d7:a7:e4:e2:4e:32:0c:34:8e:3a:ea:28:35:63:
         1e:bf:6e:0f:67:47:94:9d:5a:f6:e5:bd:e3:44:01:0a:e5:0d:
         ff:68:49:6d:40:20:39:73:1b:ac:d4:59:a2:f7:f0:fb:55:8c:
         42:fd:ee:44:7b:b1:fd:82:51:68:d7:6a:a7:bd:8f:53:03:b4:
         37:9a:9e:dc:d0:fc:39:69:4b:6d:41:99:cf:9b:f2:d3:13:6d:
         3a:e6:4b:44:27:bd:fc:56:e4:df:3c:df:00:e8:fa:a5:60:b8:
         de:27:0e:ac:b8:d6:cb:5f:e7:c6:b7:4b:92:fb:5b:97:50:85:
         b3:0f:98:3d:29:7a:9d:51:5a:f1:54:33:db:b8:3e:8c:22:9f:
         33:db:82:6a:60:22:5c:11:81:fa:e3:59:c8:f5:7f:ad:3e:15:
         99:7f:7d:6f:98:ba:2e:67:26:8a:e9:c7:fa:5f:5f:e6:40:d1:
         96:98:2b:6a:64:f6:32:c1:1c:88:62:a8:45:a3:ce:00:37:5c:
         07:4a:c6:fe:53:a6:9d:66:85:da:04:61:59:b4:8f:18:48:eb:
         84:a2:de:f3:1c:2a:94:97:1f:8f:26:88:4b:a5:ed:dc:84:86:
         a5:e4:42:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9pQaQ5/hgVLr6snGjfT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjQxMTIzMDMwMDIwWhcNMjQxMTI0MDMwMDIwWjAzMTEwLwYDVQQD
Eyg2MWVkMjJlYzJjMmY2Yzc1MGNiMWU1NWQ1NGFjODJiZWE3NzA1NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkz+7F7b9skeRo0eEepy/lT4/E7F
/TgepQTvWDGqL7jzzbXY47Mj/1SikQUt4570/eiAiB2PCNNrDXyoNybcjsW2xC+0
Xy/ygltGWbXObwBWVgLNA1FXY3qmMMAlHkGF9gpKwvUS651uP5AmBa4H7dt0nPmh
meo2qjkevYwqmX33CKVVede3zZ4SJhqGyooczwhIHgC30OKbKDyBIXVixEy1K0j2
ZbSU7/TLPpCCcT5FaiFTOo9Mk2++ZX+L5yTN5z11YPJKX8mhs4TZUQHRelkc2gBX
1vFRmaGtSHCO+Qvj+wJquyG4YvxHgbi4U07801iZY1sst3xdW0QZQbQxfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHtIuwsL2x1DLHlXVSsgr6ncFbgMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNw2UowY
PmYWJBv2y0NML/iZfvqr4ten5OJOMgw0jjrqKDVjHr9uD2dHlJ1a9uW940QBCuUN
/2hJbUAgOXMbrNRZovfw+1WMQv3uRHux/YJRaNdqp72PUwO0N5qe3ND8OWlLbUGZ
z5vy0xNtOuZLRCe9/Fbk3zzfAOj6pWC43icOrLjWy1/nxrdLkvtbl1CFsw+YPSl6
nVFa8VQz27g+jCKfM9uCamAiXBGB+uNZyPV/rT4VmX99b5i6LmcmiunH+l9f5kDR
lpgramT2MsEciGKoRaPOADdcB0rG/lOmnWaF2gRhWbSPGEjrhKLe8xwqlJcfjyaI
S6Xt3ISGpeRC0A==
-----END CERTIFICATE-----