Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
File:                     _x2DMuEYqaIYfqtYhCedZYDxGfc.mft (raw, json)
Hash identifier:          x3B9vi5BzcQwgJkAmOmMAMRgughSoUHjA1jY8mZ2tJw=
Subject key identifier:   84:35:C8:4A:28:98:3A:2C:05:31:6F:A5:85:DE:4B:6D:80:61:53:D6
Authority key identifier: FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7
Certificate issuer:       /CN=ff1d8332e118a9a2187eab5884279d6580f119f7
Certificate serial:       01936A7DE7A4BA5AE60BCA61A22F0E0BEE5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
Manifest number:          01D5
Signing time:             Tue 26 Nov 2024 22:00:56 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:56 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:56 +0000
Files and hashes:         1: _x2DMuEYqaIYfqtYhCedZYDxGfc.crl (hash: mLMi//VQZ4Xgk84Jk1LtnXd35tXRVd2RgYbz8Q5Tw+c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:e7:a4:ba:5a:e6:0b:ca:61:a2:2f:0e:0b:ee:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff1d8332e118a9a2187eab5884279d6580f119f7
        Validity
            Not Before: Nov 26 22:00:56 2024 GMT
            Not After : Nov 27 22:00:56 2024 GMT
        Subject: CN=8435c84a28983a2c05316fa585de4b6d806153d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:a4:4f:57:f2:3d:cb:3a:76:49:ab:28:a1:ed:
                    25:fb:ff:b8:82:90:de:93:e1:1f:1e:3c:72:26:d2:
                    3c:ad:c9:a2:f2:df:4f:27:4f:f6:09:b2:2f:15:84:
                    b8:ba:f2:72:c9:33:47:15:ba:20:cf:26:52:81:68:
                    48:c1:52:bd:48:37:ac:6f:64:f3:b7:96:33:86:f6:
                    63:fb:1e:c4:4d:10:eb:1c:38:4e:05:93:ac:2e:0a:
                    db:6b:0b:be:5a:46:31:9d:98:c6:b6:fc:2e:f1:a9:
                    75:47:12:8f:5e:ac:16:c8:eb:e9:3e:6a:4c:be:35:
                    5d:47:06:e7:db:bc:16:25:67:68:ac:6b:d0:3b:1d:
                    c2:35:b9:1f:da:12:76:10:70:24:d2:d6:f1:bc:4d:
                    93:58:b0:ed:8b:a2:c3:44:c1:2b:cd:2e:82:2c:98:
                    f6:5b:c3:6b:fe:9d:f1:20:5d:43:56:6b:ad:9f:a3:
                    e9:e2:dc:c9:23:47:84:66:73:ae:90:09:7e:cf:f5:
                    cb:39:24:43:7d:a7:bc:f3:46:0b:16:fd:e4:90:4a:
                    ff:c1:6d:6e:83:cf:39:27:18:cb:e2:f9:a3:23:73:
                    40:14:73:8f:e2:8b:2f:2d:a5:79:0e:e7:5e:a1:3f:
                    da:05:e2:fc:d4:4b:06:3c:ea:05:55:89:51:a3:24:
                    84:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:35:C8:4A:28:98:3A:2C:05:31:6F:A5:85:DE:4B:6D:80:61:53:D6
            X509v3 Authority Key Identifier:
                keyid:FF:1D:83:32:E1:18:A9:A2:18:7E:AB:58:84:27:9D:65:80:F1:19:F7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_x2DMuEYqaIYfqtYhCedZYDxGfc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/aac6be-1855-484b-8025-dea30ecb736d/1/_x2DMuEYqaIYfqtYhCedZYDxGfc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:b0:a5:f7:26:b9:4e:7a:2e:ac:03:36:5a:6a:06:fd:04:9c:
         8f:82:eb:31:6f:4a:45:de:e3:d4:94:70:bc:43:28:5f:f3:05:
         24:46:f2:a5:6f:9d:5d:ba:45:d0:51:ea:5a:9f:d1:d6:14:5b:
         cd:82:ee:a2:9e:b1:c9:5c:e0:8b:ae:ca:98:56:08:fe:0e:27:
         00:60:7c:97:9a:8d:2f:65:80:90:d9:bf:f3:c9:0d:7e:c9:7e:
         a3:41:07:bf:26:5f:ce:c7:98:fb:5b:7d:c6:19:c1:dc:ff:f0:
         a2:9a:07:19:45:88:8e:5a:e5:54:83:1c:01:65:8c:91:1e:79:
         36:a0:d8:da:b6:3e:f1:c7:40:e9:bd:73:1c:ad:a8:28:02:b1:
         36:e1:50:9f:4b:46:9a:cd:1f:b3:c2:0e:77:53:b9:c3:ca:14:
         4c:6b:e1:62:ae:d3:a0:6f:4b:5d:1b:00:17:68:bd:8d:36:3f:
         c6:bb:5d:10:2f:5d:29:dc:16:8a:9a:ec:ca:9e:58:2e:9e:86:
         d5:34:80:48:a2:a9:74:14:12:66:2a:9e:27:6f:14:db:53:52:
         3a:7e:b4:c0:a8:14:f8:88:ad:95:5b:f7:86:52:c2:b0:7d:e5:
         2a:78:14:6d:69:73:6d:83:37:fc:a2:2a:3d:f5:63:79:09:cf:
         2d:4a:cf:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfeekulrmC8phoi8OC+5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMWQ4MzMyZTExOGE5YTIxODdlYWI1ODg0Mjc5ZDY1ODBm
MTE5ZjcwHhcNMjQxMTI2MjIwMDU2WhcNMjQxMTI3MjIwMDU2WjAzMTEwLwYDVQQD
Eyg4NDM1Yzg0YTI4OTgzYTJjMDUzMTZmYTU4NWRlNGI2ZDgwNjE1M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqRPV/I9yzp2Sasooe0l+/+4gpDe
k+EfHjxyJtI8rcmi8t9PJ0/2CbIvFYS4uvJyyTNHFbogzyZSgWhIwVK9SDesb2Tz
t5YzhvZj+x7ETRDrHDhOBZOsLgrbawu+WkYxnZjGtvwu8al1RxKPXqwWyOvpPmpM
vjVdRwbn27wWJWdorGvQOx3CNbkf2hJ2EHAk0tbxvE2TWLDti6LDRMErzS6CLJj2
W8Nr/p3xIF1DVmutn6Pp4tzJI0eEZnOukAl+z/XLOSRDfae880YLFv3kkEr/wW1u
g885JxjL4vmjI3NAFHOP4osvLaV5DudeoT/aBeL81EsGPOoFVYlRoySEOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQ1yEoomDosBTFvpYXeS22AYVPWMB8GA1UdIwQY
MBaAFP8dgzLhGKmiGH6rWIQnnWWA8Rn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUt
ZGVhMzBlY2I3MzZkLzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hYWM2YmUtMTg1NS00ODRiLTgwMjUtZGVhMzBlY2I3MzZk
LzEvX3gyRE11RVlxYUlZZnF0WWhDZWRaWUR4R2ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAerCl9ya5
TnourAM2WmoG/QScj4LrMW9KRd7j1JRwvEMoX/MFJEbypW+dXbpF0FHqWp/R1hRb
zYLuop6xyVzgi67KmFYI/g4nAGB8l5qNL2WAkNm/88kNfsl+o0EHvyZfzseY+1t9
xhnB3P/wopoHGUWIjlrlVIMcAWWMkR55NqDY2rY+8cdA6b1zHK2oKAKxNuFQn0tG
ms0fs8IOd1O5w8oUTGvhYq7ToG9LXRsAF2i9jTY/xrtdEC9dKdwWiprsyp5YLp6G
1TSASKKpdBQSZiqeJ28U21NSOn60wKgU+IitlVv3hlLCsH3lKngUbWlzbYM3/KIq
PfVjeQnPLUrPUg==
-----END CERTIFICATE-----