Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
File:                     IClZ7xuVPXmKoPVkMafxG2vhltY.mft (raw, json)
Hash identifier:          TfONGXYiqUqXcAUH3KenU6sjqwSA1f3dtAtT1L9Bfog=
Subject key identifier:   88:25:E4:4A:C8:9E:94:D9:B1:97:80:39:BC:7D:B0:9B:D6:C3:51:A5
Authority key identifier: 20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6
Certificate issuer:       /CN=202959ef1b953d798aa0f56431a7f11b6be196d6
Certificate serial:       01936AB4C6B6CBDFFF3DFC6489903A5A8033
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
Manifest number:          0F74
Signing time:             Tue 26 Nov 2024 23:00:52 +0000
Manifest this update:     Tue 26 Nov 2024 23:00:52 +0000
Manifest next update:     Wed 27 Nov 2024 23:00:52 +0000
Files and hashes:         1: IClZ7xuVPXmKoPVkMafxG2vhltY.crl (hash: FsJ9k+wIFZXWwMGyxg7QVb8h8KFoBdciuPFJ4l84obk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:b4:c6:b6:cb:df:ff:3d:fc:64:89:90:3a:5a:80:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=202959ef1b953d798aa0f56431a7f11b6be196d6
        Validity
            Not Before: Nov 26 23:00:52 2024 GMT
            Not After : Nov 27 23:00:52 2024 GMT
        Subject: CN=8825e44ac89e94d9b1978039bc7db09bd6c351a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:78:43:d6:61:72:4e:1d:cc:cf:af:d1:e7:88:
                    c0:33:d9:45:0b:01:e1:5e:0f:e6:ff:05:a7:15:0a:
                    5a:3c:c9:0b:0b:e7:a0:81:4e:3d:65:58:47:74:cf:
                    e2:7f:35:9b:95:aa:a7:a2:55:c1:fa:c7:17:d7:95:
                    69:79:7a:3b:b3:f6:3b:e3:2e:9e:0a:c7:65:ae:f0:
                    5b:48:12:a3:5b:c3:4d:0b:f3:90:10:0f:e4:46:c2:
                    da:90:3d:c1:ca:41:fd:c5:d2:5e:5d:9a:37:90:7c:
                    9d:94:fd:98:5b:1f:e6:1e:87:8e:e5:3a:13:1f:ff:
                    85:12:43:bf:d2:d6:73:58:e6:e8:71:43:63:67:13:
                    63:6c:e6:49:38:d5:82:28:65:c2:db:71:68:97:35:
                    c1:6a:ea:a8:c0:49:41:c3:9b:2e:e6:78:90:a6:ea:
                    42:92:b1:26:e7:f9:cc:5c:67:00:0d:e1:f2:13:01:
                    c5:b7:81:8b:f5:8f:c0:48:c4:5c:93:73:2a:68:ae:
                    25:06:82:bf:21:38:17:f0:5e:bf:e5:81:f1:1c:56:
                    5d:d9:28:e9:dc:7a:80:fb:20:21:b2:32:64:68:2f:
                    75:3f:56:71:35:3e:a9:45:3f:64:e4:cc:30:52:ec:
                    bc:62:d8:72:48:94:d3:67:34:e6:c5:30:76:54:5f:
                    34:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:25:E4:4A:C8:9E:94:D9:B1:97:80:39:BC:7D:B0:9B:D6:C3:51:A5
            X509v3 Authority Key Identifier:
                keyid:20:29:59:EF:1B:95:3D:79:8A:A0:F5:64:31:A7:F1:1B:6B:E1:96:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IClZ7xuVPXmKoPVkMafxG2vhltY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f2ccc0-3732-4351-b770-6b0da9e4fb10/1/IClZ7xuVPXmKoPVkMafxG2vhltY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:34:58:7a:99:67:06:99:81:1d:e8:52:53:11:ed:39:11:f4:
         3d:ca:3e:2e:bc:0a:b8:2d:f5:6c:62:6b:3c:1f:78:db:0b:a9:
         38:ef:b0:60:08:aa:39:7f:b9:a6:a0:55:c8:c9:43:9a:0c:59:
         2c:15:91:ab:25:25:4d:56:f3:07:08:8d:36:1a:3a:67:6d:e8:
         27:f7:cb:38:af:5f:8a:c2:84:7f:af:59:94:fe:36:17:2d:14:
         9a:d6:df:0e:d8:ba:ee:a2:fb:d5:e9:29:9b:f8:8d:95:69:b0:
         67:30:12:68:97:f7:86:a4:00:e9:bb:b9:69:aa:0f:52:79:ed:
         2a:98:2c:cb:20:31:6b:80:d3:a6:cc:2c:5a:3b:e8:5e:3d:d8:
         6e:09:ce:97:38:bb:66:b6:de:ff:cb:29:41:ef:04:c3:db:d7:
         74:77:fe:ca:a5:3b:51:99:68:ce:6e:4a:db:ad:06:ac:b8:ac:
         d5:84:e3:6f:7f:77:f7:fd:2e:d3:72:8f:3c:b1:99:49:44:2e:
         41:32:bc:2f:28:80:cb:3f:32:29:b1:70:78:49:e0:7b:04:24:
         18:10:30:23:e2:92:ca:d7:c3:ad:aa:8b:af:81:cd:60:12:b5:
         ca:57:c4:a0:59:3a:d7:69:14:fd:d1:33:b3:d1:b0:32:90:35:
         c8:b0:bd:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqtMa2y9//PfxkiZA6WoAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjk1OWVmMWI5NTNkNzk4YWEwZjU2NDMxYTdmMTFiNmJl
MTk2ZDYwHhcNMjQxMTI2MjMwMDUyWhcNMjQxMTI3MjMwMDUyWjAzMTEwLwYDVQQD
Eyg4ODI1ZTQ0YWM4OWU5NGQ5YjE5NzgwMzliYzdkYjA5YmQ2YzM1MWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHhD1mFyTh3Mz6/R54jAM9lFCwHh
Xg/m/wWnFQpaPMkLC+eggU49ZVhHdM/ifzWblaqnolXB+scX15VpeXo7s/Y74y6e
CsdlrvBbSBKjW8NNC/OQEA/kRsLakD3BykH9xdJeXZo3kHydlP2YWx/mHoeO5ToT
H/+FEkO/0tZzWObocUNjZxNjbOZJONWCKGXC23FolzXBauqowElBw5su5niQpupC
krEm5/nMXGcADeHyEwHFt4GL9Y/ASMRck3MqaK4lBoK/ITgX8F6/5YHxHFZd2Sjp
3HqA+yAhsjJkaC91P1ZxNT6pRT9k5MwwUuy8YthySJTTZzTmxTB2VF80cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgl5ErInpTZsZeAObx9sJvWw1GlMB8GA1UdIwQY
MBaAFCApWe8blT15iqD1ZDGn8Rtr4ZbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAt
NmIwZGE5ZTRmYjEwLzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mMmNjYzAtMzczMi00MzUxLWI3NzAtNmIwZGE5ZTRmYjEw
LzEvSUNsWjd4dVZQWG1Lb1BWa01hZnhHMnZobHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTRYepln
BpmBHehSUxHtORH0Pco+LrwKuC31bGJrPB942wupOO+wYAiqOX+5pqBVyMlDmgxZ
LBWRqyUlTVbzBwiNNho6Z23oJ/fLOK9fisKEf69ZlP42Fy0UmtbfDti67qL71ekp
m/iNlWmwZzASaJf3hqQA6bu5aaoPUnntKpgsyyAxa4DTpswsWjvoXj3YbgnOlzi7
Zrbe/8spQe8Ew9vXdHf+yqU7UZlozm5K260GrLis1YTjb3939/0u03KPPLGZSUQu
QTK8LyiAyz8yKbFweEngewQkGBAwI+KSytfDraqLr4HNYBK1ylfEoFk612kU/dEz
s9GwMpA1yLC9zQ==
-----END CERTIFICATE-----