Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
File:                     JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft (raw, json)
Hash identifier:          OP9VG7E/z14Ps/fjBhkqD0ulRoqb7Yk4qjgCOpvUHGI=
Subject key identifier:   D1:B9:E7:AD:E6:8E:FF:46:CB:C9:8E:6A:B7:7C:79:CB:55:F1:AB:89
Authority key identifier: 25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E
Certificate issuer:       /CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
Certificate serial:       0193568A68342A4EF752888B906412A607AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
Manifest number:          136B
Signing time:             Sat 23 Nov 2024 01:02:11 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:11 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:11 +0000
Files and hashes:         1: JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl (hash: sfhMsTYAuiSQvXI0R2yhN8xQNCrvURiSD6CqI6eoqp0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:68:34:2a:4e:f7:52:88:8b:90:64:12:a6:07:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25ba8795f3e7e2d2c7c90f1c3666cf7f9283da9e
        Validity
            Not Before: Nov 23 01:02:11 2024 GMT
            Not After : Nov 24 01:02:11 2024 GMT
        Subject: CN=d1b9e7ade68eff46cbc98e6ab77c79cb55f1ab89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:44:dd:ae:ba:5c:42:eb:22:78:a1:b3:6a:9b:
                    71:e5:a6:3b:f8:d2:a2:06:6e:53:15:e3:5d:04:df:
                    1f:75:00:f8:ed:9c:27:eb:13:b0:1e:91:82:55:f3:
                    3b:92:06:51:d3:21:7b:dd:bd:3f:00:72:4e:95:b7:
                    83:1f:86:94:bc:89:73:5c:69:e1:9d:8d:d7:21:5b:
                    df:2f:da:a1:3a:a2:f3:6a:d7:b3:d1:16:e7:02:cd:
                    be:6d:bc:a4:05:7f:d7:4e:13:18:a1:ba:6f:c0:d3:
                    2c:84:8a:98:e2:82:75:a6:dc:8c:25:4b:1b:8c:10:
                    7d:98:1a:c7:19:81:59:13:de:04:64:35:b5:c2:bc:
                    46:46:6e:98:35:28:54:0a:b5:c5:9e:d0:13:d5:79:
                    81:77:7b:1c:7e:97:d7:94:2d:33:81:e5:1f:cc:16:
                    a9:c3:bb:9c:2c:78:cc:4c:d5:85:83:38:56:af:15:
                    9b:10:b4:90:e9:00:35:2e:8d:eb:eb:04:85:8f:bb:
                    31:01:b7:48:dc:34:d8:64:7a:87:e5:b8:70:3a:b8:
                    73:06:2f:8b:2e:67:ea:8e:72:91:2f:7c:f8:47:92:
                    7d:6e:bf:4c:5d:72:2b:f2:bd:51:3b:c5:2a:9c:bc:
                    10:dd:4d:63:68:0b:08:ca:81:d8:c0:12:ff:24:6d:
                    e1:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B9:E7:AD:E6:8E:FF:46:CB:C9:8E:6A:B7:7C:79:CB:55:F1:AB:89
            X509v3 Authority Key Identifier:
                keyid:25:BA:87:95:F3:E7:E2:D2:C7:C9:0F:1C:36:66:CF:7F:92:83:DA:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/548417-5b01-4f5e-b9b3-4eddbeb8387b/1/JbqHlfPn4tLHyQ8cNmbPf5KD2p4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:c4:01:9d:58:d7:b2:b7:fb:c7:66:14:31:64:4f:df:d3:e1:
         b2:1e:85:15:bd:f0:1e:80:5e:0e:7c:fb:81:8a:8d:76:16:d8:
         e4:ab:d3:1c:9c:a6:be:26:50:2f:df:9e:75:f4:e5:55:a4:9f:
         0f:67:19:07:f9:d9:a8:c4:62:38:02:3c:7b:8c:8c:ca:ee:e7:
         d4:2a:ec:16:07:43:39:5c:33:91:1d:d0:b3:8a:a1:13:0a:ff:
         0f:bb:8d:64:ce:c2:d0:cc:97:e3:06:31:d1:a5:a2:e7:4b:6d:
         e7:32:c6:3f:a2:04:ac:9e:bb:c7:bc:44:5f:39:23:b9:a6:e6:
         0d:e8:bd:64:12:b5:60:ed:ae:06:35:6d:b3:85:6c:7a:f9:24:
         8a:89:50:bf:f0:fa:36:8b:c0:3e:45:42:b7:e1:ca:71:43:08:
         9e:08:af:10:8b:cf:ea:a4:8b:f7:6e:45:23:c8:16:9b:f0:3f:
         21:69:2a:0b:30:d6:d7:3e:62:92:92:cf:c7:54:7c:ab:7d:45:
         b4:a1:0e:19:44:fe:42:72:46:58:2b:c9:08:8f:f6:7b:6e:d7:
         02:36:57:d7:23:47:2d:86:4c:cc:95:f3:78:64:9f:82:d0:70:
         69:98:84:2a:4b:7c:76:d5:1a:c5:2a:88:c9:85:f4:20:94:6b:
         d9:54:0f:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWimg0Kk73UoiLkGQSpgeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmE4Nzk1ZjNlN2UyZDJjN2M5MGYxYzM2NjZjZjdmOTI4
M2RhOWUwHhcNMjQxMTIzMDEwMjExWhcNMjQxMTI0MDEwMjExWjAzMTEwLwYDVQQD
EyhkMWI5ZTdhZGU2OGVmZjQ2Y2JjOThlNmFiNzdjNzljYjU1ZjFhYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00TdrrpcQusieKGzaptx5aY7+NKi
Bm5TFeNdBN8fdQD47Zwn6xOwHpGCVfM7kgZR0yF73b0/AHJOlbeDH4aUvIlzXGnh
nY3XIVvfL9qhOqLzatez0RbnAs2+bbykBX/XThMYobpvwNMshIqY4oJ1ptyMJUsb
jBB9mBrHGYFZE94EZDW1wrxGRm6YNShUCrXFntAT1XmBd3scfpfXlC0zgeUfzBap
w7ucLHjMTNWFgzhWrxWbELSQ6QA1Lo3r6wSFj7sxAbdI3DTYZHqH5bhwOrhzBi+L
LmfqjnKRL3z4R5J9br9MXXIr8r1RO8UqnLwQ3U1jaAsIyoHYwBL/JG3hJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNG5563mjv9Gy8mOard8ectV8auJMB8GA1UdIwQY
MBaAFCW6h5Xz5+LSx8kPHDZmz3+Sg9qeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMt
NGVkZGJlYjgzODdiLzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81NDg0MTctNWIwMS00ZjVlLWI5YjMtNGVkZGJlYjgzODdi
LzEvSmJxSGxmUG40dExIeVE4Y05tYlBmNUtEMnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkMQBnVjX
srf7x2YUMWRP39Phsh6FFb3wHoBeDnz7gYqNdhbY5KvTHJymviZQL9+edfTlVaSf
D2cZB/nZqMRiOAI8e4yMyu7n1CrsFgdDOVwzkR3Qs4qhEwr/D7uNZM7C0MyX4wYx
0aWi50tt5zLGP6IErJ67x7xEXzkjuabmDei9ZBK1YO2uBjVts4VsevkkiolQv/D6
NovAPkVCt+HKcUMIngivEIvP6qSL925FI8gWm/A/IWkqCzDW1z5ikpLPx1R8q31F
tKEOGUT+QnJGWCvJCI/2e27XAjZX1yNHLYZMzJXzeGSfgtBwaZiEKkt8dtUaxSqI
yYX0IJRr2VQPNA==
-----END CERTIFICATE-----