Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
File:                     6gYhpKcsclr8dUFej4rPdTPUIH0.mft (raw, json)
Hash identifier:          Ru4uOiURFuzAAiaviHIzvptP8/180PdDFgtDJFpGXws=
Subject key identifier:   DF:EC:2E:35:08:90:1E:D4:DC:A1:51:57:99:9D:5A:87:D5:81:D0:91
Authority key identifier: EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D
Certificate issuer:       /CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
Certificate serial:       0193640D50158D70D1E33DAA77FC3C365E01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
Manifest number:          11C3
Signing time:             Mon 25 Nov 2024 16:00:14 +0000
Manifest this update:     Mon 25 Nov 2024 16:00:14 +0000
Manifest next update:     Tue 26 Nov 2024 16:00:14 +0000
Files and hashes:         1: 6gYhpKcsclr8dUFej4rPdTPUIH0.crl (hash: 5cRCCbDR9YNd7/0AG1y7JeXtldq0H3Yp03Z0UW6Hn4w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 16:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:0d:50:15:8d:70:d1:e3:3d:aa:77:fc:3c:36:5e:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ea0621a4a72c725afc75415e8f8acf7533d4207d
        Validity
            Not Before: Nov 25 16:00:14 2024 GMT
            Not After : Nov 26 16:00:14 2024 GMT
        Subject: CN=dfec2e3508901ed4dca15157999d5a87d581d091
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ba:b7:06:ef:ae:19:2b:e0:90:bb:04:41:da:
                    8c:85:a3:15:86:b1:c8:96:f5:fb:93:49:02:0f:3a:
                    08:94:9f:58:e7:54:e7:e8:f1:73:9f:d6:46:83:b5:
                    d9:3f:3e:be:ee:0f:fc:8b:5c:1c:42:e8:22:8b:57:
                    c4:22:0d:dd:1d:68:a2:c4:30:16:77:4e:30:6d:29:
                    9c:24:86:08:17:85:25:83:a7:96:42:8a:ed:c8:87:
                    4c:5a:52:7a:1f:c5:a5:d9:6d:ce:0c:2f:86:e8:44:
                    89:fe:8a:3f:05:43:b6:01:91:45:e8:c3:6a:bc:c4:
                    56:2d:0a:c9:db:20:d5:7c:7a:16:d8:74:26:d9:ea:
                    5b:a3:57:b2:35:7f:12:09:e2:72:18:15:44:56:b7:
                    43:bd:a4:de:7a:3d:7b:49:c3:56:34:7d:47:1d:cf:
                    32:4b:c7:2c:bb:77:51:2f:bd:8f:55:04:e9:cd:0e:
                    49:c9:0e:9b:e4:2a:07:aa:36:6b:ef:74:0f:37:eb:
                    84:7a:ce:7a:b2:cc:d9:9d:41:94:63:a1:c0:51:4a:
                    a0:e5:3a:32:4a:be:01:08:0f:5e:e6:a8:77:13:a3:
                    da:41:43:62:7b:ea:b1:37:10:0d:08:90:97:ae:f5:
                    fa:fc:1a:8a:5d:11:76:39:26:a0:49:66:48:42:96:
                    01:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:EC:2E:35:08:90:1E:D4:DC:A1:51:57:99:9D:5A:87:D5:81:D0:91
            X509v3 Authority Key Identifier:
                keyid:EA:06:21:A4:A7:2C:72:5A:FC:75:41:5E:8F:8A:CF:75:33:D4:20:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6gYhpKcsclr8dUFej4rPdTPUIH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/31158e-9ca6-44e3-9853-c384d8bc3bef/1/6gYhpKcsclr8dUFej4rPdTPUIH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c6:59:ac:a0:67:1d:bd:c1:19:15:93:63:1b:a1:12:8a:fc:8e:
         4a:78:84:de:34:d0:19:ab:d2:8e:42:b8:06:73:05:7a:f8:eb:
         d6:b5:fb:7d:32:f7:95:f0:1c:8b:80:30:b9:b8:80:72:54:57:
         10:59:ff:ad:4e:9a:f4:f4:28:af:fb:ae:6b:ac:dd:ea:fa:0c:
         dc:98:4d:a6:92:dc:99:99:9b:fc:e3:91:9d:2a:69:ab:19:3f:
         be:2f:a5:e5:1c:a8:de:6c:da:98:3e:38:c7:8a:7f:66:97:fc:
         82:b6:f2:2e:e6:9a:29:e7:db:8f:21:f7:c8:b7:a1:c4:79:e9:
         35:8c:87:f5:86:85:b4:57:a1:3c:c7:b7:7d:3c:52:27:af:25:
         e7:4c:3f:56:89:17:0c:83:f9:7a:3d:84:d1:df:43:8d:da:fc:
         fa:03:2a:1b:38:79:35:d1:6b:f5:a0:ed:14:a2:58:35:1f:43:
         d5:f3:3a:44:32:d3:ff:c5:ce:12:77:ae:54:29:0e:d0:4a:e6:
         0b:3d:27:51:87:0c:6c:a3:ca:ac:23:55:d5:62:1f:c1:fc:42:
         9e:f1:65:7e:66:2c:bc:a5:95:23:5b:9d:62:97:9b:79:7d:ef:
         b7:87:fc:1c:0e:16:f0:17:99:8b:e9:18:95:59:53:a3:67:0b:
         b2:85:1a:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNkDVAVjXDR4z2qd/w8Nl4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMDYyMWE0YTcyYzcyNWFmYzc1NDE1ZThmOGFjZjc1MzNk
NDIwN2QwHhcNMjQxMTI1MTYwMDE0WhcNMjQxMTI2MTYwMDE0WjAzMTEwLwYDVQQD
EyhkZmVjMmUzNTA4OTAxZWQ0ZGNhMTUxNTc5OTlkNWE4N2Q1ODFkMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Lq3Bu+uGSvgkLsEQdqMhaMVhrHI
lvX7k0kCDzoIlJ9Y51Tn6PFzn9ZGg7XZPz6+7g/8i1wcQugii1fEIg3dHWiixDAW
d04wbSmcJIYIF4Ulg6eWQortyIdMWlJ6H8Wl2W3ODC+G6ESJ/oo/BUO2AZFF6MNq
vMRWLQrJ2yDVfHoW2HQm2epbo1eyNX8SCeJyGBVEVrdDvaTeej17ScNWNH1HHc8y
S8csu3dRL72PVQTpzQ5JyQ6b5CoHqjZr73QPN+uEes56sszZnUGUY6HAUUqg5Toy
Sr4BCA9e5qh3E6PaQUNie+qxNxANCJCXrvX6/BqKXRF2OSagSWZIQpYBOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/sLjUIkB7U3KFRV5mdWofVgdCRMB8GA1UdIwQY
MBaAFOoGIaSnLHJa/HVBXo+Kz3Uz1CB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMt
YzM4NGQ4YmMzYmVmLzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zMTE1OGUtOWNhNi00NGUzLTk4NTMtYzM4NGQ4YmMzYmVm
LzEvNmdZaHBLY3NjbHI4ZFVGZWo0clBkVFBVSUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxlmsoGcd
vcEZFZNjG6ESivyOSniE3jTQGavSjkK4BnMFevjr1rX7fTL3lfAci4AwubiAclRX
EFn/rU6a9PQor/uua6zd6voM3JhNppLcmZmb/OORnSppqxk/vi+l5Ryo3mzamD44
x4p/Zpf8grbyLuaaKefbjyH3yLehxHnpNYyH9YaFtFehPMe3fTxSJ68l50w/VokX
DIP5ej2E0d9Djdr8+gMqGzh5NdFr9aDtFKJYNR9D1fM6RDLT/8XOEneuVCkO0Erm
Cz0nUYcMbKPKrCNV1WIfwfxCnvFlfmYsvKWVI1udYpebeX3vt4f8HA4W8BeZi+kY
lVlTo2cLsoUaOw==
-----END CERTIFICATE-----