Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
File:                     gY1FuJShqq5kDmhOV8_bUw36umk.mft (raw, json)
Hash identifier:          yeFugLSP1ELeqVCU839TAv5gYzeApcJ4CPSMW9EgXPk=
Subject key identifier:   0A:01:FD:FD:0E:A2:B8:B9:2C:C1:03:26:2C:70:64:4A:92:2F:31:55
Authority key identifier: 81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69
Certificate issuer:       /CN=818d45b894a1aaae640e684e57cfdb530dfaba69
Certificate serial:       019355087B80685696E63F74B56D67B0E427
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
Manifest number:          07FE
Signing time:             Fri 22 Nov 2024 18:00:39 +0000
Manifest this update:     Fri 22 Nov 2024 18:00:39 +0000
Manifest next update:     Sat 23 Nov 2024 18:00:39 +0000
Files and hashes:         1: gY1FuJShqq5kDmhOV8_bUw36umk.crl (hash: dLYm2B4T8ZKAnmBth68cOUmJ77Hnhvc+dBY+7ldA1Sc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:08:7b:80:68:56:96:e6:3f:74:b5:6d:67:b0:e4:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818d45b894a1aaae640e684e57cfdb530dfaba69
        Validity
            Not Before: Nov 22 18:00:39 2024 GMT
            Not After : Nov 23 18:00:39 2024 GMT
        Subject: CN=0a01fdfd0ea2b8b92cc103262c70644a922f3155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:20:32:ab:52:f8:1f:88:69:bf:20:d8:ec:78:
                    13:93:88:91:a0:c1:fe:ec:1b:dc:94:f8:dc:34:0c:
                    c6:b3:32:4c:a1:0d:ad:2f:62:cd:c3:21:d2:54:04:
                    ce:05:bc:9b:df:b9:7b:20:a0:32:8e:a6:91:c6:32:
                    4e:d9:23:89:4b:2a:cf:1f:2b:9e:ca:8c:89:0b:81:
                    05:ca:88:1d:f2:95:a9:36:73:6c:bb:72:7f:18:7f:
                    10:d3:f2:9d:04:20:30:a2:ab:92:67:e0:c1:76:f0:
                    1c:28:4a:b0:55:57:b9:be:6d:1f:a4:80:1c:78:27:
                    86:95:ec:29:ef:3f:88:34:85:b7:1c:c7:60:25:03:
                    19:1a:fd:a5:8c:36:d4:09:b8:2d:d5:53:a4:15:d2:
                    22:27:5c:42:25:d5:9f:13:c0:a5:85:9d:55:19:dd:
                    b7:0a:e7:db:ca:59:2c:b0:38:e3:a5:17:1e:04:69:
                    b9:68:52:a6:03:0b:3d:22:64:3c:ba:54:92:3b:b8:
                    c4:c4:cc:39:de:a7:9e:b0:2b:cd:c7:cc:bc:66:f6:
                    ce:41:13:ae:c2:c3:76:31:80:a3:e2:27:f1:e8:22:
                    a8:e7:15:16:a5:f5:8b:89:37:5a:bf:e2:c1:ed:20:
                    e6:9c:20:51:a5:5e:4e:a4:24:bd:2e:f9:8e:b0:06:
                    78:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:01:FD:FD:0E:A2:B8:B9:2C:C1:03:26:2C:70:64:4A:92:2F:31:55
            X509v3 Authority Key Identifier:
                keyid:81:8D:45:B8:94:A1:AA:AE:64:0E:68:4E:57:CF:DB:53:0D:FA:BA:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gY1FuJShqq5kDmhOV8_bUw36umk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/703358-b69b-4893-ab4e-e0699d304919/1/gY1FuJShqq5kDmhOV8_bUw36umk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:ef:d5:78:f3:7a:cf:bb:be:21:8e:48:49:de:26:24:da:e6:
         63:15:8b:0e:33:88:a9:e3:32:49:14:81:1a:97:76:5d:ef:cc:
         ee:6b:5d:2e:1f:de:aa:18:93:56:79:f8:19:3e:dc:a1:f3:e8:
         50:3d:82:8a:dc:62:0f:a4:ea:91:b7:07:96:3f:54:c2:0a:ba:
         71:7b:4c:6e:0b:20:69:b1:f1:73:e5:98:46:da:da:a8:70:f1:
         3b:8a:9c:4b:2e:ad:d6:60:8f:11:7d:ec:85:0c:75:71:bb:4c:
         da:12:28:b4:a7:5c:b1:bc:9e:5d:20:75:5b:0c:bd:8e:25:6d:
         a9:62:18:3d:b8:ae:3c:86:ef:d6:6d:5b:c1:02:17:c0:c2:4f:
         ec:ae:86:da:e8:41:a1:55:0d:1c:7b:9c:de:b4:e1:d8:51:8b:
         41:a1:13:93:89:18:c7:b2:10:91:69:8a:aa:20:8f:3f:61:b9:
         74:35:11:91:75:f9:29:47:8f:43:33:1f:7d:c7:57:c8:92:1e:
         18:7e:27:fe:ff:52:c4:b8:dd:06:48:64:6b:a0:f9:b3:9b:fc:
         10:02:e0:ba:a5:be:60:29:f8:02:e0:26:bf:cf:4d:6e:2e:cc:
         1a:45:61:30:a2:20:1c:c9:16:1f:d1:49:62:b5:ec:b5:ae:dc:
         ec:e9:5a:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVCHuAaFaW5j90tW1nsOQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOGQ0NWI4OTRhMWFhYWU2NDBlNjg0ZTU3Y2ZkYjUzMGRm
YWJhNjkwHhcNMjQxMTIyMTgwMDM5WhcNMjQxMTIzMTgwMDM5WjAzMTEwLwYDVQQD
EygwYTAxZmRmZDBlYTJiOGI5MmNjMTAzMjYyYzcwNjQ0YTkyMmYzMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCAyq1L4H4hpvyDY7HgTk4iRoMH+
7BvclPjcNAzGszJMoQ2tL2LNwyHSVATOBbyb37l7IKAyjqaRxjJO2SOJSyrPHyue
yoyJC4EFyogd8pWpNnNsu3J/GH8Q0/KdBCAwoquSZ+DBdvAcKEqwVVe5vm0fpIAc
eCeGlewp7z+INIW3HMdgJQMZGv2ljDbUCbgt1VOkFdIiJ1xCJdWfE8ClhZ1VGd23
CufbylkssDjjpRceBGm5aFKmAws9ImQ8ulSSO7jExMw53qeesCvNx8y8ZvbOQROu
wsN2MYCj4ifx6CKo5xUWpfWLiTdav+LB7SDmnCBRpV5OpCS9LvmOsAZ4FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoB/f0Oori5LMEDJixwZEqSLzFVMB8GA1UdIwQY
MBaAFIGNRbiUoaquZA5oTlfP21MN+rppMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUt
ZTA2OTlkMzA0OTE5LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC83MDMzNTgtYjY5Yi00ODkzLWFiNGUtZTA2OTlkMzA0OTE5
LzEvZ1kxRnVKU2hxcTVrRG1oT1Y4X2JVdzM2dW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACO/VePN6
z7u+IY5ISd4mJNrmYxWLDjOIqeMySRSBGpd2Xe/M7mtdLh/eqhiTVnn4GT7cofPo
UD2CitxiD6TqkbcHlj9Uwgq6cXtMbgsgabHxc+WYRtraqHDxO4qcSy6t1mCPEX3s
hQx1cbtM2hIotKdcsbyeXSB1Wwy9jiVtqWIYPbiuPIbv1m1bwQIXwMJP7K6G2uhB
oVUNHHuc3rTh2FGLQaETk4kYx7IQkWmKqiCPP2G5dDURkXX5KUePQzMffcdXyJIe
GH4n/v9SxLjdBkhka6D5s5v8EALguqW+YCn4AuAmv89Nbi7MGkVhMKIgHMkWH9FJ
YrXsta7c7Ola2w==
-----END CERTIFICATE-----