Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
File:                     _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json)
Hash identifier:          TfuRP0JgeNZVJRCb0jRk0J2ZCgVEh3sblQZ3ea8hTi4=
Subject key identifier:   B3:46:7A:3B:ED:67:DA:B5:C5:4D:93:BC:2D:F6:29:8F:63:9C:15:33
Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95
Certificate issuer:       /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
Certificate serial:       0193553F44A6A108952BBB6C4B0D9AF23F73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
Manifest number:          136B
Signing time:             Fri 22 Nov 2024 19:00:29 +0000
Manifest this update:     Fri 22 Nov 2024 19:00:29 +0000
Manifest next update:     Sat 23 Nov 2024 19:00:29 +0000
Files and hashes:         1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: 0h86oP7VCUD4ocmSNFK934HAioHhW0zpdz87lHIwxa8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:3f:44:a6:a1:08:95:2b:bb:6c:4b:0d:9a:f2:3f:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
        Validity
            Not Before: Nov 22 19:00:29 2024 GMT
            Not After : Nov 23 19:00:29 2024 GMT
        Subject: CN=b3467a3bed67dab5c54d93bc2df6298f639c1533
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:3c:3d:ea:71:f5:60:27:9c:34:62:38:2f:0f:
                    9d:09:7a:47:b6:6e:70:e9:9f:25:ff:a1:57:44:ae:
                    f8:93:ed:d6:38:27:c8:80:6c:2e:9c:ef:4b:75:1e:
                    f5:7f:c1:1a:a3:c2:b8:dd:7b:b3:52:d2:96:ad:0b:
                    82:30:70:ac:23:26:7c:6e:fc:65:a3:fc:9a:72:2f:
                    cb:8b:78:f0:19:38:97:77:81:e5:5d:44:da:ff:06:
                    9a:2a:ea:13:56:3d:d4:64:b5:d9:10:5d:13:ed:f2:
                    d0:33:14:09:55:c2:f5:db:e4:b7:1c:60:78:76:94:
                    19:fb:7f:0d:02:84:ab:90:e2:f5:c0:39:5b:b5:02:
                    9f:0c:b2:c0:2d:41:96:c2:5f:c2:e6:5e:4f:b0:32:
                    38:0b:45:65:72:e7:fd:a8:99:5f:78:0b:de:2e:29:
                    91:88:2e:74:ba:22:9b:18:10:16:eb:09:09:34:dc:
                    5d:e4:a0:bd:bb:f5:48:41:22:50:9f:9b:52:12:a7:
                    46:0b:9b:6c:f1:be:79:38:2f:25:ef:09:95:e2:b5:
                    25:aa:4b:8e:c4:fb:95:32:c6:22:c6:47:0c:f1:6d:
                    f7:10:eb:1f:d0:cd:c4:b5:02:f7:b3:da:48:6f:46:
                    e0:16:80:d5:58:ec:ae:be:8c:a2:b6:ab:55:2e:6c:
                    60:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:46:7A:3B:ED:67:DA:B5:C5:4D:93:BC:2D:F6:29:8F:63:9C:15:33
            X509v3 Authority Key Identifier:
                keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:5e:9b:6c:15:50:f2:f0:cc:78:c6:2c:08:fe:ed:71:8e:4d:
         d2:aa:64:b2:d2:4d:73:24:32:82:e5:15:a6:42:b9:b5:af:e8:
         3e:9c:e0:4b:68:ae:12:34:ef:9c:05:3b:1f:4b:41:71:cb:b1:
         c1:a7:30:e1:03:1f:ae:97:26:0d:64:15:04:69:6b:b7:26:1d:
         63:d7:9d:32:45:b8:e8:b9:45:44:56:8c:a1:5e:00:5a:5a:b8:
         6c:51:44:4b:e9:46:17:ea:8a:d2:7a:29:b3:eb:ba:04:86:3e:
         4f:4c:93:44:99:10:87:fa:f6:f0:6e:e8:16:7b:d5:21:7c:54:
         cb:51:c2:11:2c:29:42:5d:e0:10:97:5f:98:0c:d8:73:62:05:
         2b:0d:44:1e:07:c9:08:31:dc:34:22:d1:42:19:05:71:f0:ac:
         46:e6:71:53:ac:0f:fd:a4:28:93:57:82:5f:c8:29:9f:0e:15:
         b6:74:e7:d1:37:b6:db:3f:d8:54:af:44:0b:b5:c4:c1:ae:c6:
         1f:b3:b0:11:77:52:4f:d0:29:63:63:2d:e4:72:d7:d1:0f:d0:
         9b:61:65:2f:b8:f9:29:ed:78:02:c3:27:21:22:1b:ec:a5:b9:
         7b:9c:70:dd:e6:fe:53:af:84:59:3b:53:e0:f6:e7:81:a1:16:
         d0:d6:c4:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVP0SmoQiVK7tsSw2a8j9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy
MjhkOTUwHhcNMjQxMTIyMTkwMDI5WhcNMjQxMTIzMTkwMDI5WjAzMTEwLwYDVQQD
EyhiMzQ2N2EzYmVkNjdkYWI1YzU0ZDkzYmMyZGY2Mjk4ZjYzOWMxNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTw96nH1YCecNGI4Lw+dCXpHtm5w
6Z8l/6FXRK74k+3WOCfIgGwunO9LdR71f8Eao8K43XuzUtKWrQuCMHCsIyZ8bvxl
o/yaci/Li3jwGTiXd4HlXUTa/waaKuoTVj3UZLXZEF0T7fLQMxQJVcL12+S3HGB4
dpQZ+38NAoSrkOL1wDlbtQKfDLLALUGWwl/C5l5PsDI4C0Vlcuf9qJlfeAveLimR
iC50uiKbGBAW6wkJNNxd5KC9u/VIQSJQn5tSEqdGC5ts8b55OC8l7wmV4rUlqkuO
xPuVMsYixkcM8W33EOsf0M3EtQL3s9pIb0bgFoDVWOyuvoyitqtVLmxg3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNGejvtZ9q1xU2TvC32KY9jnBUzMB8GA1UdIwQY
MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt
MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh
LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAal6bbBVQ
8vDMeMYsCP7tcY5N0qpkstJNcyQyguUVpkK5ta/oPpzgS2iuEjTvnAU7H0tBccux
wacw4QMfrpcmDWQVBGlrtyYdY9edMkW46LlFRFaMoV4AWlq4bFFES+lGF+qK0nop
s+u6BIY+T0yTRJkQh/r28G7oFnvVIXxUy1HCESwpQl3gEJdfmAzYc2IFKw1EHgfJ
CDHcNCLRQhkFcfCsRuZxU6wP/aQok1eCX8gpnw4VtnTn0Te22z/YVK9EC7XEwa7G
H7OwEXdST9ApY2Mt5HLX0Q/Qm2FlL7j5Ke14AsMnISIb7KW5e5xw3eb+U6+EWTtT
4PbngaEW0NbEqA==
-----END CERTIFICATE-----