Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
File:                     6Md5F2XIhNCFX-0_-MPycJmpoBo.mft (raw, json)
Hash identifier:          guvlxBJBYO0HeGx8KYGHCVVf1NAV2qncnCznZcVLL4k=
Subject key identifier:   9E:C8:C3:49:F4:9D:B4:F4:F1:01:A2:64:77:D4:DB:27:25:FF:57:72
Authority key identifier: E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A
Certificate issuer:       /CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
Certificate serial:       019356F72BB1F506C95BD614E0407DED9D9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
Manifest number:          136E
Signing time:             Sat 23 Nov 2024 03:00:59 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:59 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:59 +0000
Files and hashes:         1: 6Md5F2XIhNCFX-0_-MPycJmpoBo.crl (hash: Sm3s/RmgtEwNicf3SUHLveQit1gaGSYJxKZB9XGWJuw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:2b:b1:f5:06:c9:5b:d6:14:e0:40:7d:ed:9d:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e8c7791765c884d0855fed3ff8c3f27099a9a01a
        Validity
            Not Before: Nov 23 03:00:59 2024 GMT
            Not After : Nov 24 03:00:59 2024 GMT
        Subject: CN=9ec8c349f49db4f4f101a26477d4db2725ff5772
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0d:55:1d:ce:33:c8:07:da:8e:f1:b7:62:da:
                    da:b4:bd:a7:f7:05:3e:68:46:03:a3:6e:e7:c5:65:
                    91:84:e7:64:91:3c:c7:91:57:3f:6f:c9:90:ac:14:
                    43:2d:fe:20:b7:b4:73:da:a2:37:c4:f9:d0:ff:51:
                    04:64:59:d3:a3:fd:c9:f4:29:a7:03:83:b0:be:09:
                    fa:4a:7c:31:37:7f:7f:15:ba:53:0f:a0:7a:e2:6f:
                    bb:86:fb:16:e5:37:89:28:d2:f1:87:28:41:90:87:
                    eb:cb:9d:f0:bd:8e:65:27:90:03:5d:84:de:45:2e:
                    cc:bb:da:ff:7b:40:e7:df:cc:39:9e:70:3e:d4:d4:
                    dd:47:6c:7b:6d:0a:f8:ed:bb:3b:2d:08:75:54:ac:
                    09:a4:3a:40:f1:7b:cd:6f:ab:35:10:30:04:0b:bd:
                    b0:d8:c4:18:99:98:92:07:04:46:f6:7c:51:7f:53:
                    a7:02:b9:21:07:95:13:78:31:b1:f9:c3:35:28:6b:
                    85:98:df:da:ea:dc:59:cb:c6:fc:32:8e:dd:47:33:
                    1e:d2:00:31:c4:43:4d:a8:cc:93:a6:8d:9b:c0:db:
                    d9:22:a6:c6:12:94:3d:03:96:da:11:31:34:12:7a:
                    32:22:c8:25:be:6f:8c:84:70:e2:e8:80:27:41:62:
                    ed:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:C8:C3:49:F4:9D:B4:F4:F1:01:A2:64:77:D4:DB:27:25:FF:57:72
            X509v3 Authority Key Identifier:
                keyid:E8:C7:79:17:65:C8:84:D0:85:5F:ED:3F:F8:C3:F2:70:99:A9:A0:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Md5F2XIhNCFX-0_-MPycJmpoBo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4bdfcb-4385-47cc-b081-95b1d71bcc89/1/6Md5F2XIhNCFX-0_-MPycJmpoBo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:f5:c2:30:89:eb:b7:02:5d:fb:13:b7:ac:54:10:ef:55:83:
         bb:59:72:b9:8a:56:f7:bf:db:9f:e8:3e:5a:e8:e7:4d:9d:77:
         ca:b0:52:fc:a3:07:5b:d6:3d:54:cb:31:fb:6e:86:34:e5:5b:
         8a:4f:6b:6c:0b:69:27:73:f5:e8:5f:ee:c4:dc:c4:0b:fa:c6:
         6e:33:5e:9e:ad:aa:07:af:63:1f:87:3b:f2:d5:e9:3e:0f:5e:
         06:67:35:7a:f4:35:c5:e7:87:b2:cb:c9:87:8f:4d:dc:03:c3:
         41:6d:7a:63:b0:04:cf:18:92:1e:91:91:72:b3:53:66:4b:b7:
         4d:fc:71:98:c2:be:db:02:12:68:d1:c5:0e:26:49:9d:4e:8f:
         07:63:e5:1b:0a:4d:3d:71:a6:67:0b:c3:2e:49:82:de:c6:a9:
         f5:b2:66:0b:71:79:3b:c0:b2:56:9c:20:5d:fd:e2:04:c2:8a:
         3c:f3:11:95:3c:a9:2a:1d:50:5e:2e:0f:20:10:db:a1:02:b7:
         27:d4:37:86:f1:6d:5e:6a:cf:cc:ec:3f:56:f6:70:c7:91:b5:
         3e:39:a9:e5:cb:00:0f:52:a2:93:a5:b5:c3:0e:b1:00:c7:1b:
         e5:0e:8d:1d:e2:d6:ca:f3:cc:e7:4f:82:37:40:d4:d3:e3:91:
         7f:6b:52:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9yux9QbJW9YU4EB97Z2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4Yzc3OTE3NjVjODg0ZDA4NTVmZWQzZmY4YzNmMjcwOTlh
OWEwMWEwHhcNMjQxMTIzMDMwMDU5WhcNMjQxMTI0MDMwMDU5WjAzMTEwLwYDVQQD
Eyg5ZWM4YzM0OWY0OWRiNGY0ZjEwMWEyNjQ3N2Q0ZGIyNzI1ZmY1NzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA1VHc4zyAfajvG3YtratL2n9wU+
aEYDo27nxWWRhOdkkTzHkVc/b8mQrBRDLf4gt7Rz2qI3xPnQ/1EEZFnTo/3J9Cmn
A4Owvgn6SnwxN39/FbpTD6B64m+7hvsW5TeJKNLxhyhBkIfry53wvY5lJ5ADXYTe
RS7Mu9r/e0Dn38w5nnA+1NTdR2x7bQr47bs7LQh1VKwJpDpA8XvNb6s1EDAEC72w
2MQYmZiSBwRG9nxRf1OnArkhB5UTeDGx+cM1KGuFmN/a6txZy8b8Mo7dRzMe0gAx
xENNqMyTpo2bwNvZIqbGEpQ9A5baETE0EnoyIsglvm+MhHDi6IAnQWLtfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7Iw0n0nbT08QGiZHfU2ycl/1dyMB8GA1UdIwQY
MBaAFOjHeRdlyITQhV/tP/jD8nCZqaAaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEt
OTViMWQ3MWJjYzg5LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80YmRmY2ItNDM4NS00N2NjLWIwODEtOTViMWQ3MWJjYzg5
LzEvNk1kNUYyWEloTkNGWC0wXy1NUHljSm1wb0JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcPXCMInr
twJd+xO3rFQQ71WDu1lyuYpW97/bn+g+WujnTZ13yrBS/KMHW9Y9VMsx+26GNOVb
ik9rbAtpJ3P16F/uxNzEC/rGbjNenq2qB69jH4c78tXpPg9eBmc1evQ1xeeHssvJ
h49N3APDQW16Y7AEzxiSHpGRcrNTZku3TfxxmMK+2wISaNHFDiZJnU6PB2PlGwpN
PXGmZwvDLkmC3sap9bJmC3F5O8CyVpwgXf3iBMKKPPMRlTypKh1QXi4PIBDboQK3
J9Q3hvFtXmrPzOw/VvZwx5G1Pjmp5csAD1Kik6W1ww6xAMcb5Q6NHeLWyvPM50+C
N0DU0+ORf2tSOw==
-----END CERTIFICATE-----