Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
File:                     I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft (raw, json)
Hash identifier:          lDGD2O/vHa3tVw2/s4a7AkmH7sODutB0QjL4lWNLZBE=
Subject key identifier:   A3:E7:0F:B1:A2:C3:FF:B2:E5:94:20:7A:4C:F0:1C:02:A7:6D:F4:B9
Authority key identifier: 23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8
Certificate issuer:       /CN=2393ff21c6f7310757a9dcd781da8805f23794d8
Certificate serial:       01935878F45D283CA23EEA7A5632E9641C42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
Manifest number:          06BA
Signing time:             Sat 23 Nov 2024 10:02:21 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:21 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:21 +0000
Files and hashes:         1: I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl (hash: 7S1+AET7JnOIa91cj7st9uu6MY2iego4co5IExiGyug=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:f4:5d:28:3c:a2:3e:ea:7a:56:32:e9:64:1c:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2393ff21c6f7310757a9dcd781da8805f23794d8
        Validity
            Not Before: Nov 23 10:02:21 2024 GMT
            Not After : Nov 24 10:02:21 2024 GMT
        Subject: CN=a3e70fb1a2c3ffb2e594207a4cf01c02a76df4b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:21:3e:b2:41:61:3f:bb:55:4a:62:55:de:b4:
                    db:d7:00:f1:35:1c:ed:b1:49:10:cd:59:b0:1b:f4:
                    28:24:7d:16:a5:15:b3:b9:31:7f:67:d1:69:6f:58:
                    8b:da:48:cf:11:ae:55:d2:05:db:b0:d6:36:ab:60:
                    be:90:1e:f6:8d:ab:54:ec:5c:a4:33:5c:67:b0:e6:
                    04:e7:64:e7:11:78:21:51:f0:88:b7:5d:54:d8:ae:
                    bb:f4:ce:e2:00:c5:41:45:0d:41:b5:ca:79:9a:5c:
                    8f:24:18:47:db:71:08:d7:21:cf:d4:03:cc:8a:c0:
                    45:be:42:dc:ce:d3:d5:fe:26:af:c5:18:63:cb:fb:
                    81:12:08:14:b9:5b:8d:63:26:69:97:12:e8:8c:4d:
                    28:55:e4:5d:5b:4d:1a:49:62:76:eb:95:16:d0:ed:
                    5b:98:e3:95:06:d0:4e:5a:51:60:8c:17:9e:4f:ba:
                    9b:5c:19:67:c2:84:27:77:26:4f:31:24:1a:1d:6d:
                    ca:9d:85:da:dd:30:e2:a9:ba:ab:b8:fc:14:11:6b:
                    be:25:9c:00:e1:f6:12:46:0b:a0:7b:79:4f:37:f7:
                    df:75:de:12:c4:ef:81:7e:90:bf:c4:ba:6b:30:31:
                    04:c4:0f:08:03:48:a1:33:4e:8e:09:c7:5d:d2:35:
                    53:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E7:0F:B1:A2:C3:FF:B2:E5:94:20:7A:4C:F0:1C:02:A7:6D:F4:B9
            X509v3 Authority Key Identifier:
                keyid:23:93:FF:21:C6:F7:31:07:57:A9:DC:D7:81:DA:88:05:F2:37:94:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5P_Icb3MQdXqdzXgdqIBfI3lNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/baeddc-dbf2-447f-b42d-5b30639babf6/1/I5P_Icb3MQdXqdzXgdqIBfI3lNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:73:4e:89:3a:e9:7f:85:d6:3e:73:d0:2b:50:58:a1:2d:7e:
         58:b8:34:f3:9f:b8:fb:7e:c8:74:ec:2d:1f:3d:f0:85:34:4c:
         f2:01:ff:31:e1:39:40:4f:14:6a:47:70:59:e1:77:2a:3c:dd:
         fe:0d:1d:f2:f0:ab:a7:d1:95:ff:ed:f1:b6:cd:0f:1e:4d:9c:
         0b:e8:c3:8d:50:40:e5:f1:a6:46:1f:3f:46:ec:fc:29:7f:c4:
         f5:5e:2c:33:8d:ff:1e:9e:cc:91:9c:d7:5e:8b:91:89:aa:37:
         88:fc:93:9c:60:c5:0b:99:c0:c3:91:4a:54:84:52:2d:1b:8c:
         99:49:de:20:e8:c1:3a:b9:4c:3f:65:ed:08:ab:2d:e3:08:a0:
         90:f6:c6:40:2b:b2:01:d1:c6:26:22:bc:1f:21:2b:61:ca:9a:
         9f:8d:c1:bb:a3:d3:79:61:ec:20:dd:03:fc:cd:3d:f4:ce:e3:
         92:f4:28:1c:d3:58:ff:60:78:d7:d5:a1:06:8e:39:a3:07:e5:
         ab:c7:b5:07:68:8a:f6:5a:e4:1f:f0:ed:82:17:4d:9b:2f:3f:
         6c:56:fc:2a:16:ba:58:16:dd:f1:e8:b3:bf:5e:5e:85:44:a5:
         b0:f4:a8:6b:62:22:db:14:6b:a1:fa:67:07:a2:e4:9b:1b:8a:
         b3:93:f8:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYePRdKDyiPup6VjLpZBxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOTNmZjIxYzZmNzMxMDc1N2E5ZGNkNzgxZGE4ODA1ZjIz
Nzk0ZDgwHhcNMjQxMTIzMTAwMjIxWhcNMjQxMTI0MTAwMjIxWjAzMTEwLwYDVQQD
EyhhM2U3MGZiMWEyYzNmZmIyZTU5NDIwN2E0Y2YwMWMwMmE3NmRmNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyE+skFhP7tVSmJV3rTb1wDxNRzt
sUkQzVmwG/QoJH0WpRWzuTF/Z9Fpb1iL2kjPEa5V0gXbsNY2q2C+kB72jatU7Fyk
M1xnsOYE52TnEXghUfCIt11U2K679M7iAMVBRQ1Btcp5mlyPJBhH23EI1yHP1APM
isBFvkLcztPV/iavxRhjy/uBEggUuVuNYyZplxLojE0oVeRdW00aSWJ265UW0O1b
mOOVBtBOWlFgjBeeT7qbXBlnwoQndyZPMSQaHW3KnYXa3TDiqbqruPwUEWu+JZwA
4fYSRguge3lPN/ffdd4SxO+BfpC/xLprMDEExA8IA0ihM06OCcdd0jVT+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPnD7Giw/+y5ZQgekzwHAKnbfS5MB8GA1UdIwQY
MBaAFCOT/yHG9zEHV6nc14HaiAXyN5TYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQt
NWIzMDYzOWJhYmY2LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYWVkZGMtZGJmMi00NDdmLWI0MmQtNWIzMDYzOWJhYmY2
LzEvSTVQX0ljYjNNUWRYcWR6WGdkcUlCZkkzbE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi3NOiTrp
f4XWPnPQK1BYoS1+WLg085+4+37IdOwtHz3whTRM8gH/MeE5QE8UakdwWeF3Kjzd
/g0d8vCrp9GV/+3xts0PHk2cC+jDjVBA5fGmRh8/Ruz8KX/E9V4sM43/Hp7MkZzX
XouRiao3iPyTnGDFC5nAw5FKVIRSLRuMmUneIOjBOrlMP2XtCKst4wigkPbGQCuy
AdHGJiK8HyErYcqan43Bu6PTeWHsIN0D/M099M7jkvQoHNNY/2B419WhBo45owfl
q8e1B2iK9lrkH/DtghdNmy8/bFb8Kha6WBbd8eizv15ehUSlsPSoa2Ii2xRrofpn
B6LkmxuKs5P4wQ==
-----END CERTIFICATE-----