Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          0D9NOpE0AB8dksHwHJGLkpfQw+TOiDZyved6bOIZcTs=
Subject key identifier:   A0:1E:3A:9F:CF:18:7C:78:04:8F:1E:CE:56:12:79:5B:8A:A8:36:7B
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       0193587929123A082472C83C1862E2B24D4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          07D4
Signing time:             Sat 23 Nov 2024 10:02:35 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:35 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:35 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: EmtaQi+t1e8qxKkyq5ZgbyIW9rJnIIBzkTX3K5hAfag=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:79:29:12:3a:08:24:72:c8:3c:18:62:e2:b2:4d:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: Nov 23 10:02:35 2024 GMT
            Not After : Nov 24 10:02:35 2024 GMT
        Subject: CN=a01e3a9fcf187c78048f1ece5612795b8aa8367b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:9a:c7:a0:2a:38:b5:07:09:c7:94:17:1f:89:
                    3f:21:31:2d:67:4e:b9:83:09:92:bb:8c:86:be:79:
                    bc:df:3a:23:8a:6a:d8:cd:c1:50:53:47:3d:c2:b6:
                    d3:6c:6f:ab:e5:26:aa:a0:ed:98:c2:fa:e0:ea:c1:
                    49:ef:63:56:48:b6:9c:37:11:8e:0e:26:1e:4d:05:
                    19:63:bb:9c:37:f0:bc:d5:2e:32:86:a5:9c:d0:a3:
                    00:e9:2a:23:9a:b0:ce:1b:db:fc:c4:d3:03:24:50:
                    e8:aa:24:1b:52:01:ce:8f:0d:16:3f:c5:0b:06:c5:
                    e7:40:39:fd:a9:58:1f:04:cf:42:f8:4a:a6:2b:b5:
                    30:ec:86:03:e8:bb:a5:a2:c8:35:e8:0b:26:1a:73:
                    ed:01:d7:be:41:0f:09:62:48:31:59:49:e0:ea:7a:
                    ce:b0:7f:ef:f7:bd:0b:65:69:84:73:50:51:e8:50:
                    db:b2:8b:70:43:5c:4f:c4:e7:15:ce:5b:a7:43:a2:
                    43:06:a3:59:4e:97:98:14:34:bc:cf:61:36:bf:cd:
                    e5:d3:11:ca:a2:4f:47:c5:0b:38:e8:9b:5d:49:60:
                    c6:d5:b4:e0:99:45:15:51:ba:50:db:39:04:f6:13:
                    50:a5:c9:e4:9c:dd:42:b3:87:37:43:ee:a2:f0:ca:
                    74:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:1E:3A:9F:CF:18:7C:78:04:8F:1E:CE:56:12:79:5B:8A:A8:36:7B
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:27:d0:13:a3:34:18:9b:2c:87:08:1f:ee:a9:1e:32:6a:0a:
         83:57:47:7c:af:db:e7:7d:50:62:ea:78:62:37:dd:c6:db:f8:
         c8:1b:6c:67:16:cc:7f:dc:07:10:4e:63:79:87:a4:f3:e2:02:
         70:d2:4b:61:d4:5e:e2:3b:46:bf:75:3b:1c:89:9e:1d:2f:ca:
         92:c6:6d:ca:ce:8b:56:f8:f9:a4:8b:05:b6:36:51:23:bd:50:
         de:79:b4:b6:51:7e:90:dd:94:6b:30:e1:3f:d9:1e:ff:df:db:
         ad:27:a7:c6:09:4f:e8:ad:8e:3d:c6:8c:3b:62:67:cb:0e:b6:
         c8:3c:f2:3b:e0:b6:ed:f2:3a:e2:03:bf:1b:8e:7e:28:c6:da:
         c3:86:ad:45:3e:65:c9:57:0e:a0:a3:a0:65:a2:3a:0f:be:cd:
         41:3b:f1:03:45:44:73:45:ca:11:97:28:c2:be:a7:ca:95:61:
         ca:17:5e:98:b8:cd:15:dc:69:7f:fd:49:c7:04:17:30:5e:f2:
         f2:36:b7:13:07:c8:b4:3b:fa:17:11:10:cf:04:95:2c:e0:86:
         97:4e:74:43:dd:12:1b:32:02:59:e3:ca:1b:51:11:6f:c5:e9:
         e3:55:97:21:26:65:d8:16:6a:11:81:0a:e6:99:17:6f:5f:8c:
         cd:d4:71:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeSkSOggkcsg8GGLisk1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjQxMTIzMTAwMjM1WhcNMjQxMTI0MTAwMjM1WjAzMTEwLwYDVQQD
EyhhMDFlM2E5ZmNmMTg3Yzc4MDQ4ZjFlY2U1NjEyNzk1YjhhYTgzNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5rHoCo4tQcJx5QXH4k/ITEtZ065
gwmSu4yGvnm83zojimrYzcFQU0c9wrbTbG+r5SaqoO2Ywvrg6sFJ72NWSLacNxGO
DiYeTQUZY7ucN/C81S4yhqWc0KMA6SojmrDOG9v8xNMDJFDoqiQbUgHOjw0WP8UL
BsXnQDn9qVgfBM9C+EqmK7Uw7IYD6Lulosg16AsmGnPtAde+QQ8JYkgxWUng6nrO
sH/v970LZWmEc1BR6FDbsotwQ1xPxOcVzlunQ6JDBqNZTpeYFDS8z2E2v83l0xHK
ok9HxQs46JtdSWDG1bTgmUUVUbpQ2zkE9hNQpcnknN1Cs4c3Q+6i8Mp0pQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAeOp/PGHx4BI8ezlYSeVuKqDZ7MB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkSfQE6M0
GJsshwgf7qkeMmoKg1dHfK/b531QYup4Yjfdxtv4yBtsZxbMf9wHEE5jeYek8+IC
cNJLYdRe4jtGv3U7HImeHS/KksZtys6LVvj5pIsFtjZRI71Q3nm0tlF+kN2UazDh
P9ke/9/brSenxglP6K2OPcaMO2Jnyw62yDzyO+C27fI64gO/G45+KMbaw4atRT5l
yVcOoKOgZaI6D77NQTvxA0VEc0XKEZcowr6nypVhyhdemLjNFdxpf/1JxwQXMF7y
8ja3EwfItDv6FxEQzwSVLOCGl050Q90SGzICWePKG1ERb8Xp41WXISZl2BZqEYEK
5pkXb1+MzdRxkQ==
-----END CERTIFICATE-----