Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          v15tGSFvFMc0Un1g6VSLI7q98AI1ijUbBbZm3pY3exI=
Subject key identifier:   8A:65:25:85:C3:D5:D1:EB:11:83:88:09:83:2A:FC:FF:A1:01:B4:71
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       019364E992239C3C90F51FC7DA4E14D9722E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          0785
Signing time:             Mon 25 Nov 2024 20:00:49 +0000
Manifest this update:     Mon 25 Nov 2024 20:00:49 +0000
Manifest next update:     Tue 26 Nov 2024 20:00:49 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: aNbJ9NbucdZ79Zjxw3b17nrAY7T4qbsxNcQ152ffqkc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 20:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:e9:92:23:9c:3c:90:f5:1f:c7:da:4e:14:d9:72:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Nov 25 20:00:49 2024 GMT
            Not After : Nov 26 20:00:49 2024 GMT
        Subject: CN=8a652585c3d5d1eb11838809832afcffa101b471
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:5c:52:ba:89:e5:1b:9d:95:2c:42:90:33:58:
                    6e:f2:60:b1:81:1e:97:64:b5:24:fc:52:76:69:f5:
                    94:ad:32:8f:ac:45:1b:57:9c:73:58:2a:6a:49:ca:
                    a2:d0:c3:8a:0a:cb:38:1e:63:a9:68:5d:1c:e5:38:
                    ff:3a:2e:e4:a8:69:ce:57:68:1a:81:1a:fb:2c:09:
                    0f:cb:c6:06:c9:52:c7:9c:76:41:b9:d5:3c:10:46:
                    60:fb:6b:d2:45:5d:88:45:e4:24:e8:9e:b0:86:8b:
                    53:5f:60:ca:e9:80:e7:16:3c:db:a6:87:a3:81:10:
                    f3:32:eb:50:44:28:80:be:99:1d:66:c4:34:1c:00:
                    25:06:09:a4:40:af:e0:43:4a:df:02:67:cb:d3:f7:
                    72:fd:53:30:59:af:4f:f6:76:d9:40:84:9c:77:9f:
                    e6:0d:3e:73:c4:13:dd:0c:c0:dd:20:c6:98:ad:97:
                    5e:0c:bb:72:de:8a:72:6b:6e:70:99:f0:47:1c:df:
                    ee:64:6d:f9:a4:e5:f0:63:ec:84:84:27:fa:e8:42:
                    a7:87:dc:a0:0c:79:cf:9e:19:b9:f3:aa:f6:b0:fa:
                    e1:6f:c3:f0:d7:b8:67:aa:a6:34:ec:cd:8f:70:47:
                    c4:27:ba:21:72:23:02:14:38:29:25:77:3c:18:73:
                    32:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:65:25:85:C3:D5:D1:EB:11:83:88:09:83:2A:FC:FF:A1:01:B4:71
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:bc:ff:29:ff:5f:d9:44:5a:23:eb:b5:5b:70:77:14:3f:14:
         c4:db:2e:a9:be:1e:98:4a:1f:1e:b4:35:c1:a7:7f:10:19:18:
         09:6d:2e:29:a4:3c:a7:40:d9:4a:4f:20:2a:16:d4:5d:41:bc:
         3b:c6:87:b9:c9:12:9a:e1:a4:f1:cf:e7:fc:98:3d:a6:19:93:
         e9:18:83:a7:e0:33:81:4a:e9:72:67:a5:56:cd:60:e8:9f:8e:
         b4:a2:a2:44:79:71:03:65:fb:f4:22:ae:9d:17:36:a0:78:57:
         88:b5:c1:25:be:c9:05:0d:87:86:1f:15:4e:c3:1b:08:d4:1c:
         d6:4d:cd:4b:d0:b5:2f:f5:ba:a9:c2:63:41:8a:68:bd:85:93:
         6b:c1:ed:53:50:6d:03:30:52:01:48:9a:6d:ef:55:43:61:ea:
         2d:44:87:30:17:8f:6b:15:46:d2:98:5d:e3:f7:3b:7e:38:8d:
         1a:5c:8e:a3:cf:75:e4:41:f5:69:7b:c6:64:b5:f7:a8:3d:41:
         76:53:f8:8e:15:9b:ff:d4:23:4e:c0:11:43:a0:65:63:53:42:
         cd:36:af:13:bb:b7:be:a9:55:86:96:af:3f:79:22:a0:bd:43:
         97:7a:2d:74:50:8f:fd:8d:9f:8b:0e:7d:c7:ca:10:e6:7d:7e:
         f9:68:d0:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNk6ZIjnDyQ9R/H2k4U2XIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjQxMTI1MjAwMDQ5WhcNMjQxMTI2MjAwMDQ5WjAzMTEwLwYDVQQD
Eyg4YTY1MjU4NWMzZDVkMWViMTE4Mzg4MDk4MzJhZmNmZmExMDFiNDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61xSuonlG52VLEKQM1hu8mCxgR6X
ZLUk/FJ2afWUrTKPrEUbV5xzWCpqScqi0MOKCss4HmOpaF0c5Tj/Oi7kqGnOV2ga
gRr7LAkPy8YGyVLHnHZBudU8EEZg+2vSRV2IReQk6J6whotTX2DK6YDnFjzbpoej
gRDzMutQRCiAvpkdZsQ0HAAlBgmkQK/gQ0rfAmfL0/dy/VMwWa9P9nbZQIScd5/m
DT5zxBPdDMDdIMaYrZdeDLty3opya25wmfBHHN/uZG35pOXwY+yEhCf66EKnh9yg
DHnPnhm586r2sPrhb8Pw17hnqqY07M2PcEfEJ7ohciMCFDgpJXc8GHMyYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIplJYXD1dHrEYOICYMq/P+hAbRxMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ7z/Kf9f
2URaI+u1W3B3FD8UxNsuqb4emEofHrQ1wad/EBkYCW0uKaQ8p0DZSk8gKhbUXUG8
O8aHuckSmuGk8c/n/Jg9phmT6RiDp+AzgUrpcmelVs1g6J+OtKKiRHlxA2X79CKu
nRc2oHhXiLXBJb7JBQ2Hhh8VTsMbCNQc1k3NS9C1L/W6qcJjQYpovYWTa8HtU1Bt
AzBSAUiabe9VQ2HqLUSHMBePaxVG0phd4/c7fjiNGlyOo8915EH1aXvGZLX3qD1B
dlP4jhWb/9QjTsARQ6BlY1NCzTavE7u3vqlVhpavP3kioL1Dl3otdFCP/Y2fiw59
x8oQ5n1++WjQcw==
-----END CERTIFICATE-----