Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
File:                     nzeBglGggdHMfzAVMg62NSZwm5E.mft (raw, json)
Hash identifier:          kWIJRXCLfawMRbmnaTdHlYABvZ20qP2Jm1p9b1G+uNs=
Subject key identifier:   EF:D7:92:1A:F9:4C:CA:29:5D:11:47:FA:CA:0D:64:85:A7:82:7D:FE
Authority key identifier: 9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91
Certificate issuer:       /CN=9f37818251a081d1cc7f3015320eb63526709b91
Certificate serial:       0193549BE940A37A7EA923C68BC7AC8AFFD7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
Manifest number:          03D9
Signing time:             Fri 22 Nov 2024 16:02:04 +0000
Manifest this update:     Fri 22 Nov 2024 16:02:04 +0000
Manifest next update:     Sat 23 Nov 2024 16:02:04 +0000
Files and hashes:         1: nzeBglGggdHMfzAVMg62NSZwm5E.crl (hash: H7qi0TBlGHF30bArPwMal6PkMZi7agcaLDM3DVuC8S8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:54:9b:e9:40:a3:7a:7e:a9:23:c6:8b:c7:ac:8a:ff:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f37818251a081d1cc7f3015320eb63526709b91
        Validity
            Not Before: Nov 22 16:02:04 2024 GMT
            Not After : Nov 23 16:02:04 2024 GMT
        Subject: CN=efd7921af94cca295d1147faca0d6485a7827dfe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e2:af:47:09:94:9a:0b:0c:9d:5d:3b:ea:96:
                    0e:70:8c:45:31:c8:6f:88:53:2e:73:e7:ab:d2:00:
                    77:ab:fc:94:07:54:3b:b2:e3:85:e3:6d:83:41:8b:
                    af:10:4a:2e:53:7c:a4:7d:87:eb:44:7d:cf:21:c0:
                    e9:e1:71:d9:13:fc:90:cf:9b:25:05:47:43:a3:59:
                    97:e7:28:1a:7c:12:7b:1b:a7:9d:9d:80:e2:f0:cf:
                    65:62:dd:77:54:51:27:e6:52:10:6d:6b:61:38:fc:
                    8b:56:cf:79:61:5a:f9:37:42:0c:7f:ec:ee:59:6a:
                    4d:ee:9b:82:bf:79:82:34:83:d7:48:66:0e:98:bb:
                    0c:f8:2e:c5:2b:7c:91:56:c1:1a:c3:66:ac:dc:99:
                    30:ef:39:a6:f8:c2:ed:4b:93:59:3d:da:83:91:83:
                    7d:c1:1e:96:f7:64:30:c0:92:91:a4:5a:fb:87:bc:
                    f7:84:3d:89:a4:4b:0a:8a:bb:c8:fc:b3:c3:c8:13:
                    fe:c0:e0:64:0f:08:7e:b7:9a:d8:bf:75:a8:93:74:
                    3d:27:9a:bd:81:5b:dc:c4:ae:2b:4a:a3:43:60:3f:
                    91:df:e1:ba:a2:0c:c5:75:e0:af:01:b9:1f:8d:b4:
                    17:b6:20:5d:d8:05:31:32:13:79:eb:ae:76:a9:57:
                    0c:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:D7:92:1A:F9:4C:CA:29:5D:11:47:FA:CA:0D:64:85:A7:82:7D:FE
            X509v3 Authority Key Identifier:
                keyid:9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:ca:35:f7:7d:c2:2c:02:c5:10:e0:43:e2:e2:60:eb:7d:42:
         ae:cd:bf:f7:65:ea:41:4b:1a:aa:50:4e:99:d5:5b:ec:cd:cf:
         6f:76:76:d5:6f:48:3f:25:5c:75:dc:54:41:02:8e:95:54:cb:
         24:ce:c4:62:d6:32:8d:45:de:1a:ba:1e:a2:ac:c5:16:04:fa:
         35:2b:7c:dc:78:01:c2:fb:d7:e1:35:1a:98:b3:6d:08:a0:6c:
         5e:10:d5:35:aa:51:6c:21:ff:d6:a5:e7:28:85:be:09:a0:8c:
         bd:28:ef:1b:e2:0a:6d:8e:1c:4e:15:5b:42:30:5b:5e:26:c3:
         cc:d7:c0:ab:d0:38:cc:bf:f9:09:71:76:6a:38:71:01:1d:ed:
         29:c0:7f:17:a4:2d:7b:04:2b:6b:dc:ae:02:06:ee:4c:49:a3:
         2b:4a:60:a1:a7:87:74:44:e6:20:cb:7e:11:ac:c2:56:e8:e9:
         d8:5d:9f:4b:e4:bb:e5:1b:01:f2:2b:cc:74:ea:45:c6:24:3e:
         10:da:28:13:03:a4:25:93:27:b8:74:89:9b:b4:18:bc:a9:7c:
         9f:d8:b1:82:80:14:d0:a1:1a:bd:9d:0d:b0:88:66:f5:a9:f6:
         57:49:ad:a0:b9:ec:9e:6d:ed:98:d7:71:d7:fa:a9:66:63:af:
         64:7f:a8:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNUm+lAo3p+qSPGi8esiv/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzc4MTgyNTFhMDgxZDFjYzdmMzAxNTMyMGViNjM1MjY3
MDliOTEwHhcNMjQxMTIyMTYwMjA0WhcNMjQxMTIzMTYwMjA0WjAzMTEwLwYDVQQD
EyhlZmQ3OTIxYWY5NGNjYTI5NWQxMTQ3ZmFjYTBkNjQ4NWE3ODI3ZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOKvRwmUmgsMnV076pYOcIxFMchv
iFMuc+er0gB3q/yUB1Q7suOF422DQYuvEEouU3ykfYfrRH3PIcDp4XHZE/yQz5sl
BUdDo1mX5ygafBJ7G6ednYDi8M9lYt13VFEn5lIQbWthOPyLVs95YVr5N0IMf+zu
WWpN7puCv3mCNIPXSGYOmLsM+C7FK3yRVsEaw2as3Jkw7zmm+MLtS5NZPdqDkYN9
wR6W92QwwJKRpFr7h7z3hD2JpEsKirvI/LPDyBP+wOBkDwh+t5rYv3Wok3Q9J5q9
gVvcxK4rSqNDYD+R3+G6ogzFdeCvAbkfjbQXtiBd2AUxMhN56652qVcMNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO/Xkhr5TMopXRFH+soNZIWngn3+MB8GA1UdIwQY
MBaAFJ83gYJRoIHRzH8wFTIOtjUmcJuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQt
NmIyZjUyNjA0N2E5LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQtNmIyZjUyNjA0N2E5
LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnMo1933C
LALFEOBD4uJg631Crs2/92XqQUsaqlBOmdVb7M3Pb3Z21W9IPyVcddxUQQKOlVTL
JM7EYtYyjUXeGroeoqzFFgT6NSt83HgBwvvX4TUamLNtCKBsXhDVNapRbCH/1qXn
KIW+CaCMvSjvG+IKbY4cThVbQjBbXibDzNfAq9A4zL/5CXF2ajhxAR3tKcB/F6Qt
ewQra9yuAgbuTEmjK0pgoaeHdETmIMt+EazCVujp2F2fS+S75RsB8ivMdOpFxiQ+
ENooEwOkJZMnuHSJm7QYvKl8n9ixgoAU0KEavZ0NsIhm9an2V0mtoLnsnm3tmNdx
1/qpZmOvZH+okQ==
-----END CERTIFICATE-----