Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
File:                     NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft (raw, json)
Hash identifier:          xKLC8CQMITcNWfoM+Vz5AB3PfdTxtfgPNla0Rqsr8+k=
Subject key identifier:   82:48:96:C7:E4:4D:3E:12:8F:E4:16:0B:53:6F:A1:B2:AE:75:C3:B9
Authority key identifier: 34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E
Certificate issuer:       /CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
Certificate serial:       019355AD0B6E23F0F21BE24D76ABD1D654A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
Manifest number:          0449
Signing time:             Fri 22 Nov 2024 21:00:24 +0000
Manifest this update:     Fri 22 Nov 2024 21:00:24 +0000
Manifest next update:     Sat 23 Nov 2024 21:00:24 +0000
Files and hashes:         1: NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl (hash: TquJAA+qJPuk+laHqkeqf5EjCqCx1K/0EUVLvGzlytM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 17:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:ad:0b:6e:23:f0:f2:1b:e2:4d:76:ab:d1:d6:54:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34019b2a50267cb61c0be7652a8d14b27bf4869e
        Validity
            Not Before: Nov 22 21:00:24 2024 GMT
            Not After : Nov 23 21:00:24 2024 GMT
        Subject: CN=824896c7e44d3e128fe4160b536fa1b2ae75c3b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:62:fa:56:b6:39:7e:2b:16:53:24:27:42:7e:
                    9f:f8:be:7f:ad:94:79:62:a6:df:6c:f4:fe:2d:ca:
                    df:9d:e4:72:ed:70:81:72:d1:fa:25:d9:a5:f4:e4:
                    5b:37:d8:32:75:2a:c6:3f:f0:04:2a:01:93:8d:26:
                    b6:98:8f:f5:8d:28:64:d5:a0:6f:c3:37:8e:06:ab:
                    09:05:4e:41:81:7f:31:7c:15:1b:aa:52:a8:63:cc:
                    42:fe:25:56:55:c8:ae:10:8f:c9:44:ca:6e:f3:db:
                    17:14:59:5e:be:f0:e8:92:4d:02:2e:23:f9:a5:de:
                    92:31:ee:44:3f:8c:64:a3:8d:80:09:e7:d7:a8:4a:
                    42:a2:81:0f:70:e9:f5:df:66:fb:f2:82:2b:2e:75:
                    3b:bc:d5:a9:dd:6e:00:c2:b1:aa:6f:22:29:45:60:
                    01:05:43:4f:1a:0c:8e:fb:5c:55:26:f0:a5:c1:d6:
                    b0:7d:27:ac:d0:2d:b2:1b:51:f0:3a:cb:1d:67:4d:
                    a9:46:45:77:5a:4e:67:2b:5e:3a:14:c6:ea:7b:9b:
                    78:60:c8:ce:18:37:c8:4b:cb:ec:7c:77:24:7a:0b:
                    a4:a8:f0:23:05:e3:0a:f0:1a:60:23:50:09:0c:3a:
                    fe:9a:3c:bc:7e:35:cd:e3:e4:d6:15:64:fc:dc:b5:
                    cf:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:48:96:C7:E4:4D:3E:12:8F:E4:16:0B:53:6F:A1:B2:AE:75:C3:B9
            X509v3 Authority Key Identifier:
                keyid:34:01:9B:2A:50:26:7C:B6:1C:0B:E7:65:2A:8D:14:B2:7B:F4:86:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAGbKlAmfLYcC-dlKo0Usnv0hp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/108b2c-d0c8-4818-97bc-f8efe29397ea/1/NAGbKlAmfLYcC-dlKo0Usnv0hp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:a4:8b:82:ee:3c:d8:de:71:a2:8e:b2:4a:de:dc:6d:96:af:
         72:f9:d8:fc:44:09:60:07:a3:db:71:12:a9:35:ea:45:22:d1:
         b3:d9:60:14:6b:b3:08:40:61:a5:21:01:2b:af:c9:f0:f1:80:
         07:9d:e3:c3:67:08:81:c9:59:a8:ef:bb:5d:00:ee:42:a3:d7:
         2e:21:2e:73:1e:99:33:fc:22:37:53:1c:66:90:45:6a:4e:b8:
         19:00:64:78:b7:77:fd:a8:5f:c1:7a:11:23:9d:5b:bb:89:fd:
         fa:c2:67:16:d9:47:91:55:99:aa:84:66:66:02:68:7f:ea:8c:
         85:e4:48:ba:21:f1:91:86:80:da:1e:b8:40:71:23:e6:b5:81:
         26:7a:cf:00:30:c9:ed:60:a6:c0:25:20:76:55:9e:dc:3a:ab:
         c0:01:1f:8e:2a:66:9e:a4:6d:cd:70:b4:6e:9f:f6:65:69:86:
         b0:9e:3c:a7:d9:7d:02:b5:30:0d:9f:32:6b:0e:31:b2:13:03:
         82:3c:4e:36:b0:54:84:bf:05:ab:48:58:8e:bf:80:19:35:1b:
         89:cd:b0:79:41:41:41:bb:85:4b:8e:92:43:56:21:37:0c:03:
         a8:8b:06:2a:c1:db:20:91:bc:d5:13:f4:95:5d:94:af:87:86:
         81:fa:da:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVrQtuI/DyG+JNdqvR1lSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDE5YjJhNTAyNjdjYjYxYzBiZTc2NTJhOGQxNGIyN2Jm
NDg2OWUwHhcNMjQxMTIyMjEwMDI0WhcNMjQxMTIzMjEwMDI0WjAzMTEwLwYDVQQD
Eyg4MjQ4OTZjN2U0NGQzZTEyOGZlNDE2MGI1MzZmYTFiMmFlNzVjM2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mL6VrY5fisWUyQnQn6f+L5/rZR5
YqbfbPT+LcrfneRy7XCBctH6Jdml9ORbN9gydSrGP/AEKgGTjSa2mI/1jShk1aBv
wzeOBqsJBU5BgX8xfBUbqlKoY8xC/iVWVciuEI/JRMpu89sXFFlevvDokk0CLiP5
pd6SMe5EP4xko42ACefXqEpCooEPcOn132b78oIrLnU7vNWp3W4AwrGqbyIpRWAB
BUNPGgyO+1xVJvClwdawfSes0C2yG1HwOssdZ02pRkV3Wk5nK146FMbqe5t4YMjO
GDfIS8vsfHckegukqPAjBeMK8BpgI1AJDDr+mjy8fjXN4+TWFWT83LXPHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJIlsfkTT4Sj+QWC1NvobKudcO5MB8GA1UdIwQY
MBaAFDQBmypQJny2HAvnZSqNFLJ79IaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMt
ZjhlZmUyOTM5N2VhLzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMDhiMmMtZDBjOC00ODE4LTk3YmMtZjhlZmUyOTM5N2Vh
LzEvTkFHYktsQW1mTFljQy1kbEtvMFVzbnYwaHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnqSLgu48
2N5xoo6ySt7cbZavcvnY/EQJYAej23ESqTXqRSLRs9lgFGuzCEBhpSEBK6/J8PGA
B53jw2cIgclZqO+7XQDuQqPXLiEucx6ZM/wiN1McZpBFak64GQBkeLd3/ahfwXoR
I51bu4n9+sJnFtlHkVWZqoRmZgJof+qMheRIuiHxkYaA2h64QHEj5rWBJnrPADDJ
7WCmwCUgdlWe3DqrwAEfjipmnqRtzXC0bp/2ZWmGsJ48p9l9ArUwDZ8yaw4xshMD
gjxONrBUhL8Fq0hYjr+AGTUbic2weUFBQbuFS46SQ1YhNwwDqIsGKsHbIJG81RP0
lV2Ur4eGgfraSg==
-----END CERTIFICATE-----