Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
File:                     TKZvPA8ld05pbSpGcjJ365YRKMM.mft (raw, json)
Hash identifier:          acSBe9EQywf+E0WpK4rejizYDobK+QYkoZooMOrwD1A=
Subject key identifier:   0C:2B:93:3D:E8:62:0F:03:D7:3B:42:30:53:05:4D:60:A1:B7:85:04
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Certificate issuer:       /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial:       0193549B56C5434DFE54034CF1FC2746F850
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
Manifest number:          136D
Signing time:             Fri 22 Nov 2024 16:01:26 +0000
Manifest this update:     Fri 22 Nov 2024 16:01:26 +0000
Manifest next update:     Sat 23 Nov 2024 16:01:26 +0000
Files and hashes:         1: TKZvPA8ld05pbSpGcjJ365YRKMM.crl (hash: iSF2HWceDfkrXOiEyGDCR7cxYoqN+g1E/HRnBMByMfc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 16:01:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:54:9b:56:c5:43:4d:fe:54:03:4c:f1:fc:27:46:f8:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
        Validity
            Not Before: Nov 22 16:01:26 2024 GMT
            Not After : Nov 23 16:01:26 2024 GMT
        Subject: CN=0c2b933de8620f03d73b423053054d60a1b78504
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7b:8e:18:88:46:34:6d:9f:c9:36:bd:f7:39:
                    80:6d:39:f4:81:40:69:f5:c0:76:3c:67:77:97:a4:
                    6a:59:be:67:b5:6f:7c:17:0a:f5:f7:90:cb:b9:21:
                    37:70:46:b4:a4:ba:18:4f:fb:66:a7:1f:0e:38:97:
                    d8:48:87:a4:4d:9f:a2:35:dc:4f:c7:a7:dc:e0:29:
                    1c:0d:f4:e2:f2:4a:9c:f5:14:58:cd:f4:62:ff:41:
                    9a:ab:c5:c4:77:a0:c9:76:22:9f:c1:a5:4f:bc:90:
                    41:08:e7:41:55:70:a3:71:4b:c4:79:f7:8c:b4:14:
                    76:3c:44:a7:3a:0e:a3:38:8a:fd:f6:ec:a1:b1:4c:
                    f2:f0:69:9d:56:b6:f6:0e:5d:c8:96:8a:21:ea:02:
                    fa:bc:7a:b3:ec:48:34:87:bb:40:08:4c:80:23:6d:
                    42:f5:3f:78:7c:57:3a:95:ec:28:f7:3d:d0:38:e6:
                    ad:d0:2f:05:18:86:f9:04:11:c6:de:18:80:18:af:
                    0b:2e:cf:11:3e:31:11:cb:b1:ec:9c:93:8a:fb:52:
                    2f:9d:18:a5:1e:91:cb:bc:14:a2:94:10:c4:35:ce:
                    7f:f4:4f:c9:fa:e6:d4:a5:54:b7:82:87:ca:53:4f:
                    1b:20:f7:3c:75:45:63:4c:73:d6:36:b2:19:93:8b:
                    62:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:2B:93:3D:E8:62:0F:03:D7:3B:42:30:53:05:4D:60:A1:B7:85:04
            X509v3 Authority Key Identifier:
                keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:d2:01:ff:97:3a:83:9a:dd:fe:02:7a:d7:5e:be:fa:0d:7f:
         df:0d:d1:a3:72:9b:41:a7:73:3d:64:f6:05:92:65:a3:23:9f:
         9a:ff:fe:9a:68:76:0a:5e:9b:9d:e2:fe:77:34:c2:64:49:c3:
         25:22:93:74:8d:bc:2e:0c:76:79:4c:27:9f:b7:88:13:fd:5b:
         8e:56:de:1c:f0:0c:2e:ed:c4:8d:69:fc:7b:7c:f7:80:d3:6e:
         e7:de:55:ba:d9:cd:10:2c:4f:81:9c:2e:c0:c2:1e:be:7b:eb:
         37:b3:87:43:94:8b:2b:d6:2f:95:c4:7b:6e:46:0c:55:8a:de:
         93:44:24:f5:b5:61:d2:45:42:ae:d3:50:6e:a3:0c:69:c7:13:
         aa:cf:85:59:41:3a:3b:b3:3c:1b:81:cf:e0:e3:98:b9:4b:e5:
         e2:8c:6f:88:e4:c7:42:f1:2f:71:1e:0a:85:b3:9e:d1:b7:df:
         2e:da:af:b6:37:6f:c3:5a:ff:4c:62:20:ad:9d:38:7d:c5:79:
         04:2f:c7:13:82:07:cd:f1:72:18:d5:d4:25:76:b1:54:c4:5e:
         15:eb:2d:71:43:38:3e:27:22:4d:5e:d5:2e:1c:b3:2b:51:2d:
         ef:94:35:5b:08:0d:ed:ea:a5:3f:52:c8:6f:6b:fe:c0:2c:dc:
         1f:f6:dc:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNUm1bFQ03+VANM8fwnRvhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjQxMTIyMTYwMTI2WhcNMjQxMTIzMTYwMTI2WjAzMTEwLwYDVQQD
EygwYzJiOTMzZGU4NjIwZjAzZDczYjQyMzA1MzA1NGQ2MGExYjc4NTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHuOGIhGNG2fyTa99zmAbTn0gUBp
9cB2PGd3l6RqWb5ntW98Fwr195DLuSE3cEa0pLoYT/tmpx8OOJfYSIekTZ+iNdxP
x6fc4CkcDfTi8kqc9RRYzfRi/0Gaq8XEd6DJdiKfwaVPvJBBCOdBVXCjcUvEefeM
tBR2PESnOg6jOIr99uyhsUzy8GmdVrb2Dl3Ilooh6gL6vHqz7Eg0h7tACEyAI21C
9T94fFc6lewo9z3QOOat0C8FGIb5BBHG3hiAGK8LLs8RPjERy7HsnJOK+1IvnRil
HpHLvBSilBDENc5/9E/J+ubUpVS3gofKU08bIPc8dUVjTHPWNrIZk4tiTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAwrkz3oYg8D1ztCMFMFTWCht4UEMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATNIB/5c6
g5rd/gJ6116++g1/3w3Ro3KbQadzPWT2BZJloyOfmv/+mmh2Cl6bneL+dzTCZEnD
JSKTdI28Lgx2eUwnn7eIE/1bjlbeHPAMLu3EjWn8e3z3gNNu595VutnNECxPgZwu
wMIevnvrN7OHQ5SLK9YvlcR7bkYMVYrek0Qk9bVh0kVCrtNQbqMMaccTqs+FWUE6
O7M8G4HP4OOYuUvl4oxviOTHQvEvcR4KhbOe0bffLtqvtjdvw1r/TGIgrZ04fcV5
BC/HE4IHzfFyGNXUJXaxVMReFestcUM4PiciTV7VLhyzK1Et75Q1WwgN7eqlP1LI
b2v+wCzcH/bcIg==
-----END CERTIFICATE-----