Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
File:                     YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft (raw, json)
Hash identifier:          ZYZiBrMjDqdlBNgJUIjTRDoqz7pkGhxb1y+r183j5Xc=
Subject key identifier:   70:BB:63:29:45:A8:A4:10:33:C0:F1:19:63:CD:0C:7C:6C:F4:56:9C
Authority key identifier: 61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C
Certificate issuer:       /CN=6117d6158043150b0ad224a0648df0185706019c
Certificate serial:       019369DAF4956B79BA239B06D9D857D8E0E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
Manifest number:          0E09
Signing time:             Tue 26 Nov 2024 19:02:57 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:57 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:57 +0000
Files and hashes:         1: YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl (hash: VX2kKz+jrEg/ZOkyKbDWZTAHSBXNdZavsJCW3zIhWm0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:f4:95:6b:79:ba:23:9b:06:d9:d8:57:d8:e0:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6117d6158043150b0ad224a0648df0185706019c
        Validity
            Not Before: Nov 26 19:02:57 2024 GMT
            Not After : Nov 27 19:02:57 2024 GMT
        Subject: CN=70bb632945a8a41033c0f11963cd0c7c6cf4569c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:81:f0:a6:a7:69:c8:8a:a0:f2:26:02:a2:46:
                    b7:fb:b7:0f:ca:b3:07:ea:e5:48:13:14:f2:0a:7c:
                    51:78:c6:b7:06:d5:ba:23:03:45:e3:bd:df:76:56:
                    fd:b4:23:6a:e6:97:e3:57:bb:4c:b2:b6:91:44:cc:
                    ee:b4:82:e6:37:4c:72:8a:1c:d4:46:76:8f:ad:ed:
                    17:af:46:44:01:79:19:ee:bb:d7:76:5c:68:95:82:
                    9e:c6:29:e6:11:9c:34:64:7e:30:59:c0:ed:01:8d:
                    71:1b:37:e1:64:82:ea:04:80:b6:d2:f1:42:fa:bb:
                    ae:d8:d8:d9:33:c3:a7:e8:61:99:0c:29:5e:97:e4:
                    48:8b:24:2d:25:ab:ac:f4:69:90:29:45:5e:77:d2:
                    f3:ec:05:4d:38:64:ae:8d:9a:65:74:34:ae:94:0a:
                    f6:5d:7f:d7:40:e8:e5:d8:96:8f:98:c6:ee:86:d5:
                    e7:a8:09:09:d5:89:3b:b4:72:43:be:63:86:8f:59:
                    e3:e1:4f:e2:8b:0d:c4:37:bd:de:61:b7:b6:fb:96:
                    a2:5a:54:a7:42:03:a9:be:29:00:93:2c:33:a1:47:
                    10:e9:04:62:db:e9:53:86:01:78:d7:7a:41:bf:e6:
                    f2:17:cf:8a:35:9e:cb:09:0e:a8:98:14:15:46:a3:
                    36:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:BB:63:29:45:A8:A4:10:33:C0:F1:19:63:CD:0C:7C:6C:F4:56:9C
            X509v3 Authority Key Identifier:
                keyid:61:17:D6:15:80:43:15:0B:0A:D2:24:A0:64:8D:F0:18:57:06:01:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YRfWFYBDFQsK0iSgZI3wGFcGAZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/c96426-483a-4cbf-9aa3-9473580bc850/1/YRfWFYBDFQsK0iSgZI3wGFcGAZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:f9:77:e6:09:4d:bb:32:34:3e:0e:cd:2f:2d:f3:64:3d:45:
         c9:58:1f:fe:5a:cd:db:bc:99:17:1f:d2:fd:93:ea:17:7d:f9:
         b4:84:e6:31:b6:e8:c1:3e:c4:33:29:d1:b2:ca:ac:0b:d9:94:
         50:26:6f:61:48:7f:6b:7b:6e:0d:ba:ee:fa:79:9f:ac:21:99:
         ce:ba:df:0d:7c:8d:e3:9a:46:d2:b2:03:1c:ca:aa:ae:b3:25:
         12:8d:20:07:07:cb:d5:2f:94:e0:cd:21:82:da:f9:ac:d7:68:
         16:05:81:10:83:35:d9:0d:a3:86:30:aa:e8:03:8c:8c:54:15:
         62:3d:9f:f3:86:4f:2e:01:15:d5:3c:92:cb:01:dd:e9:e7:21:
         45:db:bd:ec:e3:4e:c9:76:a8:b7:c8:07:3b:97:7c:1f:4e:f0:
         dd:11:79:eb:de:57:e9:95:0a:2f:1c:52:5b:00:4b:99:a3:9a:
         2d:81:87:e8:0d:e9:2e:7e:2b:67:60:b6:09:ca:66:cf:ee:6e:
         4f:5a:cb:3b:08:73:6f:d8:cb:a7:b3:46:89:0f:d0:81:4b:77:
         64:a1:a3:52:1e:31:88:bd:74:dd:b8:4f:40:ba:35:4a:33:3a:
         2d:a6:da:fd:80:fe:36:7f:3a:12:87:78:8f:40:dd:8d:44:57:
         2f:4c:e6:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2vSVa3m6I5sG2dhX2ODgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxMTdkNjE1ODA0MzE1MGIwYWQyMjRhMDY0OGRmMDE4NTcw
NjAxOWMwHhcNMjQxMTI2MTkwMjU3WhcNMjQxMTI3MTkwMjU3WjAzMTEwLwYDVQQD
Eyg3MGJiNjMyOTQ1YThhNDEwMzNjMGYxMTk2M2NkMGM3YzZjZjQ1NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIHwpqdpyIqg8iYCoka3+7cPyrMH
6uVIExTyCnxReMa3BtW6IwNF473fdlb9tCNq5pfjV7tMsraRRMzutILmN0xyihzU
RnaPre0Xr0ZEAXkZ7rvXdlxolYKexinmEZw0ZH4wWcDtAY1xGzfhZILqBIC20vFC
+ruu2NjZM8On6GGZDClel+RIiyQtJaus9GmQKUVed9Lz7AVNOGSujZpldDSulAr2
XX/XQOjl2JaPmMbuhtXnqAkJ1Yk7tHJDvmOGj1nj4U/iiw3EN73eYbe2+5aiWlSn
QgOpvikAkywzoUcQ6QRi2+lThgF413pBv+byF8+KNZ7LCQ6omBQVRqM2cwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHC7YylFqKQQM8DxGWPNDHxs9FacMB8GA1UdIwQY
MBaAFGEX1hWAQxULCtIkoGSN8BhXBgGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMt
OTQ3MzU4MGJjODUwLzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9jOTY0MjYtNDgzYS00Y2JmLTlhYTMtOTQ3MzU4MGJjODUw
LzEvWVJmV0ZZQkRGUXNLMGlTZ1pJM3dHRmNHQVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIfl35glN
uzI0Pg7NLy3zZD1FyVgf/lrN27yZFx/S/ZPqF335tITmMbbowT7EMynRssqsC9mU
UCZvYUh/a3tuDbru+nmfrCGZzrrfDXyN45pG0rIDHMqqrrMlEo0gBwfL1S+U4M0h
gtr5rNdoFgWBEIM12Q2jhjCq6AOMjFQVYj2f84ZPLgEV1TySywHd6echRdu97ONO
yXaot8gHO5d8H07w3RF5695X6ZUKLxxSWwBLmaOaLYGH6A3pLn4rZ2C2Ccpmz+5u
T1rLOwhzb9jLp7NGiQ/QgUt3ZKGjUh4xiL103bhPQLo1SjM6Laba/YD+Nn86Eod4
j0DdjURXL0zmxQ==
-----END CERTIFICATE-----