Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
File:                     PDetizomkODPRy2ybo_isWgBkiQ.mft (raw, json)
Hash identifier:          augViDy1ZXKdZL8IiR4865UPiWJMbzdlL0k1khUetoU=
Subject key identifier:   37:B4:CA:E9:EC:58:2F:6D:9A:11:DD:07:0F:66:1E:32:D4:7B:D2:84
Authority key identifier: 3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24
Certificate issuer:       /CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
Certificate serial:       01936C34C4025FF1E9CB46B9C214FA3FCA89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
Manifest number:          119D
Signing time:             Wed 27 Nov 2024 06:00:17 +0000
Manifest this update:     Wed 27 Nov 2024 06:00:17 +0000
Manifest next update:     Thu 28 Nov 2024 06:00:17 +0000
Files and hashes:         1: PDetizomkODPRy2ybo_isWgBkiQ.crl (hash: WOHxZj9Rj5PHdqEjaYF37tgSQ+PUmUg0VhfJBCjFTbY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Nov 2024 06:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6c:34:c4:02:5f:f1:e9:cb:46:b9:c2:14:fa:3f:ca:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c37ad8b3a2690e0cf472db26e8fe2b168019224
        Validity
            Not Before: Nov 27 06:00:17 2024 GMT
            Not After : Nov 28 06:00:17 2024 GMT
        Subject: CN=37b4cae9ec582f6d9a11dd070f661e32d47bd284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:cc:29:4c:39:fc:2f:22:dc:39:38:bf:db:32:
                    67:49:d5:61:86:52:a0:74:0e:02:91:65:77:6a:ec:
                    8f:5a:b7:0b:9f:b6:88:58:f9:71:21:89:74:11:52:
                    8c:da:6a:bf:42:4c:40:8d:06:21:cf:06:b2:22:0d:
                    d4:d6:c9:ae:92:9c:3e:84:7a:bd:b5:c4:4e:2c:98:
                    bb:36:c4:ea:58:80:80:55:43:0b:33:e5:36:3c:c9:
                    ec:e4:58:1b:c3:25:19:56:e7:c6:85:d7:7e:20:72:
                    87:c8:d9:d0:57:a3:c3:d1:3e:c4:d2:e0:3c:7e:4a:
                    04:00:8a:97:53:ed:b3:35:0b:8e:0b:c1:c4:a5:d4:
                    04:03:d7:77:e8:57:9c:77:ed:4f:15:8c:09:fd:39:
                    22:de:f8:f9:ac:45:31:03:6a:c3:80:b6:d9:97:95:
                    06:9d:fc:36:d9:72:34:31:f4:5a:60:b6:eb:f6:8f:
                    19:24:6a:9c:f1:3e:e3:11:95:e7:48:42:6a:5a:04:
                    6e:15:28:a0:9e:aa:c8:a2:93:52:aa:dc:32:ee:37:
                    bc:4c:61:4a:ab:ff:7b:5f:35:b3:0d:e0:f9:89:34:
                    67:b1:b9:c0:2d:be:17:64:bd:cb:18:f6:5d:55:24:
                    36:2f:69:93:85:c6:b8:de:09:20:ab:db:c1:b9:f7:
                    e9:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:B4:CA:E9:EC:58:2F:6D:9A:11:DD:07:0F:66:1E:32:D4:7B:D2:84
            X509v3 Authority Key Identifier:
                keyid:3C:37:AD:8B:3A:26:90:E0:CF:47:2D:B2:6E:8F:E2:B1:68:01:92:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDetizomkODPRy2ybo_isWgBkiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/55cbef-58ec-4014-8667-2e2b56b415c1/1/PDetizomkODPRy2ybo_isWgBkiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:6e:6d:60:9f:fd:ea:47:6b:2f:df:ea:41:6f:86:32:cf:08:
         20:ea:ba:f9:76:7d:05:ba:26:0a:db:ec:26:92:45:b1:d9:e7:
         04:67:3e:9a:ee:35:11:0b:1a:ba:bb:72:2c:24:56:7b:64:34:
         11:46:ba:ae:c0:fb:61:95:9d:ab:5d:3c:c9:86:d4:24:02:97:
         61:eb:13:68:60:17:fc:46:78:27:6b:ba:4a:67:bd:e3:20:b9:
         ed:ac:5d:d0:8b:86:25:45:0c:18:d4:a7:2b:10:d0:c8:02:65:
         29:4b:95:35:da:77:7c:37:73:6f:c7:38:84:da:f6:41:2f:5d:
         9f:8a:33:26:8a:18:8e:32:e1:08:82:a3:66:8d:3c:bd:3f:29:
         19:9d:35:d0:c1:c5:f9:72:c6:a0:23:8e:71:97:49:d0:95:3c:
         00:11:e9:22:a5:aa:e7:98:f1:94:64:f1:9f:e6:f7:16:e7:c2:
         ff:56:76:1d:c6:d1:9b:3f:09:91:80:5d:74:9c:ae:59:80:aa:
         09:3a:3f:89:17:47:84:d3:2f:97:24:da:c7:5b:a3:42:c4:94:
         27:eb:60:b8:f8:f3:03:ec:95:45:57:68:15:3e:cc:3a:71:7c:
         cc:6f:aa:e2:c8:18:76:a6:8a:eb:cf:6d:28:11:bc:f1:0c:cf:
         fa:b2:35:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNsNMQCX/Hpy0a5whT6P8qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzdhZDhiM2EyNjkwZTBjZjQ3MmRiMjZlOGZlMmIxNjgw
MTkyMjQwHhcNMjQxMTI3MDYwMDE3WhcNMjQxMTI4MDYwMDE3WjAzMTEwLwYDVQQD
EygzN2I0Y2FlOWVjNTgyZjZkOWExMWRkMDcwZjY2MWUzMmQ0N2JkMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18wpTDn8LyLcOTi/2zJnSdVhhlKg
dA4CkWV3auyPWrcLn7aIWPlxIYl0EVKM2mq/QkxAjQYhzwayIg3U1smukpw+hHq9
tcROLJi7NsTqWICAVUMLM+U2PMns5FgbwyUZVufGhdd+IHKHyNnQV6PD0T7E0uA8
fkoEAIqXU+2zNQuOC8HEpdQEA9d36Fecd+1PFYwJ/Tki3vj5rEUxA2rDgLbZl5UG
nfw22XI0MfRaYLbr9o8ZJGqc8T7jEZXnSEJqWgRuFSignqrIopNSqtwy7je8TGFK
q/97XzWzDeD5iTRnsbnALb4XZL3LGPZdVSQ2L2mThca43gkgq9vBuffpaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDe0yunsWC9tmhHdBw9mHjLUe9KEMB8GA1UdIwQY
MBaAFDw3rYs6JpDgz0ctsm6P4rFoAZIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2Njct
MmUyYjU2YjQxNWMxLzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi81NWNiZWYtNThlYy00MDE0LTg2NjctMmUyYjU2YjQxNWMx
LzEvUERldGl6b21rT0RQUnkyeWJvX2lzV2dCa2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqG5tYJ/9
6kdrL9/qQW+GMs8IIOq6+XZ9BbomCtvsJpJFsdnnBGc+mu41EQsaurtyLCRWe2Q0
EUa6rsD7YZWdq108yYbUJAKXYesTaGAX/EZ4J2u6Sme94yC57axd0IuGJUUMGNSn
KxDQyAJlKUuVNdp3fDdzb8c4hNr2QS9dn4ozJooYjjLhCIKjZo08vT8pGZ010MHF
+XLGoCOOcZdJ0JU8ABHpIqWq55jxlGTxn+b3FufC/1Z2HcbRmz8JkYBddJyuWYCq
CTo/iRdHhNMvlyTax1ujQsSUJ+tguPjzA+yVRVdoFT7MOnF8zG+q4sgYdqaK689t
KBG88QzP+rI1xw==
-----END CERTIFICATE-----