Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
File:                     zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft (raw, json)
Hash identifier:          3N3BH3RlUJk0jfN7CqikSUjKFxkj0zbCC9ptp564vj8=
Subject key identifier:   0D:30:4F:1E:DA:0C:39:EB:15:AE:CD:0B:0A:E5:ED:AB:46:F8:25:93
Authority key identifier: CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14
Certificate issuer:       /CN=cd35f6ff567bde93394fff282fad417da0b53614
Certificate serial:       01936B2295C387848C9DE9C77B485E9E5088
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
Manifest number:          0A53
Signing time:             Wed 27 Nov 2024 01:00:48 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:48 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:48 +0000
Files and hashes:         1: zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl (hash: bSm/aqt01IAYJ/I9N93SvcXcaEv8KQl6gp+lUr5Z0+s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:95:c3:87:84:8c:9d:e9:c7:7b:48:5e:9e:50:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd35f6ff567bde93394fff282fad417da0b53614
        Validity
            Not Before: Nov 27 01:00:48 2024 GMT
            Not After : Nov 28 01:00:48 2024 GMT
        Subject: CN=0d304f1eda0c39eb15aecd0b0ae5edab46f82593
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:18:43:59:c3:f7:1d:4f:d4:ef:a8:f3:6a:50:
                    8e:88:ad:a1:d6:79:e2:2f:c3:34:06:ae:72:db:88:
                    16:20:06:ca:d6:bf:f8:f4:dd:93:0c:b7:f5:31:8d:
                    e1:23:e4:ad:1a:aa:bc:26:f1:b8:7e:86:9f:c9:db:
                    55:9c:35:41:0d:45:d8:91:c7:98:c0:e6:dd:73:a7:
                    e0:59:d4:42:7f:b6:f4:13:49:da:4b:fa:d3:d8:9b:
                    2c:01:15:70:5a:0a:51:15:3d:ca:42:ea:86:e0:a7:
                    db:24:67:7c:94:1f:0f:c2:74:66:10:d8:2f:87:0a:
                    a1:97:19:87:52:b5:11:fe:5a:1e:d2:89:64:14:0c:
                    e7:4e:05:92:2d:ee:be:07:c2:1d:1f:29:2c:a1:bf:
                    f5:b2:b9:d2:fc:38:a5:d0:b9:bf:2f:45:00:a3:b9:
                    7d:31:b0:bc:aa:c5:cd:c8:35:c9:ee:5c:f3:ad:b5:
                    b5:a1:28:7b:c4:e2:bc:9d:70:f4:8d:70:0f:07:07:
                    1d:41:e6:60:45:a0:95:4b:74:28:db:d0:68:f5:0a:
                    77:31:d0:17:94:29:56:a3:98:77:89:ea:36:67:7e:
                    98:b3:c9:90:48:22:64:7c:8a:54:30:2d:f6:e0:81:
                    53:98:c5:ba:c3:d3:a8:61:9e:9d:15:e0:66:d5:17:
                    5f:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:30:4F:1E:DA:0C:39:EB:15:AE:CD:0B:0A:E5:ED:AB:46:F8:25:93
            X509v3 Authority Key Identifier:
                keyid:CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:c6:66:75:3c:84:a1:5f:4f:87:79:65:0c:db:46:a3:d3:7c:
         e0:2d:c3:83:12:1d:5e:df:0b:3d:0b:8b:f9:79:7e:ed:30:e0:
         6f:6a:3e:cd:ce:c6:36:0a:c2:50:ef:8d:6e:82:f1:e7:03:73:
         07:1d:0f:f7:87:56:ec:d7:58:dc:0b:56:35:24:68:a7:5a:4e:
         2b:fa:cb:43:4a:69:83:83:3a:bc:8e:61:2d:68:ca:30:e8:f4:
         61:cb:88:67:a0:90:44:0f:f6:e6:0d:e9:83:38:de:8d:13:e0:
         51:87:1c:82:65:34:bd:f8:00:c4:2f:4e:24:5f:e8:9f:98:34:
         d1:61:ca:c2:86:5c:cd:b9:bb:1a:d1:88:6e:04:6f:7c:81:2d:
         16:23:54:8b:98:bb:0e:3f:ab:0c:de:82:67:c6:23:fd:2d:41:
         1e:78:47:af:aa:15:ce:a7:1f:87:d9:c7:37:c7:5c:35:d1:d2:
         6b:c7:e1:1c:bd:2e:e5:21:d9:b8:ce:3c:4b:e7:c2:1f:cd:6d:
         dc:73:04:aa:38:81:d0:ab:88:c1:90:d3:c3:6b:5c:90:5b:13:
         3c:0a:ce:1c:ff:16:73:99:f0:8f:e8:93:d0:1c:ea:e3:bf:db:
         db:a9:4d:7c:7d:41:f7:45:36:03:42:8a:4f:c4:0b:35:65:ed:
         f3:9b:ed:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIpXDh4SMnenHe0henlCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzVmNmZmNTY3YmRlOTMzOTRmZmYyODJmYWQ0MTdkYTBi
NTM2MTQwHhcNMjQxMTI3MDEwMDQ4WhcNMjQxMTI4MDEwMDQ4WjAzMTEwLwYDVQQD
EygwZDMwNGYxZWRhMGMzOWViMTVhZWNkMGIwYWU1ZWRhYjQ2ZjgyNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxhDWcP3HU/U76jzalCOiK2h1nni
L8M0Bq5y24gWIAbK1r/49N2TDLf1MY3hI+StGqq8JvG4foafydtVnDVBDUXYkceY
wObdc6fgWdRCf7b0E0naS/rT2JssARVwWgpRFT3KQuqG4KfbJGd8lB8PwnRmENgv
hwqhlxmHUrUR/loe0olkFAznTgWSLe6+B8IdHyksob/1srnS/Dil0Lm/L0UAo7l9
MbC8qsXNyDXJ7lzzrbW1oSh7xOK8nXD0jXAPBwcdQeZgRaCVS3Qo29Bo9Qp3MdAX
lClWo5h3ieo2Z36Ys8mQSCJkfIpUMC324IFTmMW6w9OoYZ6dFeBm1RdfTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0wTx7aDDnrFa7NCwrl7atG+CWTMB8GA1UdIwQY
MBaAFM019v9We96TOU//KC+tQX2gtTYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDct
NDRhMzA3NTQ1ZDc0LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDctNDRhMzA3NTQ1ZDc0
LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOcZmdTyE
oV9Ph3llDNtGo9N84C3DgxIdXt8LPQuL+Xl+7TDgb2o+zc7GNgrCUO+NboLx5wNz
Bx0P94dW7NdY3AtWNSRop1pOK/rLQ0ppg4M6vI5hLWjKMOj0YcuIZ6CQRA/25g3p
gzjejRPgUYccgmU0vfgAxC9OJF/on5g00WHKwoZczbm7GtGIbgRvfIEtFiNUi5i7
Dj+rDN6CZ8Yj/S1BHnhHr6oVzqcfh9nHN8dcNdHSa8fhHL0u5SHZuM48S+fCH81t
3HMEqjiB0KuIwZDTw2tckFsTPArOHP8Wc5nwj+iT0Bzq47/b26lNfH1B90U2A0KK
T8QLNWXt85vttg==
-----END CERTIFICATE-----