Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          0xrrI2/iqOH2OlOqZUscVZehEwhg/F3P9PZEC/9Q2/0=
Subject key identifier:   AE:4C:01:EA:F9:DF:2C:35:4E:BC:B5:12:67:0C:0D:91:B7:F0:E9:71
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       01936A0F78DBB17E4EEBDA1D5811DF3BECFC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          0158
Signing time:             Tue 26 Nov 2024 20:00:18 +0000
Manifest this update:     Tue 26 Nov 2024 20:00:18 +0000
Manifest next update:     Wed 27 Nov 2024 20:00:18 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: hf10LWtLyhkJwiaFxfpcJTNMDDAvfFft5tIeGLjDYEM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:0f:78:db:b1:7e:4e:eb:da:1d:58:11:df:3b:ec:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Nov 26 20:00:18 2024 GMT
            Not After : Nov 27 20:00:18 2024 GMT
        Subject: CN=ae4c01eaf9df2c354ebcb512670c0d91b7f0e971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:7e:b1:b4:f6:54:dd:1b:e7:d1:d9:bd:03:1c:
                    5a:38:eb:3a:14:68:e6:74:03:a6:f4:ce:92:0c:db:
                    6c:8f:84:34:5e:ac:ae:93:ec:4c:75:b8:a9:f8:9d:
                    48:6a:d0:77:36:73:8b:6c:ba:ce:73:09:81:c1:db:
                    a5:68:51:11:ee:31:f9:30:0a:4f:9d:0f:16:99:63:
                    c9:fa:66:a1:67:11:48:98:d9:2b:3c:ad:56:ae:76:
                    9e:94:bc:8d:a5:4b:87:c8:d7:d2:4a:e6:68:5f:6b:
                    db:fa:2d:48:87:44:da:04:b5:b3:70:dc:09:0d:e6:
                    54:f8:3d:96:d7:21:91:2d:92:81:ea:55:c1:42:b3:
                    39:3e:e4:0c:91:ce:12:5e:1b:bc:7e:50:39:80:8b:
                    3b:1f:f9:b8:83:11:28:67:ea:cd:bb:c2:ef:c2:bb:
                    f4:a4:eb:56:d8:71:ea:0b:75:a5:32:f3:e2:8d:0d:
                    c7:b0:89:33:f9:7c:35:76:1c:68:17:4d:61:eb:42:
                    4a:68:cc:02:1a:d0:c1:5b:11:18:6c:50:ed:24:58:
                    c1:90:06:1c:f1:6b:55:70:b8:29:9a:9a:96:0f:83:
                    57:96:c6:ff:e2:d7:a9:9d:aa:93:1d:50:b2:51:76:
                    c5:63:69:bc:7a:f9:71:39:e7:6d:0b:83:a0:5d:2b:
                    25:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4C:01:EA:F9:DF:2C:35:4E:BC:B5:12:67:0C:0D:91:B7:F0:E9:71
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:52:28:1b:b8:b5:09:18:c2:49:e1:12:1c:45:96:d1:3b:22:
         26:e2:ac:49:87:59:0f:9a:36:0b:91:e5:f1:c7:4d:39:94:9b:
         ce:99:36:76:a4:c5:b4:99:b5:ad:bd:3f:3b:70:4b:30:13:0f:
         9e:b1:8a:47:37:16:1f:f1:54:ad:21:a4:0c:a9:67:ea:8d:79:
         e3:a6:2f:4b:7a:f3:b0:b9:cb:23:f3:f6:72:48:68:61:10:97:
         87:e4:2c:5a:32:f4:35:b8:7b:39:1c:f2:b8:62:f0:8a:f3:76:
         4f:b9:ee:7b:b5:30:a1:ab:60:c7:fa:39:5a:63:d0:0c:21:23:
         e6:48:70:4e:f6:a9:e3:d0:41:08:83:81:d5:6e:a0:5b:4e:69:
         f4:62:dd:46:09:bb:ab:ab:ca:51:84:7e:65:d9:c2:ed:0c:0c:
         3d:c1:f0:25:b0:cc:8f:cc:b0:52:01:62:fd:fe:30:29:07:6b:
         8d:b1:5b:60:87:93:28:a3:bc:8b:5b:a5:67:5d:8e:44:bb:fc:
         32:21:6a:62:00:09:5c:b2:bb:c9:66:c0:e1:a1:01:c0:c3:6d:
         9a:8a:df:e6:2e:8e:1b:2a:aa:ae:f7:1b:0c:77:e3:bd:95:b5:
         d3:e5:de:c1:83:6c:2a:ca:7f:17:42:45:1b:6e:d6:5b:df:b4:
         78:59:ca:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqD3jbsX5O69odWBHfO+z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjQxMTI2MjAwMDE4WhcNMjQxMTI3MjAwMDE4WjAzMTEwLwYDVQQD
EyhhZTRjMDFlYWY5ZGYyYzM1NGViY2I1MTI2NzBjMGQ5MWI3ZjBlOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp36xtPZU3Rvn0dm9AxxaOOs6FGjm
dAOm9M6SDNtsj4Q0Xqyuk+xMdbip+J1IatB3NnOLbLrOcwmBwdulaFER7jH5MApP
nQ8WmWPJ+mahZxFImNkrPK1WrnaelLyNpUuHyNfSSuZoX2vb+i1Ih0TaBLWzcNwJ
DeZU+D2W1yGRLZKB6lXBQrM5PuQMkc4SXhu8flA5gIs7H/m4gxEoZ+rNu8Lvwrv0
pOtW2HHqC3WlMvPijQ3HsIkz+Xw1dhxoF01h60JKaMwCGtDBWxEYbFDtJFjBkAYc
8WtVcLgpmpqWD4NXlsb/4tepnaqTHVCyUXbFY2m8evlxOedtC4OgXSsl1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5MAer53yw1Try1EmcMDZG38OlxMB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR1IoG7i1
CRjCSeESHEWW0TsiJuKsSYdZD5o2C5Hl8cdNOZSbzpk2dqTFtJm1rb0/O3BLMBMP
nrGKRzcWH/FUrSGkDKln6o1546YvS3rzsLnLI/P2ckhoYRCXh+QsWjL0Nbh7ORzy
uGLwivN2T7nue7Uwoatgx/o5WmPQDCEj5khwTvap49BBCIOB1W6gW05p9GLdRgm7
q6vKUYR+ZdnC7QwMPcHwJbDMj8ywUgFi/f4wKQdrjbFbYIeTKKO8i1ulZ12ORLv8
MiFqYgAJXLK7yWbA4aEBwMNtmorf5i6OGyqqrvcbDHfjvZW10+XewYNsKsp/F0JF
G27WW9+0eFnKdQ==
-----END CERTIFICATE-----