Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
File:                     G7Qd9-pn1O3-D60S99XOzYPhjZo.mft (raw, json)
Hash identifier:          9BibMQosQQihPhD2QhuAA83ZWqxHvKXxSM4HO6j7RNw=
Subject key identifier:   A8:BD:E5:A1:92:04:33:41:FF:7D:3A:3C:66:84:28:31:28:8A:E8:B4
Authority key identifier: 1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A
Certificate issuer:       /CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
Certificate serial:       0191FB22D52D17A0DC4785D57B0F2F14D3AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
Manifest number:          9A
Signing time:             Mon 16 Sep 2024 14:00:49 +0000
Manifest this update:     Mon 16 Sep 2024 14:00:49 +0000
Manifest next update:     Tue 17 Sep 2024 14:00:49 +0000
Files and hashes:         1: G7Qd9-pn1O3-D60S99XOzYPhjZo.crl (hash: lC2tqmnOs+aJb/DCmhIv4q+8tHOj/7Nz+fc3Tm10fiY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:22:d5:2d:17:a0:dc:47:85:d5:7b:0f:2f:14:d3:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1bb41df7ea67d4edfe0fad12f7d5cecd83e18d9a
        Validity
            Not Before: Sep 16 14:00:49 2024 GMT
            Not After : Sep 17 14:00:49 2024 GMT
        Subject: CN=a8bde5a192043341ff7d3a3c66842831288ae8b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:32:51:64:37:18:80:30:50:a2:24:f2:09:c0:
                    1b:6a:ce:f9:30:7b:d4:df:fb:d2:73:b2:1a:79:9f:
                    20:00:81:ff:d4:a0:54:98:3a:22:c2:06:d1:80:1a:
                    4f:0f:87:7d:8f:9b:43:01:36:34:51:6d:04:5c:67:
                    4e:3f:71:db:8b:09:c3:80:a8:ce:42:33:25:f0:ca:
                    0c:a3:a8:86:d6:b7:0f:f9:fc:81:43:d2:0d:db:c3:
                    e4:86:32:e8:35:e2:32:03:21:7f:46:05:ed:5c:98:
                    05:22:eb:77:9c:47:55:72:e3:4d:d3:25:e6:8e:74:
                    f2:8b:d4:32:65:1f:5b:28:d3:36:1a:a1:a5:b4:ca:
                    29:3d:60:e6:58:94:0c:19:6d:e5:fe:d3:63:9c:d9:
                    d7:06:28:a4:45:b6:8c:95:5a:ad:4f:eb:97:7c:d9:
                    63:5f:22:3a:c6:e0:37:69:d6:6b:37:67:1d:7e:f4:
                    3d:13:86:b9:d8:23:1b:54:49:31:fa:a9:36:6d:20:
                    56:ef:af:5a:1e:6e:6d:60:99:5e:7a:21:64:53:ec:
                    ca:a5:4c:a9:4f:f3:cc:70:ed:9a:c0:1c:e0:d1:9b:
                    0a:e1:be:c6:b6:fe:70:78:db:32:c4:14:d8:e4:47:
                    cb:eb:f9:85:3f:94:93:4a:85:8e:f2:46:49:28:15:
                    a2:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:BD:E5:A1:92:04:33:41:FF:7D:3A:3C:66:84:28:31:28:8A:E8:B4
            X509v3 Authority Key Identifier:
                keyid:1B:B4:1D:F7:EA:67:D4:ED:FE:0F:AD:12:F7:D5:CE:CD:83:E1:8D:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G7Qd9-pn1O3-D60S99XOzYPhjZo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/459396-de90-4cc8-a542-3e6e7cdef73e/1/G7Qd9-pn1O3-D60S99XOzYPhjZo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:48:96:12:e2:ce:aa:7a:36:20:39:32:1f:ff:b8:16:02:57:
         af:6f:29:bf:13:59:c2:cd:d5:92:3f:67:c0:da:10:7e:d9:19:
         ea:38:78:6c:51:28:87:a9:8e:46:87:43:c3:d6:b9:87:4f:f7:
         a0:5e:98:65:2f:ec:50:47:06:b4:59:58:11:85:82:8c:72:65:
         fe:0a:ee:56:b6:40:e4:3e:5a:19:ee:5f:8c:cc:ca:94:75:d1:
         45:06:4e:35:56:8e:fe:05:6d:49:c9:fe:85:d2:22:ad:bf:a8:
         6c:ee:81:2e:1a:57:09:6b:b1:d4:08:2a:8b:0d:ad:1a:f6:fa:
         b7:67:24:22:96:93:f2:2a:4f:9e:fb:ce:0c:63:59:34:75:83:
         34:09:84:c5:47:c9:84:78:b9:01:22:d8:42:5e:b5:03:7f:4c:
         4f:41:80:b0:b5:38:69:5a:08:04:f2:5e:fe:d6:dc:82:4e:27:
         ab:7c:98:17:92:b3:17:45:76:a0:4d:85:86:ab:9c:9f:ba:06:
         ca:90:be:3c:af:ea:1e:0d:de:1f:fe:31:9a:c0:0f:41:ee:68:
         e4:c3:3c:77:cd:33:8a:78:fe:67:57:1e:34:74:3e:a9:7f:ba:
         8a:74:e6:e1:32:fa:6f:18:fc:6f:53:81:c7:9d:df:e9:81:d8:
         00:72:8e:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7ItUtF6DcR4XVew8vFNOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYjQxZGY3ZWE2N2Q0ZWRmZTBmYWQxMmY3ZDVjZWNkODNl
MThkOWEwHhcNMjQwOTE2MTQwMDQ5WhcNMjQwOTE3MTQwMDQ5WjAzMTEwLwYDVQQD
EyhhOGJkZTVhMTkyMDQzMzQxZmY3ZDNhM2M2Njg0MjgzMTI4OGFlOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDJRZDcYgDBQoiTyCcAbas75MHvU
3/vSc7IaeZ8gAIH/1KBUmDoiwgbRgBpPD4d9j5tDATY0UW0EXGdOP3HbiwnDgKjO
QjMl8MoMo6iG1rcP+fyBQ9IN28PkhjLoNeIyAyF/RgXtXJgFIut3nEdVcuNN0yXm
jnTyi9QyZR9bKNM2GqGltMopPWDmWJQMGW3l/tNjnNnXBiikRbaMlVqtT+uXfNlj
XyI6xuA3adZrN2cdfvQ9E4a52CMbVEkx+qk2bSBW769aHm5tYJleeiFkU+zKpUyp
T/PMcO2awBzg0ZsK4b7Gtv5weNsyxBTY5EfL6/mFP5STSoWO8kZJKBWiGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKi95aGSBDNB/306PGaEKDEoiui0MB8GA1UdIwQY
MBaAFBu0HffqZ9Tt/g+tEvfVzs2D4Y2aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDIt
M2U2ZTdjZGVmNzNlLzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NTkzOTYtZGU5MC00Y2M4LWE1NDItM2U2ZTdjZGVmNzNl
LzEvRzdRZDktcG4xTzMtRDYwUzk5WE96WVBoalpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM0iWEuLO
qno2IDkyH/+4FgJXr28pvxNZws3Vkj9nwNoQftkZ6jh4bFEoh6mORodDw9a5h0/3
oF6YZS/sUEcGtFlYEYWCjHJl/gruVrZA5D5aGe5fjMzKlHXRRQZONVaO/gVtScn+
hdIirb+obO6BLhpXCWux1Agqiw2tGvb6t2ckIpaT8ipPnvvODGNZNHWDNAmExUfJ
hHi5ASLYQl61A39MT0GAsLU4aVoIBPJe/tbcgk4nq3yYF5KzF0V2oE2Fhqucn7oG
ypC+PK/qHg3eH/4xmsAPQe5o5MM8d80zinj+Z1ceNHQ+qX+6inTm4TL6bxj8b1OB
x53f6YHYAHKOYQ==
-----END CERTIFICATE-----