Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
File:                     7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft (raw, json)
Hash identifier:          OuzQgAqCLmlxq9pcaBKHxKlfbFzAghq/lxzfocSzS1Y=
Subject key identifier:   9D:AB:50:2F:E0:58:52:7F:5F:0B:26:7A:FB:6A:23:8D:08:BC:24:FF
Authority key identifier: EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94
Certificate issuer:       /CN=ee03df829afd6a1f2590e4244522e1b36c086a94
Certificate serial:       01936AB4292531B6E491E5C78164B6B1C43A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
Manifest number:          0A5B
Signing time:             Tue 26 Nov 2024 23:00:11 +0000
Manifest this update:     Tue 26 Nov 2024 23:00:11 +0000
Manifest next update:     Wed 27 Nov 2024 23:00:11 +0000
Files and hashes:         1: 7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl (hash: 4lEAt8VBvIqjoJ+iYFfVTSU/PLkxmyRld5coSYycvdk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:b4:29:25:31:b6:e4:91:e5:c7:81:64:b6:b1:c4:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ee03df829afd6a1f2590e4244522e1b36c086a94
        Validity
            Not Before: Nov 26 23:00:11 2024 GMT
            Not After : Nov 27 23:00:11 2024 GMT
        Subject: CN=9dab502fe058527f5f0b267afb6a238d08bc24ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:84:54:54:a9:81:20:92:8a:f3:6e:e1:b8:c7:
                    cd:19:f8:9d:37:c2:09:a3:09:cc:69:9f:9d:ff:48:
                    a6:a5:ee:b0:03:dc:24:67:b1:68:81:6b:2f:b8:8b:
                    b0:41:e4:d9:6e:25:34:75:a3:5b:6f:c1:6b:c9:e3:
                    36:56:a4:3a:a9:23:b2:6e:b1:5b:7e:a1:f2:55:56:
                    75:1e:e1:4d:2a:c8:21:01:d4:06:80:32:54:0c:02:
                    d5:9f:f1:ad:4d:22:19:69:93:88:87:ef:bf:45:ba:
                    cb:9a:b0:6b:ec:d8:13:86:20:de:dc:93:ba:17:2c:
                    ed:ce:1b:24:3a:aa:b0:ae:cb:01:d4:17:9a:d0:1d:
                    c3:aa:ae:43:40:3f:66:c7:ae:8e:26:1e:c7:4e:ec:
                    c1:64:ad:f1:db:13:4b:4a:7c:03:83:ef:3f:1a:f1:
                    0a:49:89:0b:bf:31:f7:39:02:00:ff:e4:34:01:f8:
                    52:5a:f4:a3:0c:77:ed:da:b0:0d:ba:61:bc:98:54:
                    cb:14:03:5a:c0:0c:e9:4a:7c:80:25:3c:96:4d:18:
                    51:3a:0c:1e:be:fb:aa:4a:a9:cb:9b:d1:63:7e:f1:
                    d9:1b:88:a5:d8:4a:cc:37:a3:01:e5:ac:c6:69:d0:
                    72:46:49:4f:ea:78:7e:63:d9:29:ae:e0:d3:bc:bf:
                    00:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:AB:50:2F:E0:58:52:7F:5F:0B:26:7A:FB:6A:23:8D:08:BC:24:FF
            X509v3 Authority Key Identifier:
                keyid:EE:03:DF:82:9A:FD:6A:1F:25:90:E4:24:45:22:E1:B3:6C:08:6A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7gPfgpr9ah8lkOQkRSLhs2wIapQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/aaacf7-bfda-403e-bf62-a1a46a80c1da/1/7gPfgpr9ah8lkOQkRSLhs2wIapQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:60:46:bc:75:96:8b:0a:1c:bd:ec:bc:09:2e:38:aa:53:1b:
         96:4c:9b:83:35:89:0e:9a:d0:3d:cc:a4:f8:b4:ee:84:22:ce:
         fc:d4:89:ca:d7:ca:b6:3d:12:17:84:1e:e1:88:a7:b0:e3:54:
         44:80:13:81:b2:4f:bb:58:7c:1d:d7:b8:b1:bb:de:14:82:f9:
         b4:1a:a3:fb:ec:5e:51:97:d0:67:52:b5:84:e3:16:e3:89:84:
         93:a3:d4:e9:ea:87:3c:02:01:53:5d:d9:15:5f:be:95:e5:d9:
         a7:1a:49:48:67:fc:aa:2f:66:a1:76:5f:95:3c:08:2d:e6:11:
         7e:ae:19:08:83:93:82:c2:d1:b6:7e:26:53:1b:ad:fd:b9:63:
         cf:05:36:08:0f:6c:ec:42:5a:36:7d:ee:5a:05:d5:f9:51:63:
         a8:98:4c:7d:c9:9f:23:4d:4e:a2:b2:54:0d:77:51:be:9d:86:
         ff:33:1c:17:b4:67:bb:e1:8f:c3:d7:0d:bf:ff:c2:6e:68:52:
         a4:60:ed:a6:7a:63:74:14:a8:69:36:bb:2b:02:e4:c5:24:f6:
         f6:81:6f:63:e8:71:02:3f:6b:76:93:88:cd:a2:91:cf:da:e8:
         b8:ce:20:91:43:3c:ed:20:ca:8e:08:fb:53:6c:ea:3e:25:3e:
         9f:1b:46:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqtCklMbbkkeXHgWS2scQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMDNkZjgyOWFmZDZhMWYyNTkwZTQyNDQ1MjJlMWIzNmMw
ODZhOTQwHhcNMjQxMTI2MjMwMDExWhcNMjQxMTI3MjMwMDExWjAzMTEwLwYDVQQD
Eyg5ZGFiNTAyZmUwNTg1MjdmNWYwYjI2N2FmYjZhMjM4ZDA4YmMyNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IRUVKmBIJKK827huMfNGfidN8IJ
ownMaZ+d/0impe6wA9wkZ7FogWsvuIuwQeTZbiU0daNbb8FryeM2VqQ6qSOybrFb
fqHyVVZ1HuFNKsghAdQGgDJUDALVn/GtTSIZaZOIh++/RbrLmrBr7NgThiDe3JO6
FyztzhskOqqwrssB1Bea0B3Dqq5DQD9mx66OJh7HTuzBZK3x2xNLSnwDg+8/GvEK
SYkLvzH3OQIA/+Q0AfhSWvSjDHft2rANumG8mFTLFANawAzpSnyAJTyWTRhROgwe
vvuqSqnLm9FjfvHZG4il2ErMN6MB5azGadByRklP6nh+Y9kpruDTvL8AFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2rUC/gWFJ/XwsmevtqI40IvCT/MB8GA1UdIwQY
MBaAFO4D34Ka/WofJZDkJEUi4bNsCGqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjIt
YTFhNDZhODBjMWRhLzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9hYWFjZjctYmZkYS00MDNlLWJmNjItYTFhNDZhODBjMWRh
LzEvN2dQZmdwcjlhaDhsa09Ra1JTTGhzMndJYXBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWBGvHWW
iwocvey8CS44qlMblkybgzWJDprQPcyk+LTuhCLO/NSJytfKtj0SF4Qe4YinsONU
RIATgbJPu1h8Hde4sbveFIL5tBqj++xeUZfQZ1K1hOMW44mEk6PU6eqHPAIBU13Z
FV++leXZpxpJSGf8qi9moXZflTwILeYRfq4ZCIOTgsLRtn4mUxut/bljzwU2CA9s
7EJaNn3uWgXV+VFjqJhMfcmfI01OorJUDXdRvp2G/zMcF7Rnu+GPw9cNv//CbmhS
pGDtpnpjdBSoaTa7KwLkxST29oFvY+hxAj9rdpOIzaKRz9rouM4gkUM87SDKjgj7
U2zqPiU+nxtG1A==
-----END CERTIFICATE-----