Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
File:                     MMOt1700croWgExJC2ahCXZZvTE.mft (raw, json)
Hash identifier:          BAkRrjNE9+F2EEJfdRya45MIb2pngjvWKVowwR1uhcc=
Subject key identifier:   0F:B2:EA:F9:6C:39:10:44:C3:EC:13:59:58:99:7A:25:5F:BE:DB:7D
Authority key identifier: 30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31
Certificate issuer:       /CN=30c3add7bd3472ba16804c490b66a1097659bd31
Certificate serial:       01935764CEF0B8480F8472E8B075408E84D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
Manifest number:          0924
Signing time:             Sat 23 Nov 2024 05:00:44 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:44 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:44 +0000
Files and hashes:         1: MMOt1700croWgExJC2ahCXZZvTE.crl (hash: 6mSvkNR1NsDmPB+dK04IGW9ZL00kuTvXMdXTT9ATnzU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:ce:f0:b8:48:0f:84:72:e8:b0:75:40:8e:84:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30c3add7bd3472ba16804c490b66a1097659bd31
        Validity
            Not Before: Nov 23 05:00:44 2024 GMT
            Not After : Nov 24 05:00:44 2024 GMT
        Subject: CN=0fb2eaf96c391044c3ec135958997a255fbedb7d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:25:e1:ed:4f:87:3c:fb:d2:7e:c8:c3:3c:0a:
                    5b:99:6a:e0:9d:21:cd:43:7e:85:3e:02:ca:af:ed:
                    71:4e:26:cf:5e:06:f5:e2:68:7e:cb:46:25:6b:06:
                    4c:d9:03:d2:ab:00:21:df:1f:f3:5c:e3:ca:14:00:
                    b4:40:62:65:cc:6d:eb:29:8d:31:3f:0e:f3:99:bc:
                    78:7c:3a:d7:52:38:98:56:55:2e:33:c6:af:f1:51:
                    c5:28:a4:1e:3e:9c:e1:8c:7d:fd:07:bc:c2:cf:2d:
                    f8:f1:69:82:bd:6b:10:b7:7e:a5:d6:44:7c:f3:42:
                    3a:2b:1f:eb:9e:ed:f1:9d:f0:8b:5e:56:a3:a6:32:
                    45:2b:c8:0c:9f:a8:74:98:f5:ce:3c:47:03:0a:7b:
                    74:8e:e1:25:ac:35:b8:5a:ee:63:77:e5:12:8a:d9:
                    0d:14:e0:d8:e2:8b:5e:10:78:6b:2c:17:c4:32:f1:
                    b0:94:52:09:21:50:6f:1a:d0:44:49:3f:c4:72:b4:
                    20:17:ba:99:86:a9:82:6c:3b:60:f8:49:1e:dc:7a:
                    18:35:e1:53:55:60:a7:97:ef:5e:cd:f4:c0:7d:2a:
                    94:78:9c:16:c9:ec:2b:93:cc:35:d3:54:7b:55:15:
                    47:79:1d:1a:9f:21:59:88:8e:47:23:f4:f6:95:d8:
                    38:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:B2:EA:F9:6C:39:10:44:C3:EC:13:59:58:99:7A:25:5F:BE:DB:7D
            X509v3 Authority Key Identifier:
                keyid:30:C3:AD:D7:BD:34:72:BA:16:80:4C:49:0B:66:A1:09:76:59:BD:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMOt1700croWgExJC2ahCXZZvTE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/23ccc8-4718-453c-be3e-95cd6924ab4e/1/MMOt1700croWgExJC2ahCXZZvTE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:65:d6:e1:4b:73:55:c8:e9:bb:9e:90:19:d1:06:c7:90:e2:
         f0:c3:42:dd:ef:f2:67:bb:6f:5d:ba:a0:94:86:da:d7:01:76:
         42:50:11:0b:11:1e:11:8e:29:2f:33:75:72:76:f0:43:66:21:
         a4:23:0b:de:e6:b0:eb:2d:e3:6e:5e:7b:86:90:8c:b2:0f:76:
         89:a8:f3:06:22:54:67:e2:a8:da:ed:23:c0:b9:27:60:d0:35:
         7f:d2:bc:24:ad:19:ae:b9:e6:d9:91:08:61:5e:4b:e0:43:1c:
         47:15:1c:19:f5:67:cf:43:d1:02:27:85:d2:b4:b7:d7:75:c9:
         93:81:1a:22:b8:5b:39:ef:5f:a4:65:c2:d7:c4:5f:29:f0:00:
         70:18:fe:03:6b:a0:67:c9:ea:91:f3:26:d7:e2:d4:e2:2e:91:
         7c:4c:94:fb:ba:43:a2:c6:70:20:f7:e1:64:1d:30:64:5c:90:
         19:a2:5f:31:4c:f4:d8:69:e2:2c:a5:8b:28:4f:23:da:f1:bc:
         e5:9c:96:5b:5f:27:a8:d0:bf:2d:02:b2:e1:76:67:bf:70:99:
         55:8a:5c:8e:2f:70:8a:81:6e:88:07:91:0d:ed:2e:a5:43:dc:
         d5:a8:87:1c:9e:8f:79:ae:e6:29:33:10:ba:a8:91:f3:b0:74:
         b1:55:1f:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZM7wuEgPhHLosHVAjoTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzNhZGQ3YmQzNDcyYmExNjgwNGM0OTBiNjZhMTA5NzY1
OWJkMzEwHhcNMjQxMTIzMDUwMDQ0WhcNMjQxMTI0MDUwMDQ0WjAzMTEwLwYDVQQD
EygwZmIyZWFmOTZjMzkxMDQ0YzNlYzEzNTk1ODk5N2EyNTVmYmVkYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSXh7U+HPPvSfsjDPApbmWrgnSHN
Q36FPgLKr+1xTibPXgb14mh+y0YlawZM2QPSqwAh3x/zXOPKFAC0QGJlzG3rKY0x
Pw7zmbx4fDrXUjiYVlUuM8av8VHFKKQePpzhjH39B7zCzy348WmCvWsQt36l1kR8
80I6Kx/rnu3xnfCLXlajpjJFK8gMn6h0mPXOPEcDCnt0juElrDW4Wu5jd+USitkN
FODY4oteEHhrLBfEMvGwlFIJIVBvGtBEST/EcrQgF7qZhqmCbDtg+Eke3HoYNeFT
VWCnl+9ezfTAfSqUeJwWyewrk8w101R7VRVHeR0anyFZiI5HI/T2ldg4GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA+y6vlsORBEw+wTWViZeiVfvtt9MB8GA1UdIwQY
MBaAFDDDrde9NHK6FoBMSQtmoQl2Wb0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2Ut
OTVjZDY5MjRhYjRlLzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8yM2NjYzgtNDcxOC00NTNjLWJlM2UtOTVjZDY5MjRhYjRl
LzEvTU1PdDE3MDBjcm9XZ0V4SkMyYWhDWFpadlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjGXW4Utz
Vcjpu56QGdEGx5Di8MNC3e/yZ7tvXbqglIba1wF2QlARCxEeEY4pLzN1cnbwQ2Yh
pCML3uaw6y3jbl57hpCMsg92iajzBiJUZ+Ko2u0jwLknYNA1f9K8JK0Zrrnm2ZEI
YV5L4EMcRxUcGfVnz0PRAieF0rS313XJk4EaIrhbOe9fpGXC18RfKfAAcBj+A2ug
Z8nqkfMm1+LU4i6RfEyU+7pDosZwIPfhZB0wZFyQGaJfMUz02GniLKWLKE8j2vG8
5ZyWW18nqNC/LQKy4XZnv3CZVYpcji9wioFuiAeRDe0upUPc1aiHHJ6Pea7mKTMQ
uqiR87B0sVUf7g==
-----END CERTIFICATE-----