Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
File:                     S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json)
Hash identifier:          K4NT0aIBek7O4+Sae40xbPP8VyVy/PwfQYqWkQC/ins=
Subject key identifier:   99:C3:9E:45:73:C2:21:4A:EF:9A:43:F5:B4:6E:A3:DB:62:8B:87:A4
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Certificate issuer:       /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial:       01935877820B92DD714CF36214F96EFD62B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
Manifest number:          049C
Signing time:             Sat 23 Nov 2024 10:00:47 +0000
Manifest this update:     Sat 23 Nov 2024 10:00:47 +0000
Manifest next update:     Sun 24 Nov 2024 10:00:47 +0000
Files and hashes:         1: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: D2W31pEcRIMNvSI2e09qi7UjmAwM7Ia94uu1SMRrY8w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:82:0b:92:dd:71:4c:f3:62:14:f9:6e:fd:62:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
        Validity
            Not Before: Nov 23 10:00:47 2024 GMT
            Not After : Nov 24 10:00:47 2024 GMT
        Subject: CN=99c39e4573c2214aef9a43f5b46ea3db628b87a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:7a:56:57:eb:b6:5f:5a:17:96:bc:ff:d7:19:
                    a6:40:ac:f1:29:37:7e:d8:a2:7a:84:c6:ee:84:d6:
                    b8:b1:1e:17:a5:67:68:c9:2c:ac:8c:e0:be:3b:52:
                    fe:ad:98:5a:06:4e:17:86:11:20:17:88:80:fa:40:
                    15:ad:ed:77:22:df:c5:23:cd:54:5f:96:8b:39:86:
                    0d:5a:5a:f1:cb:bb:3e:16:7f:70:35:eb:d3:51:e7:
                    53:54:2f:0c:11:80:33:68:ec:82:55:f5:76:27:43:
                    af:26:3c:9d:06:a1:11:5c:28:df:d1:83:74:40:e1:
                    42:8b:d8:c5:cb:2f:26:8a:f3:ac:92:2e:10:41:38:
                    23:19:c3:a4:ae:02:c4:e6:64:c8:c3:c6:a3:6a:4d:
                    e2:af:b4:5a:c1:7e:a0:44:20:53:b3:f2:b9:4d:fe:
                    bd:81:20:09:42:97:38:94:e8:6f:77:80:d1:7b:ce:
                    1c:a1:ac:7c:53:45:cc:b9:90:4a:26:1d:8d:ae:ab:
                    ec:86:9c:ae:09:d7:2a:35:ce:c1:df:83:8d:61:f3:
                    c3:d5:bb:0f:bf:7f:c2:10:3e:9b:db:bc:71:f7:52:
                    b6:3f:69:91:92:73:0d:45:79:84:ba:ab:7f:90:6a:
                    64:57:11:49:e7:f5:63:43:df:93:de:9b:9c:52:f7:
                    56:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:C3:9E:45:73:C2:21:4A:EF:9A:43:F5:B4:6E:A3:DB:62:8B:87:A4
            X509v3 Authority Key Identifier:
                keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:10:d0:7d:85:6b:f3:5f:75:31:1a:fc:c7:6d:49:53:33:ed:
         84:b3:8c:de:2a:27:6a:58:94:c8:4a:27:ae:4c:7e:a4:01:2e:
         89:2f:13:33:92:85:72:c4:12:b9:d4:67:61:a4:f1:16:ef:6a:
         36:a8:f1:9f:32:9f:22:ae:ff:9b:9c:8c:fd:fb:54:20:a7:0c:
         76:da:34:10:ae:8b:90:a4:40:60:18:6c:f7:af:10:f3:d0:23:
         a2:17:47:59:59:b4:5c:92:6a:06:23:04:b9:fd:d4:18:45:51:
         05:6c:37:62:62:d9:fd:82:b1:ce:0e:4d:a4:e4:8b:7c:cf:bd:
         2b:a7:5b:53:b1:41:69:02:62:5c:d9:ee:aa:a8:67:8e:7f:b8:
         f7:32:ff:25:eb:b2:d5:20:31:47:89:27:1b:58:43:b4:7d:0e:
         58:85:2d:1f:77:d5:ec:82:67:31:dd:30:9a:19:aa:10:d0:37:
         50:63:8f:81:d7:6d:1a:5c:41:05:6f:f3:4c:31:69:17:1e:8c:
         a9:75:d0:25:fd:3f:8d:28:8f:96:11:21:60:2e:c2:4f:9a:1b:
         73:d8:74:6b:f7:8d:48:a6:8c:b9:1b:92:06:d5:c1:59:7b:5d:
         fb:bc:7e:1a:74:02:f3:cf:6b:1a:22:57:b7:d1:7c:c2:df:c7:
         49:2e:40:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd4ILkt1xTPNiFPlu/WK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjQxMTIzMTAwMDQ3WhcNMjQxMTI0MTAwMDQ3WjAzMTEwLwYDVQQD
Eyg5OWMzOWU0NTczYzIyMTRhZWY5YTQzZjViNDZlYTNkYjYyOGI4N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2XpWV+u2X1oXlrz/1xmmQKzxKTd+
2KJ6hMbuhNa4sR4XpWdoySysjOC+O1L+rZhaBk4XhhEgF4iA+kAVre13It/FI81U
X5aLOYYNWlrxy7s+Fn9wNevTUedTVC8MEYAzaOyCVfV2J0OvJjydBqERXCjf0YN0
QOFCi9jFyy8mivOski4QQTgjGcOkrgLE5mTIw8ajak3ir7RawX6gRCBTs/K5Tf69
gSAJQpc4lOhvd4DRe84coax8U0XMuZBKJh2NrqvshpyuCdcqNc7B34ONYfPD1bsP
v3/CED6b27xx91K2P2mRknMNRXmEuqt/kGpkVxFJ5/VjQ9+T3pucUvdWVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnDnkVzwiFK75pD9bRuo9tii4ekMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoRDQfYVr
8191MRr8x21JUzPthLOM3ionaliUyEonrkx+pAEuiS8TM5KFcsQSudRnYaTxFu9q
NqjxnzKfIq7/m5yM/ftUIKcMdto0EK6LkKRAYBhs968Q89AjohdHWVm0XJJqBiME
uf3UGEVRBWw3YmLZ/YKxzg5NpOSLfM+9K6dbU7FBaQJiXNnuqqhnjn+49zL/Jeuy
1SAxR4knG1hDtH0OWIUtH3fV7IJnMd0wmhmqENA3UGOPgddtGlxBBW/zTDFpFx6M
qXXQJf0/jSiPlhEhYC7CT5obc9h0a/eNSKaMuRuSBtXBWXtd+7x+GnQC889rGiJX
t9F8wt/HSS5A5w==
-----END CERTIFICATE-----