Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
File:                     97KiPZsF9XV53i8CRJtmYD4-Vzo.mft (raw, json)
Hash identifier:          Ve9moE/n3775WsWdjKrDxWhbVna6AUSNVmJgUDL61DA=
Subject key identifier:   4D:33:E0:B4:96:F4:EE:99:9F:86:DD:30:62:6C:ED:29:9E:13:91:83
Authority key identifier: F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A
Certificate issuer:       /CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
Certificate serial:       019405A0E9AF7E49D295099D52C3703667EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
Manifest number:          0F7F
Signing time:             Fri 27 Dec 2024 01:00:18 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:18 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:18 +0000
Files and hashes:         1: 97KiPZsF9XV53i8CRJtmYD4-Vzo.crl (hash: o59xqVPYdd9kV/rND82hK1I+OEqQZtJxQ8OirtVFxcg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 01:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a0:e9:af:7e:49:d2:95:09:9d:52:c3:70:36:67:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7b2a23d9b05f57579de2f02449b66603e3e573a
        Validity
            Not Before: Dec 27 01:00:18 2024 GMT
            Not After : Dec 28 01:00:18 2024 GMT
        Subject: CN=4d33e0b496f4ee999f86dd30626ced299e139183
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ff:94:5f:8e:a5:22:f8:fd:0b:bc:0a:20:c0:
                    89:36:be:bd:e3:8e:53:de:17:f5:22:8c:3f:ea:c8:
                    04:cf:35:6a:4c:5a:9b:bb:b2:35:ac:27:96:92:2a:
                    35:47:0f:52:5e:f8:fd:27:7f:5f:fe:ad:84:3b:64:
                    96:17:73:ae:00:ab:25:41:68:c4:79:03:65:1c:22:
                    7e:a1:4a:b2:e6:a2:38:81:1b:f3:b6:9b:96:b0:e5:
                    39:e1:7a:33:b9:c1:03:d0:ff:84:c6:31:7b:46:61:
                    7e:83:c7:96:f8:f7:49:71:3f:e1:f4:55:d0:02:51:
                    28:5d:f9:30:e0:eb:7d:05:25:d3:30:82:bf:c6:7a:
                    40:44:25:02:ec:5b:a9:55:05:d6:2a:49:61:1c:9a:
                    7d:72:76:6e:81:84:06:fa:2a:f0:f3:81:3c:12:15:
                    0e:72:27:00:d3:f7:97:6f:5b:fd:d6:67:78:5a:bf:
                    f4:2f:40:4b:6a:b9:91:92:18:a0:97:f6:bf:d9:8e:
                    3b:40:81:fb:29:56:93:31:d1:7a:62:03:49:d4:f2:
                    f1:c8:9e:00:c3:96:df:ec:5b:b6:02:38:4e:d9:a1:
                    15:bd:3c:98:de:e5:72:ed:61:8d:d8:d8:d0:66:ae:
                    52:6d:b4:71:0f:d0:3f:98:75:33:88:cb:5b:62:57:
                    2e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:33:E0:B4:96:F4:EE:99:9F:86:DD:30:62:6C:ED:29:9E:13:91:83
            X509v3 Authority Key Identifier:
                keyid:F7:B2:A2:3D:9B:05:F5:75:79:DE:2F:02:44:9B:66:60:3E:3E:57:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97KiPZsF9XV53i8CRJtmYD4-Vzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/0a1b7f-dfd2-46f9-8313-5be6a759f318/1/97KiPZsF9XV53i8CRJtmYD4-Vzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:c6:cf:60:68:89:0f:2b:d8:68:20:10:51:75:04:70:a3:09:
         b5:83:7d:48:22:0e:af:f4:fd:ac:92:ab:db:41:e3:8f:8e:68:
         e9:42:3a:3a:24:43:8a:2a:d1:fb:84:5c:54:02:08:69:2b:9d:
         b3:70:98:3a:a0:27:f8:39:8c:25:ee:e5:17:30:48:61:9c:f5:
         6c:64:7c:01:fe:7e:bb:bc:3d:cf:61:64:b5:38:33:f0:b2:99:
         41:fd:04:bb:5b:24:f2:9a:e6:b4:2c:0d:43:57:36:ef:60:25:
         ef:af:85:62:22:4d:90:e7:14:dd:e1:fb:ed:97:b5:bb:e8:2a:
         58:52:7f:60:2d:f4:75:1a:ad:36:72:54:4e:60:34:d1:61:f6:
         69:6d:b0:4f:c8:01:30:60:14:01:6d:f2:66:1f:48:b6:7d:a4:
         03:b6:ea:cf:32:27:9a:84:1c:a1:e1:ed:15:88:7c:4c:f5:ad:
         3b:0d:f0:59:02:e6:1a:c4:8e:05:98:b6:96:6a:4f:e4:39:19:
         4d:b8:c3:97:53:14:af:7b:d2:d6:5d:47:f6:7b:d5:1e:af:7c:
         87:d6:bc:d1:e9:1d:9b:27:fb:76:de:d6:03:15:37:37:67:b2:
         af:89:c3:0d:7e:20:e7:01:91:de:52:de:c9:9f:c4:7b:31:92:
         50:51:a2:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoOmvfknSlQmdUsNwNmfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjJhMjNkOWIwNWY1NzU3OWRlMmYwMjQ0OWI2NjYwM2Uz
ZTU3M2EwHhcNMjQxMjI3MDEwMDE4WhcNMjQxMjI4MDEwMDE4WjAzMTEwLwYDVQQD
Eyg0ZDMzZTBiNDk2ZjRlZTk5OWY4NmRkMzA2MjZjZWQyOTllMTM5MTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP+UX46lIvj9C7wKIMCJNr69445T
3hf1Iow/6sgEzzVqTFqbu7I1rCeWkio1Rw9SXvj9J39f/q2EO2SWF3OuAKslQWjE
eQNlHCJ+oUqy5qI4gRvztpuWsOU54XozucED0P+ExjF7RmF+g8eW+PdJcT/h9FXQ
AlEoXfkw4Ot9BSXTMIK/xnpARCUC7FupVQXWKklhHJp9cnZugYQG+irw84E8EhUO
cicA0/eXb1v91md4Wr/0L0BLarmRkhigl/a/2Y47QIH7KVaTMdF6YgNJ1PLxyJ4A
w5bf7Fu2AjhO2aEVvTyY3uVy7WGN2NjQZq5SbbRxD9A/mHUziMtbYlcugQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE0z4LSW9O6Zn4bdMGJs7SmeE5GDMB8GA1UdIwQY
MBaAFPeyoj2bBfV1ed4vAkSbZmA+Plc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMt
NWJlNmE3NTlmMzE4LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wYTFiN2YtZGZkMi00NmY5LTgzMTMtNWJlNmE3NTlmMzE4
LzEvOTdLaVBac0Y5WFY1M2k4Q1JKdG1ZRDQtVnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMbPYGiJ
DyvYaCAQUXUEcKMJtYN9SCIOr/T9rJKr20Hjj45o6UI6OiRDiirR+4RcVAIIaSud
s3CYOqAn+DmMJe7lFzBIYZz1bGR8Af5+u7w9z2FktTgz8LKZQf0Eu1sk8prmtCwN
Q1c272Al76+FYiJNkOcU3eH77Ze1u+gqWFJ/YC30dRqtNnJUTmA00WH2aW2wT8gB
MGAUAW3yZh9Itn2kA7bqzzInmoQcoeHtFYh8TPWtOw3wWQLmGsSOBZi2lmpP5DkZ
TbjDl1MUr3vS1l1H9nvVHq98h9a80ekdmyf7dt7WAxU3N2eyr4nDDX4g5wGR3lLe
yZ/EezGSUFGikA==
-----END CERTIFICATE-----