Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
File:                     3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft (raw, json)
Hash identifier:          J42j1fC2N5THrOtaEESV9XM38T15Db+ftsUmAOAJYwc=
Subject key identifier:   54:72:99:A1:0E:CF:58:28:BF:60:FC:67:EB:30:D2:D3:EF:76:43:61
Authority key identifier: DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91
Certificate issuer:       /CN=dd399e494189f691a5ed64f3be3a6a3b50225091
Certificate serial:       019406EB01D59BAD7A8FD985016B93BC4042
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
Manifest number:          0339
Signing time:             Fri 27 Dec 2024 07:00:52 +0000
Manifest this update:     Fri 27 Dec 2024 07:00:52 +0000
Manifest next update:     Sat 28 Dec 2024 07:00:52 +0000
Files and hashes:         1: 3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl (hash: xOJaAfBMPfRjto9c6b8JCqQognZYbb1Rt7zNk/8aOsg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:eb:01:d5:9b:ad:7a:8f:d9:85:01:6b:93:bc:40:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd399e494189f691a5ed64f3be3a6a3b50225091
        Validity
            Not Before: Dec 27 07:00:52 2024 GMT
            Not After : Dec 28 07:00:52 2024 GMT
        Subject: CN=547299a10ecf5828bf60fc67eb30d2d3ef764361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:09:d6:2a:a1:14:dd:9c:5d:7b:38:90:18:fd:
                    18:d6:28:27:d5:12:0c:cf:81:31:de:33:8d:a1:7f:
                    9a:0a:b9:5c:c2:8a:e0:83:57:23:79:3d:8d:61:8e:
                    12:ed:fa:29:b1:44:7d:bd:88:8a:a2:4f:32:09:5e:
                    26:68:d2:a4:e8:f2:b1:cc:bb:2c:41:a8:47:ce:69:
                    12:ed:e2:1b:2f:71:83:36:00:b4:7b:0d:e1:25:de:
                    56:a6:85:41:ba:dd:32:fb:50:e2:01:2a:65:ae:9e:
                    5c:1e:0b:88:a3:47:c3:ee:56:3c:a7:de:95:5d:4c:
                    b6:3d:36:10:38:09:22:4a:fb:06:48:df:87:00:c1:
                    9a:47:58:69:03:79:88:d4:80:21:89:55:88:82:f5:
                    d1:b3:a6:00:ec:24:92:ae:7b:5a:1f:cf:1a:2a:9a:
                    fc:14:b5:36:b9:d1:60:f4:84:be:40:02:51:15:0c:
                    4c:a9:79:9c:93:41:4e:d6:ca:01:81:68:f6:7a:c9:
                    65:7c:3e:66:a5:f8:f3:4f:39:00:e2:cd:91:9a:ef:
                    3a:cb:57:0d:d6:67:19:15:a1:9c:35:b3:e3:ea:2f:
                    c0:ac:58:02:4e:3e:c9:96:65:68:27:9e:e8:83:e4:
                    e8:c1:52:a8:62:62:58:ff:a4:24:ba:c0:18:10:80:
                    79:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:72:99:A1:0E:CF:58:28:BF:60:FC:67:EB:30:D2:D3:EF:76:43:61
            X509v3 Authority Key Identifier:
                keyid:DD:39:9E:49:41:89:F6:91:A5:ED:64:F3:BE:3A:6A:3B:50:22:50:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/27ba68-f178-4991-96a7-442a03b7f084/1/3TmeSUGJ9pGl7WTzvjpqO1AiUJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7f:7a:8b:9d:88:96:cc:42:ff:13:ba:99:20:b1:56:f3:28:63:
         1a:35:b9:85:c0:43:f4:d3:ed:2f:01:2a:c3:1f:28:db:31:6b:
         1e:cc:18:aa:31:d7:8b:01:19:43:e1:b2:ed:a6:45:ea:91:95:
         68:9a:70:9d:5a:87:6e:6b:66:a3:47:58:dc:ce:18:08:16:78:
         fa:09:50:23:44:65:6b:ac:5a:8a:fd:ba:12:00:ee:3d:45:3c:
         80:3f:28:43:10:90:96:f6:52:70:b4:ab:cd:c6:87:05:98:fb:
         dd:0a:61:df:91:18:43:16:0c:ba:15:ec:11:66:00:e0:20:58:
         89:09:f8:84:7f:e7:41:88:79:90:05:07:1e:4e:2a:36:b5:e6:
         85:7c:11:fb:b7:e3:c4:8c:12:45:f6:80:37:e1:2c:d2:03:6d:
         29:c7:05:2d:ac:a5:8c:64:7a:b9:a0:bd:af:e4:ac:a6:1d:7b:
         e7:c8:5c:c8:ff:fe:ea:0e:d6:f9:34:f2:22:eb:42:f5:5c:4c:
         32:7e:81:0c:d4:7f:0b:89:6b:92:15:ac:08:58:62:e7:a4:67:
         cf:5e:25:15:60:6d:f2:98:74:c8:ba:51:29:30:39:a8:13:8c:
         f1:c6:f5:2e:7f:06:8c:cb:93:9d:bb:c9:04:3a:ec:1e:93:d1:
         08:92:2e:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQG6wHVm616j9mFAWuTvEBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMzk5ZTQ5NDE4OWY2OTFhNWVkNjRmM2JlM2E2YTNiNTAy
MjUwOTEwHhcNMjQxMjI3MDcwMDUyWhcNMjQxMjI4MDcwMDUyWjAzMTEwLwYDVQQD
Eyg1NDcyOTlhMTBlY2Y1ODI4YmY2MGZjNjdlYjMwZDJkM2VmNzY0MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAnWKqEU3ZxdeziQGP0Y1ign1RIM
z4Ex3jONoX+aCrlcworgg1cjeT2NYY4S7fopsUR9vYiKok8yCV4maNKk6PKxzLss
QahHzmkS7eIbL3GDNgC0ew3hJd5WpoVBut0y+1DiASplrp5cHguIo0fD7lY8p96V
XUy2PTYQOAkiSvsGSN+HAMGaR1hpA3mI1IAhiVWIgvXRs6YA7CSSrntaH88aKpr8
FLU2udFg9IS+QAJRFQxMqXmck0FO1soBgWj2esllfD5mpfjzTzkA4s2Rmu86y1cN
1mcZFaGcNbPj6i/ArFgCTj7JlmVoJ57og+TowVKoYmJY/6QkusAYEIB5YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRymaEOz1gov2D8Z+sw0tPvdkNhMB8GA1UdIwQY
MBaAFN05nklBifaRpe1k8746ajtQIlCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTct
NDQyYTAzYjdmMDg0LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8yN2JhNjgtZjE3OC00OTkxLTk2YTctNDQyYTAzYjdmMDg0
LzEvM1RtZVNVR0o5cEdsN1dUenZqcHFPMUFpVUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf3qLnYiW
zEL/E7qZILFW8yhjGjW5hcBD9NPtLwEqwx8o2zFrHswYqjHXiwEZQ+Gy7aZF6pGV
aJpwnVqHbmtmo0dY3M4YCBZ4+glQI0Rla6xaiv26EgDuPUU8gD8oQxCQlvZScLSr
zcaHBZj73Qph35EYQxYMuhXsEWYA4CBYiQn4hH/nQYh5kAUHHk4qNrXmhXwR+7fj
xIwSRfaAN+Es0gNtKccFLayljGR6uaC9r+Ssph1758hcyP/+6g7W+TTyIutC9VxM
Mn6BDNR/C4lrkhWsCFhi56Rnz14lFWBt8ph0yLpRKTA5qBOM8cb1Ln8GjMuTnbvJ
BDrsHpPRCJIuKw==
-----END CERTIFICATE-----