Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
File:                     2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft (raw, json)
Hash identifier:          IBDdff8cTf0JN16CvP1GwiwRDAS8MZbp5zFl1VuHrbQ=
Subject key identifier:   97:41:69:74:DE:5B:A9:A4:4F:EF:87:3E:BB:D9:5F:2A:A4:CD:EC:3F
Authority key identifier: D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4
Certificate issuer:       /CN=d9a23485fed8c850745232e3dc51ccead47254a4
Certificate serial:       0194064601DBF2665D4AE4A0353864DC488F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
Manifest number:          07DA
Signing time:             Fri 27 Dec 2024 04:00:38 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:38 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:38 +0000
Files and hashes:         1: 2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl (hash: dmF/fJAMdP8a1D+iPh+yRLh2b9IfiPeVQq7hnf9S2X8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:01:db:f2:66:5d:4a:e4:a0:35:38:64:dc:48:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9a23485fed8c850745232e3dc51ccead47254a4
        Validity
            Not Before: Dec 27 04:00:38 2024 GMT
            Not After : Dec 28 04:00:38 2024 GMT
        Subject: CN=97416974de5ba9a44fef873ebbd95f2aa4cdec3f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3d:ae:29:08:05:1c:ca:9f:52:7c:bf:6a:4f:
                    08:f4:73:20:23:c5:a5:fc:c4:55:81:c3:3e:d6:26:
                    8d:75:6a:75:ab:7a:b6:36:0f:f3:be:48:6b:52:ce:
                    26:c9:cc:66:e9:e6:14:8c:4c:5f:ba:3f:06:b8:bc:
                    2c:5b:13:20:b3:f2:fa:cb:34:e4:7d:64:52:02:c9:
                    f3:90:b4:17:8b:c6:63:62:33:8d:3f:3f:44:ed:3c:
                    7f:ee:8d:c2:cd:2f:4c:8b:db:45:81:12:b5:cd:ff:
                    5e:39:68:e8:bb:70:7e:b4:cf:c7:8c:33:f7:ea:6f:
                    af:76:a0:01:47:c2:85:41:49:7e:ca:f1:80:60:c5:
                    1d:f0:59:4a:dd:d9:5e:ea:3b:5e:10:ec:7e:97:4c:
                    9e:31:7a:fa:36:ca:2b:86:30:59:60:53:d3:19:73:
                    e2:9b:22:23:26:58:74:6d:4f:34:d4:5a:28:29:90:
                    f3:83:af:4c:9f:8c:cd:62:75:de:de:00:69:6f:02:
                    86:37:64:59:e6:98:db:a8:d7:27:33:23:07:b7:99:
                    02:8d:8a:93:5c:17:ba:92:1e:22:69:49:71:b0:cb:
                    52:a9:98:14:28:c5:01:b8:0d:1e:03:1b:50:2b:3e:
                    c6:3e:53:76:b5:12:28:16:0f:55:f5:d8:0f:74:3b:
                    a5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:41:69:74:DE:5B:A9:A4:4F:EF:87:3E:BB:D9:5F:2A:A4:CD:EC:3F
            X509v3 Authority Key Identifier:
                keyid:D9:A2:34:85:FE:D8:C8:50:74:52:32:E3:DC:51:CC:EA:D4:72:54:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/eda3ef-cda6-43fa-b8a6-a2461e431c44/1/2aI0hf7YyFB0UjLj3FHM6tRyVKQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:af:89:78:4d:fe:63:40:d3:2f:6d:bb:dc:95:fa:76:b0:61:
         5f:a5:ba:dd:78:96:c1:ff:9a:69:b0:f9:46:0d:2a:66:54:de:
         39:b0:76:d7:6c:d5:4a:7e:ca:d4:bc:75:b1:3f:1c:1d:1e:91:
         66:c3:cc:d1:ca:14:e0:1f:d5:77:01:a0:14:9f:f5:3d:08:16:
         57:b9:12:ba:fa:00:bc:51:f2:7a:4c:5c:a4:60:70:98:0e:51:
         6e:9b:78:34:81:6c:c6:d1:b0:3a:09:00:18:da:f0:ff:c3:4b:
         fc:9a:90:b3:25:a7:79:c5:2d:24:d9:dc:4a:58:84:d8:4a:01:
         80:26:0d:18:a1:7e:8f:de:83:7d:ea:33:0a:31:a6:92:a3:53:
         67:f3:93:64:05:2a:ff:23:d0:83:80:fb:eb:0e:92:61:a2:fd:
         55:a4:eb:cd:21:d4:37:fd:a8:00:5e:c1:29:a3:84:7d:a1:df:
         34:c8:8f:af:f7:27:2c:46:ee:0b:07:f9:66:55:7b:a0:53:90:
         4c:89:f1:7c:0e:57:89:24:93:7f:0b:b4:7d:6b:3a:6c:4c:18:
         b5:aa:f4:50:b7:4b:e2:9b:87:e6:fc:1d:b7:04:d0:08:83:ca:
         e1:85:56:0d:ed:91:a7:bb:cf:2b:6c:5a:4c:f8:a2:47:ed:18:
         78:e8:c0:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRgHb8mZdSuSgNThk3EiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTIzNDg1ZmVkOGM4NTA3NDUyMzJlM2RjNTFjY2VhZDQ3
MjU0YTQwHhcNMjQxMjI3MDQwMDM4WhcNMjQxMjI4MDQwMDM4WjAzMTEwLwYDVQQD
Eyg5NzQxNjk3NGRlNWJhOWE0NGZlZjg3M2ViYmQ5NWYyYWE0Y2RlYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz2uKQgFHMqfUny/ak8I9HMgI8Wl
/MRVgcM+1iaNdWp1q3q2Ng/zvkhrUs4mycxm6eYUjExfuj8GuLwsWxMgs/L6yzTk
fWRSAsnzkLQXi8ZjYjONPz9E7Tx/7o3CzS9Mi9tFgRK1zf9eOWjou3B+tM/HjDP3
6m+vdqABR8KFQUl+yvGAYMUd8FlK3dle6jteEOx+l0yeMXr6NsorhjBZYFPTGXPi
myIjJlh0bU801FooKZDzg69Mn4zNYnXe3gBpbwKGN2RZ5pjbqNcnMyMHt5kCjYqT
XBe6kh4iaUlxsMtSqZgUKMUBuA0eAxtQKz7GPlN2tRIoFg9V9dgPdDulSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdBaXTeW6mkT++HPrvZXyqkzew/MB8GA1UdIwQY
MBaAFNmiNIX+2MhQdFIy49xRzOrUclSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYt
YTI0NjFlNDMxYzQ0LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9lZGEzZWYtY2RhNi00M2ZhLWI4YTYtYTI0NjFlNDMxYzQ0
LzEvMmFJMGhmN1l5RkIwVWpMajNGSE02dFJ5VktRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiq+JeE3+
Y0DTL2273JX6drBhX6W63XiWwf+aabD5Rg0qZlTeObB212zVSn7K1Lx1sT8cHR6R
ZsPM0coU4B/VdwGgFJ/1PQgWV7kSuvoAvFHyekxcpGBwmA5Rbpt4NIFsxtGwOgkA
GNrw/8NL/JqQsyWnecUtJNncSliE2EoBgCYNGKF+j96DfeozCjGmkqNTZ/OTZAUq
/yPQg4D76w6SYaL9VaTrzSHUN/2oAF7BKaOEfaHfNMiPr/cnLEbuCwf5ZlV7oFOQ
TInxfA5XiSSTfwu0fWs6bEwYtar0ULdL4puH5vwdtwTQCIPK4YVWDe2Rp7vPK2xa
TPiiR+0YeOjAaw==
-----END CERTIFICATE-----