Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
File:                     0kNgnAcZXiAiEHIziNHC5IGAqt0.mft (raw, json)
Hash identifier:          gFMYVcvxAdw+oFlHTerfOqUwhgi7UVw+9J0OTP1GvFY=
Subject key identifier:   38:22:1A:4C:51:84:4E:F9:B9:D6:BC:F0:09:83:28:83:B4:4F:41:08
Authority key identifier: D2:43:60:9C:07:19:5E:20:22:10:72:33:88:D1:C2:E4:81:80:AA:DD
Certificate issuer:       /CN=d243609c07195e202210723388d1c2e48180aadd
Certificate serial:       01935877FEFB612E837BD8F5CFD3221FCE8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
Manifest number:          0814
Signing time:             Sat 23 Nov 2024 10:01:19 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:19 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:19 +0000
Files and hashes:         1: 0kNgnAcZXiAiEHIziNHC5IGAqt0.crl (hash: zae8nJCMmlNdQtAQ0pvs6fwxLzRAUuFYEyqLQGehd84=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:fe:fb:61:2e:83:7b:d8:f5:cf:d3:22:1f:ce:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d243609c07195e202210723388d1c2e48180aadd
        Validity
            Not Before: Nov 23 10:01:19 2024 GMT
            Not After : Nov 24 10:01:19 2024 GMT
        Subject: CN=38221a4c51844ef9b9d6bcf009832883b44f4108
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:00:5d:7e:df:cd:08:6a:29:0c:4d:a5:22:2f:
                    a2:3e:3c:69:a3:43:4a:7f:d8:20:a1:41:10:d3:34:
                    e0:94:f6:11:8f:7f:e1:23:68:22:56:36:f3:5b:55:
                    65:25:e7:f9:b1:8b:bb:71:94:23:0d:0f:07:ad:1d:
                    9c:c4:e6:eb:dc:dc:d8:0a:55:00:b8:3c:2a:e6:13:
                    72:71:f8:44:da:97:71:ba:cc:37:bb:2c:53:38:04:
                    67:db:06:cc:06:ed:c7:34:2a:6a:80:d9:07:a1:b0:
                    0b:b4:a7:e6:7b:17:aa:b4:1b:88:4a:47:9f:6e:d1:
                    e4:31:2c:f8:42:1a:dd:d1:62:38:59:72:b6:b8:b7:
                    fa:6a:6f:fd:0e:09:cd:ea:2d:48:c9:45:39:2b:20:
                    87:3a:11:fb:1c:37:17:80:ef:f9:10:c0:8e:62:ac:
                    37:92:0f:01:72:55:6e:de:23:46:12:6a:39:09:65:
                    a2:19:46:e2:51:86:18:08:32:db:b2:4b:6d:b6:8a:
                    5d:98:d2:77:43:c7:7d:17:e6:3d:86:5d:c1:da:96:
                    8b:58:e1:47:04:ce:c5:90:5c:c8:bd:be:87:21:a6:
                    e0:77:f2:80:c6:64:34:6a:f5:b2:d4:b4:5b:21:bf:
                    c6:0d:b0:a6:65:78:9f:df:db:fd:5d:34:4a:75:6d:
                    15:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:22:1A:4C:51:84:4E:F9:B9:D6:BC:F0:09:83:28:83:B4:4F:41:08
            X509v3 Authority Key Identifier:
                keyid:D2:43:60:9C:07:19:5E:20:22:10:72:33:88:D1:C2:E4:81:80:AA:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:9b:f7:b8:8c:5c:c3:61:66:61:81:55:57:2a:60:42:c5:12:
         33:2a:89:0f:30:86:b8:01:0e:1f:1a:69:b5:8e:c8:8a:01:ab:
         89:7e:8b:2f:ac:41:90:39:60:fd:f5:f6:e4:dd:eb:e2:a1:9f:
         fc:4a:aa:cd:c2:fb:50:9f:ea:9c:c7:99:1c:d8:fa:09:98:7a:
         0c:ed:23:6d:ec:65:fe:e3:a8:67:19:47:a1:36:94:e5:a1:00:
         30:2b:71:18:88:31:1a:70:cd:18:a1:cb:a0:52:b0:4d:e7:19:
         48:7e:2c:b6:25:a1:11:a0:cc:0b:f0:49:55:16:ba:48:31:a7:
         93:d7:0f:db:70:5e:5f:b4:15:ee:c7:26:4b:ef:9c:80:75:5b:
         86:6e:da:08:68:a8:0c:5b:6f:19:17:cc:cb:f3:d9:97:f6:2b:
         73:c6:33:59:97:df:13:b5:05:43:6d:34:95:4f:45:ca:39:57:
         a3:03:ab:6d:3f:0d:02:17:6d:21:45:d6:a9:b9:41:d9:36:bd:
         3d:43:62:f2:15:6a:c5:6c:45:19:3a:ac:03:c2:7a:da:d9:3e:
         97:f4:51:f8:64:fc:3a:ae:4b:ff:cc:5f:7e:60:bf:f8:e1:29:
         00:cb:7f:63:5e:51:c4:77:60:ef:ac:1c:f0:9d:23:46:b8:e0:
         03:ef:47:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd/77YS6De9j1z9MiH86MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDM2MDljMDcxOTVlMjAyMjEwNzIzMzg4ZDFjMmU0ODE4
MGFhZGQwHhcNMjQxMTIzMTAwMTE5WhcNMjQxMTI0MTAwMTE5WjAzMTEwLwYDVQQD
EygzODIyMWE0YzUxODQ0ZWY5YjlkNmJjZjAwOTgzMjg4M2I0NGY0MTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQBdft/NCGopDE2lIi+iPjxpo0NK
f9ggoUEQ0zTglPYRj3/hI2giVjbzW1VlJef5sYu7cZQjDQ8HrR2cxObr3NzYClUA
uDwq5hNycfhE2pdxusw3uyxTOARn2wbMBu3HNCpqgNkHobALtKfmexeqtBuISkef
btHkMSz4Qhrd0WI4WXK2uLf6am/9DgnN6i1IyUU5KyCHOhH7HDcXgO/5EMCOYqw3
kg8BclVu3iNGEmo5CWWiGUbiUYYYCDLbsktttopdmNJ3Q8d9F+Y9hl3B2paLWOFH
BM7FkFzIvb6HIabgd/KAxmQ0avWy1LRbIb/GDbCmZXif39v9XTRKdW0VXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDgiGkxRhE75uda88AmDKIO0T0EIMB8GA1UdIwQY
MBaAFNJDYJwHGV4gIhByM4jRwuSBgKrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wMzg0NDktYTk5Yi00ZTljLThlZDYt
NDYxMjdmZDk1YWFhLzEvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wMzg0NDktYTk5Yi00ZTljLThlZDYtNDYxMjdmZDk1YWFh
LzEvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ5v3uIxc
w2FmYYFVVypgQsUSMyqJDzCGuAEOHxpptY7IigGriX6LL6xBkDlg/fX25N3r4qGf
/EqqzcL7UJ/qnMeZHNj6CZh6DO0jbexl/uOoZxlHoTaU5aEAMCtxGIgxGnDNGKHL
oFKwTecZSH4stiWhEaDMC/BJVRa6SDGnk9cP23BeX7QV7scmS++cgHVbhm7aCGio
DFtvGRfMy/PZl/Yrc8YzWZffE7UFQ200lU9FyjlXowOrbT8NAhdtIUXWqblB2Ta9
PUNi8hVqxWxFGTqsA8J62tk+l/RR+GT8Oq5L/8xffmC/+OEpAMt/Y15RxHdg76wc
8J0jRrjgA+9H+g==
-----END CERTIFICATE-----