Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
File:                     s9nxe5jDqWQThWY7jNW3X-HwpJg.mft (raw, json)
Hash identifier:          +MPDMxT9HDolbRke1GYLPDMgehB1uVtFMsBwsxbckGw=
Subject key identifier:   30:7E:D7:2D:A3:07:86:5A:E3:38:93:51:80:03:CE:1A:5F:5D:B1:B6
Authority key identifier: B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98
Certificate issuer:       /CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
Certificate serial:       0193568A84FA021AC81894E7398CAD1AC741
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 01:02:18 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:18 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:18 +0000
Files and hashes:         1: s9nxe5jDqWQThWY7jNW3X-HwpJg.crl (hash: QHgWPV+G4EArcl8drP97Z54BZFN4Y/EoThCK5vcMaUs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:84:fa:02:1a:c8:18:94:e7:39:8c:ad:1a:c7:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3d9f17b98c3a9641385663b8cd5b75fe1f0a498
        Validity
            Not Before: Nov 23 01:02:18 2024 GMT
            Not After : Nov 24 01:02:18 2024 GMT
        Subject: CN=307ed72da307865ae33893518003ce1a5f5db1b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:96:a8:4a:d4:49:59:d9:ce:ce:37:91:b7:fe:
                    8a:df:ca:67:04:0a:a9:37:7a:0e:a7:d7:1e:b2:fc:
                    83:a7:39:7b:27:12:f3:92:28:70:78:ec:88:00:19:
                    3a:ac:96:32:21:99:cf:58:d6:67:cf:25:5b:4c:1b:
                    e6:c1:8f:ad:ae:2b:63:cc:f3:e6:0b:29:95:02:cb:
                    10:1b:13:4d:52:9a:77:b4:3c:c4:ce:ea:15:eb:98:
                    5b:42:18:3a:b9:34:84:f3:e8:c4:10:c4:fa:6f:53:
                    66:76:c1:1e:11:17:4d:7c:b0:29:47:bb:54:4c:53:
                    84:60:97:a9:e8:31:e4:96:7a:72:f8:3d:0b:17:66:
                    2e:46:98:95:a6:9a:91:1b:85:c0:c4:a5:36:69:5d:
                    1c:5f:c6:73:08:bf:c6:49:dd:ff:e2:b7:41:aa:06:
                    13:15:11:e8:e9:75:8a:5e:a7:b1:09:57:ac:81:6a:
                    58:ee:12:ae:84:91:6d:e2:dd:fc:15:42:88:8a:01:
                    fb:d8:d0:81:03:62:77:41:57:92:a9:02:68:a1:2f:
                    4c:77:67:59:65:6f:19:a8:a4:5e:63:4a:19:a0:0f:
                    f5:cd:d3:c3:c4:23:73:cf:a2:46:ac:56:cd:d3:5f:
                    32:b3:40:31:63:f5:b7:48:22:a2:bc:9c:df:7d:13:
                    1a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:7E:D7:2D:A3:07:86:5A:E3:38:93:51:80:03:CE:1A:5F:5D:B1:B6
            X509v3 Authority Key Identifier:
                keyid:B3:D9:F1:7B:98:C3:A9:64:13:85:66:3B:8C:D5:B7:5F:E1:F0:A4:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9nxe5jDqWQThWY7jNW3X-HwpJg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/5fe5e6-1a6f-46f1-a999-18ec6a008c56/1/s9nxe5jDqWQThWY7jNW3X-HwpJg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:bb:2b:01:66:eb:2f:f7:bf:b2:b8:7b:ef:fe:e6:ea:54:1e:
         a1:9b:e3:c0:91:5c:b7:e1:71:56:3a:1d:71:6e:eb:80:bd:9e:
         89:19:c5:c0:5a:a3:5b:2a:21:90:c6:71:00:3d:13:6a:09:38:
         32:90:ab:af:23:50:55:68:ae:20:83:35:48:12:40:ac:33:29:
         06:6e:67:ba:70:ce:f3:f1:3f:52:f6:68:a2:1f:e4:89:81:cf:
         71:0d:d1:2d:f8:1f:cf:d9:7d:94:a6:c2:ea:5f:82:fa:bd:b7:
         0a:02:73:b8:d4:b7:73:77:bc:02:73:64:8c:9b:33:f3:f9:ee:
         9e:64:25:14:12:d6:59:fd:88:99:4d:83:bf:c1:d2:8e:ec:6e:
         86:09:0b:38:cd:b7:d3:b3:8b:f9:13:23:34:b1:de:c5:b4:f9:
         94:0e:69:64:88:e2:aa:f3:d2:57:71:40:34:23:fc:32:5d:ee:
         f4:aa:27:98:3a:dd:5f:86:90:67:de:e9:05:f4:55:03:a4:15:
         fa:20:e9:6d:5e:ca:04:01:c8:f3:06:6b:c1:64:c5:5f:ac:7b:
         16:db:63:45:d3:6a:25:7c:cb:d2:c6:93:bc:1a:7c:c7:c6:c6:
         bf:8b:9e:3b:f3:1e:f9:81:ec:45:fc:0d:24:57:00:40:8d:35:
         7f:fb:58:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWioT6AhrIGJTnOYytGsdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDlmMTdiOThjM2E5NjQxMzg1NjYzYjhjZDViNzVmZTFm
MGE0OTgwHhcNMjQxMTIzMDEwMjE4WhcNMjQxMTI0MDEwMjE4WjAzMTEwLwYDVQQD
EygzMDdlZDcyZGEzMDc4NjVhZTMzODkzNTE4MDAzY2UxYTVmNWRiMWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJaoStRJWdnOzjeRt/6K38pnBAqp
N3oOp9cesvyDpzl7JxLzkihweOyIABk6rJYyIZnPWNZnzyVbTBvmwY+tritjzPPm
CymVAssQGxNNUpp3tDzEzuoV65hbQhg6uTSE8+jEEMT6b1NmdsEeERdNfLApR7tU
TFOEYJep6DHklnpy+D0LF2YuRpiVppqRG4XAxKU2aV0cX8ZzCL/GSd3/4rdBqgYT
FRHo6XWKXqexCVesgWpY7hKuhJFt4t38FUKIigH72NCBA2J3QVeSqQJooS9Md2dZ
ZW8ZqKReY0oZoA/1zdPDxCNzz6JGrFbN018ys0AxY/W3SCKivJzffRMaIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDB+1y2jB4Za4ziTUYADzhpfXbG2MB8GA1UdIwQY
MBaAFLPZ8XuYw6lkE4VmO4zVt1/h8KSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTkt
MThlYzZhMDA4YzU2LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi81ZmU1ZTYtMWE2Zi00NmYxLWE5OTktMThlYzZhMDA4YzU2
LzEvczlueGU1akRxV1FUaFdZN2pOVzNYLUh3cEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnrsrAWbr
L/e/srh77/7m6lQeoZvjwJFct+FxVjodcW7rgL2eiRnFwFqjWyohkMZxAD0Tagk4
MpCrryNQVWiuIIM1SBJArDMpBm5nunDO8/E/UvZooh/kiYHPcQ3RLfgfz9l9lKbC
6l+C+r23CgJzuNS3c3e8AnNkjJsz8/nunmQlFBLWWf2ImU2Dv8HSjuxuhgkLOM23
07OL+RMjNLHexbT5lA5pZIjiqvPSV3FANCP8Ml3u9KonmDrdX4aQZ97pBfRVA6QV
+iDpbV7KBAHI8wZrwWTFX6x7FttjRdNqJXzL0saTvBp8x8bGv4ueO/Me+YHsRfwN
JFcAQI01f/tYfg==
-----END CERTIFICATE-----