Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
File:                     4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft (raw, json)
Hash identifier:          9Yv2eB+djtD/IsgoDzCXJ9i/OSuHCnQjb6/AmQjqqTU=
Subject key identifier:   C9:EF:86:05:75:69:0C:5C:9E:C7:F6:70:29:37:87:18:DF:AE:2C:F7
Authority key identifier: E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60
Certificate issuer:       /CN=e33779b8388d001fdcbddc48ace227f009850660
Certificate serial:       0193568A89177330DE3F2C69EF3E5B452B01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 01:02:19 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:19 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:19 +0000
Files and hashes:         1: 4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl (hash: p73J9PFv1l/TYkdP6Q8Jd1N/WRVJs20GGsv3OCEOi80=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:89:17:73:30:de:3f:2c:69:ef:3e:5b:45:2b:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e33779b8388d001fdcbddc48ace227f009850660
        Validity
            Not Before: Nov 23 01:02:19 2024 GMT
            Not After : Nov 24 01:02:19 2024 GMT
        Subject: CN=c9ef860575690c5c9ec7f67029378718dfae2cf7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:af:e9:6a:d5:2e:85:82:b0:29:e8:6b:ef:a7:
                    34:a4:79:10:e5:ff:5d:a1:c4:68:d0:de:b2:f6:4b:
                    ea:fb:ea:a7:bc:55:4c:5b:cd:93:f7:98:c4:3a:b3:
                    30:b8:cd:9b:fd:a4:17:83:b2:c2:5f:20:c0:04:6f:
                    04:8a:0f:a4:08:e2:f5:25:56:3e:60:b6:c2:a3:8c:
                    d0:b4:4d:5a:9d:2d:82:9e:a7:95:3d:e9:38:f8:b4:
                    26:60:21:17:00:41:31:df:7f:42:2f:c4:2d:69:d8:
                    83:95:e7:ce:30:03:9a:6e:90:33:2a:fc:10:5e:da:
                    bb:31:12:b0:c2:3a:d6:ab:52:9b:60:15:ca:59:b5:
                    ef:e2:95:df:7a:67:be:26:57:72:41:38:5d:37:a7:
                    11:cf:0f:1e:77:2a:ed:9a:1b:3b:19:31:8b:2a:e1:
                    52:83:a1:6b:e8:f8:14:b1:8b:f9:f5:be:3c:73:9e:
                    64:41:aa:76:27:77:cb:49:af:89:e0:04:2c:52:62:
                    03:10:b9:f7:44:a6:59:ce:5e:18:09:b6:da:02:4d:
                    24:c2:2d:5e:f4:04:a2:90:40:ef:d5:a9:06:8a:17:
                    d5:62:29:c1:9a:6d:11:aa:04:df:6b:08:92:ac:e3:
                    fb:e0:e8:3f:00:92:b0:22:af:e9:58:65:2d:08:28:
                    cb:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:EF:86:05:75:69:0C:5C:9E:C7:F6:70:29:37:87:18:DF:AE:2C:F7
            X509v3 Authority Key Identifier:
                keyid:E3:37:79:B8:38:8D:00:1F:DC:BD:DC:48:AC:E2:27:F0:09:85:06:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4zd5uDiNAB_cvdxIrOIn8AmFBmA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/9db326-1189-4ac9-b412-f294d3b12cfd/1/4zd5uDiNAB_cvdxIrOIn8AmFBmA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:68:0f:ad:89:53:d7:0a:c8:47:3c:b1:22:3f:67:de:ee:c0:
         44:50:56:89:d6:56:1d:01:41:db:1a:9e:78:40:ec:b2:03:6f:
         18:c4:4e:9a:f6:a4:0d:ea:dc:cc:77:69:3f:1a:d0:1a:da:7d:
         4f:78:20:b7:44:be:bf:28:53:4a:bb:ab:22:e4:98:74:36:32:
         e5:fc:d3:ab:0a:d6:c3:ac:c2:68:88:56:a2:7c:ca:35:d5:15:
         0d:3b:30:a2:19:5c:55:1d:8d:39:59:42:89:23:9c:6c:a4:fa:
         bf:a1:7e:7b:7a:2a:1d:65:d6:30:36:c5:fe:b1:1a:72:f4:90:
         51:95:ae:11:b2:79:7c:67:0b:e5:74:b6:b6:2f:e6:94:63:96:
         6e:b8:c0:bb:0e:89:17:8d:21:d3:b6:a5:7f:35:a4:0b:58:d9:
         59:30:78:bb:35:29:d7:3d:a1:ab:1b:92:41:86:8f:47:9c:07:
         33:fb:8f:86:96:f8:cf:cd:43:d8:4f:64:7e:a8:83:a2:52:55:
         d6:6a:18:e7:9d:8c:77:30:5e:10:e4:4c:1e:5e:1f:88:7f:79:
         ce:7c:84:c9:c9:bb:9b:1c:78:1e:00:2c:5e:4a:31:03:22:5a:
         cc:c3:a1:ed:88:02:6c:90:1d:1a:a9:88:cf:a6:60:2a:3f:38:
         75:93:f3:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiokXczDePyxp7z5bRSsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMzc3OWI4Mzg4ZDAwMWZkY2JkZGM0OGFjZTIyN2YwMDk4
NTA2NjAwHhcNMjQxMTIzMDEwMjE5WhcNMjQxMTI0MDEwMjE5WjAzMTEwLwYDVQQD
EyhjOWVmODYwNTc1NjkwYzVjOWVjN2Y2NzAyOTM3ODcxOGRmYWUyY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta/patUuhYKwKehr76c0pHkQ5f9d
ocRo0N6y9kvq++qnvFVMW82T95jEOrMwuM2b/aQXg7LCXyDABG8Eig+kCOL1JVY+
YLbCo4zQtE1anS2CnqeVPek4+LQmYCEXAEEx339CL8QtadiDlefOMAOabpAzKvwQ
Xtq7MRKwwjrWq1KbYBXKWbXv4pXfeme+JldyQThdN6cRzw8edyrtmhs7GTGLKuFS
g6Fr6PgUsYv59b48c55kQap2J3fLSa+J4AQsUmIDELn3RKZZzl4YCbbaAk0kwi1e
9ASikEDv1akGihfVYinBmm0RqgTfawiSrOP74Og/AJKwIq/pWGUtCCjLAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnvhgV1aQxcnsf2cCk3hxjfriz3MB8GA1UdIwQY
MBaAFOM3ebg4jQAf3L3cSKziJ/AJhQZgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTIt
ZjI5NGQzYjEyY2ZkLzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi85ZGIzMjYtMTE4OS00YWM5LWI0MTItZjI5NGQzYjEyY2Zk
LzEvNHpkNXVEaU5BQl9jdmR4SXJPSW44QW1GQm1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2gPrYlT
1wrIRzyxIj9n3u7ARFBWidZWHQFB2xqeeEDssgNvGMROmvakDerczHdpPxrQGtp9
T3ggt0S+vyhTSrurIuSYdDYy5fzTqwrWw6zCaIhWonzKNdUVDTswohlcVR2NOVlC
iSOcbKT6v6F+e3oqHWXWMDbF/rEacvSQUZWuEbJ5fGcL5XS2ti/mlGOWbrjAuw6J
F40h07alfzWkC1jZWTB4uzUp1z2hqxuSQYaPR5wHM/uPhpb4z81D2E9kfqiDolJV
1moY552MdzBeEORMHl4fiH95znyEycm7mxx4HgAsXkoxAyJazMOh7YgCbJAdGqmI
z6ZgKj84dZPzfg==
-----END CERTIFICATE-----