Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          g2AYn0DHBZ0t1J9A9/OYdFvUbfZ7H9vHVQgZ94m99HY=
Subject key identifier:   C9:30:11:80:83:4F:3A:1A:18:79:16:CB:AC:7F:F1:99:85:8B:DF:B3
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       019369DA3B9AE48851409A6D42523B3BD168
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0B1C
Signing time:             Tue 26 Nov 2024 19:02:09 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:09 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:09 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: qzqH9x0OlkIjEAMgVVrS/Nmyeq0n3hWMTq4KEjGXTj0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:3b:9a:e4:88:51:40:9a:6d:42:52:3b:3b:d1:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: Nov 26 19:02:09 2024 GMT
            Not After : Nov 27 19:02:09 2024 GMT
        Subject: CN=c9301180834f3a1a187916cbac7ff199858bdfb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:04:48:be:c1:5b:4f:bf:74:5d:90:90:20:72:
                    e9:75:8b:f5:29:bb:34:d6:c4:e7:12:a0:b1:81:d4:
                    6e:d2:fa:5f:7d:c2:56:63:bc:02:0d:30:d6:d7:71:
                    0f:c4:0a:8a:f7:3d:d9:5d:37:37:e4:c0:34:ae:33:
                    46:1a:71:24:f6:5c:85:bb:9d:28:9b:46:9f:bb:e3:
                    8b:90:7d:05:83:92:a8:80:d1:f1:0a:53:98:7f:c3:
                    7f:0d:ae:1e:de:72:dd:58:ad:15:32:b0:e0:0a:c7:
                    fa:43:e0:b4:07:82:9e:51:d9:52:4e:eb:ae:64:09:
                    36:7c:31:93:4a:ee:03:1c:15:00:2d:bb:55:e5:a6:
                    31:29:45:88:39:45:e7:99:33:ef:d9:a3:6b:c2:3e:
                    46:0c:cf:4c:52:60:43:d6:3f:5b:85:d1:c9:b0:10:
                    b6:00:6e:61:19:f7:e9:97:0f:4b:e8:2f:ad:ba:92:
                    a4:d3:37:22:9d:f3:ec:5b:e5:1c:45:35:97:43:8d:
                    e1:8c:be:c1:cf:b5:b8:cb:e7:7e:61:4f:59:6e:f2:
                    3e:8e:d6:d5:0e:59:70:45:da:14:1d:fd:7f:0f:03:
                    34:e9:f5:c4:1e:f8:2e:46:06:6f:5a:4c:4b:8f:07:
                    a5:7b:1f:90:d7:86:a7:18:fb:9f:0b:ef:19:48:eb:
                    41:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:30:11:80:83:4F:3A:1A:18:79:16:CB:AC:7F:F1:99:85:8B:DF:B3
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:2d:89:60:62:df:4c:89:99:af:61:ae:2f:f8:bf:13:2d:f5:
         98:4f:45:9c:f4:87:93:c2:72:99:d8:73:ff:1c:d2:2f:01:ec:
         dc:ea:eb:90:aa:2e:70:34:6f:c1:4a:30:fc:87:61:21:ef:76:
         16:b5:0b:b2:14:a9:d3:90:4e:a7:d5:31:a3:cc:90:33:6b:00:
         ca:30:88:f6:7a:08:5a:be:8e:1b:a9:53:3d:44:94:58:4b:84:
         b8:85:46:ea:90:55:2d:40:a2:a0:2b:9c:ef:fa:7d:13:62:56:
         ba:e4:82:01:99:5b:f8:9b:a7:ae:22:9f:6d:fd:7e:29:a7:a0:
         0b:01:10:3c:16:cd:a1:b2:7f:c1:7d:fc:65:10:84:7d:f2:20:
         bb:5e:8d:a5:99:4e:07:cf:81:72:f3:18:85:06:4a:50:8e:fe:
         bf:75:de:ab:85:f7:7c:a5:42:37:7b:24:a6:7c:12:f5:7f:53:
         fe:76:d4:d0:6f:9d:0f:8d:07:d1:a8:e8:e4:c7:07:c0:c3:25:
         f7:06:87:03:17:1c:41:3e:75:b6:a4:98:fb:f9:16:d2:70:b9:
         1f:52:03:15:ab:76:0a:ad:07:86:c7:8a:9f:5f:6b:f9:85:76:
         68:19:86:7e:f3:65:e2:28:01:68:6c:26:c4:95:e1:00:09:ab:
         a0:73:e4:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2jua5IhRQJptQlI7O9FoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjQxMTI2MTkwMjA5WhcNMjQxMTI3MTkwMjA5WjAzMTEwLwYDVQQD
EyhjOTMwMTE4MDgzNGYzYTFhMTg3OTE2Y2JhYzdmZjE5OTg1OGJkZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmARIvsFbT790XZCQIHLpdYv1Kbs0
1sTnEqCxgdRu0vpffcJWY7wCDTDW13EPxAqK9z3ZXTc35MA0rjNGGnEk9lyFu50o
m0afu+OLkH0Fg5KogNHxClOYf8N/Da4e3nLdWK0VMrDgCsf6Q+C0B4KeUdlSTuuu
ZAk2fDGTSu4DHBUALbtV5aYxKUWIOUXnmTPv2aNrwj5GDM9MUmBD1j9bhdHJsBC2
AG5hGffplw9L6C+tupKk0zcinfPsW+UcRTWXQ43hjL7Bz7W4y+d+YU9ZbvI+jtbV
DllwRdoUHf1/DwM06fXEHvguRgZvWkxLjwelex+Q14anGPufC+8ZSOtBTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkwEYCDTzoaGHkWy6x/8ZmFi9+zMB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOy2JYGLf
TImZr2GuL/i/Ey31mE9FnPSHk8Jymdhz/xzSLwHs3OrrkKoucDRvwUow/IdhIe92
FrULshSp05BOp9Uxo8yQM2sAyjCI9noIWr6OG6lTPUSUWEuEuIVG6pBVLUCioCuc
7/p9E2JWuuSCAZlb+JunriKfbf1+KaegCwEQPBbNobJ/wX38ZRCEffIgu16NpZlO
B8+BcvMYhQZKUI7+v3Xeq4X3fKVCN3skpnwS9X9T/nbU0G+dD40H0ajo5McHwMMl
9waHAxccQT51tqSY+/kW0nC5H1IDFat2Cq0HhseKn19r+YV2aBmGfvNl4igBaGwm
xJXhAAmroHPkLA==
-----END CERTIFICATE-----