Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
File:                     IEBQzFlTby2UB2koI4kMzdqFRQg.mft (raw, json)
Hash identifier:          BL+CSWth5RYRq6PyOoLhIsbxpI5LqCOvfMrsmsjje18=
Subject key identifier:   FE:0A:72:AF:C3:BE:82:89:76:9D:65:EC:B1:D1:CD:14:D0:1B:95:73
Authority key identifier: 20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08
Certificate issuer:       /CN=204050cc59536f2d9407692823890ccdda854508
Certificate serial:       019356BFC4AC30177138A843B96C8053A08A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
Manifest number:          0180
Signing time:             Sat 23 Nov 2024 02:00:28 +0000
Manifest this update:     Sat 23 Nov 2024 02:00:28 +0000
Manifest next update:     Sun 24 Nov 2024 02:00:28 +0000
Files and hashes:         1: IEBQzFlTby2UB2koI4kMzdqFRQg.crl (hash: VEnzqQh+mdJjntyapcErxkKPLZLQV68xwxnkNvavg84=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:bf:c4:ac:30:17:71:38:a8:43:b9:6c:80:53:a0:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=204050cc59536f2d9407692823890ccdda854508
        Validity
            Not Before: Nov 23 02:00:28 2024 GMT
            Not After : Nov 24 02:00:28 2024 GMT
        Subject: CN=fe0a72afc3be8289769d65ecb1d1cd14d01b9573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:e4:2b:ac:b2:9d:a5:cc:9e:38:b3:b7:d3:81:
                    35:65:f3:d3:58:38:7b:68:5f:65:1c:be:90:99:39:
                    b3:63:6d:2e:ff:f6:31:2a:01:a3:62:ec:27:e9:cb:
                    d8:fa:a8:01:b0:58:51:2c:a2:c5:19:83:3e:4b:35:
                    30:71:46:70:c0:dc:1e:94:5c:d7:2c:28:53:45:45:
                    fc:5a:be:89:da:9a:2e:13:51:68:a2:a1:a4:4e:0f:
                    0c:09:e6:0b:12:fa:ab:61:c9:31:c6:c4:dc:c8:93:
                    c3:a7:0c:80:64:3d:79:d9:2c:83:fc:6c:30:64:f6:
                    0f:c5:76:ea:c0:5a:7e:d1:fb:f9:f3:da:1f:34:b2:
                    ad:ca:19:85:dc:14:f0:b9:8a:dc:5b:33:0b:12:ef:
                    30:fb:86:11:31:fc:92:3b:d9:31:a5:cc:f2:5b:ad:
                    0b:5b:b4:f9:b5:72:c1:a5:d4:85:78:91:9e:01:98:
                    80:fc:64:27:de:02:12:b3:33:f8:7b:d2:98:33:8c:
                    d6:d4:c4:61:14:67:7f:d6:75:b8:30:e1:6a:74:96:
                    e6:0c:a7:00:ea:46:83:90:b0:63:5c:5a:93:f3:bb:
                    6a:c4:37:ab:6e:c9:12:6e:08:c7:70:26:c2:1c:2e:
                    33:5c:a3:51:44:b7:3d:cf:de:f3:1d:7b:be:9d:b7:
                    d5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:0A:72:AF:C3:BE:82:89:76:9D:65:EC:B1:D1:CD:14:D0:1B:95:73
            X509v3 Authority Key Identifier:
                keyid:20:40:50:CC:59:53:6F:2D:94:07:69:28:23:89:0C:CD:DA:85:45:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEBQzFlTby2UB2koI4kMzdqFRQg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/0455d5-ae56-4820-a1e9-9b437dbfd353/1/IEBQzFlTby2UB2koI4kMzdqFRQg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:f3:62:fd:79:d1:74:d6:de:76:5c:74:31:f9:f1:3d:04:76:
         39:d9:06:09:91:67:e6:46:42:af:f0:5d:70:45:fb:b6:b3:8a:
         35:5c:e1:67:98:80:c5:64:97:c7:6b:81:2e:e6:08:e8:2d:5d:
         3d:be:1e:77:b3:d8:72:8e:68:82:4d:da:bb:8c:97:5d:ca:f2:
         7d:6a:3c:da:ae:a6:f9:38:25:56:d5:fb:cc:81:f0:af:5c:dd:
         72:3a:b4:56:50:0d:00:7a:45:53:7b:cf:64:1f:4d:61:c6:c7:
         36:c3:53:a9:69:62:26:d8:46:c2:c7:9d:f6:e0:67:0c:aa:c8:
         92:8b:48:e7:cd:2b:32:0c:31:c2:d7:0e:6d:b3:ac:02:c4:5b:
         3d:92:5f:f3:07:40:7d:d9:98:e4:22:f5:eb:55:da:6c:02:04:
         f9:0c:00:02:6f:2e:f6:00:77:5b:8d:6c:9f:71:b0:26:07:a8:
         e6:f9:e1:80:0e:1c:98:4c:1d:52:64:e7:70:e9:3c:36:6c:a3:
         5e:86:42:35:d8:b2:ce:29:ab:4f:69:0b:6d:2a:b9:6b:7a:1f:
         6c:05:13:63:82:38:64:5e:01:fd:e2:33:65:8d:d0:b5:99:63:
         b8:18:6c:42:91:15:99:7f:30:c3:80:2d:b0:34:04:f0:68:8e:
         21:f6:77:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWv8SsMBdxOKhDuWyAU6CKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNDA1MGNjNTk1MzZmMmQ5NDA3NjkyODIzODkwY2NkZGE4
NTQ1MDgwHhcNMjQxMTIzMDIwMDI4WhcNMjQxMTI0MDIwMDI4WjAzMTEwLwYDVQQD
EyhmZTBhNzJhZmMzYmU4Mjg5NzY5ZDY1ZWNiMWQxY2QxNGQwMWI5NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eQrrLKdpcyeOLO304E1ZfPTWDh7
aF9lHL6QmTmzY20u//YxKgGjYuwn6cvY+qgBsFhRLKLFGYM+SzUwcUZwwNwelFzX
LChTRUX8Wr6J2pouE1FooqGkTg8MCeYLEvqrYckxxsTcyJPDpwyAZD152SyD/Gww
ZPYPxXbqwFp+0fv589ofNLKtyhmF3BTwuYrcWzMLEu8w+4YRMfySO9kxpczyW60L
W7T5tXLBpdSFeJGeAZiA/GQn3gISszP4e9KYM4zW1MRhFGd/1nW4MOFqdJbmDKcA
6kaDkLBjXFqT87tqxDerbskSbgjHcCbCHC4zXKNRRLc9z97zHXu+nbfVvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4Kcq/DvoKJdp1l7LHRzRTQG5VzMB8GA1UdIwQY
MBaAFCBAUMxZU28tlAdpKCOJDM3ahUUIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTkt
OWI0MzdkYmZkMzUzLzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wNDU1ZDUtYWU1Ni00ODIwLWExZTktOWI0MzdkYmZkMzUz
LzEvSUVCUXpGbFRieTJVQjJrb0k0a016ZHFGUlFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAafNi/XnR
dNbedlx0MfnxPQR2OdkGCZFn5kZCr/BdcEX7trOKNVzhZ5iAxWSXx2uBLuYI6C1d
Pb4ed7PYco5ogk3au4yXXcryfWo82q6m+TglVtX7zIHwr1zdcjq0VlANAHpFU3vP
ZB9NYcbHNsNTqWliJthGwsed9uBnDKrIkotI580rMgwxwtcObbOsAsRbPZJf8wdA
fdmY5CL161XabAIE+QwAAm8u9gB3W41sn3GwJgeo5vnhgA4cmEwdUmTncOk8Nmyj
XoZCNdiyzimrT2kLbSq5a3ofbAUTY4I4ZF4B/eIzZY3QtZljuBhsQpEVmX8ww4At
sDQE8GiOIfZ3Wg==
-----END CERTIFICATE-----