Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          DAGrNT133YK2Q+pMU/VleYvINyBeYwjQcxoRsZmaGWo=
Subject key identifier:   B6:F7:23:A1:98:06:80:5C:E0:82:B5:3F:56:33:D6:F1:AB:E6:FA:E1
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       019364E9293D7C2ED7F2AEF950B992AF77A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          10B2
Signing time:             Mon 25 Nov 2024 20:00:21 +0000
Manifest this update:     Mon 25 Nov 2024 20:00:21 +0000
Manifest next update:     Tue 26 Nov 2024 20:00:21 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: Imj+bLL4GZEbfosHkv545/SQc7yooBpqf6G/WaVxWH0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 20:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:e9:29:3d:7c:2e:d7:f2:ae:f9:50:b9:92:af:77:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: Nov 25 20:00:21 2024 GMT
            Not After : Nov 26 20:00:21 2024 GMT
        Subject: CN=b6f723a19806805ce082b53f5633d6f1abe6fae1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:0a:ce:48:43:62:f0:a0:88:ae:9c:b1:38:3f:
                    af:c2:07:94:c7:03:9a:cd:40:2d:8f:a0:ec:aa:33:
                    e4:82:53:86:7b:a6:05:41:e0:7e:71:b3:44:9b:ec:
                    cd:47:70:db:47:e4:c9:ca:f3:87:bf:b1:d8:5d:98:
                    86:0e:d9:30:a5:35:c5:a8:e5:b1:b6:80:99:a8:b7:
                    ea:fb:ae:53:5a:de:90:6a:cd:b3:a5:f6:7e:ad:73:
                    d9:16:49:26:35:e8:55:a7:4b:4a:92:d8:d9:3e:01:
                    ac:bf:35:8d:af:b4:c4:3c:ca:f9:58:14:22:f9:8b:
                    5c:6e:d4:64:35:eb:0d:84:e9:e2:3e:18:32:34:15:
                    35:0c:ef:0c:28:44:05:d6:47:24:50:19:cd:94:35:
                    c0:61:e1:03:33:71:f0:85:24:da:99:cd:44:04:f3:
                    ed:a0:09:a1:49:f9:b4:e2:b4:ab:5f:81:97:46:e1:
                    4e:46:d1:8e:0d:e6:22:f1:14:1b:9b:e1:91:6a:27:
                    f5:6b:d2:12:e6:5f:a2:47:b0:81:66:a9:6e:df:45:
                    b1:05:a1:1b:80:fb:c4:c5:ef:ea:18:c2:79:41:a5:
                    2d:8e:4f:4f:13:a7:36:d5:2a:fa:65:b3:b4:fa:a8:
                    ef:57:00:a8:e6:7f:be:02:37:4e:84:48:21:93:55:
                    5e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:F7:23:A1:98:06:80:5C:E0:82:B5:3F:56:33:D6:F1:AB:E6:FA:E1
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f9:8f:1e:54:47:59:8f:c0:45:a1:4b:7f:22:b2:4e:bc:64:
         41:63:25:9c:b3:46:ba:93:87:a7:bc:fd:c0:59:b9:4a:5e:28:
         f5:b9:06:94:c0:93:2b:8a:47:13:64:3e:a0:11:60:0a:36:11:
         7c:29:fb:b0:14:bb:cb:70:32:cb:6c:57:07:37:40:a0:c9:4e:
         0c:31:e1:c2:ab:c0:28:a4:0a:a7:cb:fc:aa:89:f3:80:2d:01:
         3e:14:4d:f7:10:19:05:54:59:7f:cd:22:b8:cd:e2:0f:16:7d:
         ec:6e:0f:7d:a8:80:5c:af:8e:b0:21:a5:6e:e3:c4:b7:e7:5d:
         31:2d:39:7d:8e:16:69:78:24:a4:ba:43:e8:76:e1:75:ef:2c:
         29:38:05:e1:db:79:4c:6f:ab:89:91:4e:05:d6:5e:35:ee:d8:
         41:24:ba:15:d3:43:0f:68:bf:ce:50:d5:8a:e2:d5:26:df:5f:
         5b:d0:53:ad:88:cd:ea:a2:5d:14:22:71:ca:7a:d6:d6:be:db:
         6a:dd:f5:f1:c6:fe:ef:98:5a:49:5f:01:00:56:08:19:5f:89:
         73:97:e2:fd:1f:d0:03:15:32:b7:fc:0c:46:93:ba:2b:65:e1:
         4f:71:c0:21:f8:10:83:e2:b6:7f:c4:b8:5e:78:0e:3f:da:c3:
         2a:16:dd:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNk6Sk9fC7X8q75ULmSr3epMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjQxMTI1MjAwMDIxWhcNMjQxMTI2MjAwMDIxWjAzMTEwLwYDVQQD
EyhiNmY3MjNhMTk4MDY4MDVjZTA4MmI1M2Y1NjMzZDZmMWFiZTZmYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsArOSENi8KCIrpyxOD+vwgeUxwOa
zUAtj6DsqjPkglOGe6YFQeB+cbNEm+zNR3DbR+TJyvOHv7HYXZiGDtkwpTXFqOWx
toCZqLfq+65TWt6Qas2zpfZ+rXPZFkkmNehVp0tKktjZPgGsvzWNr7TEPMr5WBQi
+YtcbtRkNesNhOniPhgyNBU1DO8MKEQF1kckUBnNlDXAYeEDM3HwhSTamc1EBPPt
oAmhSfm04rSrX4GXRuFORtGODeYi8RQbm+GRaif1a9IS5l+iR7CBZqlu30WxBaEb
gPvExe/qGMJ5QaUtjk9PE6c21Sr6ZbO0+qjvVwCo5n++AjdOhEghk1VebwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLb3I6GYBoBc4IK1P1Yz1vGr5vrhMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPmPHlRH
WY/ARaFLfyKyTrxkQWMlnLNGupOHp7z9wFm5Sl4o9bkGlMCTK4pHE2Q+oBFgCjYR
fCn7sBS7y3Ayy2xXBzdAoMlODDHhwqvAKKQKp8v8qonzgC0BPhRN9xAZBVRZf80i
uM3iDxZ97G4PfaiAXK+OsCGlbuPEt+ddMS05fY4WaXgkpLpD6Hbhde8sKTgF4dt5
TG+riZFOBdZeNe7YQSS6FdNDD2i/zlDViuLVJt9fW9BTrYjN6qJdFCJxynrW1r7b
at318cb+75haSV8BAFYIGV+Jc5fi/R/QAxUyt/wMRpO6K2XhT3HAIfgQg+K2f8S4
XngOP9rDKhbdAg==
-----END CERTIFICATE-----