Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
File:                     AZYrnNLlVrWW_HJDVlgHueLchoo.mft (raw, json)
Hash identifier:          5XoixE6KCT0xscl7NY8c0Z0PhmWBi1AaPrSasBMqbWk=
Subject key identifier:   1E:F5:B3:FB:00:41:3E:8D:A7:64:9E:DF:81:84:50:E5:9B:B0:84:35
Authority key identifier: 01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A
Certificate issuer:       /CN=01962b9cd2e556b596fc7243565807b9e2dc868a
Certificate serial:       0193568A1513C2502C7E8153A67049B1F3EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
Manifest number:          047A
Signing time:             Sat 23 Nov 2024 01:01:50 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:50 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:50 +0000
Files and hashes:         1: AZYrnNLlVrWW_HJDVlgHueLchoo.crl (hash: 7gBztPMhNMi4KhOetZmah6+ZmO5PGOwjN5mflSUztVM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:15:13:c2:50:2c:7e:81:53:a6:70:49:b1:f3:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01962b9cd2e556b596fc7243565807b9e2dc868a
        Validity
            Not Before: Nov 23 01:01:50 2024 GMT
            Not After : Nov 24 01:01:50 2024 GMT
        Subject: CN=1ef5b3fb00413e8da7649edf818450e59bb08435
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:3e:39:ea:35:5d:c9:3a:02:d6:ef:30:f7:93:
                    52:6d:d7:f4:3d:77:0e:0e:87:50:4a:5f:82:81:7a:
                    f9:63:a3:31:34:71:84:3f:5d:60:e3:0c:22:21:fe:
                    4d:fc:ca:8e:05:cf:d7:4a:cc:6d:88:ae:19:a8:38:
                    7d:f5:d8:ff:82:ab:1c:53:4e:ec:3a:b4:f2:e3:fc:
                    c7:d1:00:bd:4d:47:6d:68:17:3a:a7:3a:33:79:76:
                    f6:21:9b:9b:b9:a9:f8:fd:d4:ec:47:05:f8:04:d5:
                    51:ce:a6:91:de:17:66:fa:3e:3c:90:2d:46:94:e6:
                    63:6b:33:17:89:28:37:88:9c:e9:e2:63:95:f3:ec:
                    8b:50:28:32:3a:9f:8b:c1:96:00:01:ac:1a:23:c7:
                    3f:47:55:ea:70:0b:55:1f:b8:c7:a6:77:69:e0:72:
                    e6:1b:c9:ad:a2:a0:53:b1:c4:90:f9:e1:2c:92:4b:
                    e2:c9:66:5a:dc:7a:75:f6:b3:b9:24:fa:24:3a:13:
                    96:8f:e0:f5:c8:c6:4a:3d:35:fa:ef:b1:ab:9c:a8:
                    fd:b4:eb:7a:97:3a:55:07:9d:cf:63:1d:c2:0a:1d:
                    21:7a:cc:5f:df:b8:38:9e:ec:66:5b:68:7e:3c:c0:
                    be:12:a2:64:7a:8a:36:77:96:f7:13:dc:45:b0:5d:
                    53:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:F5:B3:FB:00:41:3E:8D:A7:64:9E:DF:81:84:50:E5:9B:B0:84:35
            X509v3 Authority Key Identifier:
                keyid:01:96:2B:9C:D2:E5:56:B5:96:FC:72:43:56:58:07:B9:E2:DC:86:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZYrnNLlVrWW_HJDVlgHueLchoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/e21b69-9df9-48a3-a1e1-70342a2e7533/1/AZYrnNLlVrWW_HJDVlgHueLchoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         55:54:f7:41:56:35:7c:2c:c7:95:18:de:dc:59:e1:22:33:51:
         2c:66:a0:1b:33:7a:7e:ad:95:45:d5:30:66:ea:5f:db:19:57:
         28:1f:66:81:48:2a:a6:24:c6:7e:9d:55:c2:e9:79:38:af:dc:
         d9:61:d4:07:20:41:86:a9:6e:e3:4b:eb:1c:4e:d3:ec:13:3a:
         7e:8f:61:eb:ad:76:5b:04:6c:18:93:c7:69:60:9a:f9:3b:4f:
         a6:d5:34:6a:f6:41:f1:42:a3:17:6a:89:cb:23:d2:61:cf:34:
         c5:cd:1d:d7:4d:ab:78:37:dc:78:e9:fd:00:13:8e:a4:97:57:
         6f:c2:37:34:9d:22:a2:84:f4:54:5d:27:b3:84:88:f1:6d:6f:
         63:a2:1f:83:93:1f:15:bc:33:20:38:76:2c:6a:af:0e:81:a1:
         2a:2e:78:b7:ae:e7:42:11:d0:2f:a8:c1:18:cc:e4:92:cc:96:
         e2:01:48:73:4d:37:05:c9:1b:95:9d:24:3a:56:5b:b0:b2:ca:
         37:5e:e7:a7:9c:65:27:fc:ce:b5:c2:b5:99:36:d3:49:cd:0a:
         80:c3:75:f4:eb:23:74:a5:3f:0e:33:6c:4a:43:37:7f:16:8a:
         75:4e:4a:50:d8:50:b3:e1:a6:1f:8b:6e:fe:71:0e:00:41:6f:
         f3:13:53:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWihUTwlAsfoFTpnBJsfPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxOTYyYjljZDJlNTU2YjU5NmZjNzI0MzU2NTgwN2I5ZTJk
Yzg2OGEwHhcNMjQxMTIzMDEwMTUwWhcNMjQxMTI0MDEwMTUwWjAzMTEwLwYDVQQD
EygxZWY1YjNmYjAwNDEzZThkYTc2NDllZGY4MTg0NTBlNTliYjA4NDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkT456jVdyToC1u8w95NSbdf0PXcO
DodQSl+CgXr5Y6MxNHGEP11g4wwiIf5N/MqOBc/XSsxtiK4ZqDh99dj/gqscU07s
OrTy4/zH0QC9TUdtaBc6pzozeXb2IZubuan4/dTsRwX4BNVRzqaR3hdm+j48kC1G
lOZjazMXiSg3iJzp4mOV8+yLUCgyOp+LwZYAAawaI8c/R1XqcAtVH7jHpndp4HLm
G8mtoqBTscSQ+eEskkviyWZa3Hp19rO5JPokOhOWj+D1yMZKPTX677GrnKj9tOt6
lzpVB53PYx3CCh0hesxf37g4nuxmW2h+PMC+EqJkeoo2d5b3E9xFsF1TKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB71s/sAQT6Np2Se34GEUOWbsIQ1MB8GA1UdIwQY
MBaAFAGWK5zS5Va1lvxyQ1ZYB7ni3IaKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEt
NzAzNDJhMmU3NTMzLzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9lMjFiNjktOWRmOS00OGEzLWExZTEtNzAzNDJhMmU3NTMz
LzEvQVpZcm5OTGxWcldXX0hKRFZsZ0h1ZUxjaG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVVT3QVY1
fCzHlRje3FnhIjNRLGagGzN6fq2VRdUwZupf2xlXKB9mgUgqpiTGfp1Vwul5OK/c
2WHUByBBhqlu40vrHE7T7BM6fo9h6612WwRsGJPHaWCa+TtPptU0avZB8UKjF2qJ
yyPSYc80xc0d102reDfceOn9ABOOpJdXb8I3NJ0iooT0VF0ns4SI8W1vY6Ifg5Mf
FbwzIDh2LGqvDoGhKi54t67nQhHQL6jBGMzkksyW4gFIc003BckblZ0kOlZbsLLK
N17np5xlJ/zOtcK1mTbTSc0KgMN19OsjdKU/DjNsSkM3fxaKdU5KUNhQs+GmH4tu
/nEOAEFv8xNTww==
-----END CERTIFICATE-----