Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
File:                     Iu8SfmGVSrmJNlydukuMBkzu2fA.mft (raw, json)
Hash identifier:          k9Tf92LoL8pX5+OKQ4ymUpo0blYIGGeMDUZo5MjJwwY=
Subject key identifier:   93:ED:D3:02:DD:EC:7C:FF:54:80:61:FA:3F:34:68:5E:37:E0:F4:0C
Authority key identifier: 22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0
Certificate issuer:       /CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
Certificate serial:       01907050B7CA690F508B61BC6861CF02E3E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
Manifest number:          48
Signing time:             Mon 01 Jul 2024 22:00:56 +0000
Manifest this update:     Mon 01 Jul 2024 22:00:56 +0000
Manifest next update:     Tue 02 Jul 2024 22:00:56 +0000
Files and hashes:         1: Iu8SfmGVSrmJNlydukuMBkzu2fA.crl (hash: m95rHUKKZsm5GxzDWKGooYErhn0gHGHmAshiQ93uqjM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 02 Jul 2024 21:43:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:70:50:b7:ca:69:0f:50:8b:61:bc:68:61:cf:02:e3:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22ef127e61954ab989365c9dba4b8c064ceed9f0
        Validity
            Not Before: Jul  1 22:00:56 2024 GMT
            Not After : Jul  2 22:00:56 2024 GMT
        Subject: CN=93edd302ddec7cff548061fa3f34685e37e0f40c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:7a:d9:d2:21:7a:44:13:6a:e6:47:7b:60:8e:
                    c3:17:eb:a6:68:23:98:3a:9b:8b:65:74:bf:3c:c3:
                    61:ab:4e:77:ee:d9:89:d0:19:a7:47:5c:93:b9:93:
                    1a:a6:d0:e0:d9:da:27:d8:1b:24:97:8d:7e:0b:9a:
                    2c:3d:4b:cc:3d:6c:c4:d8:b9:63:6c:29:d2:77:ff:
                    7d:ec:ee:83:75:f2:7f:95:fd:db:86:8c:a7:38:d9:
                    bd:f0:cb:bc:a6:fb:11:ad:8b:09:51:62:32:72:3a:
                    20:5d:b1:0e:c3:fb:82:a8:9b:a0:39:a6:1d:d0:15:
                    c6:5a:f3:49:1f:3c:1a:0a:c6:7e:29:1c:85:5a:83:
                    a5:45:ef:a3:9c:6d:bb:cb:ac:88:66:2d:5b:0e:a5:
                    a5:ea:a6:7a:de:df:b9:7d:4b:87:fb:23:76:2f:9a:
                    b4:30:90:b3:40:f6:e0:ff:a3:53:34:8e:45:4e:98:
                    dd:ad:13:12:91:c5:d1:12:92:42:20:f3:51:d4:e9:
                    fb:6f:62:90:7f:ad:47:16:74:fb:98:f7:27:6b:77:
                    a6:51:db:86:d7:ef:9c:dc:21:d3:d4:0e:ac:87:19:
                    07:b6:38:08:c4:cf:c4:97:50:dd:de:53:ec:8a:c8:
                    b8:b3:08:d1:71:15:a4:cc:f6:9c:2a:94:af:17:6e:
                    e3:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:ED:D3:02:DD:EC:7C:FF:54:80:61:FA:3F:34:68:5E:37:E0:F4:0C
            X509v3 Authority Key Identifier:
                keyid:22:EF:12:7E:61:95:4A:B9:89:36:5C:9D:BA:4B:8C:06:4C:EE:D9:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iu8SfmGVSrmJNlydukuMBkzu2fA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/839828-ce59-4d22-a621-8c6aa10695b2/1/Iu8SfmGVSrmJNlydukuMBkzu2fA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:58:51:20:d5:5e:41:c8:4a:c5:83:c4:82:15:de:e9:c4:69:
         6a:3d:6a:2e:5a:8e:58:b4:bf:a3:a9:c4:3d:65:e6:48:94:2e:
         ad:d7:ef:f5:5d:7e:15:90:de:dd:bb:88:e1:37:52:d8:73:e8:
         b0:93:68:e9:30:86:d3:0a:a9:54:b8:e9:45:6d:e9:13:08:dc:
         c9:55:1f:cd:a6:82:d2:f1:6e:a6:b5:bc:43:20:c4:a6:14:9d:
         83:63:ac:63:b2:9b:12:fd:a4:6b:66:2d:0e:8f:b1:15:4e:a9:
         c3:fe:03:82:8e:5c:e4:bb:63:90:9a:8e:67:73:6e:ee:96:f3:
         fc:94:37:f7:ce:91:ef:ec:bc:57:13:a8:da:1f:ff:73:db:32:
         f4:3e:82:cc:03:56:8d:db:8c:03:e9:c5:82:01:25:c5:b1:9b:
         07:9e:c6:5f:91:e9:7f:8f:65:75:72:07:50:07:e6:5e:26:70:
         c0:e3:08:4a:01:e3:2a:61:74:2a:09:be:22:64:17:a6:d5:63:
         7b:61:34:87:49:3a:ec:eb:f3:40:41:a9:83:80:e8:48:eb:87:
         8b:2a:ab:40:b6:5c:a1:1b:d4:4c:f3:b1:c5:09:72:ad:fc:ae:
         67:22:80:3d:71:76:1c:43:8a:9a:b1:ae:5d:72:bf:2a:09:60:
         d3:8f:f8:f3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBwULfKaQ9Qi2G8aGHPAuPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZWYxMjdlNjE5NTRhYjk4OTM2NWM5ZGJhNGI4YzA2NGNl
ZWQ5ZjAwHhcNMjQwNzAxMjIwMDU2WhcNMjQwNzAyMjIwMDU2WjAzMTEwLwYDVQQD
Eyg5M2VkZDMwMmRkZWM3Y2ZmNTQ4MDYxZmEzZjM0Njg1ZTM3ZTBmNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonrZ0iF6RBNq5kd7YI7DF+umaCOY
OpuLZXS/PMNhq0537tmJ0BmnR1yTuZMaptDg2don2Bskl41+C5osPUvMPWzE2Llj
bCnSd/997O6DdfJ/lf3bhoynONm98Mu8pvsRrYsJUWIycjogXbEOw/uCqJugOaYd
0BXGWvNJHzwaCsZ+KRyFWoOlRe+jnG27y6yIZi1bDqWl6qZ63t+5fUuH+yN2L5q0
MJCzQPbg/6NTNI5FTpjdrRMSkcXREpJCIPNR1On7b2KQf61HFnT7mPcna3emUduG
1++c3CHT1A6shxkHtjgIxM/El1Dd3lPsisi4swjRcRWkzPacKpSvF27jkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPt0wLd7Hz/VIBh+j80aF434PQMMB8GA1UdIwQY
MBaAFCLvEn5hlUq5iTZcnbpLjAZM7tnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEt
OGM2YWExMDY5NWIyLzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy84Mzk4MjgtY2U1OS00ZDIyLWE2MjEtOGM2YWExMDY5NWIy
LzEvSXU4U2ZtR1ZTcm1KTmx5ZHVrdU1Ca3p1MmZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnFhRINVe
QchKxYPEghXe6cRpaj1qLlqOWLS/o6nEPWXmSJQurdfv9V1+FZDe3buI4TdS2HPo
sJNo6TCG0wqpVLjpRW3pEwjcyVUfzaaC0vFuprW8QyDEphSdg2OsY7KbEv2ka2Yt
Do+xFU6pw/4Dgo5c5LtjkJqOZ3Nu7pbz/JQ3986R7+y8VxOo2h//c9sy9D6CzANW
jduMA+nFggElxbGbB57GX5Hpf49ldXIHUAfmXiZwwOMISgHjKmF0Kgm+ImQXptVj
e2E0h0k67OvzQEGpg4DoSOuHiyqrQLZcoRvUTPOxxQlyrfyuZyKAPXF2HEOKmrGu
XXK/Kglg04/48w==
-----END CERTIFICATE-----