Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File:                     z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier:          SJEcf8FixvZEX71PH0a5KEHmXKABTVhNIiDhu+6jIzM=
Subject key identifier:   8F:7A:A0:21:DA:80:68:90:00:13:57:21:01:A4:16:5D:8E:1E:81:82
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer:       /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial:       01936AB4D9ADFF3290862325CDC5E5642E80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 23:00:57 +0000
Manifest this update:     Tue 26 Nov 2024 23:00:57 +0000
Manifest next update:     Wed 27 Nov 2024 23:00:57 +0000
Files and hashes:         1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: C2weNOo/iHoxLVZBp0OzTJNCRPk3wwM+Dm2XT2yoLn4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:b4:d9:ad:ff:32:90:86:23:25:cd:c5:e5:64:2e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
        Validity
            Not Before: Nov 26 23:00:57 2024 GMT
            Not After : Nov 27 23:00:57 2024 GMT
        Subject: CN=8f7aa021da8068900013572101a4165d8e1e8182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:36:c7:3e:f3:24:56:20:77:ca:f2:80:20:39:
                    cc:02:e2:e2:46:cf:54:81:6e:ae:69:8a:5f:f2:62:
                    21:7b:3e:f1:4f:b3:dd:f2:dd:35:67:ac:3b:bf:ba:
                    d3:06:98:7f:13:dd:a2:df:0a:f9:64:b3:f6:89:aa:
                    47:2e:a8:40:e4:8e:69:8d:03:66:57:96:b7:33:5b:
                    80:0c:f6:29:3a:7a:09:27:72:57:b4:6c:47:1f:1e:
                    cc:91:71:b2:de:17:11:aa:08:18:21:4a:28:80:0e:
                    88:ea:f2:68:c7:09:23:fe:7c:db:72:59:d8:44:31:
                    be:74:bd:0d:76:5f:ef:3e:10:f1:1e:43:76:68:c3:
                    28:b2:0d:91:60:06:bb:8f:38:5a:62:02:96:09:75:
                    89:8c:71:0f:dd:91:67:a4:3a:0e:de:f6:bd:14:d3:
                    21:4c:6a:6a:b8:36:0c:40:9f:73:58:3d:a5:bf:83:
                    ec:b7:42:2d:6f:81:bd:af:7d:7d:a2:6a:73:36:d4:
                    6c:9c:7b:1c:b3:c1:16:7d:7d:70:d2:18:0f:d3:a1:
                    95:f0:6b:e4:e9:34:0f:1b:43:e5:81:b5:99:c5:e2:
                    5a:f7:18:ed:aa:31:8f:6d:8a:f1:e7:5f:ab:d0:0f:
                    01:47:d7:26:bb:b2:79:95:9c:53:d5:8e:76:e5:da:
                    83:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:7A:A0:21:DA:80:68:90:00:13:57:21:01:A4:16:5D:8E:1E:81:82
            X509v3 Authority Key Identifier:
                keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:3c:d7:f4:c0:67:62:fc:48:f5:e9:41:62:f0:eb:7c:15:e9:
         b6:7c:a0:67:9f:34:90:88:9d:22:09:cf:c3:4a:50:84:f4:1b:
         3c:33:11:ae:80:fd:76:53:98:d3:0a:e0:8b:82:9d:42:dd:3b:
         22:cd:61:40:c0:84:e7:5b:79:a8:8e:c6:53:6e:6b:f7:fb:12:
         40:c0:22:a3:7d:b6:d1:7c:6a:dc:48:ea:48:20:a9:a0:56:a4:
         5c:31:b7:88:62:79:36:10:66:f8:52:c1:d3:32:23:e2:39:85:
         87:32:41:fc:c3:ff:d3:8c:dc:e5:6c:40:15:3e:3a:2f:b5:51:
         c9:a0:9d:60:0e:cd:12:34:e6:f3:1d:3a:58:5b:c6:4d:66:13:
         51:60:dc:de:58:e7:f4:47:11:46:ef:4e:a5:1b:ab:13:4e:d6:
         72:6a:74:9c:2c:ec:14:ea:29:19:e2:09:79:20:35:69:b5:29:
         5f:bb:20:6f:dd:a1:fb:2d:9a:d0:ee:98:0f:99:30:a4:52:99:
         69:7a:e8:fb:87:c1:47:ff:6d:27:37:45:62:2d:30:95:bc:9d:
         12:0e:84:6e:b4:13:5b:2b:7b:df:91:93:3c:d0:52:0b:f8:77:
         94:e6:49:fa:19:a8:4a:5c:f0:6b:bf:da:2e:75:ac:63:49:da:
         b2:38:b7:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqtNmt/zKQhiMlzcXlZC6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjQxMTI2MjMwMDU3WhcNMjQxMTI3MjMwMDU3WjAzMTEwLwYDVQQD
Eyg4ZjdhYTAyMWRhODA2ODkwMDAxMzU3MjEwMWE0MTY1ZDhlMWU4MTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTbHPvMkViB3yvKAIDnMAuLiRs9U
gW6uaYpf8mIhez7xT7Pd8t01Z6w7v7rTBph/E92i3wr5ZLP2iapHLqhA5I5pjQNm
V5a3M1uADPYpOnoJJ3JXtGxHHx7MkXGy3hcRqggYIUoogA6I6vJoxwkj/nzbclnY
RDG+dL0Ndl/vPhDxHkN2aMMosg2RYAa7jzhaYgKWCXWJjHEP3ZFnpDoO3va9FNMh
TGpquDYMQJ9zWD2lv4Pst0Itb4G9r319ompzNtRsnHscs8EWfX1w0hgP06GV8Gvk
6TQPG0PlgbWZxeJa9xjtqjGPbYrx51+r0A8BR9cmu7J5lZxT1Y525dqDvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI96oCHagGiQABNXIQGkFl2OHoGCMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUjzX9MBn
YvxI9elBYvDrfBXptnygZ580kIidIgnPw0pQhPQbPDMRroD9dlOY0wrgi4KdQt07
Is1hQMCE51t5qI7GU25r9/sSQMAio3220Xxq3EjqSCCpoFakXDG3iGJ5NhBm+FLB
0zIj4jmFhzJB/MP/04zc5WxAFT46L7VRyaCdYA7NEjTm8x06WFvGTWYTUWDc3ljn
9EcRRu9OpRurE07Wcmp0nCzsFOopGeIJeSA1abUpX7sgb92h+y2a0O6YD5kwpFKZ
aXro+4fBR/9tJzdFYi0wlbydEg6EbrQTWyt735GTPNBSC/h3lOZJ+hmoSlzwa7/a
LnWsY0nasji3Og==
-----END CERTIFICATE-----