Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
File:                     Bv170s3aV23AzQiOvm7mAZceEjQ.mft (raw, json)
Hash identifier:          2VwvSlwkCoYgR82izbBU8WD3fyL7aYU9K8ssihroywE=
Subject key identifier:   8E:C1:A4:BD:B9:B6:D7:A0:F5:A5:1A:60:CE:65:A1:FA:A9:74:6C:D6
Authority key identifier: 06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34
Certificate issuer:       /CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
Certificate serial:       019368C6568135060B8B0877D428BC15307C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
Manifest number:          0B51
Signing time:             Tue 26 Nov 2024 14:00:48 +0000
Manifest this update:     Tue 26 Nov 2024 14:00:48 +0000
Manifest next update:     Wed 27 Nov 2024 14:00:48 +0000
Files and hashes:         1: Bv170s3aV23AzQiOvm7mAZceEjQ.crl (hash: 1o80+rCgO4XzFK440MVQqVfX4eLNl+tjliOBwntQgVs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 14:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:c6:56:81:35:06:0b:8b:08:77:d4:28:bc:15:30:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06fd7bd2cdda576dc0cd088ebe6ee601971e1234
        Validity
            Not Before: Nov 26 14:00:48 2024 GMT
            Not After : Nov 27 14:00:48 2024 GMT
        Subject: CN=8ec1a4bdb9b6d7a0f5a51a60ce65a1faa9746cd6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:18:25:2f:2b:6f:e1:98:22:13:a1:4b:cb:7c:
                    47:0e:eb:73:c0:75:83:93:c0:f4:ff:08:e5:b7:02:
                    15:a5:a9:17:80:eb:41:d5:3d:ed:24:9e:6e:59:5d:
                    45:41:c2:a5:a4:0d:91:3b:b3:84:3d:34:83:be:5f:
                    2b:e8:a2:4e:12:55:90:38:32:a2:85:91:8e:3f:9c:
                    d4:f4:e4:fb:42:7b:5c:af:2d:a0:3c:83:81:0d:ba:
                    bd:82:d4:32:2b:b9:bd:66:93:63:77:0c:b5:0a:89:
                    6e:0a:31:9a:31:22:08:5b:2d:19:83:12:b1:21:33:
                    b2:74:fc:5a:91:b0:86:0a:18:e2:10:54:5c:0a:9b:
                    cf:1f:ee:30:ef:9a:3f:19:b0:02:fa:d2:87:a8:2e:
                    aa:53:61:ae:7a:06:2f:ef:2a:84:8f:b4:4f:c5:cb:
                    82:70:40:ce:26:0b:79:02:97:6e:b6:a3:0d:a4:e2:
                    ce:68:c1:c8:5b:41:96:dc:23:61:c7:4e:37:5e:31:
                    f8:c5:e9:91:f8:bd:65:44:0d:e5:77:36:7b:a9:94:
                    23:0a:35:02:1f:e4:1b:1a:a4:af:d1:d8:19:77:ff:
                    a7:92:6d:1d:59:8d:73:78:1d:55:43:26:81:0e:b6:
                    1d:8a:e4:77:e4:95:ad:38:82:a2:24:3a:37:b6:9c:
                    71:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:C1:A4:BD:B9:B6:D7:A0:F5:A5:1A:60:CE:65:A1:FA:A9:74:6C:D6
            X509v3 Authority Key Identifier:
                keyid:06:FD:7B:D2:CD:DA:57:6D:C0:CD:08:8E:BE:6E:E6:01:97:1E:12:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bv170s3aV23AzQiOvm7mAZceEjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/620df1-34ca-4e57-b3e1-b8d4bba7021e/1/Bv170s3aV23AzQiOvm7mAZceEjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         82:60:e0:ba:ea:9e:d4:be:30:af:f9:22:ce:3c:ba:21:96:7b:
         dd:6b:fd:92:06:88:f2:13:d0:7e:88:67:6c:7b:c5:82:07:82:
         93:b3:1b:b8:5f:7a:0d:71:48:d1:b0:66:68:c8:8a:76:3d:3a:
         d9:cc:b2:ed:25:b1:47:73:13:54:8c:1d:43:05:90:d2:59:ec:
         5e:45:11:49:4b:af:82:88:78:c8:f4:ed:fb:06:d4:ed:37:63:
         e0:b0:73:04:6b:e3:fb:1f:25:ab:a6:50:15:dd:63:6f:c6:ce:
         d7:f5:f1:63:69:c9:85:2a:22:6d:93:89:5e:e3:c8:0d:87:86:
         51:fa:e3:57:e3:0b:7f:f5:fa:77:a7:fb:01:81:34:1c:11:57:
         2a:b4:89:a0:5c:76:b4:3c:10:8d:51:48:df:b7:1f:12:1a:f9:
         ec:3c:0c:24:c2:f5:41:23:bc:17:0e:f4:ae:57:fc:bb:45:f6:
         1c:53:91:32:39:86:72:cf:5b:ab:b3:49:72:c5:86:9a:75:48:
         bd:28:a5:45:b4:0f:d3:ca:04:26:ae:a4:6a:92:b0:0b:9e:98:
         b0:ef:9d:d0:4e:45:8c:a0:11:9e:dd:8f:d2:5c:d7:7c:bc:d0:
         3c:6a:d3:8c:0c:a8:5d:09:a4:b0:f6:ca:3b:d1:38:a9:37:f3:
         45:4b:79:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNoxlaBNQYLiwh31Ci8FTB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZmQ3YmQyY2RkYTU3NmRjMGNkMDg4ZWJlNmVlNjAxOTcx
ZTEyMzQwHhcNMjQxMTI2MTQwMDQ4WhcNMjQxMTI3MTQwMDQ4WjAzMTEwLwYDVQQD
Eyg4ZWMxYTRiZGI5YjZkN2EwZjVhNTFhNjBjZTY1YTFmYWE5NzQ2Y2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xglLytv4ZgiE6FLy3xHDutzwHWD
k8D0/wjltwIVpakXgOtB1T3tJJ5uWV1FQcKlpA2RO7OEPTSDvl8r6KJOElWQODKi
hZGOP5zU9OT7Qntcry2gPIOBDbq9gtQyK7m9ZpNjdwy1ColuCjGaMSIIWy0ZgxKx
ITOydPxakbCGChjiEFRcCpvPH+4w75o/GbAC+tKHqC6qU2GuegYv7yqEj7RPxcuC
cEDOJgt5ApdutqMNpOLOaMHIW0GW3CNhx043XjH4xemR+L1lRA3ldzZ7qZQjCjUC
H+QbGqSv0dgZd/+nkm0dWY1zeB1VQyaBDrYdiuR35JWtOIKiJDo3tpxxNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI7BpL25tteg9aUaYM5lofqpdGzWMB8GA1UdIwQY
MBaAFAb9e9LN2ldtwM0Ijr5u5gGXHhI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEt
YjhkNGJiYTcwMjFlLzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82MjBkZjEtMzRjYS00ZTU3LWIzZTEtYjhkNGJiYTcwMjFl
LzEvQnYxNzBzM2FWMjNBelFpT3ZtN21BWmNlRWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgmDguuqe
1L4wr/kizjy6IZZ73Wv9kgaI8hPQfohnbHvFggeCk7MbuF96DXFI0bBmaMiKdj06
2cyy7SWxR3MTVIwdQwWQ0lnsXkURSUuvgoh4yPTt+wbU7Tdj4LBzBGvj+x8lq6ZQ
Fd1jb8bO1/XxY2nJhSoibZOJXuPIDYeGUfrjV+MLf/X6d6f7AYE0HBFXKrSJoFx2
tDwQjVFI37cfEhr57DwMJML1QSO8Fw70rlf8u0X2HFORMjmGcs9bq7NJcsWGmnVI
vSilRbQP08oEJq6kapKwC56YsO+d0E5FjKARnt2P0lzXfLzQPGrTjAyoXQmksPbK
O9E4qTfzRUt5bw==
-----END CERTIFICATE-----