Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          JyRrFpBuoIlwHWtb65HMqcLjyvjVRbEI10eF1rlvYl4=
Subject key identifier:   9F:64:DA:DE:8A:29:53:C5:0B:25:28:8E:36:60:79:9D:52:61:BD:E0
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       019369DAECEED766BDD51DF7812B0BCF6FA6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          040E
Signing time:             Tue 26 Nov 2024 19:02:55 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:55 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:55 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: bRS4x/KpzIinLkGr4y1NYYvk8gdK4AZOoxvUi7XWkHo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:ec:ee:d7:66:bd:d5:1d:f7:81:2b:0b:cf:6f:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: Nov 26 19:02:55 2024 GMT
            Not After : Nov 27 19:02:55 2024 GMT
        Subject: CN=9f64dade8a2953c50b25288e3660799d5261bde0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:dc:4d:08:e6:04:34:1e:5f:39:d4:f0:b9:61:
                    79:7d:8f:02:0d:15:5b:07:b3:e3:ac:0f:c7:90:52:
                    84:e9:c9:bb:5b:df:a1:9b:73:fd:b3:d3:ff:7d:e1:
                    b2:2d:2e:aa:25:08:8a:3a:97:9d:b5:fb:60:de:e1:
                    63:67:39:02:89:50:6f:3c:de:eb:e8:6c:c3:39:24:
                    73:94:16:b6:16:f0:1c:96:e9:6d:b5:7c:44:ba:93:
                    e5:5f:29:7c:46:ee:75:3e:1e:8d:26:b0:db:43:57:
                    8e:1b:6e:c9:f3:31:2b:32:a8:67:d9:77:9a:58:15:
                    53:e2:e9:a2:81:d8:08:3d:af:93:bc:b4:a3:ad:4f:
                    f6:e7:2e:5b:8c:73:00:86:91:cf:05:44:00:cb:50:
                    a3:7b:99:d3:13:2e:5a:3e:19:01:ed:55:4f:50:9f:
                    8d:3f:1b:71:2b:13:d3:f4:c5:0c:24:01:90:ea:a5:
                    36:33:c6:0f:98:4a:15:45:d8:91:99:02:c7:ce:52:
                    f4:c0:91:a2:b6:02:99:94:ec:03:be:95:c1:55:eb:
                    7d:dd:6e:d4:45:f2:28:8e:2d:b9:fd:11:65:99:49:
                    3e:e4:43:a2:99:6c:44:8d:55:c3:16:6c:fc:5d:fc:
                    38:90:6b:fc:b2:49:f4:1a:d5:ea:03:41:8a:76:67:
                    da:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:64:DA:DE:8A:29:53:C5:0B:25:28:8E:36:60:79:9D:52:61:BD:E0
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:5e:38:64:e8:ae:89:f2:09:77:c7:0c:9b:e8:a6:ba:d2:06:
         f5:ca:d4:9b:02:a3:10:dd:e4:f5:0a:82:80:98:e1:ff:94:31:
         ca:ee:4d:79:bb:e6:28:e3:3a:5f:46:64:8e:7a:b1:5b:fb:ef:
         02:9e:a3:16:ce:1f:cb:6e:fd:81:69:95:25:f7:13:44:1d:c5:
         8c:b7:36:1b:2e:cb:61:38:43:44:30:78:6c:55:93:71:4e:04:
         38:cc:70:59:22:f3:82:a8:0c:cc:c5:1e:b9:85:1c:d4:82:9e:
         03:a5:dd:99:90:d4:b0:89:3b:99:88:7e:0e:81:8e:8f:99:a3:
         78:06:4a:9a:bd:97:09:ea:8a:a3:4e:6a:d4:f3:76:7a:ea:7b:
         8f:fd:02:25:ac:d9:b6:1f:63:33:05:96:b7:10:aa:ee:2a:42:
         fb:63:12:45:c6:4c:7a:df:28:76:eb:2f:69:ea:69:4c:12:16:
         4e:cd:10:fe:8b:db:11:77:11:c9:db:0f:50:8e:44:39:b3:9c:
         a1:6f:f7:30:a6:e1:17:3c:21:1e:29:b3:dd:7d:42:f1:3e:04:
         84:7a:ae:6a:0c:b8:4b:78:96:40:f8:8f:50:19:e4:70:e4:7e:
         56:96:d5:1c:75:f5:97:f9:ef:3e:c9:f4:d8:99:27:59:25:b2:
         87:4f:b3:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2uzu12a91R33gSsLz2+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjQxMTI2MTkwMjU1WhcNMjQxMTI3MTkwMjU1WjAzMTEwLwYDVQQD
Eyg5ZjY0ZGFkZThhMjk1M2M1MGIyNTI4OGUzNjYwNzk5ZDUyNjFiZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntxNCOYENB5fOdTwuWF5fY8CDRVb
B7PjrA/HkFKE6cm7W9+hm3P9s9P/feGyLS6qJQiKOpedtftg3uFjZzkCiVBvPN7r
6GzDOSRzlBa2FvAclulttXxEupPlXyl8Ru51Ph6NJrDbQ1eOG27J8zErMqhn2Xea
WBVT4umigdgIPa+TvLSjrU/25y5bjHMAhpHPBUQAy1Cje5nTEy5aPhkB7VVPUJ+N
PxtxKxPT9MUMJAGQ6qU2M8YPmEoVRdiRmQLHzlL0wJGitgKZlOwDvpXBVet93W7U
RfIoji25/RFlmUk+5EOimWxEjVXDFmz8Xfw4kGv8skn0GtXqA0GKdmfaGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ9k2t6KKVPFCyUojjZgeZ1SYb3gMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMl44ZOiu
ifIJd8cMm+imutIG9crUmwKjEN3k9QqCgJjh/5Qxyu5NebvmKOM6X0ZkjnqxW/vv
Ap6jFs4fy279gWmVJfcTRB3FjLc2Gy7LYThDRDB4bFWTcU4EOMxwWSLzgqgMzMUe
uYUc1IKeA6XdmZDUsIk7mYh+DoGOj5mjeAZKmr2XCeqKo05q1PN2eup7j/0CJazZ
th9jMwWWtxCq7ipC+2MSRcZMet8odusvaeppTBIWTs0Q/ovbEXcRydsPUI5EObOc
oW/3MKbhFzwhHimz3X1C8T4EhHquagy4S3iWQPiPUBnkcOR+VpbVHHX1l/nvPsn0
2JknWSWyh0+z7g==
-----END CERTIFICATE-----