Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
File:                     H38fQMjrspNo9ug7-d3QZ14H1O0.mft (raw, json)
Hash identifier:          anmXWtT2tO/E4m+UbKKtB0Mwg7OD/tG8hyOyWFUfuj4=
Subject key identifier:   00:93:A8:AD:BD:B3:09:D3:CB:66:24:A5:EB:3C:29:94:11:E8:CF:5B
Authority key identifier: 1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED
Certificate issuer:       /CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
Certificate serial:       01935688BE2EC3C0E1E278E23B917E752059
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
Manifest number:          0C31
Signing time:             Sat 23 Nov 2024 01:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:22 +0000
Files and hashes:         1: H38fQMjrspNo9ug7-d3QZ14H1O0.crl (hash: 6EtomZGrXyZ8DKbNVx1zFtDhZI/4OcRDTYllUofHLIU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:be:2e:c3:c0:e1:e2:78:e2:3b:91:7e:75:20:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1f7f1f40c8ebb29368f6e83bf9ddd0675e07d4ed
        Validity
            Not Before: Nov 23 01:00:22 2024 GMT
            Not After : Nov 24 01:00:22 2024 GMT
        Subject: CN=0093a8adbdb309d3cb6624a5eb3c299411e8cf5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:8e:a5:b7:73:87:77:b3:9c:27:4e:4c:d1:25:
                    40:ec:c2:1b:55:b7:0a:eb:a1:11:5c:8c:64:95:86:
                    73:85:9a:af:3b:ff:bb:5e:72:cd:c2:89:99:dd:54:
                    f9:51:9d:ab:1b:db:2d:02:8f:2e:06:7b:6d:32:b5:
                    61:0a:8e:2c:b6:c7:39:aa:ce:87:63:78:0d:89:90:
                    dd:05:df:5b:10:e1:90:ee:c9:92:bb:fe:2e:f8:81:
                    99:5f:c1:0c:99:fa:50:6c:63:4b:a4:4f:b6:01:76:
                    56:f0:01:2c:13:40:96:7c:89:11:3d:8e:4b:24:d1:
                    b1:1e:e2:59:01:24:7c:73:59:db:83:08:68:5c:23:
                    65:22:2d:c9:a2:33:62:72:ab:4a:aa:80:dc:af:29:
                    34:87:8a:b5:3d:b1:34:06:73:21:0c:ff:c4:48:ce:
                    37:31:8e:ce:33:8b:4a:a4:cd:68:25:1e:dc:24:e2:
                    f2:4c:0a:bf:59:f7:9c:30:1f:4c:a7:f8:42:a9:ef:
                    9d:2a:4b:cb:c8:a8:06:a9:f9:44:9c:b9:87:47:ef:
                    2b:5f:dd:ed:a2:17:a2:7b:9c:e2:57:47:0c:9b:84:
                    7b:7e:6d:99:56:f2:79:8b:26:ee:15:0e:b2:cd:61:
                    24:c2:91:4e:06:3d:3c:5a:ff:90:ec:3b:6a:0a:43:
                    bc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:93:A8:AD:BD:B3:09:D3:CB:66:24:A5:EB:3C:29:94:11:E8:CF:5B
            X509v3 Authority Key Identifier:
                keyid:1F:7F:1F:40:C8:EB:B2:93:68:F6:E8:3B:F9:DD:D0:67:5E:07:D4:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H38fQMjrspNo9ug7-d3QZ14H1O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7ed662-25f2-4a04-a7b6-777a4f800245/1/H38fQMjrspNo9ug7-d3QZ14H1O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:50:c5:b1:c5:5e:13:c9:cf:f7:97:6b:56:cd:47:55:eb:1a:
         aa:3e:1a:85:02:79:6e:de:c5:35:9f:c8:ae:d8:c3:a8:1a:c0:
         3e:d8:1e:b7:4e:2c:2c:69:e6:84:f7:f1:6f:de:58:1c:10:ec:
         da:09:f8:67:13:b6:04:60:94:8f:26:9b:c4:86:53:60:ec:ab:
         84:99:93:6d:a0:60:f2:6d:78:93:8b:88:c1:6e:8e:1c:78:1f:
         83:0d:d3:2a:a1:1a:b2:75:e0:5f:77:e5:3f:ae:7f:45:32:5a:
         be:61:e4:33:42:83:fe:80:40:a6:57:12:d0:43:77:e7:02:f4:
         17:0e:55:85:b0:49:95:6e:91:31:6d:f0:ad:f8:04:81:72:bc:
         ad:f8:b7:9f:7e:b7:61:f0:de:3a:10:1d:a4:da:2d:c7:07:e3:
         16:be:82:bb:3b:1d:2e:b7:08:6b:b6:1e:72:20:d9:e5:45:67:
         93:e8:ad:2f:4d:8d:30:37:6c:c7:80:8b:b2:44:87:b6:55:99:
         24:3d:cc:8d:f2:a5:47:82:3d:77:ef:c2:75:72:6e:e1:9b:03:
         b4:df:86:de:9c:f6:60:80:e5:3a:6b:34:fe:66:ff:a2:65:7d:
         ad:25:b4:5b:5a:03:3f:cc:92:fe:c5:31:f8:b6:b6:06:e6:d0:
         ae:69:c2:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiL4uw8Dh4njiO5F+dSBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmN2YxZjQwYzhlYmIyOTM2OGY2ZTgzYmY5ZGRkMDY3NWUw
N2Q0ZWQwHhcNMjQxMTIzMDEwMDIyWhcNMjQxMTI0MDEwMDIyWjAzMTEwLwYDVQQD
EygwMDkzYThhZGJkYjMwOWQzY2I2NjI0YTVlYjNjMjk5NDExZThjZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/I6lt3OHd7OcJ05M0SVA7MIbVbcK
66ERXIxklYZzhZqvO/+7XnLNwomZ3VT5UZ2rG9stAo8uBnttMrVhCo4stsc5qs6H
Y3gNiZDdBd9bEOGQ7smSu/4u+IGZX8EMmfpQbGNLpE+2AXZW8AEsE0CWfIkRPY5L
JNGxHuJZASR8c1nbgwhoXCNlIi3JojNicqtKqoDcryk0h4q1PbE0BnMhDP/ESM43
MY7OM4tKpM1oJR7cJOLyTAq/WfecMB9Mp/hCqe+dKkvLyKgGqflEnLmHR+8rX93t
oheie5ziV0cMm4R7fm2ZVvJ5iybuFQ6yzWEkwpFOBj08Wv+Q7DtqCkO8UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFACTqK29swnTy2Ykpes8KZQR6M9bMB8GA1UdIwQY
MBaAFB9/H0DI67KTaPboO/nd0GdeB9TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYt
Nzc3YTRmODAwMjQ1LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZWQ2NjItMjVmMi00YTA0LWE3YjYtNzc3YTRmODAwMjQ1
LzEvSDM4ZlFNanJzcE5vOXVnNy1kM1FaMTRIMU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhlDFscVe
E8nP95drVs1HVesaqj4ahQJ5bt7FNZ/IrtjDqBrAPtget04sLGnmhPfxb95YHBDs
2gn4ZxO2BGCUjyabxIZTYOyrhJmTbaBg8m14k4uIwW6OHHgfgw3TKqEasnXgX3fl
P65/RTJavmHkM0KD/oBAplcS0EN35wL0Fw5VhbBJlW6RMW3wrfgEgXK8rfi3n363
YfDeOhAdpNotxwfjFr6CuzsdLrcIa7YeciDZ5UVnk+itL02NMDdsx4CLskSHtlWZ
JD3MjfKlR4I9d+/CdXJu4ZsDtN+G3pz2YIDlOms0/mb/omV9rSW0W1oDP8yS/sUx
+La2BubQrmnCWw==
-----END CERTIFICATE-----