Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
File:                     aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json)
Hash identifier:          hMMVib5oQAMSSQQrmuV+wHaL+vUDVnq7wFHaehBI0r4=
Subject key identifier:   03:D0:87:F8:65:59:50:90:8A:75:34:2B:75:D8:12:BD:36:38:68:8E
Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62
Certificate issuer:       /CN=69a8e68d12ae293af2369043cd59a020dac24062
Certificate serial:       01936A467FF89875DFDBCEBAD7FD640EEB96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
Manifest number:          086D
Signing time:             Tue 26 Nov 2024 21:00:25 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:25 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:25 +0000
Files and hashes:         1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: NUQncwZZ481SBiw+/hVspcbxz4T13dqvDP7xDZet8ZY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:7f:f8:98:75:df:db:ce:ba:d7:fd:64:0e:eb:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062
        Validity
            Not Before: Nov 26 21:00:25 2024 GMT
            Not After : Nov 27 21:00:25 2024 GMT
        Subject: CN=03d087f8655950908a75342b75d812bd3638688e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:90:fd:6a:d4:7a:17:a8:33:91:d9:83:cc:0f:
                    cc:5f:9b:df:2b:6a:61:32:db:52:c2:5b:4c:a2:b5:
                    90:7f:c4:a2:38:f2:ef:f0:39:72:ab:dc:38:c7:11:
                    bc:cf:6e:3e:33:c6:2e:79:aa:a0:6c:45:6a:fe:81:
                    f0:a4:ca:3a:fb:72:2b:a4:5a:88:d8:c0:d1:a6:2b:
                    9b:ca:25:0f:5b:30:94:9c:a6:1f:ee:a5:7a:12:91:
                    31:81:eb:ea:6f:b0:3e:16:48:6c:03:dd:7d:44:c6:
                    4b:17:ba:bf:4f:e2:65:13:ab:7d:53:c1:af:32:8a:
                    9e:e3:05:b2:69:83:51:eb:1e:03:aa:9f:0a:b0:42:
                    93:fd:06:c6:58:e7:17:5c:4d:80:95:41:31:dc:c1:
                    ab:11:60:34:9a:87:b5:cf:6d:fe:11:73:60:19:9a:
                    a8:74:3a:42:4f:ca:57:fa:06:ad:7b:3f:69:de:0b:
                    cd:be:29:6b:6a:cc:14:68:c8:0c:fb:7f:55:a7:1a:
                    7e:87:cb:3f:df:b4:bb:f1:3c:e8:d5:84:0f:2e:6e:
                    07:f0:35:8f:10:60:12:99:40:1d:03:89:78:2e:92:
                    43:17:b0:e1:16:d2:a9:17:8e:71:af:f8:2e:7b:19:
                    5f:64:f5:fe:ce:5e:c0:c4:cc:9b:62:02:9c:f8:29:
                    2a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:D0:87:F8:65:59:50:90:8A:75:34:2B:75:D8:12:BD:36:38:68:8E
            X509v3 Authority Key Identifier:
                keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:d6:9b:86:73:4c:56:32:cb:ef:99:b4:c8:cf:40:16:65:81:
         f9:05:d0:50:71:71:8a:f2:77:60:ec:22:0f:7f:09:08:fb:a7:
         72:ed:69:12:76:c2:b7:e8:64:1d:6a:cd:ef:fa:1e:0b:e1:b5:
         88:10:6d:c9:64:d4:6a:17:f1:72:c8:b9:c4:24:fc:f9:57:19:
         c6:f2:ee:ca:97:93:d7:a5:80:68:75:b1:a3:f7:63:34:17:2e:
         c8:a1:39:ae:26:7f:c9:ee:8a:a4:25:ac:88:99:ff:51:97:ab:
         3f:b8:c4:c5:a1:3c:dd:66:1e:fd:46:52:de:4b:27:b2:26:08:
         ca:c0:0b:b3:c0:15:71:03:40:66:2b:08:cf:33:b8:67:9e:38:
         9e:aa:23:ca:36:02:51:99:fe:35:a9:65:83:54:e1:fc:0a:67:
         9b:ad:f1:85:c5:21:58:b7:1e:e7:89:29:32:df:93:22:f7:5b:
         a1:67:9a:42:55:88:ce:17:1e:9e:28:59:57:d7:c6:8c:74:2c:
         51:3e:98:9c:ed:da:92:79:0b:8f:cb:2a:b8:88:20:17:51:be:
         fa:7d:6c:66:d0:6d:55:d4:57:13:af:a4:ad:0c:e5:8c:36:c2:
         13:a1:ce:db:d0:ef:6c:49:e0:82:41:f9:91:d9:d5:a1:0a:3d:
         0f:57:3b:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRn/4mHXf28661/1kDuuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj
MjQwNjIwHhcNMjQxMTI2MjEwMDI1WhcNMjQxMTI3MjEwMDI1WjAzMTEwLwYDVQQD
EygwM2QwODdmODY1NTk1MDkwOGE3NTM0MmI3NWQ4MTJiZDM2Mzg2ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpD9atR6F6gzkdmDzA/MX5vfK2ph
MttSwltMorWQf8SiOPLv8Dlyq9w4xxG8z24+M8YueaqgbEVq/oHwpMo6+3IrpFqI
2MDRpiubyiUPWzCUnKYf7qV6EpExgevqb7A+FkhsA919RMZLF7q/T+JlE6t9U8Gv
Moqe4wWyaYNR6x4Dqp8KsEKT/QbGWOcXXE2AlUEx3MGrEWA0moe1z23+EXNgGZqo
dDpCT8pX+gatez9p3gvNvilraswUaMgM+39Vpxp+h8s/37S78Tzo1YQPLm4H8DWP
EGASmUAdA4l4LpJDF7DhFtKpF45xr/guexlfZPX+zl7AxMybYgKc+Ckq0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAPQh/hlWVCQinU0K3XYEr02OGiOMB8GA1UdIwQY
MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt
Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj
LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMdabhnNM
VjLL75m0yM9AFmWB+QXQUHFxivJ3YOwiD38JCPuncu1pEnbCt+hkHWrN7/oeC+G1
iBBtyWTUahfxcsi5xCT8+VcZxvLuypeT16WAaHWxo/djNBcuyKE5riZ/ye6KpCWs
iJn/UZerP7jExaE83WYe/UZS3ksnsiYIysALs8AVcQNAZisIzzO4Z544nqojyjYC
UZn+Nallg1Th/Apnm63xhcUhWLce54kpMt+TIvdboWeaQlWIzhcenihZV9fGjHQs
UT6YnO3aknkLj8squIggF1G++n1sZtBtVdRXE6+krQzljDbCE6HO29DvbEnggkH5
kdnVoQo9D1c7RA==
-----END CERTIFICATE-----