Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
File:                     JY8HU8Azwa8JGGbQlCZFEmlspos.mft (raw, json)
Hash identifier:          1OVxLmBPOask/oJS60hs1xdCPwI8S6Ki73sKg4Nf9fk=
Subject key identifier:   82:56:27:32:FF:0A:B7:94:18:1B:FC:B8:4A:0C:83:77:40:DB:9B:8E
Authority key identifier: 25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B
Certificate issuer:       /CN=258f0753c033c1af091866d094264512696ca68b
Certificate serial:       019369D998A192AF8B90FE532EAE4611030C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
Manifest number:          06C5
Signing time:             Tue 26 Nov 2024 19:01:28 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:28 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:28 +0000
Files and hashes:         1: JY8HU8Azwa8JGGbQlCZFEmlspos.crl (hash: CF/LvTUiPZUnYZb7FXNvl9ovre5mMccv5F3EaRPl7Os=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:98:a1:92:af:8b:90:fe:53:2e:ae:46:11:03:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=258f0753c033c1af091866d094264512696ca68b
        Validity
            Not Before: Nov 26 19:01:28 2024 GMT
            Not After : Nov 27 19:01:28 2024 GMT
        Subject: CN=82562732ff0ab794181bfcb84a0c837740db9b8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:18:91:70:4a:2b:15:8e:31:87:a5:6f:b6:50:
                    e8:6b:c7:d6:de:c2:ef:6e:6d:ae:03:db:8d:97:aa:
                    57:bb:c5:29:e1:53:8e:75:05:1a:23:8b:ae:70:ae:
                    8d:d4:89:22:ff:0e:88:68:fc:dc:c0:18:ef:69:ee:
                    da:12:fb:42:62:1f:79:d8:74:43:f7:e6:d3:7f:14:
                    66:7b:c7:05:18:59:f6:64:a6:14:d4:21:c8:5b:e2:
                    9e:d6:d5:23:a0:09:93:71:ed:70:7d:b5:45:7a:a0:
                    2a:99:47:6f:33:78:9d:ae:01:27:43:9d:1a:5c:4e:
                    cd:05:86:5a:9d:0a:64:4d:f2:3b:e9:dd:6e:eb:40:
                    f9:50:cb:59:91:64:ce:54:01:14:e5:c9:7f:47:ce:
                    cf:56:17:c6:6d:fd:04:fa:12:a6:85:cb:1d:bc:1f:
                    c1:68:be:e3:e5:b3:9f:a8:e2:bb:ce:be:ef:9f:bb:
                    13:26:97:00:ae:e9:d9:fc:fc:af:20:00:75:64:3b:
                    a9:93:d7:e4:c0:3f:20:85:41:3a:ed:f6:52:68:58:
                    b2:bc:19:ae:f5:4a:0d:0f:67:58:16:f3:47:26:3b:
                    67:85:0d:d9:b6:0e:df:be:8a:69:e3:a5:c8:26:88:
                    e6:e2:bd:52:65:f3:9d:fc:99:27:94:8f:4a:06:9c:
                    23:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:56:27:32:FF:0A:B7:94:18:1B:FC:B8:4A:0C:83:77:40:DB:9B:8E
            X509v3 Authority Key Identifier:
                keyid:25:8F:07:53:C0:33:C1:AF:09:18:66:D0:94:26:45:12:69:6C:A6:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JY8HU8Azwa8JGGbQlCZFEmlspos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3bae87-82eb-451f-8044-2c2f0d24f936/1/JY8HU8Azwa8JGGbQlCZFEmlspos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:c6:30:85:b7:d0:b2:0f:dd:36:93:8a:79:25:38:cd:74:21:
         9b:d8:66:15:36:74:39:34:7f:8c:5d:fd:b2:d4:0c:64:85:4e:
         b2:b4:23:ae:82:f7:2d:df:52:1e:08:96:ae:cf:83:5b:24:12:
         26:dc:4b:9b:68:bc:27:e1:48:5f:b8:43:82:d8:28:2b:28:a4:
         04:33:93:ba:6b:64:87:2f:18:7e:de:c1:97:30:6e:9a:6d:01:
         79:e8:8f:65:e0:2c:4f:92:c8:8f:7e:91:70:74:5b:5c:28:72:
         22:e8:8f:9d:84:32:3b:20:77:62:2c:a7:fc:7b:49:cf:ce:7e:
         a9:92:be:0f:de:34:f4:f7:1b:c4:1b:a8:b1:5f:69:ee:8d:7f:
         16:a0:f3:c3:32:64:1a:84:fa:e7:ee:0d:d1:23:80:a4:ed:af:
         8a:24:ac:67:d2:62:41:19:76:63:73:4d:b6:32:20:26:c5:eb:
         c6:16:73:f3:32:59:2d:07:5d:b2:bf:6e:34:7b:c6:4d:9d:c1:
         97:61:61:89:d7:2b:12:4f:99:d2:8d:f4:1c:fa:f9:a5:34:5d:
         48:ec:f4:b5:5c:6f:1d:58:ec:f7:b8:87:9d:14:b7:6e:7e:a9:
         cb:4a:01:39:8a:f4:4d:e9:0f:33:18:d6:4c:bf:f0:cc:1b:ab:
         49:25:f1:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2Zihkq+LkP5TLq5GEQMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OGYwNzUzYzAzM2MxYWYwOTE4NjZkMDk0MjY0NTEyNjk2
Y2E2OGIwHhcNMjQxMTI2MTkwMTI4WhcNMjQxMTI3MTkwMTI4WjAzMTEwLwYDVQQD
Eyg4MjU2MjczMmZmMGFiNzk0MTgxYmZjYjg0YTBjODM3NzQwZGI5YjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphiRcEorFY4xh6VvtlDoa8fW3sLv
bm2uA9uNl6pXu8Up4VOOdQUaI4uucK6N1Iki/w6IaPzcwBjvae7aEvtCYh952HRD
9+bTfxRme8cFGFn2ZKYU1CHIW+Ke1tUjoAmTce1wfbVFeqAqmUdvM3idrgEnQ50a
XE7NBYZanQpkTfI76d1u60D5UMtZkWTOVAEU5cl/R87PVhfGbf0E+hKmhcsdvB/B
aL7j5bOfqOK7zr7vn7sTJpcArunZ/PyvIAB1ZDupk9fkwD8ghUE67fZSaFiyvBmu
9UoND2dYFvNHJjtnhQ3Ztg7fvopp46XIJojm4r1SZfOd/JknlI9KBpwj8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJWJzL/CreUGBv8uEoMg3dA25uOMB8GA1UdIwQY
MBaAFCWPB1PAM8GvCRhm0JQmRRJpbKaLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQt
MmMyZjBkMjRmOTM2LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8zYmFlODctODJlYi00NTFmLTgwNDQtMmMyZjBkMjRmOTM2
LzEvSlk4SFU4QXp3YThKR0diUWxDWkZFbWxzcG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPMYwhbfQ
sg/dNpOKeSU4zXQhm9hmFTZ0OTR/jF39stQMZIVOsrQjroL3Ld9SHgiWrs+DWyQS
JtxLm2i8J+FIX7hDgtgoKyikBDOTumtkhy8Yft7BlzBumm0BeeiPZeAsT5LIj36R
cHRbXChyIuiPnYQyOyB3Yiyn/HtJz85+qZK+D9409PcbxBuosV9p7o1/FqDzwzJk
GoT65+4N0SOApO2viiSsZ9JiQRl2Y3NNtjIgJsXrxhZz8zJZLQddsr9uNHvGTZ3B
l2FhidcrEk+Z0o30HPr5pTRdSOz0tVxvHVjs97iHnRS3bn6py0oBOYr0TekPMxjW
TL/wzBurSSXxhg==
-----END CERTIFICATE-----