Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
File:                     ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft (raw, json)
Hash identifier:          z6soNcz5jUmg4KczaPeJiuwex5vCwcs6oDTPsE/ILoA=
Subject key identifier:   A2:71:1F:EE:E9:62:A9:04:09:D1:89:60:94:82:3B:27:C4:44:AF:F1
Authority key identifier: 72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A
Certificate issuer:       /CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
Certificate serial:       019369A195997E7E4A87FC9982DAE6C9482F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
Manifest number:          CA
Signing time:             Tue 26 Nov 2024 18:00:17 +0000
Manifest this update:     Tue 26 Nov 2024 18:00:17 +0000
Manifest next update:     Wed 27 Nov 2024 18:00:17 +0000
Files and hashes:         1: ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl (hash: yupSyhgZ/XT5FPOHsqK8xfnz9sGEbTuavGh6OErtIa4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 18:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:a1:95:99:7e:7e:4a:87:fc:99:82:da:e6:c9:48:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72202e645f72cd70aa8143b73bcc0ddd93bfe91a
        Validity
            Not Before: Nov 26 18:00:17 2024 GMT
            Not After : Nov 27 18:00:17 2024 GMT
        Subject: CN=a2711feee962a90409d1896094823b27c444aff1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a8:9c:b4:d4:8c:c6:4a:d1:55:0c:f1:d5:71:
                    b6:27:40:79:17:ed:61:59:9b:be:ce:d1:ae:0b:0b:
                    5d:9a:d8:1b:61:c9:0c:9c:31:68:63:a6:19:c2:c0:
                    d8:a1:a9:bd:93:8f:c9:cc:24:5a:dc:11:f2:d3:d3:
                    eb:51:2b:3a:4f:06:66:19:f2:19:d6:4e:bf:3e:a4:
                    19:14:05:ab:d5:e8:a9:c7:94:a5:f1:ea:12:c1:04:
                    fa:d9:77:2e:0d:ac:82:35:66:07:da:48:59:31:20:
                    16:bb:ce:fb:bd:7a:39:60:bc:51:0a:b7:34:92:95:
                    a8:d9:72:35:b7:9b:55:f5:ca:fa:1c:11:13:f0:b1:
                    7a:2b:89:4c:99:41:69:9c:ac:75:80:5a:d3:3e:53:
                    51:35:32:05:5e:c2:5e:10:4b:fe:1a:8f:1b:12:b7:
                    2a:8e:2f:bf:66:fd:7d:38:b7:d5:2d:c0:b8:15:39:
                    d3:8b:3f:96:45:2f:6b:d6:5e:9d:c3:9c:0b:8b:a5:
                    61:d3:26:ee:10:5d:e6:02:87:81:ac:b8:57:ea:d0:
                    d9:ea:02:00:de:8d:b3:9f:4e:f8:6b:c7:25:02:9d:
                    ab:f0:b6:24:6b:f1:e3:f4:55:b7:26:b4:da:e4:67:
                    4c:b0:b7:9d:a9:34:99:da:c6:cb:ea:de:84:73:7f:
                    d5:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:71:1F:EE:E9:62:A9:04:09:D1:89:60:94:82:3B:27:C4:44:AF:F1
            X509v3 Authority Key Identifier:
                keyid:72:20:2E:64:5F:72:CD:70:AA:81:43:B7:3B:CC:0D:DD:93:BF:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/ee1127-f99c-4aea-b2fa-40cc16f2afa4/1/ciAuZF9yzXCqgUO3O8wN3ZO_6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:60:3f:f9:f8:24:d5:33:03:ac:dc:19:fd:f6:b5:cf:43:79:
         c4:4e:cf:c3:39:00:40:58:77:05:d8:49:e8:ee:e7:b2:90:5e:
         c7:57:69:27:6e:e7:cc:b2:dd:9d:a6:3c:b9:70:e7:43:e9:79:
         d2:3f:f3:04:27:ff:22:a9:c4:13:58:01:29:c2:ed:80:72:b3:
         93:b3:e1:b3:c6:49:eb:45:eb:4f:e2:8d:4b:38:0d:98:b8:02:
         6d:f9:15:1f:d2:1f:a1:c5:86:71:ea:37:21:e9:f4:dc:c0:5b:
         6d:1c:62:bc:bc:61:8e:a0:d7:89:45:76:1d:6e:12:12:11:f9:
         4f:9d:cf:56:35:90:58:76:92:27:8f:8d:e4:84:04:52:d2:92:
         71:37:68:30:fd:94:99:e1:36:97:e8:55:f1:5f:36:65:1d:4c:
         36:3d:7a:eb:1a:23:93:5d:fd:9c:3d:48:01:78:7d:61:72:8f:
         ca:7a:27:26:ca:69:ca:7d:f7:0a:4c:1e:de:90:65:6c:a8:b5:
         74:b0:43:c0:dd:8f:7a:32:da:6d:26:e3:44:c1:f8:be:21:37:
         69:df:48:01:3c:3c:04:06:39:dc:90:7d:6e:1a:26:87:48:3d:
         fd:27:06:78:f6:a6:6d:12:bb:59:08:15:79:98:e0:99:1c:67:
         d1:a5:c5:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpoZWZfn5Kh/yZgtrmyUgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjAyZTY0NWY3MmNkNzBhYTgxNDNiNzNiY2MwZGRkOTNi
ZmU5MWEwHhcNMjQxMTI2MTgwMDE3WhcNMjQxMTI3MTgwMDE3WjAzMTEwLwYDVQQD
EyhhMjcxMWZlZWU5NjJhOTA0MDlkMTg5NjA5NDgyM2IyN2M0NDRhZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaictNSMxkrRVQzx1XG2J0B5F+1h
WZu+ztGuCwtdmtgbYckMnDFoY6YZwsDYoam9k4/JzCRa3BHy09PrUSs6TwZmGfIZ
1k6/PqQZFAWr1eipx5Sl8eoSwQT62XcuDayCNWYH2khZMSAWu877vXo5YLxRCrc0
kpWo2XI1t5tV9cr6HBET8LF6K4lMmUFpnKx1gFrTPlNRNTIFXsJeEEv+Go8bErcq
ji+/Zv19OLfVLcC4FTnTiz+WRS9r1l6dw5wLi6Vh0ybuEF3mAoeBrLhX6tDZ6gIA
3o2zn074a8clAp2r8LYka/Hj9FW3JrTa5GdMsLedqTSZ2sbL6t6Ec3/VWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKJxH+7pYqkECdGJYJSCOyfERK/xMB8GA1UdIwQY
MBaAFHIgLmRfcs1wqoFDtzvMDd2Tv+kaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEt
NDBjYzE2ZjJhZmE0LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lZTExMjctZjk5Yy00YWVhLWIyZmEtNDBjYzE2ZjJhZmE0
LzEvY2lBdVpGOXl6WENxZ1VPM084d04zWk9fNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGA/+fgk
1TMDrNwZ/fa1z0N5xE7PwzkAQFh3BdhJ6O7nspBex1dpJ27nzLLdnaY8uXDnQ+l5
0j/zBCf/IqnEE1gBKcLtgHKzk7Phs8ZJ60XrT+KNSzgNmLgCbfkVH9IfocWGceo3
Ien03MBbbRxivLxhjqDXiUV2HW4SEhH5T53PVjWQWHaSJ4+N5IQEUtKScTdoMP2U
meE2l+hV8V82ZR1MNj166xojk139nD1IAXh9YXKPynonJsppyn33Ckwe3pBlbKi1
dLBDwN2PejLabSbjRMH4viE3ad9IATw8BAY53JB9bhomh0g9/ScGePambRK7WQgV
eZjgmRxn0aXFmA==
-----END CERTIFICATE-----