Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
File:                     BQJMtECm3Xana1aUwOL07jMOCnw.mft (raw, json)
Hash identifier:          LjGurYkUqfA5Yx7MtmBDCSZUkS0sqNXOw2LfMf48lzc=
Subject key identifier:   3E:9F:4F:E5:A5:B0:37:09:B1:BC:6F:11:C7:B5:B2:7C:AC:6E:EF:4F
Authority key identifier: 05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C
Certificate issuer:       /CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
Certificate serial:       019369A1A4C60A6B7B02825F2FEEA7F71E72
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
Manifest number:          A5
Signing time:             Tue 26 Nov 2024 18:00:21 +0000
Manifest this update:     Tue 26 Nov 2024 18:00:21 +0000
Manifest next update:     Wed 27 Nov 2024 18:00:21 +0000
Files and hashes:         1: BQJMtECm3Xana1aUwOL07jMOCnw.crl (hash: n5gtopW5YplVoCm9pbzwd5zaMNepEQUB0F5N/DUEze0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 18:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:a1:a4:c6:0a:6b:7b:02:82:5f:2f:ee:a7:f7:1e:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05024cb440a6dd76a76b5694c0e2f4ee330e0a7c
        Validity
            Not Before: Nov 26 18:00:21 2024 GMT
            Not After : Nov 27 18:00:21 2024 GMT
        Subject: CN=3e9f4fe5a5b03709b1bc6f11c7b5b27cac6eef4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:8a:fb:a6:50:5a:c5:04:c4:20:39:3a:f3:95:
                    5d:64:b0:7a:33:6e:0f:84:a4:79:ab:56:72:ac:63:
                    a6:f5:2f:5e:e0:dc:0a:20:31:73:0e:83:24:80:98:
                    ba:b0:b2:a7:55:ec:18:ce:39:0a:7c:48:11:fa:ad:
                    ba:da:25:36:10:89:9a:76:36:9f:fe:6a:ee:35:eb:
                    e1:e9:5f:80:15:27:2a:be:fd:4c:a5:1b:16:e2:fd:
                    9d:fb:46:c8:12:b4:94:53:fd:4e:fc:91:83:fc:96:
                    52:20:e4:bf:fd:02:27:b9:23:7d:3f:97:4f:7d:11:
                    0d:33:e3:2c:aa:1e:87:99:74:a0:09:3a:8b:90:16:
                    0b:3a:b2:6d:ce:37:9a:66:02:18:64:2c:21:54:3f:
                    bb:5e:d4:f3:78:77:46:c1:09:34:83:10:02:b0:a5:
                    bd:97:3d:c9:f3:1c:e5:c7:01:70:25:4c:d1:51:34:
                    b7:eb:8c:9d:51:2b:1c:07:c0:29:b6:ad:6c:e3:ca:
                    dc:c8:b1:4e:5c:4a:d3:f4:2b:bc:d4:b4:7d:c1:52:
                    bf:dd:d9:8a:88:d8:55:71:eb:5e:5c:72:3d:b5:0f:
                    64:d8:d7:2e:58:53:56:68:ae:01:1b:fc:7b:9e:bf:
                    0b:f1:df:da:b5:a1:a5:ea:7d:ed:fb:42:fe:95:b1:
                    d6:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:9F:4F:E5:A5:B0:37:09:B1:BC:6F:11:C7:B5:B2:7C:AC:6E:EF:4F
            X509v3 Authority Key Identifier:
                keyid:05:02:4C:B4:40:A6:DD:76:A7:6B:56:94:C0:E2:F4:EE:33:0E:0A:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQJMtECm3Xana1aUwOL07jMOCnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a60b1a-27bb-4604-9340-a82262204e38/1/BQJMtECm3Xana1aUwOL07jMOCnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:2b:e4:60:2e:91:4a:3a:67:69:02:fa:58:ee:54:44:df:f1:
         0c:74:f6:e7:70:06:75:4d:4e:b3:52:88:ec:fe:58:7b:68:ba:
         8e:14:47:1d:09:6f:ae:2d:ad:42:10:e9:a8:84:b2:10:3f:6e:
         ef:7b:56:5a:25:01:6e:6f:32:f0:72:d2:b4:52:cf:44:bc:55:
         32:a4:bd:7a:8c:e6:ea:62:9a:3c:51:b0:14:fd:e7:18:d6:87:
         ea:ae:05:9c:5d:2c:c2:62:7f:44:ee:d7:cd:18:5a:b1:8f:f3:
         04:80:cc:3b:e8:f2:2a:cc:bc:f3:a8:89:f6:85:96:5d:5c:72:
         dc:9c:0b:54:b1:09:c8:b7:18:56:91:c5:a8:24:c6:af:af:6b:
         9f:55:5e:34:ad:27:9d:45:fb:4e:54:3d:aa:34:40:29:44:21:
         f1:52:49:0b:88:ea:4e:57:fd:3e:89:97:82:3a:4b:37:06:a5:
         bd:37:ed:ef:a6:57:01:33:15:ef:26:44:0b:b5:85:d1:e0:18:
         55:47:5e:5e:3e:9a:b3:db:25:e7:2a:ab:c7:61:6c:96:0b:79:
         b1:f3:02:06:c2:7e:0c:1c:3e:c5:83:67:e8:03:64:bd:00:e8:
         09:fb:6a:96:21:0b:24:fd:72:27:a3:39:92:6e:a9:1a:90:a9:
         97:18:bd:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpoaTGCmt7AoJfL+6n9x5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MDI0Y2I0NDBhNmRkNzZhNzZiNTY5NGMwZTJmNGVlMzMw
ZTBhN2MwHhcNMjQxMTI2MTgwMDIxWhcNMjQxMTI3MTgwMDIxWjAzMTEwLwYDVQQD
EygzZTlmNGZlNWE1YjAzNzA5YjFiYzZmMTFjN2I1YjI3Y2FjNmVlZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3or7plBaxQTEIDk685VdZLB6M24P
hKR5q1ZyrGOm9S9e4NwKIDFzDoMkgJi6sLKnVewYzjkKfEgR+q262iU2EImadjaf
/mruNevh6V+AFScqvv1MpRsW4v2d+0bIErSUU/1O/JGD/JZSIOS//QInuSN9P5dP
fRENM+Msqh6HmXSgCTqLkBYLOrJtzjeaZgIYZCwhVD+7XtTzeHdGwQk0gxACsKW9
lz3J8xzlxwFwJUzRUTS364ydUSscB8Aptq1s48rcyLFOXErT9Cu81LR9wVK/3dmK
iNhVceteXHI9tQ9k2NcuWFNWaK4BG/x7nr8L8d/ataGl6n3t+0L+lbHWWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6fT+WlsDcJsbxvEce1snysbu9PMB8GA1UdIwQY
MBaAFAUCTLRApt12p2tWlMDi9O4zDgp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAt
YTgyMjYyMjA0ZTM4LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNjBiMWEtMjdiYi00NjA0LTkzNDAtYTgyMjYyMjA0ZTM4
LzEvQlFKTXRFQ20zWGFuYTFhVXdPTDA3ak1PQ253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiyvkYC6R
SjpnaQL6WO5URN/xDHT253AGdU1Os1KI7P5Ye2i6jhRHHQlvri2tQhDpqISyED9u
73tWWiUBbm8y8HLStFLPRLxVMqS9eozm6mKaPFGwFP3nGNaH6q4FnF0swmJ/RO7X
zRhasY/zBIDMO+jyKsy886iJ9oWWXVxy3JwLVLEJyLcYVpHFqCTGr69rn1VeNK0n
nUX7TlQ9qjRAKUQh8VJJC4jqTlf9PomXgjpLNwalvTft76ZXATMV7yZEC7WF0eAY
VUdeXj6as9sl5yqrx2Fslgt5sfMCBsJ+DBw+xYNn6ANkvQDoCftqliELJP1yJ6M5
km6pGpCplxi9rw==
-----END CERTIFICATE-----