Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
File:                     Nq6kWA8QexEmjJbqMYko1O11_5M.mft (raw, json)
Hash identifier:          Ov8K01VnyW70ISF93fETmIkyJrYhvP8aSyXCFuYKwQ8=
Subject key identifier:   8C:4A:6D:A8:C1:B3:8D:59:62:FC:27:93:30:8B:BA:7C:A4:AC:6A:9E
Authority key identifier: 36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93
Certificate issuer:       /CN=36aea4580f107b11268c96ea318928d4ed75ff93
Certificate serial:       019357D28EC69093182E492C8E6BA99AB2F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
Manifest number:          0229
Signing time:             Sat 23 Nov 2024 07:00:37 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:37 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:37 +0000
Files and hashes:         1: Nq6kWA8QexEmjJbqMYko1O11_5M.crl (hash: SGVOuJj78xPWCaibBuEoBC4VwzozF8nFJf3tX1Z2y9U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:8e:c6:90:93:18:2e:49:2c:8e:6b:a9:9a:b2:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36aea4580f107b11268c96ea318928d4ed75ff93
        Validity
            Not Before: Nov 23 07:00:37 2024 GMT
            Not After : Nov 24 07:00:37 2024 GMT
        Subject: CN=8c4a6da8c1b38d5962fc2793308bba7ca4ac6a9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:fa:60:20:71:45:56:3d:8e:20:c2:4d:d8:1a:
                    89:1a:c9:1a:8d:4f:98:19:d6:5e:ac:82:c8:08:93:
                    c4:90:f3:13:cd:3e:28:f6:0c:5b:12:1c:8d:ec:35:
                    f3:ec:8b:58:37:48:85:ce:42:cd:e1:10:bd:47:df:
                    52:7d:ac:a8:74:f5:27:50:30:8a:28:52:2b:2a:9c:
                    af:47:7e:c3:f1:5e:62:6b:f7:c5:90:7c:27:c7:a9:
                    9d:24:35:ca:38:a3:a0:b9:89:2c:c0:ee:d0:bc:68:
                    f0:16:a1:aa:d6:0c:b0:40:14:71:f0:56:c2:38:2f:
                    2d:f8:2c:b9:0c:61:2d:e7:f0:2d:48:49:f0:a2:b7:
                    c5:7b:28:2a:db:c3:22:91:6f:95:13:5d:8d:6c:c4:
                    b1:fc:18:ef:84:40:36:f3:70:46:0c:3e:72:a5:1a:
                    44:4d:66:43:44:cd:6f:50:2f:3c:d0:dc:10:4e:7b:
                    c5:37:0c:9b:8b:13:9f:c7:15:90:07:24:84:85:4e:
                    c0:57:0e:2e:2f:87:78:ef:73:5d:ec:05:0d:5b:ad:
                    a1:cf:bd:3c:93:dc:1d:8a:4a:58:15:87:ed:5e:37:
                    9b:f5:65:72:8a:59:a2:01:b2:f7:ca:11:34:eb:35:
                    73:cf:3c:d7:3b:79:4d:9a:ab:d3:97:72:d4:f5:57:
                    61:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:4A:6D:A8:C1:B3:8D:59:62:FC:27:93:30:8B:BA:7C:A4:AC:6A:9E
            X509v3 Authority Key Identifier:
                keyid:36:AE:A4:58:0F:10:7B:11:26:8C:96:EA:31:89:28:D4:ED:75:FF:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq6kWA8QexEmjJbqMYko1O11_5M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/3059de-bafc-4a4b-86b6-f28d972c8808/1/Nq6kWA8QexEmjJbqMYko1O11_5M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:e8:90:d0:6a:5c:55:9e:2a:ac:43:f3:10:73:1e:83:fe:74:
         3b:67:48:15:94:dd:58:04:0d:79:7c:60:f9:69:cb:60:ec:15:
         c7:ee:0c:19:67:6d:fd:c2:1e:af:5b:a9:da:18:31:25:0d:fa:
         a7:2c:64:61:a4:70:a9:17:bd:66:22:e2:9c:35:14:66:a9:5c:
         3c:f7:16:98:78:de:ad:b1:36:6a:b4:7c:05:4f:a7:fe:d6:a6:
         a1:9f:4d:42:29:12:be:8b:f7:2a:8b:a2:85:c8:17:37:af:63:
         70:f8:6e:cf:56:00:a9:ba:ba:f3:cf:3f:0a:7f:f9:13:d8:4d:
         d6:d5:5e:72:ea:3c:91:6d:91:27:44:24:54:29:43:a7:27:d8:
         e8:2e:93:c9:6a:97:3e:f1:e2:3e:2b:1f:fe:ec:05:64:eb:ea:
         64:ee:3e:60:ad:20:c6:5e:22:b9:1e:34:a0:3e:61:31:ef:36:
         08:f9:1b:4a:e6:83:88:ab:99:9b:d2:c3:c3:b4:cc:19:e2:c9:
         93:3c:10:3e:e6:a0:31:3f:4f:a9:e8:17:ff:ef:61:e9:5f:34:
         d6:2f:75:d9:7e:fc:8c:3b:de:ff:f1:02:42:cd:3a:a0:31:a9:
         0e:71:42:87:c8:a2:6e:81:f8:0a:bb:b0:80:a7:4b:03:20:49:
         80:b4:c0:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0o7GkJMYLkksjmupmrLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YWVhNDU4MGYxMDdiMTEyNjhjOTZlYTMxODkyOGQ0ZWQ3
NWZmOTMwHhcNMjQxMTIzMDcwMDM3WhcNMjQxMTI0MDcwMDM3WjAzMTEwLwYDVQQD
Eyg4YzRhNmRhOGMxYjM4ZDU5NjJmYzI3OTMzMDhiYmE3Y2E0YWM2YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/pgIHFFVj2OIMJN2BqJGskajU+Y
GdZerILICJPEkPMTzT4o9gxbEhyN7DXz7ItYN0iFzkLN4RC9R99SfayodPUnUDCK
KFIrKpyvR37D8V5ia/fFkHwnx6mdJDXKOKOguYkswO7QvGjwFqGq1gywQBRx8FbC
OC8t+Cy5DGEt5/AtSEnworfFeygq28MikW+VE12NbMSx/BjvhEA283BGDD5ypRpE
TWZDRM1vUC880NwQTnvFNwybixOfxxWQBySEhU7AVw4uL4d473Nd7AUNW62hz708
k9wdikpYFYftXjeb9WVyilmiAbL3yhE06zVzzzzXO3lNmqvTl3LU9VdhYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxKbajBs41ZYvwnkzCLunykrGqeMB8GA1UdIwQY
MBaAFDaupFgPEHsRJoyW6jGJKNTtdf+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYt
ZjI4ZDk3MmM4ODA4LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8zMDU5ZGUtYmFmYy00YTRiLTg2YjYtZjI4ZDk3MmM4ODA4
LzEvTnE2a1dBOFFleEVtakpicU1Za28xTzExXzVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm+iQ0Gpc
VZ4qrEPzEHMeg/50O2dIFZTdWAQNeXxg+WnLYOwVx+4MGWdt/cIer1up2hgxJQ36
pyxkYaRwqRe9ZiLinDUUZqlcPPcWmHjerbE2arR8BU+n/tamoZ9NQikSvov3Koui
hcgXN69jcPhuz1YAqbq6888/Cn/5E9hN1tVecuo8kW2RJ0QkVClDpyfY6C6TyWqX
PvHiPisf/uwFZOvqZO4+YK0gxl4iuR40oD5hMe82CPkbSuaDiKuZm9LDw7TMGeLJ
kzwQPuagMT9PqegX/+9h6V801i912X78jDve//ECQs06oDGpDnFCh8iiboH4Cruw
gKdLAyBJgLTA5Q==
-----END CERTIFICATE-----