Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          ukNBkyYz4tRUqXYokLSvasa9tE263qW0tgVZi9YqiRc=
Subject key identifier:   F8:6B:6F:96:36:6B:FE:49:7F:A0:D2:D1:50:AF:1B:CC:26:54:65:2B
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       0193568A0CDCD185BBFF2B0BAF0560C30545
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          059A
Signing time:             Sat 23 Nov 2024 01:01:47 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:47 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:47 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: Gr3+qMf0vXDqcWP/Xv/gkiCHs3lPcp7lvNYitvDf02A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:0c:dc:d1:85:bb:ff:2b:0b:af:05:60:c3:05:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Nov 23 01:01:47 2024 GMT
            Not After : Nov 24 01:01:47 2024 GMT
        Subject: CN=f86b6f96366bfe497fa0d2d150af1bcc2654652b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:b5:d8:f8:78:c8:fe:e8:98:cc:58:64:0f:01:
                    9a:db:39:19:b0:03:19:f9:3e:97:08:83:ee:14:10:
                    3d:12:bd:cb:51:cb:c7:5e:c8:32:1c:28:55:6b:ea:
                    d3:15:0a:43:de:4e:fc:41:cf:49:a5:c2:63:ae:ea:
                    7c:97:4d:e2:f7:50:60:1e:dd:9d:53:fa:44:cb:a4:
                    a3:22:29:b3:62:14:55:73:e2:92:92:95:af:8a:1d:
                    ab:a7:d0:71:c7:35:45:d5:53:db:87:63:16:ed:e0:
                    bb:e7:29:a1:c9:94:db:dd:da:b0:e9:65:18:5e:e0:
                    46:eb:fa:ea:be:b8:24:21:c5:8c:5a:07:29:87:28:
                    d4:ba:d4:d0:1d:25:de:11:ab:eb:b0:80:33:63:dd:
                    7b:ef:f2:00:70:7f:87:aa:fe:6d:ab:1a:1e:e8:20:
                    db:0b:2f:08:92:7c:25:29:d1:0e:a8:32:0c:89:ba:
                    86:cf:18:22:48:f6:ff:57:58:2b:5b:ed:ba:7c:51:
                    37:44:86:b2:8b:3c:e9:dc:0c:24:14:79:76:44:d0:
                    f6:42:ad:78:d9:97:da:af:d0:9a:ca:44:8b:46:a9:
                    3f:de:b4:22:a7:9c:f3:1f:c5:0c:17:04:51:02:aa:
                    38:37:ee:f0:70:08:71:7f:97:a0:82:4e:ca:7c:02:
                    4a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:6B:6F:96:36:6B:FE:49:7F:A0:D2:D1:50:AF:1B:CC:26:54:65:2B
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         03:44:1e:03:eb:60:bf:04:5e:13:43:bb:c7:ed:45:b7:f2:62:
         9c:fe:be:a6:ca:39:22:c7:0b:ca:d6:87:99:2d:fa:12:47:72:
         90:5b:bd:15:5a:7e:1a:f6:b6:23:2e:f7:eb:ed:e2:bf:08:45:
         3b:2c:56:b0:76:25:30:f4:42:79:87:96:d0:a8:f2:34:e6:51:
         22:e7:4e:dd:af:8b:08:f6:90:d8:63:86:24:8c:81:cf:67:17:
         39:18:cb:e5:9f:c8:24:5e:6c:0f:7a:36:99:c4:c4:b1:03:a0:
         6a:7c:82:55:50:dd:84:18:d2:5f:2d:d2:2b:52:18:7b:63:8c:
         d9:b1:4b:f7:e7:e5:8c:76:32:81:ad:02:08:e1:6e:ae:c1:b1:
         8c:3d:d0:f5:df:47:e8:f3:4f:fa:03:b3:e3:fb:b2:1d:ad:e8:
         02:1c:29:a9:4d:2e:46:83:26:21:b6:6f:7a:e3:27:ce:87:74:
         70:51:22:13:3f:10:f4:c3:bd:94:eb:e6:80:cc:67:64:7e:a9:
         7d:a9:46:ba:70:e9:1c:2f:d8:d2:2d:a1:29:90:bb:c0:25:75:
         72:40:16:2e:6d:75:8a:83:a0:bc:63:ae:c7:6d:76:9f:63:3d:
         2c:cf:7c:40:fd:e4:91:38:38:50:bf:18:64:0b:67:f6:af:18:
         f8:e4:2e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWigzc0YW7/ysLrwVgwwVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjQxMTIzMDEwMTQ3WhcNMjQxMTI0MDEwMTQ3WjAzMTEwLwYDVQQD
EyhmODZiNmY5NjM2NmJmZTQ5N2ZhMGQyZDE1MGFmMWJjYzI2NTQ2NTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97XY+HjI/uiYzFhkDwGa2zkZsAMZ
+T6XCIPuFBA9Er3LUcvHXsgyHChVa+rTFQpD3k78Qc9JpcJjrup8l03i91BgHt2d
U/pEy6SjIimzYhRVc+KSkpWvih2rp9BxxzVF1VPbh2MW7eC75ymhyZTb3dqw6WUY
XuBG6/rqvrgkIcWMWgcphyjUutTQHSXeEavrsIAzY9177/IAcH+Hqv5tqxoe6CDb
Cy8IknwlKdEOqDIMibqGzxgiSPb/V1grW+26fFE3RIayizzp3AwkFHl2RND2Qq14
2Zfar9CaykSLRqk/3rQip5zzH8UMFwRRAqo4N+7wcAhxf5eggk7KfAJKgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhrb5Y2a/5Jf6DS0VCvG8wmVGUrMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA0QeA+tg
vwReE0O7x+1Ft/JinP6+pso5IscLytaHmS36EkdykFu9FVp+Gva2Iy736+3ivwhF
OyxWsHYlMPRCeYeW0KjyNOZRIudO3a+LCPaQ2GOGJIyBz2cXORjL5Z/IJF5sD3o2
mcTEsQOganyCVVDdhBjSXy3SK1IYe2OM2bFL9+fljHYyga0CCOFursGxjD3Q9d9H
6PNP+gOz4/uyHa3oAhwpqU0uRoMmIbZveuMnzod0cFEiEz8Q9MO9lOvmgMxnZH6p
falGunDpHC/Y0i2hKZC7wCV1ckAWLm11ioOgvGOux212n2M9LM98QP3kkTg4UL8Y
ZAtn9q8Y+OQuIg==
-----END CERTIFICATE-----