Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          9V31eTMS29jNSMeAepOBw1AvcVwccJg7wBW3SDgweWg=
Subject key identifier:   ED:38:E5:46:1B:5F:3B:7F:EB:54:97:A5:77:AA:77:B5:4E:11:2E:F0
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       019356F701B65F5315B9EEAF56B06BD197C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 03:00:48 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:48 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:48 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: BLEjsC/2UkrUw8Mhay/uilMXmJnoyVIB+ntllGO6TFM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:01:b6:5f:53:15:b9:ee:af:56:b0:6b:d1:97:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: Nov 23 03:00:48 2024 GMT
            Not After : Nov 24 03:00:48 2024 GMT
        Subject: CN=ed38e5461b5f3b7feb5497a577aa77b54e112ef0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4c:a3:8c:f0:fb:bf:a3:af:d0:16:8a:da:e3:
                    99:00:8e:4f:04:72:f5:df:26:d0:f5:91:67:db:bd:
                    5e:7c:5f:33:01:f5:2b:1f:62:b8:50:5f:25:e3:75:
                    67:ef:d7:40:ca:0b:8e:5c:f3:33:e3:5c:3b:22:98:
                    2f:20:24:bd:e3:20:46:57:7e:6c:37:92:6e:42:9c:
                    d1:5b:90:d1:a3:1b:5a:d1:ba:4b:8c:c1:e4:02:8f:
                    ca:72:10:c7:e6:d6:5b:75:f3:09:f3:dd:e0:56:6d:
                    dd:a3:d9:84:ee:68:a4:19:d1:a9:fd:cb:65:1f:49:
                    53:92:e3:3c:b2:31:f6:a3:c7:4e:6a:f0:b4:29:80:
                    70:3b:d1:04:16:00:e3:e6:8d:22:f0:d3:3a:59:e2:
                    2b:d2:d2:f2:74:f2:e1:58:e6:e8:81:1b:d5:85:f5:
                    ee:e8:8c:8f:05:8e:6c:50:d1:b2:68:73:b1:cb:e3:
                    e2:41:25:85:ae:ef:cc:fd:0b:1d:be:66:c2:24:60:
                    ef:3d:e5:6e:c6:a2:50:32:05:7d:bc:7b:57:45:3d:
                    00:6e:cc:95:44:e9:58:c5:2e:8d:5c:18:c7:73:d1:
                    21:d5:a6:39:4f:9d:d6:54:40:e0:2e:71:2d:14:d8:
                    6a:bd:4d:7a:57:b1:a6:09:c8:4a:30:33:04:55:e2:
                    32:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:38:E5:46:1B:5F:3B:7F:EB:54:97:A5:77:AA:77:B5:4E:11:2E:F0
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:c6:e9:c9:19:5c:f9:5a:1c:b6:25:85:6e:63:0c:16:43:56:
         2d:01:f6:3e:ed:85:16:ac:ba:68:ab:4b:ce:b7:64:14:86:3c:
         d8:7b:dd:a3:be:5c:df:54:2c:e7:ca:c1:6c:64:84:a8:8d:89:
         71:44:13:86:01:b7:f3:ac:b1:e2:1b:b0:48:75:66:14:fb:8b:
         e4:ca:a6:66:8f:e3:de:ff:11:4c:97:6f:9e:4c:7e:97:df:41:
         10:56:a5:01:b8:fb:b6:e4:08:86:5d:0b:78:6d:d4:3f:41:74:
         40:b0:1f:5e:fb:36:64:bc:fd:f2:d6:30:e5:4a:64:67:dd:06:
         d1:90:88:a2:cc:7b:a0:7b:27:cd:c7:df:e7:1b:70:97:ee:07:
         f7:73:26:3c:17:88:fb:14:42:0d:2d:55:46:3c:e9:15:e9:2d:
         ef:6f:0b:14:b9:12:02:1b:35:1a:95:f1:5b:df:c9:46:b1:0b:
         88:fe:ae:9d:bc:ee:ff:a6:1a:7b:19:0c:a6:a9:8a:2b:ad:09:
         55:9c:21:a9:e8:91:d1:0e:a8:b5:bb:fc:db:08:af:ed:58:87:
         0e:b6:02:7d:6f:7d:d3:59:eb:a2:27:03:5a:84:57:94:33:86:
         54:99:c6:e2:94:08:46:6e:02:8d:76:ed:11:72:5c:0e:66:fe:
         8e:f8:ff:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9wG2X1MVue6vVrBr0ZfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjQxMTIzMDMwMDQ4WhcNMjQxMTI0MDMwMDQ4WjAzMTEwLwYDVQQD
EyhlZDM4ZTU0NjFiNWYzYjdmZWI1NDk3YTU3N2FhNzdiNTRlMTEyZWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEyjjPD7v6Ov0BaK2uOZAI5PBHL1
3ybQ9ZFn271efF8zAfUrH2K4UF8l43Vn79dAyguOXPMz41w7IpgvICS94yBGV35s
N5JuQpzRW5DRoxta0bpLjMHkAo/KchDH5tZbdfMJ893gVm3do9mE7mikGdGp/ctl
H0lTkuM8sjH2o8dOavC0KYBwO9EEFgDj5o0i8NM6WeIr0tLydPLhWObogRvVhfXu
6IyPBY5sUNGyaHOxy+PiQSWFru/M/QsdvmbCJGDvPeVuxqJQMgV9vHtXRT0AbsyV
ROlYxS6NXBjHc9Eh1aY5T53WVEDgLnEtFNhqvU16V7GmCchKMDMEVeIypwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO045UYbXzt/61SXpXeqd7VOES7wMB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcsbpyRlc
+VoctiWFbmMMFkNWLQH2Pu2FFqy6aKtLzrdkFIY82Hvdo75c31Qs58rBbGSEqI2J
cUQThgG386yx4huwSHVmFPuL5MqmZo/j3v8RTJdvnkx+l99BEFalAbj7tuQIhl0L
eG3UP0F0QLAfXvs2ZLz98tYw5UpkZ90G0ZCIosx7oHsnzcff5xtwl+4H93MmPBeI
+xRCDS1VRjzpFekt728LFLkSAhs1GpXxW9/JRrELiP6unbzu/6YaexkMpqmKK60J
VZwhqeiR0Q6otbv82wiv7ViHDrYCfW9901nroicDWoRXlDOGVJnG4pQIRm4CjXbt
EXJcDmb+jvj/Tg==
-----END CERTIFICATE-----