Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          5/2/TOCCUYWKQTSu2IrOxAz/JHmodeDnuCg5oA/lE2o=
Subject key identifier:   D9:F4:94:F7:44:88:10:12:58:9F:F0:74:60:33:9E:F7:F5:49:FA:45
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       01935877E97F98BC5D4C4DDF23770C5A135D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          119D
Signing time:             Sat 23 Nov 2024 10:01:13 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:13 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:13 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: P49ty/kBwQNS3YY+8KK7aTVgqqdi9QALYdl59tWfmDw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:e9:7f:98:bc:5d:4c:4d:df:23:77:0c:5a:13:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: Nov 23 10:01:13 2024 GMT
            Not After : Nov 24 10:01:13 2024 GMT
        Subject: CN=d9f494f744881012589ff07460339ef7f549fa45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:32:7b:60:0f:60:83:a0:fa:23:48:14:4a:12:
                    39:df:9f:cf:ee:25:fe:fb:84:cb:7e:d2:f8:60:b1:
                    92:b2:14:19:a2:97:09:35:ce:9c:b0:30:c5:e1:dd:
                    e7:03:7c:a4:85:3e:f9:29:c8:c8:2a:77:53:c0:af:
                    0e:44:92:bc:09:1d:41:af:eb:3c:4a:df:1c:f8:ae:
                    40:6c:56:53:1a:8b:81:43:49:ed:fb:00:eb:0e:26:
                    9b:70:f8:fa:dd:85:4f:67:f1:e8:d6:62:09:11:65:
                    55:0a:73:9f:c1:df:60:f5:9f:2d:44:34:0f:65:55:
                    9b:74:a7:fc:67:63:dc:70:a2:c9:e0:9c:4f:fa:98:
                    d6:ee:e2:b7:c4:14:16:4e:28:22:b9:7f:a8:8b:d1:
                    80:02:cb:cf:ac:6c:d2:6d:5e:ee:5a:e4:be:59:03:
                    8f:67:02:8f:e4:f9:97:ad:91:b1:c6:f5:86:fc:e4:
                    77:c4:5f:ea:25:8c:63:ed:e4:96:09:c7:be:4e:d7:
                    28:4e:75:12:46:f4:90:f3:a6:11:a2:30:ea:8e:e4:
                    b0:1e:8b:3a:1b:64:1a:0c:29:0b:cb:13:a4:ba:12:
                    ee:f6:d7:c3:3c:8e:75:33:f6:43:cf:62:d5:22:06:
                    50:a5:d4:5f:52:7b:ec:6f:e6:75:69:17:43:63:af:
                    a6:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:F4:94:F7:44:88:10:12:58:9F:F0:74:60:33:9E:F7:F5:49:FA:45
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:7d:ed:a3:c8:1a:08:38:6c:6f:0f:6c:88:16:db:15:fd:70:
         67:1b:0a:af:af:28:2e:7d:a2:77:bd:4a:37:88:b3:2d:73:86:
         47:0c:b9:aa:5e:ce:1b:ed:e6:bc:30:ec:91:2a:e0:00:02:67:
         dd:ef:7e:29:79:4e:b8:16:cf:b3:68:fa:e1:b2:dc:63:9c:ca:
         0d:e5:c3:87:60:34:31:1e:b9:fd:23:4e:8c:34:fc:1d:43:3c:
         45:a0:bd:77:a6:4b:83:1b:11:77:e7:87:8c:68:19:b8:62:8c:
         ef:41:20:cb:ca:1f:e0:49:21:05:63:2b:7f:3e:82:ee:8e:f8:
         35:04:ea:13:98:57:99:cd:72:c5:4d:04:23:81:ea:64:46:08:
         cb:b8:4e:65:c3:b0:25:8b:01:d7:7b:08:b8:b0:11:07:ed:cb:
         f8:8f:75:b6:3a:fa:ce:82:56:b8:5d:c4:45:89:dd:be:17:16:
         fb:c7:a5:83:cc:e1:d5:03:a6:e9:51:60:1f:06:d6:6c:ec:72:
         1f:f0:70:6a:74:2c:b7:bf:f1:3c:ae:d9:cd:21:e3:5b:cb:40:
         4c:69:f3:a0:51:a8:3f:40:6a:fa:9d:d2:55:9e:77:3c:e7:2c:
         b3:b7:21:44:f0:42:7a:ae:1a:b7:67:f3:4b:82:e9:8d:fe:a4:
         5c:60:a4:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd+l/mLxdTE3fI3cMWhNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjQxMTIzMTAwMTEzWhcNMjQxMTI0MTAwMTEzWjAzMTEwLwYDVQQD
EyhkOWY0OTRmNzQ0ODgxMDEyNTg5ZmYwNzQ2MDMzOWVmN2Y1NDlmYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDJ7YA9gg6D6I0gUShI535/P7iX+
+4TLftL4YLGSshQZopcJNc6csDDF4d3nA3ykhT75KcjIKndTwK8ORJK8CR1Br+s8
St8c+K5AbFZTGouBQ0nt+wDrDiabcPj63YVPZ/Ho1mIJEWVVCnOfwd9g9Z8tRDQP
ZVWbdKf8Z2PccKLJ4JxP+pjW7uK3xBQWTigiuX+oi9GAAsvPrGzSbV7uWuS+WQOP
ZwKP5PmXrZGxxvWG/OR3xF/qJYxj7eSWCce+TtcoTnUSRvSQ86YRojDqjuSwHos6
G2QaDCkLyxOkuhLu9tfDPI51M/ZDz2LVIgZQpdRfUnvsb+Z1aRdDY6+m9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNn0lPdEiBASWJ/wdGAznvf1SfpFMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApH3to8ga
CDhsbw9siBbbFf1wZxsKr68oLn2id71KN4izLXOGRwy5ql7OG+3mvDDskSrgAAJn
3e9+KXlOuBbPs2j64bLcY5zKDeXDh2A0MR65/SNOjDT8HUM8RaC9d6ZLgxsRd+eH
jGgZuGKM70Egy8of4EkhBWMrfz6C7o74NQTqE5hXmc1yxU0EI4HqZEYIy7hOZcOw
JYsB13sIuLARB+3L+I91tjr6zoJWuF3ERYndvhcW+8elg8zh1QOm6VFgHwbWbOxy
H/BwanQst7/xPK7ZzSHjW8tATGnzoFGoP0Bq+p3SVZ53POcss7chRPBCeq4at2fz
S4Lpjf6kXGCkyw==
-----END CERTIFICATE-----