Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
File:                     kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json)
Hash identifier:          V/C6V8jdFzst3qb6gat//bYAzkku1kl/DpaziZ5MWDI=
Subject key identifier:   37:D3:5A:91:FF:C2:E3:61:E0:BA:A0:21:3F:5A:CC:85:2E:EE:D7:CA
Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD
Certificate issuer:       /CN=917830d941ee090a8e32348f97b8308fd1ce09fd
Certificate serial:       01936A467B2D45924FF0D28138B633B415C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
Manifest number:          09F7
Signing time:             Tue 26 Nov 2024 21:00:24 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:24 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:24 +0000
Files and hashes:         1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: gAUJ6/yePil0EPvHucJGIeMJHx/FyVSjtwPfb96KHjE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:7b:2d:45:92:4f:f0:d2:81:38:b6:33:b4:15:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd
        Validity
            Not Before: Nov 26 21:00:24 2024 GMT
            Not After : Nov 27 21:00:24 2024 GMT
        Subject: CN=37d35a91ffc2e361e0baa0213f5acc852eeed7ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:fd:59:3f:54:bc:0a:f6:b0:97:7a:76:eb:44:
                    9e:80:a7:f5:55:ae:ff:79:a0:ef:0a:0b:89:40:e6:
                    4e:76:1b:8f:49:15:8c:88:bc:6a:45:49:45:5d:3d:
                    16:19:0f:bd:27:06:2d:5e:62:4f:9a:3c:42:40:eb:
                    2e:3b:43:f6:a9:f9:46:c1:e1:8a:1f:21:b9:9b:4f:
                    3d:2c:97:9c:3b:3d:85:31:ae:44:f9:30:fb:5e:f0:
                    26:16:8b:70:c8:00:34:e4:77:a6:91:b5:b2:6b:02:
                    e4:4d:5f:14:6b:76:71:d3:9f:c1:97:70:04:a8:4b:
                    f7:74:83:a6:4c:a9:e1:92:da:cd:74:49:82:84:ec:
                    ac:b4:1c:4e:d9:43:cc:9d:c2:77:0d:dd:a6:58:5a:
                    64:33:cd:00:dd:fd:bd:69:4c:f2:ea:d0:ef:6f:bd:
                    15:21:a1:e7:0a:7e:b2:3f:80:5a:0d:51:94:77:76:
                    52:69:73:2a:99:ef:40:97:a8:15:51:af:d5:e3:81:
                    0b:c1:fc:e3:c7:e4:38:b7:ea:a2:c8:71:8f:0a:cd:
                    4c:be:aa:ba:f5:f7:5a:23:34:45:f9:b9:99:85:8d:
                    b6:48:34:fa:c0:19:9f:40:dd:8d:1c:27:1b:96:5f:
                    47:51:37:6c:77:ca:7d:fb:38:84:a5:94:71:a7:7a:
                    eb:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:D3:5A:91:FF:C2:E3:61:E0:BA:A0:21:3F:5A:CC:85:2E:EE:D7:CA
            X509v3 Authority Key Identifier:
                keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:9c:f5:8b:b0:47:d7:2b:e5:e6:4b:e3:e1:a6:8d:ec:83:1c:
         c9:d6:0d:dd:0c:44:1d:fb:ae:77:b4:cf:89:65:1e:92:a6:b8:
         36:15:eb:8d:7e:68:f2:be:87:fe:28:01:d2:3e:3d:c3:f6:74:
         55:ed:ec:75:4b:ee:a4:b9:50:d3:be:ac:26:73:21:42:bf:87:
         18:97:f9:e6:4a:ff:3c:64:43:f7:29:60:72:fb:a9:40:9f:05:
         03:b7:aa:5b:f8:94:01:01:94:30:83:36:f7:e4:5d:1e:96:71:
         db:c1:0f:eb:21:ee:59:36:fb:ab:a9:3e:ec:ec:92:02:ef:a9:
         36:ec:c8:21:72:a0:d3:ff:2c:41:a5:14:f8:47:9e:3f:6e:1c:
         26:e0:5e:28:88:39:fa:e5:37:0b:8b:7a:8a:9e:84:b1:42:bf:
         7e:5a:91:f3:21:17:b2:4c:7c:b1:3b:de:08:26:53:c6:2a:6d:
         36:0b:45:a5:e6:26:0e:b9:a3:d3:d1:b7:b4:c4:29:6a:18:58:
         c3:5f:58:3d:ce:ee:03:a2:1b:23:a8:10:fd:8e:28:88:c0:43:
         35:7d:79:28:13:ae:28:ac:2b:aa:a5:0b:0e:a2:5c:b6:7c:fa:
         30:d5:f1:74:71:75:27:f8:fd:9c:dd:99:11:66:a7:02:4a:ca:
         ba:da:fd:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRnstRZJP8NKBOLYztBXJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj
ZTA5ZmQwHhcNMjQxMTI2MjEwMDI0WhcNMjQxMTI3MjEwMDI0WjAzMTEwLwYDVQQD
EygzN2QzNWE5MWZmYzJlMzYxZTBiYWEwMjEzZjVhY2M4NTJlZWVkN2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv1ZP1S8Cvawl3p260SegKf1Va7/
eaDvCguJQOZOdhuPSRWMiLxqRUlFXT0WGQ+9JwYtXmJPmjxCQOsuO0P2qflGweGK
HyG5m089LJecOz2FMa5E+TD7XvAmFotwyAA05HemkbWyawLkTV8Ua3Zx05/Bl3AE
qEv3dIOmTKnhktrNdEmChOystBxO2UPMncJ3Dd2mWFpkM80A3f29aUzy6tDvb70V
IaHnCn6yP4BaDVGUd3ZSaXMqme9Al6gVUa/V44ELwfzjx+Q4t+qiyHGPCs1Mvqq6
9fdaIzRF+bmZhY22SDT6wBmfQN2NHCcbll9HUTdsd8p9+ziEpZRxp3rrUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfTWpH/wuNh4LqgIT9azIUu7tfKMB8GA1UdIwQY
MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt
ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy
LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu5z1i7BH
1yvl5kvj4aaN7IMcydYN3QxEHfuud7TPiWUekqa4NhXrjX5o8r6H/igB0j49w/Z0
Ve3sdUvupLlQ076sJnMhQr+HGJf55kr/PGRD9ylgcvupQJ8FA7eqW/iUAQGUMIM2
9+RdHpZx28EP6yHuWTb7q6k+7OySAu+pNuzIIXKg0/8sQaUU+EeeP24cJuBeKIg5
+uU3C4t6ip6EsUK/flqR8yEXskx8sTveCCZTxiptNgtFpeYmDrmj09G3tMQpahhY
w19YPc7uA6IbI6gQ/Y4oiMBDNX15KBOuKKwrqqULDqJctnz6MNXxdHF1J/j9nN2Z
EWanAkrKutr9sA==
-----END CERTIFICATE-----