Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
File:                     Q94YPxSj8k-bhtBE-HcphoC1Ers.mft (raw, json)
Hash identifier:          szATKG107FlQ8qtlJM2lor5qPOIqGczZ8mhv12ycNtA=
Subject key identifier:   F4:7E:00:9A:B9:1A:64:B7:13:A6:FA:58:F3:79:77:F7:21:68:53:59
Authority key identifier: 43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB
Certificate issuer:       /CN=43de183f14a3f24f9b86d044f877298680b512bb
Certificate serial:       0191FB22F3B85818AB140855698D5374A283
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
Manifest number:          0126
Signing time:             Mon 16 Sep 2024 14:00:57 +0000
Manifest this update:     Mon 16 Sep 2024 14:00:57 +0000
Manifest next update:     Tue 17 Sep 2024 14:00:57 +0000
Files and hashes:         1: Q94YPxSj8k-bhtBE-HcphoC1Ers.crl (hash: VZYSU+jB8YBlFnwdZ3nyjDitnX2cAf40njn5QiIO0Uk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:22:f3:b8:58:18:ab:14:08:55:69:8d:53:74:a2:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43de183f14a3f24f9b86d044f877298680b512bb
        Validity
            Not Before: Sep 16 14:00:57 2024 GMT
            Not After : Sep 17 14:00:57 2024 GMT
        Subject: CN=f47e009ab91a64b713a6fa58f37977f721685359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:f6:c7:42:bd:a6:a8:d9:48:8e:d4:ec:2b:cd:
                    f9:6a:ac:09:e4:52:50:99:3c:35:71:f6:1d:f8:8f:
                    6f:8c:0a:6c:d0:3c:c2:81:d2:93:05:da:e7:86:bc:
                    c9:e0:b5:e8:95:04:96:97:c3:39:51:93:b0:6f:cf:
                    ca:d0:40:6a:7b:ff:58:b4:95:47:63:07:22:eb:0f:
                    49:1c:4b:5b:cf:de:25:a3:04:a4:a6:21:73:ba:58:
                    cd:47:b5:1d:26:4a:00:a3:20:06:56:57:91:bf:a7:
                    33:f2:91:2a:76:6a:5e:49:14:c5:4a:76:e0:00:d9:
                    fd:5d:ec:5e:70:56:f0:0f:13:62:12:17:e4:9a:26:
                    76:97:a8:32:36:b7:9b:86:63:17:79:ec:70:f1:5f:
                    5b:cf:d9:a0:95:92:55:6d:b0:71:a3:d6:03:ac:0c:
                    89:79:35:8d:df:b8:96:f9:8e:bf:d3:55:cd:02:57:
                    c9:b0:67:78:a8:04:d4:a8:16:82:6c:05:15:37:3a:
                    d1:a9:ef:14:e7:77:35:33:65:cc:71:f1:4c:8c:64:
                    35:60:d9:1d:69:00:ba:3b:6f:5d:83:6d:bb:92:06:
                    14:1b:5f:c9:3a:c8:a1:a8:1d:39:2b:ef:00:03:a9:
                    32:a3:e7:1c:81:82:f5:d0:dc:5c:50:5b:94:b8:1c:
                    43:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:7E:00:9A:B9:1A:64:B7:13:A6:FA:58:F3:79:77:F7:21:68:53:59
            X509v3 Authority Key Identifier:
                keyid:43:DE:18:3F:14:A3:F2:4F:9B:86:D0:44:F8:77:29:86:80:B5:12:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q94YPxSj8k-bhtBE-HcphoC1Ers.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e2d8fe-01f1-4c56-91f8-ded743147d58/1/Q94YPxSj8k-bhtBE-HcphoC1Ers.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:03:94:86:be:62:0b:04:00:21:4b:3e:2c:71:eb:a2:d5:f7:
         4b:46:5a:79:0d:45:87:8f:a7:64:30:54:dd:af:a1:6f:d2:ea:
         32:79:ab:36:03:8c:c4:a3:98:a2:1e:ae:d0:1c:03:37:af:b4:
         d1:d2:d8:84:40:d6:2b:e5:ae:36:dd:3f:26:29:d9:ab:36:6d:
         1d:c1:05:79:ec:10:af:75:6c:c1:2c:35:cb:8f:4b:d3:43:36:
         e4:e8:27:06:7b:7c:a0:28:0d:86:ee:d0:53:83:2e:73:cb:b6:
         cc:19:9d:43:a3:32:4e:f8:0f:03:b0:40:25:b7:1d:38:46:e5:
         cb:96:21:50:be:5a:37:1e:cf:65:41:b8:d5:df:35:6a:2d:e2:
         94:4e:5a:5a:78:0d:8f:24:1a:e6:b2:e2:ce:f8:cc:eb:b7:b0:
         74:50:2e:45:5b:4e:14:20:22:b3:ca:a7:f9:88:11:d0:3d:e5:
         fa:f0:d6:11:c3:6b:99:ab:29:2e:6a:56:9a:43:a3:71:cd:9c:
         f4:20:e4:23:3d:d3:fb:ee:ae:2f:17:90:b9:03:44:36:76:b8:
         58:c0:e4:7b:b2:04:d0:6e:e5:30:20:60:68:37:a9:f0:45:81:
         98:3b:29:06:c3:4e:5b:3a:6a:1e:7f:bd:a2:01:7d:27:78:54:
         b6:47:af:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7IvO4WBirFAhVaY1TdKKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGUxODNmMTRhM2YyNGY5Yjg2ZDA0NGY4NzcyOTg2ODBi
NTEyYmIwHhcNMjQwOTE2MTQwMDU3WhcNMjQwOTE3MTQwMDU3WjAzMTEwLwYDVQQD
EyhmNDdlMDA5YWI5MWE2NGI3MTNhNmZhNThmMzc5NzdmNzIxNjg1MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfbHQr2mqNlIjtTsK835aqwJ5FJQ
mTw1cfYd+I9vjAps0DzCgdKTBdrnhrzJ4LXolQSWl8M5UZOwb8/K0EBqe/9YtJVH
Ywci6w9JHEtbz94lowSkpiFzuljNR7UdJkoAoyAGVleRv6cz8pEqdmpeSRTFSnbg
ANn9XexecFbwDxNiEhfkmiZ2l6gyNrebhmMXeexw8V9bz9mglZJVbbBxo9YDrAyJ
eTWN37iW+Y6/01XNAlfJsGd4qATUqBaCbAUVNzrRqe8U53c1M2XMcfFMjGQ1YNkd
aQC6O29dg227kgYUG1/JOsihqB05K+8AA6kyo+ccgYL10NxcUFuUuBxD9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPR+AJq5GmS3E6b6WPN5d/chaFNZMB8GA1UdIwQY
MBaAFEPeGD8Uo/JPm4bQRPh3KYaAtRK7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgt
ZGVkNzQzMTQ3ZDU4LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lMmQ4ZmUtMDFmMS00YzU2LTkxZjgtZGVkNzQzMTQ3ZDU4
LzEvUTk0WVB4U2o4ay1iaHRCRS1IY3Bob0MxRXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZwOUhr5i
CwQAIUs+LHHrotX3S0ZaeQ1Fh4+nZDBU3a+hb9LqMnmrNgOMxKOYoh6u0BwDN6+0
0dLYhEDWK+WuNt0/JinZqzZtHcEFeewQr3VswSw1y49L00M25OgnBnt8oCgNhu7Q
U4Muc8u2zBmdQ6MyTvgPA7BAJbcdOEbly5YhUL5aNx7PZUG41d81ai3ilE5aWngN
jyQa5rLizvjM67ewdFAuRVtOFCAis8qn+YgR0D3l+vDWEcNrmaspLmpWmkOjcc2c
9CDkIz3T++6uLxeQuQNENna4WMDke7IE0G7lMCBgaDep8EWBmDspBsNOWzpqHn+9
ogF9J3hUtkevCg==
-----END CERTIFICATE-----