Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File:                     l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier:          gJb6Qz2qd+w3nYL1YmaKgPKQJAxqaRFA/G5osY4qZ18=
Subject key identifier:   B0:B1:E3:2D:AE:5A:B8:C9:EF:53:EF:E2:C4:DC:59:6D:21:6D:FE:09
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer:       /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial:       019369DA36CC363C1940BCC98AE8EC118DB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 19:02:08 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:08 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:08 +0000
Files and hashes:         1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: uXk/yBYxQxu9Q3ofcTIivaRogavmch3ZoXns/j7tYPw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:36:cc:36:3c:19:40:bc:c9:8a:e8:ec:11:8d:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
        Validity
            Not Before: Nov 26 19:02:08 2024 GMT
            Not After : Nov 27 19:02:08 2024 GMT
        Subject: CN=b0b1e32dae5ab8c9ef53efe2c4dc596d216dfe09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b9:dc:76:77:dd:19:a5:26:1e:00:6e:49:ff:
                    3e:ae:e8:c4:e0:26:b6:2e:a4:f2:cd:e7:c1:31:9c:
                    d6:c9:17:b9:96:14:68:55:6b:a9:fc:5c:72:3d:79:
                    b2:f8:a9:17:e1:36:a7:fa:45:d5:39:e4:6a:03:1e:
                    9c:7d:74:76:7d:7e:ff:1e:10:52:81:99:a2:6b:05:
                    ff:67:5b:5d:5e:38:45:3d:9b:0a:7c:26:48:49:63:
                    da:d9:42:cb:a8:f0:91:4c:f2:6d:77:83:e2:4b:45:
                    91:90:db:86:b5:e2:29:6b:57:91:6e:1c:80:9c:75:
                    e8:7e:7d:fe:e2:74:09:b1:bd:c8:82:70:d2:ae:8f:
                    4e:d2:59:20:33:92:b6:d0:6c:ac:45:f5:4f:25:40:
                    39:0b:e5:99:e9:36:f6:98:e2:63:a8:8b:be:21:eb:
                    52:fc:d1:54:d0:43:7d:ca:43:e8:ef:83:b0:50:fc:
                    b7:6d:fc:a2:97:ac:fc:c9:c2:a1:5c:48:f6:13:35:
                    4f:48:c4:ed:66:d1:84:84:3b:b2:50:81:31:7d:ba:
                    79:46:e9:d0:24:fb:dd:55:7a:64:67:78:64:98:af:
                    16:08:2c:73:e3:34:5f:25:2e:6c:a0:89:e4:ff:21:
                    ce:de:df:7f:56:c1:0c:a6:07:cf:d1:35:e9:32:f1:
                    66:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:B1:E3:2D:AE:5A:B8:C9:EF:53:EF:E2:C4:DC:59:6D:21:6D:FE:09
            X509v3 Authority Key Identifier:
                keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:70:47:2b:fb:37:3e:e2:0e:41:24:24:13:bb:11:55:c4:e8:
         69:c0:5f:1e:9a:f3:88:c6:d4:70:16:fd:5d:90:0d:15:77:52:
         b3:d6:2a:97:5a:25:4b:7f:f9:67:e4:d2:d9:25:d4:3a:bd:64:
         03:c7:49:42:b7:98:71:43:97:ad:66:69:4a:6c:02:10:b6:79:
         5a:ae:c9:ca:c0:f1:4d:c7:bf:bd:09:90:12:c9:2b:4a:2f:a3:
         f0:4c:94:c8:ec:ec:34:69:46:3d:62:32:56:06:44:d0:c1:41:
         81:b9:e2:4b:eb:4f:93:d2:a4:ac:44:37:b1:4f:f4:8f:94:e4:
         ca:62:04:5c:4d:63:8a:e0:74:77:04:21:fe:65:9c:e2:57:3b:
         3b:f3:8a:ca:d8:2c:a0:d5:e5:76:3c:93:53:c6:32:a3:83:08:
         36:30:16:19:d1:d1:58:32:3a:bc:02:ab:a1:cb:85:48:8e:44:
         12:17:6b:0d:8e:92:65:9b:31:45:e2:77:28:b7:42:6d:17:35:
         64:cf:f0:c8:07:5b:78:87:54:7b:b3:0d:b5:fb:73:07:83:86:
         73:61:ec:9c:02:15:19:82:d7:75:4d:8d:bf:98:86:09:73:0b:
         86:7a:70:95:c5:d4:3e:35:11:73:b1:4b:a1:7a:a1:88:0c:d9:
         7a:e6:cf:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2jbMNjwZQLzJiujsEY2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjQxMTI2MTkwMjA4WhcNMjQxMTI3MTkwMjA4WjAzMTEwLwYDVQQD
EyhiMGIxZTMyZGFlNWFiOGM5ZWY1M2VmZTJjNGRjNTk2ZDIxNmRmZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrncdnfdGaUmHgBuSf8+rujE4Ca2
LqTyzefBMZzWyRe5lhRoVWup/FxyPXmy+KkX4Tan+kXVOeRqAx6cfXR2fX7/HhBS
gZmiawX/Z1tdXjhFPZsKfCZISWPa2ULLqPCRTPJtd4PiS0WRkNuGteIpa1eRbhyA
nHXofn3+4nQJsb3IgnDSro9O0lkgM5K20GysRfVPJUA5C+WZ6Tb2mOJjqIu+IetS
/NFU0EN9ykPo74OwUPy3bfyil6z8ycKhXEj2EzVPSMTtZtGEhDuyUIExfbp5RunQ
JPvdVXpkZ3hkmK8WCCxz4zRfJS5soInk/yHO3t9/VsEMpgfP0TXpMvFmswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLCx4y2uWrjJ71Pv4sTcWW0hbf4JMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAenBHK/s3
PuIOQSQkE7sRVcToacBfHprziMbUcBb9XZANFXdSs9Yql1olS3/5Z+TS2SXUOr1k
A8dJQreYcUOXrWZpSmwCELZ5Wq7JysDxTce/vQmQEskrSi+j8EyUyOzsNGlGPWIy
VgZE0MFBgbniS+tPk9KkrEQ3sU/0j5TkymIEXE1jiuB0dwQh/mWc4lc7O/OKytgs
oNXldjyTU8Yyo4MINjAWGdHRWDI6vAKrocuFSI5EEhdrDY6SZZsxReJ3KLdCbRc1
ZM/wyAdbeIdUe7MNtftzB4OGc2HsnAIVGYLXdU2Nv5iGCXMLhnpwlcXUPjURc7FL
oXqhiAzZeubPCA==
-----END CERTIFICATE-----