Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
File:                     xDGln2B5ajI2rhAIwtXGxHC8sEU.mft (raw, json)
Hash identifier:          xlc9K2SHQFEns7J8WhO/vfxbu5VWWwgoLyjczpL8hz4=
Subject key identifier:   E4:33:F3:FF:40:AE:76:88:F0:56:8E:68:FA:4C:00:C2:B2:A1:A1:23
Authority key identifier: C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45
Certificate issuer:       /CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
Certificate serial:       019364E98295DFCB82F988A5BB71C9ADE5F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
Manifest number:          0413
Signing time:             Mon 25 Nov 2024 20:00:45 +0000
Manifest this update:     Mon 25 Nov 2024 20:00:45 +0000
Manifest next update:     Tue 26 Nov 2024 20:00:45 +0000
Files and hashes:         1: xDGln2B5ajI2rhAIwtXGxHC8sEU.crl (hash: Z+9hZ1G0Dtqt+miDowtdj9JgfCBN6Ed8JndZ+58Y7As=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 20:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:64:e9:82:95:df:cb:82:f9:88:a5:bb:71:c9:ad:e5:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c431a59f60796a3236ae1008c2d5c6c470bcb045
        Validity
            Not Before: Nov 25 20:00:45 2024 GMT
            Not After : Nov 26 20:00:45 2024 GMT
        Subject: CN=e433f3ff40ae7688f0568e68fa4c00c2b2a1a123
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:48:26:95:6b:f7:9f:56:b2:f2:b5:85:99:e0:
                    97:c2:42:03:01:99:7e:0c:15:65:8c:28:79:65:3e:
                    5a:14:9b:4f:67:cf:eb:be:c1:93:8e:49:67:51:b1:
                    cb:e2:c1:5a:a5:04:da:db:f8:2b:10:b7:56:5f:9e:
                    03:d8:38:81:96:32:79:e4:82:b3:8a:d8:34:93:82:
                    16:ca:bd:83:84:8b:de:1e:81:2f:37:0f:e5:75:e5:
                    19:3c:4a:67:3f:38:7c:8f:d2:8b:f2:7d:7c:72:20:
                    7d:d8:5b:63:b4:83:5f:2c:14:ba:78:46:c0:ae:01:
                    10:90:24:76:af:3d:b7:14:55:d4:79:77:78:92:d2:
                    2e:7b:d1:f5:b8:31:cb:1a:51:b0:75:4e:48:7b:91:
                    74:21:df:59:5b:32:91:99:58:48:96:09:c2:9c:df:
                    48:92:c3:0c:0d:ce:e4:22:05:ee:97:87:ef:df:57:
                    71:82:6b:01:54:a4:06:3a:ff:3d:ea:55:91:3f:6d:
                    e6:0e:7b:df:e5:39:d7:50:7d:05:dd:58:0b:7f:fe:
                    33:30:52:45:1e:10:a1:1d:19:53:19:de:d3:c5:5c:
                    95:e4:4e:76:e4:c9:6c:32:7b:3a:c8:59:ee:98:58:
                    bd:82:3a:8c:82:22:e7:13:f2:91:8a:0a:7c:66:8e:
                    55:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:33:F3:FF:40:AE:76:88:F0:56:8E:68:FA:4C:00:C2:B2:A1:A1:23
            X509v3 Authority Key Identifier:
                keyid:C4:31:A5:9F:60:79:6A:32:36:AE:10:08:C2:D5:C6:C4:70:BC:B0:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDGln2B5ajI2rhAIwtXGxHC8sEU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9675ce-8b5a-401d-a497-964e5f1bafef/1/xDGln2B5ajI2rhAIwtXGxHC8sEU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:cc:8a:33:e2:db:7a:82:e8:0a:cb:2c:ee:dd:4b:c4:cd:8b:
         9c:b3:88:f5:b1:b5:55:33:34:a6:d0:14:03:e2:cf:cf:ad:77:
         0b:9b:13:82:9a:60:30:d3:6a:15:fe:95:31:7a:da:dc:13:5e:
         78:76:f1:e4:d5:3f:8c:30:61:8f:5a:6b:9b:b8:89:8b:03:e5:
         3c:cd:95:05:28:24:43:46:fd:7f:38:aa:62:c7:52:b1:b3:8b:
         39:88:14:1e:29:cd:84:02:22:12:27:91:07:ba:ee:72:2e:51:
         02:e0:ae:da:2a:f9:c7:a7:78:68:3e:ae:5c:37:24:51:a5:9a:
         b3:4b:78:58:dd:03:77:38:11:d2:16:fb:03:29:59:62:ef:da:
         80:12:b8:68:01:23:0f:e6:f5:f7:d0:7c:f9:03:99:ea:07:bb:
         6e:38:0a:28:2a:be:0e:9c:ba:12:b3:90:da:3e:6f:eb:ed:53:
         12:c2:4a:7a:f0:3d:b8:0a:87:90:89:62:56:6f:4e:d8:a0:28:
         cb:9f:d9:3b:16:a0:bf:6c:c9:1e:ee:4a:5f:75:95:74:6b:d6:
         19:b4:c9:5a:a9:bc:a8:da:50:37:06:24:64:eb:ea:51:dd:75:
         2b:13:72:51:f5:8a:86:a3:ff:a7:ca:00:9c:e4:7c:86:89:de:
         84:e8:99:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNk6YKV38uC+Yilu3HJreX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MzFhNTlmNjA3OTZhMzIzNmFlMTAwOGMyZDVjNmM0NzBi
Y2IwNDUwHhcNMjQxMTI1MjAwMDQ1WhcNMjQxMTI2MjAwMDQ1WjAzMTEwLwYDVQQD
EyhlNDMzZjNmZjQwYWU3Njg4ZjA1NjhlNjhmYTRjMDBjMmIyYTFhMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUgmlWv3n1ay8rWFmeCXwkIDAZl+
DBVljCh5ZT5aFJtPZ8/rvsGTjklnUbHL4sFapQTa2/grELdWX54D2DiBljJ55IKz
itg0k4IWyr2DhIveHoEvNw/ldeUZPEpnPzh8j9KL8n18ciB92FtjtINfLBS6eEbA
rgEQkCR2rz23FFXUeXd4ktIue9H1uDHLGlGwdU5Ie5F0Id9ZWzKRmVhIlgnCnN9I
ksMMDc7kIgXul4fv31dxgmsBVKQGOv896lWRP23mDnvf5TnXUH0F3VgLf/4zMFJF
HhChHRlTGd7TxVyV5E525MlsMns6yFnumFi9gjqMgiLnE/KRigp8Zo5VxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQz8/9ArnaI8FaOaPpMAMKyoaEjMB8GA1UdIwQY
MBaAFMQxpZ9geWoyNq4QCMLVxsRwvLBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTct
OTY0ZTVmMWJhZmVmLzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85Njc1Y2UtOGI1YS00MDFkLWE0OTctOTY0ZTVmMWJhZmVm
LzEveERHbG4yQjVhakkycmhBSXd0WEd4SEM4c0VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACcyKM+Lb
eoLoCsss7t1LxM2LnLOI9bG1VTM0ptAUA+LPz613C5sTgppgMNNqFf6VMXra3BNe
eHbx5NU/jDBhj1prm7iJiwPlPM2VBSgkQ0b9fziqYsdSsbOLOYgUHinNhAIiEieR
B7ruci5RAuCu2ir5x6d4aD6uXDckUaWas0t4WN0DdzgR0hb7AylZYu/agBK4aAEj
D+b199B8+QOZ6ge7bjgKKCq+Dpy6ErOQ2j5v6+1TEsJKevA9uAqHkIliVm9O2KAo
y5/ZOxagv2zJHu5KX3WVdGvWGbTJWqm8qNpQNwYkZOvqUd11KxNyUfWKhqP/p8oA
nOR8honehOiZQw==
-----END CERTIFICATE-----