Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File:                     DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier:          DFkUYZuM/EjOTLyzWQ/d0Pq+tgi8B8R1er8gDdqKTnI=
Subject key identifier:   D0:82:10:F9:B9:AA:3E:A2:80:14:1D:29:F8:03:24:76:90:4C:DA:2F
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer:       /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial:       0193688EF91EA7867D40AE007EC744761C36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 13:00:20 +0000
Manifest this update:     Tue 26 Nov 2024 13:00:20 +0000
Manifest next update:     Wed 27 Nov 2024 13:00:20 +0000
Files and hashes:         1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: 88N9WahACSHPLXCyj41lDwert4ewSD6bSREB0zCdiN4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:8e:f9:1e:a7:86:7d:40:ae:00:7e:c7:44:76:1c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
        Validity
            Not Before: Nov 26 13:00:20 2024 GMT
            Not After : Nov 27 13:00:20 2024 GMT
        Subject: CN=d08210f9b9aa3ea280141d29f8032476904cda2f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7a:61:fd:a7:6e:b1:8e:7d:02:9c:d3:a7:4d:
                    5c:9c:a4:b8:c4:67:06:46:c5:23:84:25:9a:da:e0:
                    f9:9b:71:b1:0d:db:3e:3a:49:74:11:2d:c5:ff:04:
                    2c:bd:b0:2f:65:09:88:42:8d:a2:20:38:c5:45:77:
                    a9:ce:29:ab:c3:c3:fc:ef:79:00:38:70:96:8c:e2:
                    53:40:ae:18:96:34:81:8b:5f:2b:f4:0a:ec:8a:b5:
                    49:ba:f5:86:d7:85:60:f4:43:08:81:4a:31:7c:72:
                    f8:56:f5:83:13:85:ac:65:f6:b6:15:72:2f:1e:c9:
                    d4:30:1e:c1:c4:3a:fb:49:b1:01:26:27:26:17:96:
                    ab:8c:9e:6a:13:fe:63:7a:db:18:f1:59:ed:9b:29:
                    cc:fe:58:21:39:f9:29:5d:b1:de:34:c1:98:f9:19:
                    e8:c9:46:3b:e1:ff:3e:06:39:f8:12:04:a1:e6:8e:
                    f2:91:ac:02:c9:7c:6e:58:a7:9a:94:c1:a5:25:5e:
                    b3:e1:ce:20:da:c7:d3:9d:ad:4e:aa:7f:f8:da:87:
                    0f:0e:60:a2:d6:b6:cb:53:31:22:eb:cc:17:d4:28:
                    03:81:d6:78:65:aa:68:ee:10:21:09:12:9c:db:40:
                    95:2b:8f:c2:16:b1:21:89:97:eb:8d:34:a4:d0:c0:
                    bd:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:82:10:F9:B9:AA:3E:A2:80:14:1D:29:F8:03:24:76:90:4C:DA:2F
            X509v3 Authority Key Identifier:
                keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:69:39:7d:01:c5:7f:f6:81:e9:0a:91:4f:0d:35:69:43:b0:
         ac:e0:2e:08:e2:1c:04:5e:42:69:e7:47:ba:f5:e6:4f:92:79:
         f3:cc:13:f3:ed:aa:fa:97:cd:5b:ee:03:05:be:99:b8:ec:5d:
         a5:7c:7e:da:4d:fa:d1:e3:83:97:0e:bd:ab:ec:c2:6c:8d:23:
         d6:d6:48:72:05:97:62:9c:d1:66:1e:bb:d6:56:57:63:16:d6:
         0b:5d:38:07:9a:f3:dd:b0:b7:b4:c5:5f:8a:28:a0:19:b5:0d:
         b4:86:c2:27:da:56:f1:eb:bd:36:ea:f3:a9:dd:ca:db:55:ae:
         90:63:1d:71:fa:8d:f5:84:5b:37:6a:86:76:39:eb:8e:2a:f1:
         cc:19:76:7c:7a:b7:8a:be:aa:82:8f:ec:2e:c7:82:45:37:a6:
         cf:f1:7d:66:66:1a:0b:3d:d2:ac:0b:34:cf:af:3c:c9:41:60:
         c2:3b:83:1e:60:1a:ea:c8:56:a5:a3:29:ae:19:83:1c:71:44:
         36:25:05:fc:89:e6:08:4f:a7:a7:7d:32:24:25:ba:f8:81:d7:
         cc:a9:26:b1:cb:52:91:47:21:4f:99:f0:0d:4e:9a:99:32:25:
         1b:19:78:f4:0e:ce:ed:33:6e:bb:7f:0f:7e:5b:b5:33:24:59:
         42:9a:bc:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNojvkep4Z9QK4AfsdEdhw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjQxMTI2MTMwMDIwWhcNMjQxMTI3MTMwMDIwWjAzMTEwLwYDVQQD
EyhkMDgyMTBmOWI5YWEzZWEyODAxNDFkMjlmODAzMjQ3NjkwNGNkYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnph/adusY59ApzTp01cnKS4xGcG
RsUjhCWa2uD5m3GxDds+Okl0ES3F/wQsvbAvZQmIQo2iIDjFRXepzimrw8P873kA
OHCWjOJTQK4YljSBi18r9ArsirVJuvWG14Vg9EMIgUoxfHL4VvWDE4WsZfa2FXIv
HsnUMB7BxDr7SbEBJicmF5arjJ5qE/5jetsY8VntmynM/lghOfkpXbHeNMGY+Rno
yUY74f8+Bjn4EgSh5o7ykawCyXxuWKealMGlJV6z4c4g2sfTna1Oqn/42ocPDmCi
1rbLUzEi68wX1CgDgdZ4Zapo7hAhCRKc20CVK4/CFrEhiZfrjTSk0MC9OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCCEPm5qj6igBQdKfgDJHaQTNovMB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGWk5fQHF
f/aB6QqRTw01aUOwrOAuCOIcBF5CaedHuvXmT5J588wT8+2q+pfNW+4DBb6ZuOxd
pXx+2k360eODlw69q+zCbI0j1tZIcgWXYpzRZh671lZXYxbWC104B5rz3bC3tMVf
iiigGbUNtIbCJ9pW8eu9Nurzqd3K21WukGMdcfqN9YRbN2qGdjnrjirxzBl2fHq3
ir6qgo/sLseCRTemz/F9ZmYaCz3SrAs0z688yUFgwjuDHmAa6shWpaMprhmDHHFE
NiUF/InmCE+np30yJCW6+IHXzKkmsctSkUchT5nwDU6amTIlGxl49A7O7TNuu38P
flu1MyRZQpq8og==
-----END CERTIFICATE-----