Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
File:                     RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft (raw, json)
Hash identifier:          +iW48jpGXgwQpYmN8cO9p18l+qFbfS5kZv7tkuCVxKE=
Subject key identifier:   42:C6:90:9B:55:52:3C:5C:E8:1B:5F:9B:6D:41:68:F7:45:82:32:93
Authority key identifier: 44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C
Certificate issuer:       /CN=44f5ceb34bb77228982ecf41a400fab1046d966c
Certificate serial:       01936669FBD9B24369DE87961876C66C6763
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
Manifest number:          0BF9
Signing time:             Tue 26 Nov 2024 03:00:41 +0000
Manifest this update:     Tue 26 Nov 2024 03:00:41 +0000
Manifest next update:     Wed 27 Nov 2024 03:00:41 +0000
Files and hashes:         1: RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl (hash: MTR5RgDB8BAWXqx8uXP9PV/wfImCCU9CoXqWXjoUSsA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 01:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:66:69:fb:d9:b2:43:69:de:87:96:18:76:c6:6c:67:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44f5ceb34bb77228982ecf41a400fab1046d966c
        Validity
            Not Before: Nov 26 03:00:41 2024 GMT
            Not After : Nov 27 03:00:41 2024 GMT
        Subject: CN=42c6909b55523c5ce81b5f9b6d4168f745823293
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a0:ee:1b:d1:5e:7a:e4:d1:f8:c3:3b:0e:43:
                    86:8b:8b:68:53:df:a6:09:21:b7:9c:f3:e8:99:22:
                    11:90:3f:ed:c8:87:f3:7b:6f:7a:93:9b:e7:68:dc:
                    1e:6d:eb:7e:80:7b:eb:02:a4:3b:f5:51:ee:50:f9:
                    e9:4a:74:54:d8:45:e3:12:41:6b:2d:c5:d7:80:3c:
                    e5:e5:48:e6:12:8d:ac:9b:bf:2c:f7:ae:01:50:b1:
                    5b:32:be:21:d2:d9:8c:ef:bf:16:30:0f:13:b3:95:
                    b0:3b:fb:3e:3d:1c:69:17:c5:ff:d5:31:46:1a:39:
                    21:2d:17:0b:10:f3:94:8c:87:34:65:65:b3:85:38:
                    5b:ca:2e:6b:ef:3b:4a:26:68:39:bc:69:3f:91:2e:
                    49:e2:6c:6e:72:60:32:20:74:b8:ac:15:40:3c:59:
                    b9:34:07:40:6e:99:90:ee:50:b8:69:30:20:2d:94:
                    b4:84:79:ab:06:1e:c5:43:93:3b:fb:7f:50:28:4b:
                    7e:68:98:20:fb:ab:64:a9:32:51:f7:41:19:ee:0b:
                    83:a6:ee:eb:00:f4:25:c0:7f:2a:40:23:12:f4:24:
                    95:2e:c6:31:2f:f5:a3:ed:bc:76:d8:16:c0:80:b8:
                    a3:29:9e:a4:b3:70:42:77:f3:8e:05:3d:e2:b3:c4:
                    4e:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:C6:90:9B:55:52:3C:5C:E8:1B:5F:9B:6D:41:68:F7:45:82:32:93
            X509v3 Authority Key Identifier:
                keyid:44:F5:CE:B3:4B:B7:72:28:98:2E:CF:41:A4:00:FA:B1:04:6D:96:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPXOs0u3ciiYLs9BpAD6sQRtlmw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/d59c75-04a7-429b-86a3-1448aaf92e26/1/RPXOs0u3ciiYLs9BpAD6sQRtlmw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:33:93:18:04:88:eb:f9:6e:0e:50:3d:26:3c:ea:c2:41:03:
         59:70:8d:67:32:85:a0:20:3f:3a:04:e2:d6:17:68:88:2f:3f:
         98:2b:4b:ec:5b:22:d3:49:bd:e9:11:64:75:17:ad:fb:5b:5e:
         94:6e:f2:4b:2a:e7:92:f7:56:d9:f4:f5:e2:54:83:95:aa:ef:
         69:74:4d:3e:0d:12:44:52:95:0c:6d:4b:39:68:73:b9:27:c0:
         e2:0d:4c:78:b0:dd:28:59:78:96:88:c9:3e:46:3c:5d:24:41:
         4f:83:33:f7:3b:b1:58:4b:af:68:73:ec:80:d5:00:67:af:50:
         f6:5b:7e:f5:45:7c:f0:57:04:04:9f:af:9b:63:1c:23:c9:44:
         5f:5f:1a:4c:d8:49:21:07:b6:ab:48:6d:dc:24:13:be:38:b5:
         f1:bd:ae:b1:52:06:ff:3e:4c:5c:44:95:d1:39:1f:22:bb:47:
         0a:3c:fe:cb:c7:32:2f:c0:8f:d7:e3:02:cb:e7:f6:40:38:00:
         0e:85:40:f5:37:f5:c1:7b:b0:b3:26:ab:b1:ac:94:98:e8:46:
         cc:4e:7d:c4:3d:48:28:22:f7:42:b3:78:b2:18:94:d3:22:b2:
         ad:32:bc:9b:8b:e8:7e:e2:60:1f:51:f3:86:eb:ca:55:4c:ef:
         44:3c:d9:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNmafvZskNp3oeWGHbGbGdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjVjZWIzNGJiNzcyMjg5ODJlY2Y0MWE0MDBmYWIxMDQ2
ZDk2NmMwHhcNMjQxMTI2MDMwMDQxWhcNMjQxMTI3MDMwMDQxWjAzMTEwLwYDVQQD
Eyg0MmM2OTA5YjU1NTIzYzVjZTgxYjVmOWI2ZDQxNjhmNzQ1ODIzMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6DuG9FeeuTR+MM7DkOGi4toU9+m
CSG3nPPomSIRkD/tyIfze296k5vnaNwebet+gHvrAqQ79VHuUPnpSnRU2EXjEkFr
LcXXgDzl5UjmEo2sm78s964BULFbMr4h0tmM778WMA8Ts5WwO/s+PRxpF8X/1TFG
GjkhLRcLEPOUjIc0ZWWzhThbyi5r7ztKJmg5vGk/kS5J4mxucmAyIHS4rBVAPFm5
NAdAbpmQ7lC4aTAgLZS0hHmrBh7FQ5M7+39QKEt+aJgg+6tkqTJR90EZ7guDpu7r
APQlwH8qQCMS9CSVLsYxL/Wj7bx22BbAgLijKZ6ks3BCd/OOBT3is8ROUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELGkJtVUjxc6Btfm21BaPdFgjKTMB8GA1UdIwQY
MBaAFET1zrNLt3IomC7PQaQA+rEEbZZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMt
MTQ0OGFhZjkyZTI2LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9kNTljNzUtMDRhNy00MjliLTg2YTMtMTQ0OGFhZjkyZTI2
LzEvUlBYT3MwdTNjaWlZTHM5QnBBRDZzUVJ0bG13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjDOTGASI
6/luDlA9JjzqwkEDWXCNZzKFoCA/OgTi1hdoiC8/mCtL7Fsi00m96RFkdRet+1te
lG7ySyrnkvdW2fT14lSDlarvaXRNPg0SRFKVDG1LOWhzuSfA4g1MeLDdKFl4lojJ
PkY8XSRBT4Mz9zuxWEuvaHPsgNUAZ69Q9lt+9UV88FcEBJ+vm2McI8lEX18aTNhJ
IQe2q0ht3CQTvji18b2usVIG/z5MXESV0TkfIrtHCjz+y8cyL8CP1+MCy+f2QDgA
DoVA9Tf1wXuwsyarsayUmOhGzE59xD1IKCL3QrN4shiU0yKyrTK8m4vofuJgH1Hz
huvKVUzvRDzZrw==
-----END CERTIFICATE-----