Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          BCHs+RJX91eT/X++P6rl7kEKfgL85G2U7AlMrfAO8Hc=
Subject key identifier:   67:EF:BC:1E:51:30:7E:D7:36:8A:46:F6:E4:5B:76:20:C0:58:06:78
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       0193550879736F0635D689F930F9BBD8438E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          07FE
Signing time:             Fri 22 Nov 2024 18:00:38 +0000
Manifest this update:     Fri 22 Nov 2024 18:00:38 +0000
Manifest next update:     Sat 23 Nov 2024 18:00:38 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: 5ngnKZ+rw2IAMXXO+mDnItIrd/5MnKUWx2t9o7pY6fE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:08:79:73:6f:06:35:d6:89:f9:30:f9:bb:d8:43:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: Nov 22 18:00:38 2024 GMT
            Not After : Nov 23 18:00:38 2024 GMT
        Subject: CN=67efbc1e51307ed7368a46f6e45b7620c0580678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:65:ba:b1:db:46:bd:c4:48:73:0c:ee:d3:4d:
                    6f:d3:d6:a7:65:1a:69:6a:40:a5:2e:70:a6:e3:17:
                    22:e1:4c:f3:4e:67:f9:70:5b:01:80:4b:84:d9:00:
                    96:89:4d:83:5e:30:cc:66:67:99:72:14:5b:71:aa:
                    7c:6a:0c:55:72:0f:ce:0f:4c:38:4b:b0:de:cf:c7:
                    35:ed:0f:2a:d4:da:a6:fb:64:df:0e:59:9e:50:89:
                    23:c4:97:b1:cc:19:39:c5:d0:84:b5:3d:f5:0c:14:
                    ea:e6:a0:c0:66:90:c1:43:5b:d9:2e:f0:c3:74:b6:
                    8f:25:ad:97:3f:b4:d0:38:59:15:ae:bd:57:47:0e:
                    8a:f7:1c:28:98:cc:82:b9:08:6e:f7:42:30:cd:1e:
                    6b:7e:b9:f1:ab:82:86:54:d0:89:1d:70:40:32:30:
                    66:40:12:f2:7b:b4:2e:88:71:b1:fe:1e:bd:9c:51:
                    e8:75:cc:72:c4:00:ee:cf:8d:63:f8:bd:ce:d6:07:
                    67:28:27:70:98:50:13:4b:87:3c:6c:c8:c1:2b:91:
                    0d:72:92:88:68:87:21:91:28:26:56:85:d2:b3:27:
                    28:5d:a7:17:2d:7e:49:3f:2c:91:38:ae:9a:47:4e:
                    a0:ad:48:6b:a5:d0:eb:76:0f:a5:13:8f:88:d7:6b:
                    de:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:EF:BC:1E:51:30:7E:D7:36:8A:46:F6:E4:5B:76:20:C0:58:06:78
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:a8:0a:8e:e5:4c:23:8d:be:60:ed:7c:9d:61:2a:7c:d7:15:
         ac:01:79:03:c8:bc:9b:3f:d7:5f:5d:22:0c:a5:5a:67:00:e9:
         30:a3:0f:85:fb:ce:75:e8:33:1d:38:4a:2c:3f:da:29:c1:6b:
         b6:51:ef:d3:80:04:7f:a4:a4:6f:94:3b:a9:1a:40:28:8f:a8:
         57:f3:d6:0c:4a:55:22:da:72:2a:9b:5b:ce:47:24:8d:12:70:
         2b:ac:42:dd:df:55:c5:1c:52:75:0c:69:92:aa:a3:53:14:bd:
         48:54:c7:71:a5:59:46:f0:69:81:de:12:b5:fe:a7:8e:71:e5:
         1b:cb:2a:16:1a:6f:03:fd:8b:66:7f:40:26:87:5d:c4:28:e5:
         54:8a:d7:61:70:45:2d:21:f5:a4:ea:ed:d5:26:43:ac:e7:91:
         3f:93:d4:f8:3a:8b:c4:84:5c:80:cc:87:56:25:88:75:47:43:
         73:a8:da:4a:b2:22:7a:78:75:02:75:87:69:3a:30:84:31:a0:
         1f:59:d3:88:d9:97:a1:6f:9e:2c:54:f1:ea:72:e4:18:c7:99:
         dd:36:93:2a:de:1d:e0:40:8f:bf:2b:bf:56:47:72:3e:a5:72:
         46:56:7e:8e:e6:bd:1b:f5:4a:5b:9b:23:34:d2:ff:67:80:71:
         c7:e4:ef:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVCHlzbwY11on5MPm72EOOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjQxMTIyMTgwMDM4WhcNMjQxMTIzMTgwMDM4WjAzMTEwLwYDVQQD
Eyg2N2VmYmMxZTUxMzA3ZWQ3MzY4YTQ2ZjZlNDViNzYyMGMwNTgwNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGW6sdtGvcRIcwzu001v09anZRpp
akClLnCm4xci4UzzTmf5cFsBgEuE2QCWiU2DXjDMZmeZchRbcap8agxVcg/OD0w4
S7Dez8c17Q8q1Nqm+2TfDlmeUIkjxJexzBk5xdCEtT31DBTq5qDAZpDBQ1vZLvDD
dLaPJa2XP7TQOFkVrr1XRw6K9xwomMyCuQhu90IwzR5rfrnxq4KGVNCJHXBAMjBm
QBLye7QuiHGx/h69nFHodcxyxADuz41j+L3O1gdnKCdwmFATS4c8bMjBK5ENcpKI
aIchkSgmVoXSsycoXacXLX5JPyyROK6aR06grUhrpdDrdg+lE4+I12veIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGfvvB5RMH7XNopG9uRbdiDAWAZ4MB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKgKjuVM
I42+YO18nWEqfNcVrAF5A8i8mz/XX10iDKVaZwDpMKMPhfvOdegzHThKLD/aKcFr
tlHv04AEf6Skb5Q7qRpAKI+oV/PWDEpVItpyKptbzkckjRJwK6xC3d9VxRxSdQxp
kqqjUxS9SFTHcaVZRvBpgd4Stf6njnHlG8sqFhpvA/2LZn9AJoddxCjlVIrXYXBF
LSH1pOrt1SZDrOeRP5PU+DqLxIRcgMyHViWIdUdDc6jaSrIienh1AnWHaTowhDGg
H1nTiNmXoW+eLFTx6nLkGMeZ3TaTKt4d4ECPvyu/VkdyPqVyRlZ+jua9G/VKW5sj
NNL/Z4Bxx+TvMA==
-----END CERTIFICATE-----