Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
File:                     dUI-b2St_Fh6CPgawqySYOsu1hU.mft (raw, json)
Hash identifier:          XRdpr2ZL4N39y8P0Rb4m3/VDdHYMslB/4ro4j8w1Z4I=
Subject key identifier:   C2:BA:97:AE:9F:09:CF:50:1D:C6:71:71:79:0D:19:83:19:A9:34:D9
Authority key identifier: 75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15
Certificate issuer:       /CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
Certificate serial:       01935689BBE107CC5AA6D5CFBB3223FACA9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
Manifest number:          09E2
Signing time:             Sat 23 Nov 2024 01:01:27 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:27 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:27 +0000
Files and hashes:         1: dUI-b2St_Fh6CPgawqySYOsu1hU.crl (hash: 4zNJvRpAE2HpheefT2qTjCX36F2CZ3eyE0r7uqj6eJo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:bb:e1:07:cc:5a:a6:d5:cf:bb:32:23:fa:ca:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75423e6f64adfc587a08f81ac2ac9260eb2ed615
        Validity
            Not Before: Nov 23 01:01:27 2024 GMT
            Not After : Nov 24 01:01:27 2024 GMT
        Subject: CN=c2ba97ae9f09cf501dc67171790d198319a934d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2d:a6:b2:bf:b2:e9:49:c1:ee:f9:f9:cd:5e:
                    60:a3:78:e3:fd:d8:9d:1e:0f:9f:17:3c:fe:87:2a:
                    f3:2b:0a:b9:fd:79:73:54:0b:b2:bb:02:4f:26:71:
                    e8:fa:74:17:d2:a2:ce:e9:e1:01:9d:b6:f6:7d:80:
                    c0:9f:6a:59:93:60:0d:00:d8:9d:08:47:55:a4:17:
                    78:15:79:cb:2e:de:35:f8:c8:08:49:d4:5a:12:9b:
                    37:10:98:e9:92:f7:1f:dc:96:ac:ce:27:11:cd:24:
                    b5:43:49:b4:e5:42:6a:b2:0e:f2:85:ad:b6:a4:e8:
                    28:39:c6:79:ca:16:0e:4c:76:98:72:4f:0b:9b:ca:
                    1f:ee:ab:1a:3e:19:3d:c4:06:bd:41:49:fc:38:cf:
                    6e:46:c1:19:7d:9e:55:87:4d:96:a1:57:f7:68:f7:
                    ef:49:1c:3d:aa:5a:dc:bc:4b:c7:b5:bd:32:d8:6c:
                    57:b8:f7:25:a6:d8:a9:c4:46:f5:8b:ab:12:cd:9b:
                    45:0d:a6:5b:60:f6:d0:59:f8:ea:a0:95:af:99:59:
                    eb:d7:cc:4d:2a:4d:49:c7:1d:e4:21:96:fe:9a:4b:
                    40:41:92:d2:63:31:49:2c:39:68:42:c5:5b:68:c9:
                    4e:cb:4d:6f:4a:72:53:61:b2:e4:0f:9e:1e:33:b9:
                    e9:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:BA:97:AE:9F:09:CF:50:1D:C6:71:71:79:0D:19:83:19:A9:34:D9
            X509v3 Authority Key Identifier:
                keyid:75:42:3E:6F:64:AD:FC:58:7A:08:F8:1A:C2:AC:92:60:EB:2E:D6:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dUI-b2St_Fh6CPgawqySYOsu1hU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/6b168f-2d51-4882-a866-29b4f92ac8fd/1/dUI-b2St_Fh6CPgawqySYOsu1hU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7b:f1:00:aa:41:7d:a1:15:6b:a9:03:56:99:1f:5a:83:62:71:
         87:5c:fc:cf:7b:f4:14:ea:65:1c:ff:5d:71:19:00:da:b5:dc:
         02:bc:4d:4e:22:d2:a6:bf:a7:32:e6:fd:4f:f0:46:58:b8:c4:
         5b:94:72:72:a1:32:9e:42:eb:ac:a7:a8:a0:a9:70:ac:dd:ef:
         33:5f:6c:4f:43:01:89:4c:9d:2a:3e:17:75:29:bb:76:10:b6:
         00:b2:01:15:4a:83:79:19:4e:30:70:71:03:1a:08:5e:4e:1a:
         b1:e3:c0:3e:7b:25:e9:a0:19:b3:e8:e9:69:7e:d0:cc:08:d8:
         49:3a:bb:ac:c7:b5:fe:a1:69:5c:19:15:65:a3:e6:91:c2:fb:
         b8:84:9c:c2:cb:e4:0a:6c:22:b9:71:6b:5f:fc:ee:c4:9e:60:
         dd:06:63:57:0b:bb:d2:d9:22:86:b7:a6:22:39:5e:9e:cb:93:
         35:91:1f:f7:53:8e:06:bf:b8:d5:ec:d9:5a:cc:6c:28:de:e8:
         15:68:4e:5d:ad:54:4b:4c:bb:b7:50:8f:62:a8:ed:8b:51:c3:
         c5:20:a8:74:19:aa:24:34:f2:a8:b6:ba:10:fd:8d:87:77:17:
         84:8d:29:3a:02:22:e2:76:e8:f9:0f:a0:12:d5:32:a6:4c:69:
         2f:f0:f8:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWibvhB8xaptXPuzIj+sqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NDIzZTZmNjRhZGZjNTg3YTA4ZjgxYWMyYWM5MjYwZWIy
ZWQ2MTUwHhcNMjQxMTIzMDEwMTI3WhcNMjQxMTI0MDEwMTI3WjAzMTEwLwYDVQQD
EyhjMmJhOTdhZTlmMDljZjUwMWRjNjcxNzE3OTBkMTk4MzE5YTkzNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy2msr+y6UnB7vn5zV5go3jj/did
Hg+fFzz+hyrzKwq5/XlzVAuyuwJPJnHo+nQX0qLO6eEBnbb2fYDAn2pZk2ANANid
CEdVpBd4FXnLLt41+MgISdRaEps3EJjpkvcf3JaszicRzSS1Q0m05UJqsg7yha22
pOgoOcZ5yhYOTHaYck8Lm8of7qsaPhk9xAa9QUn8OM9uRsEZfZ5Vh02WoVf3aPfv
SRw9qlrcvEvHtb0y2GxXuPclptipxEb1i6sSzZtFDaZbYPbQWfjqoJWvmVnr18xN
Kk1Jxx3kIZb+mktAQZLSYzFJLDloQsVbaMlOy01vSnJTYbLkD54eM7nphQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMK6l66fCc9QHcZxcXkNGYMZqTTZMB8GA1UdIwQY
MBaAFHVCPm9krfxYegj4GsKskmDrLtYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYt
MjliNGY5MmFjOGZkLzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82YjE2OGYtMmQ1MS00ODgyLWE4NjYtMjliNGY5MmFjOGZk
LzEvZFVJLWIyU3RfRmg2Q1BnYXdxeVNZT3N1MWhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe/EAqkF9
oRVrqQNWmR9ag2Jxh1z8z3v0FOplHP9dcRkA2rXcArxNTiLSpr+nMub9T/BGWLjE
W5RycqEynkLrrKeooKlwrN3vM19sT0MBiUydKj4XdSm7dhC2ALIBFUqDeRlOMHBx
AxoIXk4asePAPnsl6aAZs+jpaX7QzAjYSTq7rMe1/qFpXBkVZaPmkcL7uIScwsvk
CmwiuXFrX/zuxJ5g3QZjVwu70tkihremIjlensuTNZEf91OOBr+41ezZWsxsKN7o
FWhOXa1US0y7t1CPYqjti1HDxSCodBmqJDTyqLa6EP2Nh3cXhI0pOgIi4nbo+Q+g
EtUypkxpL/D4MQ==
-----END CERTIFICATE-----