Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
File:                     0qJGL3IIsJcBO18hbWNDf6QB-3I.mft (raw, json)
Hash identifier:          aQW8Gqgz1Lu41vWG40fbUTtY7XD3VYH/rMQc9hiok6Q=
Subject key identifier:   51:FE:D1:74:D7:2F:FB:D9:7E:52:9F:9C:A3:66:78:8E:90:77:87:8A
Authority key identifier: D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72
Certificate issuer:       /CN=d2a2462f7208b097013b5f216d63437fa401fb72
Certificate serial:       01936A469CDEC7AE6F7B216642BE58AB8E05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
Manifest number:          06EE
Signing time:             Tue 26 Nov 2024 21:00:32 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:32 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:32 +0000
Files and hashes:         1: 0qJGL3IIsJcBO18hbWNDf6QB-3I.crl (hash: sou5ry7uraipmXJU68gD43zrXVwDxWATK0NQepO5jkc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:9c:de:c7:ae:6f:7b:21:66:42:be:58:ab:8e:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2a2462f7208b097013b5f216d63437fa401fb72
        Validity
            Not Before: Nov 26 21:00:32 2024 GMT
            Not After : Nov 27 21:00:32 2024 GMT
        Subject: CN=51fed174d72ffbd97e529f9ca366788e9077878a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:ef:30:2f:8f:86:5d:0d:6b:ac:cc:ac:c5:6a:
                    da:56:fe:2f:6e:aa:7e:b9:f1:01:cf:af:2f:66:14:
                    90:a3:0c:77:c8:1f:5c:7f:ad:8e:f2:aa:b4:2b:33:
                    66:b2:18:6f:25:40:75:81:46:e8:6e:f5:5d:fb:cf:
                    d9:4c:24:f5:06:64:38:76:ad:3a:ea:33:39:ba:c8:
                    51:65:9b:a3:18:e8:22:76:22:22:5f:1a:52:7e:b9:
                    30:7d:e5:c5:14:28:35:8a:ff:bd:a4:54:52:57:73:
                    d6:dc:1f:f1:db:56:0c:83:4b:39:f3:27:56:07:36:
                    79:0b:bc:a5:e5:f7:1b:04:24:e8:a1:ab:92:36:e7:
                    db:b7:92:a5:56:c1:7f:bf:a0:29:09:ad:54:fb:f3:
                    91:a5:21:cc:7c:70:d5:44:b1:f9:e1:a6:f0:9c:a6:
                    fb:6d:10:06:63:fe:19:18:de:28:37:cf:0b:87:c3:
                    e3:36:d7:bb:14:29:ac:35:ff:25:93:79:63:82:3f:
                    32:e2:e0:3d:40:77:dd:4e:ca:a1:00:4b:05:73:d4:
                    a8:67:5d:6e:ae:bd:a5:9a:de:1f:2f:ee:38:33:5a:
                    c1:45:14:eb:78:8d:7b:7f:12:b4:0b:0b:79:fe:b7:
                    61:76:e0:66:9a:16:9b:04:aa:5b:da:6f:57:9e:30:
                    cd:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:FE:D1:74:D7:2F:FB:D9:7E:52:9F:9C:A3:66:78:8E:90:77:87:8A
            X509v3 Authority Key Identifier:
                keyid:D2:A2:46:2F:72:08:B0:97:01:3B:5F:21:6D:63:43:7F:A4:01:FB:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qJGL3IIsJcBO18hbWNDf6QB-3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/72ac58-a9f1-4516-861f-7dbf50d7428c/1/0qJGL3IIsJcBO18hbWNDf6QB-3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:ce:74:39:5d:68:8f:aa:80:c6:fe:19:b9:dd:51:bc:ac:03:
         e5:21:d3:dd:cb:70:6a:57:e0:68:77:cb:9f:e4:b9:f3:ad:4c:
         b9:4f:40:ed:93:fa:bd:ae:ac:77:dc:73:a3:5e:76:86:63:b0:
         c6:4b:b7:ca:17:61:c1:42:b8:26:fa:f2:6f:6f:49:5d:8d:e0:
         f9:7a:3f:33:a0:57:78:2f:30:a2:3a:26:d6:03:51:57:0a:32:
         5d:58:f5:98:4a:2f:0f:79:74:b5:25:65:63:5c:98:84:a4:63:
         48:15:49:84:c5:71:48:f9:9a:e5:f7:33:e0:ec:9e:d3:f2:ee:
         62:05:7e:e8:79:7f:00:74:96:b4:de:5a:45:5d:b9:20:df:99:
         2c:b2:fc:4d:29:e6:97:47:28:6c:fa:fc:f0:8d:bf:9d:9c:14:
         81:0f:da:3a:ff:57:04:ee:95:6e:6a:df:2b:b4:83:86:4e:78:
         aa:b8:60:ad:b3:b7:e4:ed:1e:bf:8e:4f:bd:9e:14:29:29:5c:
         ad:0b:7f:93:72:5c:5c:e5:2c:ee:36:e7:e3:99:22:13:50:38:
         db:2a:15:de:3a:bd:b8:7e:0d:b3:09:a0:f1:d1:d8:97:34:1e:
         89:94:3c:98:70:40:ab:f2:51:f3:43:1a:43:91:bc:e0:84:eb:
         53:17:af:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRpzex65veyFmQr5Yq44FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTI0NjJmNzIwOGIwOTcwMTNiNWYyMTZkNjM0MzdmYTQw
MWZiNzIwHhcNMjQxMTI2MjEwMDMyWhcNMjQxMTI3MjEwMDMyWjAzMTEwLwYDVQQD
Eyg1MWZlZDE3NGQ3MmZmYmQ5N2U1MjlmOWNhMzY2Nzg4ZTkwNzc4NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3u8wL4+GXQ1rrMysxWraVv4vbqp+
ufEBz68vZhSQowx3yB9cf62O8qq0KzNmshhvJUB1gUbobvVd+8/ZTCT1BmQ4dq06
6jM5ushRZZujGOgidiIiXxpSfrkwfeXFFCg1iv+9pFRSV3PW3B/x21YMg0s58ydW
BzZ5C7yl5fcbBCTooauSNufbt5KlVsF/v6ApCa1U+/ORpSHMfHDVRLH54abwnKb7
bRAGY/4ZGN4oN88Lh8PjNte7FCmsNf8lk3ljgj8y4uA9QHfdTsqhAEsFc9SoZ11u
rr2lmt4fL+44M1rBRRTreI17fxK0Cwt5/rdhduBmmhabBKpb2m9XnjDNdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFH+0XTXL/vZflKfnKNmeI6Qd4eKMB8GA1UdIwQY
MBaAFNKiRi9yCLCXATtfIW1jQ3+kAftyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYt
N2RiZjUwZDc0MjhjLzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC83MmFjNTgtYTlmMS00NTE2LTg2MWYtN2RiZjUwZDc0Mjhj
LzEvMHFKR0wzSUlzSmNCTzE4aGJXTkRmNlFCLTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmM50OV1o
j6qAxv4Zud1RvKwD5SHT3ctwalfgaHfLn+S5861MuU9A7ZP6va6sd9xzo152hmOw
xku3yhdhwUK4Jvryb29JXY3g+Xo/M6BXeC8wojom1gNRVwoyXVj1mEovD3l0tSVl
Y1yYhKRjSBVJhMVxSPma5fcz4Oye0/LuYgV+6Hl/AHSWtN5aRV25IN+ZLLL8TSnm
l0cobPr88I2/nZwUgQ/aOv9XBO6VbmrfK7SDhk54qrhgrbO35O0ev45PvZ4UKSlc
rQt/k3JcXOUs7jbn45kiE1A42yoV3jq9uH4Nswmg8dHYlzQeiZQ8mHBAq/JR80Ma
Q5G84ITrUxevNA==
-----END CERTIFICATE-----