Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          MaaHUjzsPUSjvgFySQPV+AAIij+cOK1rLFLPidJ30Dk=
Subject key identifier:   B8:0E:BC:76:B3:17:4B:AE:86:8C:E4:C2:24:C8:82:14:59:97:B2:18
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       01935765007BCD958C3FF004EA0733BE5C32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0C6E
Signing time:             Sat 23 Nov 2024 05:00:57 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:57 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:57 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: NgAzR5cbQ+7pME81OdXEd4g3kAlFQuNhgZCUB5V6sJk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:65:00:7b:cd:95:8c:3f:f0:04:ea:07:33:be:5c:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: Nov 23 05:00:57 2024 GMT
            Not After : Nov 24 05:00:57 2024 GMT
        Subject: CN=b80ebc76b3174bae868ce4c224c882145997b218
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:6c:b7:ab:59:5e:6a:ba:be:f0:2a:90:00:0b:
                    e3:d9:f4:cc:93:7b:92:0d:af:04:35:5b:16:cc:f8:
                    30:2e:4a:4f:34:df:cf:8c:c1:b2:07:e8:c3:59:2a:
                    62:57:e4:ca:9d:e0:a6:85:5a:b2:23:75:bf:99:a9:
                    15:dd:21:62:82:13:6a:aa:e1:c2:9e:72:3e:d0:24:
                    69:96:66:32:e3:a8:bd:03:e8:5f:88:f4:b8:8e:32:
                    fa:c0:b7:60:1e:b7:9c:a5:15:10:48:b0:b6:08:48:
                    2a:6b:bf:51:80:5a:01:19:a3:1a:0e:e5:37:40:98:
                    ff:d4:e8:e4:94:43:87:5b:ac:db:77:c1:ec:e8:a7:
                    ec:8a:99:18:91:d3:d9:b5:1d:f9:a9:18:0c:1b:a2:
                    ba:79:ce:da:f3:3f:32:c6:80:4a:16:78:96:67:4c:
                    04:e6:50:21:bd:1b:cd:d5:53:00:b4:49:24:87:22:
                    79:58:54:d9:43:23:69:c3:0c:32:31:2c:11:a4:e5:
                    72:0b:74:32:21:ab:a3:99:f5:99:25:45:ad:33:b5:
                    ee:1b:cd:7f:2e:72:2f:22:8d:54:12:a9:c4:79:47:
                    2d:08:b2:3e:a4:34:45:31:c4:2c:18:9a:69:d5:c5:
                    06:17:ac:5c:85:80:88:11:4c:47:42:3e:92:35:6b:
                    93:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:0E:BC:76:B3:17:4B:AE:86:8C:E4:C2:24:C8:82:14:59:97:B2:18
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:eb:a7:55:55:a7:80:5d:57:d4:3e:c4:f9:f8:ae:b6:5a:dd:
         92:e7:59:f0:a7:8e:9c:db:6d:78:74:2a:81:bc:8c:f9:f4:4f:
         54:a7:02:5c:6a:94:b3:b6:b4:18:25:a7:32:fa:31:86:93:31:
         ee:09:f3:57:38:52:1c:f1:9c:54:2f:8a:21:bf:48:8a:d8:46:
         4b:92:e5:a0:27:95:7f:26:46:e3:b5:c1:f6:90:ee:64:87:34:
         a7:bf:14:d5:46:3d:c4:46:f5:90:6f:7e:65:2b:49:9d:56:ae:
         5f:62:6c:d4:ec:7e:01:c7:e3:95:dc:36:02:77:e1:15:f6:09:
         91:b8:a6:51:b3:fd:07:76:7f:46:c6:1a:ee:c9:06:72:ff:b8:
         7e:b8:1b:7f:c3:48:7a:09:89:62:c7:fa:c0:b7:bb:aa:93:0b:
         15:2c:17:4a:35:55:b5:99:d4:a8:33:a3:c8:c5:5f:61:a3:43:
         cf:0a:17:42:e1:eb:69:81:ad:d0:24:73:7d:20:23:50:9c:0c:
         25:85:ad:bd:da:0d:1d:83:8f:9b:5c:53:79:a0:a1:f4:4b:a2:
         9d:d0:b3:4a:8a:29:41:35:c9:75:e5:4f:ad:2c:0f:45:28:bf:
         22:81:cf:62:2a:97:45:f1:f9:6a:30:a1:70:5a:17:7b:64:dc:
         ab:a1:fb:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZQB7zZWMP/AE6gczvlwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjQxMTIzMDUwMDU3WhcNMjQxMTI0MDUwMDU3WjAzMTEwLwYDVQQD
EyhiODBlYmM3NmIzMTc0YmFlODY4Y2U0YzIyNGM4ODIxNDU5OTdiMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Wy3q1learq+8CqQAAvj2fTMk3uS
Da8ENVsWzPgwLkpPNN/PjMGyB+jDWSpiV+TKneCmhVqyI3W/makV3SFighNqquHC
nnI+0CRplmYy46i9A+hfiPS4jjL6wLdgHrecpRUQSLC2CEgqa79RgFoBGaMaDuU3
QJj/1OjklEOHW6zbd8Hs6KfsipkYkdPZtR35qRgMG6K6ec7a8z8yxoBKFniWZ0wE
5lAhvRvN1VMAtEkkhyJ5WFTZQyNpwwwyMSwRpOVyC3QyIaujmfWZJUWtM7XuG81/
LnIvIo1UEqnEeUctCLI+pDRFMcQsGJpp1cUGF6xchYCIEUxHQj6SNWuThQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLgOvHazF0uuhozkwiTIghRZl7IYMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR+unVVWn
gF1X1D7E+fiutlrdkudZ8KeOnNtteHQqgbyM+fRPVKcCXGqUs7a0GCWnMvoxhpMx
7gnzVzhSHPGcVC+KIb9IithGS5LloCeVfyZG47XB9pDuZIc0p78U1UY9xEb1kG9+
ZStJnVauX2Js1Ox+Acfjldw2AnfhFfYJkbimUbP9B3Z/RsYa7skGcv+4frgbf8NI
egmJYsf6wLe7qpMLFSwXSjVVtZnUqDOjyMVfYaNDzwoXQuHraYGt0CRzfSAjUJwM
JYWtvdoNHYOPm1xTeaCh9EuindCzSoopQTXJdeVPrSwPRSi/IoHPYiqXRfH5ajCh
cFoXe2Tcq6H7+Q==
-----END CERTIFICATE-----