Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
File:                     0ur89N6SC5zmRdbmlt8IqosFUZs.mft (raw, json)
Hash identifier:          rviWQAbFYDz/bP39PSNuyj7AbnvJy6LnUj+ByKQTzm0=
Subject key identifier:   D8:2A:D6:97:24:1F:21:89:73:A3:9C:48:F5:B7:85:BC:22:93:C1:48
Authority key identifier: D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B
Certificate issuer:       /CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
Certificate serial:       019407222C104DDE51D8F05C2B19686306E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
Manifest number:          10CE
Signing time:             Fri 27 Dec 2024 08:01:07 +0000
Manifest this update:     Fri 27 Dec 2024 08:01:07 +0000
Manifest next update:     Sat 28 Dec 2024 08:01:07 +0000
Files and hashes:         1: 0ur89N6SC5zmRdbmlt8IqosFUZs.crl (hash: ZQNuiGdkIwYrDGaJgyo3kJm4GpwWmT40RwYNeymv9E0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:22:2c:10:4d:de:51:d8:f0:5c:2b:19:68:63:06:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2eafcf4de920b9ce645d6e696df08aa8b05519b
        Validity
            Not Before: Dec 27 08:01:07 2024 GMT
            Not After : Dec 28 08:01:07 2024 GMT
        Subject: CN=d82ad697241f218973a39c48f5b785bc2293c148
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:09:c0:c0:3c:04:0f:2e:03:12:0e:f4:6a:ec:
                    ab:0d:05:c2:07:7d:06:8c:dc:32:4b:5c:fd:76:df:
                    a8:69:f7:20:b2:6b:1b:f9:bc:24:61:fe:6d:2d:e6:
                    56:29:33:9d:46:73:bb:b4:12:15:a2:23:f6:af:62:
                    f1:bb:9c:cc:00:5a:78:5f:ad:a4:ca:3d:af:40:4c:
                    0d:67:69:8d:a1:81:1d:d5:8e:39:32:db:fe:47:e8:
                    4e:ec:c5:c9:2b:7c:8d:31:ce:63:4c:8d:ec:3b:74:
                    bd:af:e7:8d:90:f6:20:ce:0f:5d:bc:c1:24:54:69:
                    0f:49:4a:07:6c:1f:c6:69:6c:d5:bb:53:1a:4f:79:
                    b8:e8:87:79:73:ef:5f:24:5c:05:d7:bf:6d:62:24:
                    76:df:0f:14:6f:1d:9d:0a:92:5f:b9:50:54:91:33:
                    93:79:86:a0:7b:83:5c:b9:a5:56:7f:7c:ad:d1:ca:
                    6f:9c:86:3d:9a:ec:25:6e:74:84:d3:03:37:39:d7:
                    1b:3d:75:03:de:d1:69:9d:ec:3f:b7:45:98:32:71:
                    84:9e:07:fb:62:d4:31:64:56:6a:60:db:3d:15:1e:
                    8e:0f:f4:bf:52:7e:a5:16:37:73:fa:76:8f:25:1f:
                    33:22:b4:4b:b0:ab:dc:10:ce:11:ac:2a:10:9e:d0:
                    b3:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:2A:D6:97:24:1F:21:89:73:A3:9C:48:F5:B7:85:BC:22:93:C1:48
            X509v3 Authority Key Identifier:
                keyid:D2:EA:FC:F4:DE:92:0B:9C:E6:45:D6:E6:96:DF:08:AA:8B:05:51:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ur89N6SC5zmRdbmlt8IqosFUZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/82785f-f0c5-4313-91a1-6dfd8bbadfe9/1/0ur89N6SC5zmRdbmlt8IqosFUZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         22:d7:2d:b1:0f:0c:65:5c:ea:03:91:ad:f6:c8:fe:04:a0:72:
         5a:8b:65:ba:24:22:80:e6:ef:0d:f5:13:19:44:75:11:58:5b:
         f6:1c:78:a9:66:5d:fb:9d:3d:58:19:4c:cf:b4:0c:75:67:94:
         74:90:0e:43:d6:dc:10:85:58:65:90:cb:62:de:2f:75:e8:90:
         34:f7:6d:46:4b:8e:b7:5d:cb:3c:47:0a:55:25:ad:79:79:e7:
         3c:48:51:5e:68:b9:96:36:bc:24:eb:5d:88:d3:92:21:01:e2:
         56:ba:54:68:6a:c7:28:91:9f:10:ba:10:27:86:d5:40:c7:43:
         43:9a:d9:78:36:ae:c7:62:10:e8:d6:85:e1:32:a7:ec:59:0c:
         7a:53:54:01:67:98:bf:7e:f5:61:2a:e9:5c:e3:79:3d:37:1e:
         ea:bd:a8:ed:23:c3:75:45:28:3c:f2:a7:dc:e7:48:4a:01:7b:
         eb:cd:ea:02:9e:e0:e7:93:07:f3:d6:97:87:14:82:b9:a5:d1:
         19:88:1f:05:62:02:66:0a:88:c2:82:61:14:f1:a8:3d:60:70:
         e5:a2:f0:ea:39:99:f3:e5:01:ec:82:bb:8c:dc:82:29:96:64:
         f3:f4:7f:85:e5:a3:e8:58:5c:39:4f:8f:f4:6e:51:58:01:c2:
         1d:0c:6c:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQHIiwQTd5R2PBcKxloYwbgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWFmY2Y0ZGU5MjBiOWNlNjQ1ZDZlNjk2ZGYwOGFhOGIw
NTUxOWIwHhcNMjQxMjI3MDgwMTA3WhcNMjQxMjI4MDgwMTA3WjAzMTEwLwYDVQQD
EyhkODJhZDY5NzI0MWYyMTg5NzNhMzljNDhmNWI3ODViYzIyOTNjMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQnAwDwEDy4DEg70auyrDQXCB30G
jNwyS1z9dt+oafcgsmsb+bwkYf5tLeZWKTOdRnO7tBIVoiP2r2Lxu5zMAFp4X62k
yj2vQEwNZ2mNoYEd1Y45Mtv+R+hO7MXJK3yNMc5jTI3sO3S9r+eNkPYgzg9dvMEk
VGkPSUoHbB/GaWzVu1MaT3m46Id5c+9fJFwF179tYiR23w8Ubx2dCpJfuVBUkTOT
eYage4NcuaVWf3yt0cpvnIY9muwlbnSE0wM3OdcbPXUD3tFpnew/t0WYMnGEngf7
YtQxZFZqYNs9FR6OD/S/Un6lFjdz+naPJR8zIrRLsKvcEM4RrCoQntCz+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNgq1pckHyGJc6OcSPW3hbwik8FIMB8GA1UdIwQY
MBaAFNLq/PTekguc5kXW5pbfCKqLBVGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEt
NmRmZDhiYmFkZmU5LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi84Mjc4NWYtZjBjNS00MzEzLTkxYTEtNmRmZDhiYmFkZmU5
LzEvMHVyODlONlNDNXptUmRibWx0OElxb3NGVVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAItctsQ8M
ZVzqA5Gt9sj+BKByWotluiQigObvDfUTGUR1EVhb9hx4qWZd+509WBlMz7QMdWeU
dJAOQ9bcEIVYZZDLYt4vdeiQNPdtRkuOt13LPEcKVSWteXnnPEhRXmi5lja8JOtd
iNOSIQHiVrpUaGrHKJGfELoQJ4bVQMdDQ5rZeDaux2IQ6NaF4TKn7FkMelNUAWeY
v371YSrpXON5PTce6r2o7SPDdUUoPPKn3OdISgF7683qAp7g55MH89aXhxSCuaXR
GYgfBWICZgqIwoJhFPGoPWBw5aLw6jmZ8+UB7IK7jNyCKZZk8/R/heWj6FhcOU+P
9G5RWAHCHQxsHg==
-----END CERTIFICATE-----