Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
File:                     tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft (raw, json)
Hash identifier:          yXWZTLO2zves9CNUevv5+fE/X4EwVdcA4IMNIVL7FDg=
Subject key identifier:   FA:C8:94:57:C6:D0:C6:C6:17:06:81:A6:1C:78:21:54:6C:10:EB:7A
Authority key identifier: B5:7C:8A:C0:55:C5:74:D8:CF:13:52:2B:96:4B:92:31:4D:21:1E:AE
Certificate issuer:       /CN=b57c8ac055c574d8cf13522b964b92314d211eae
Certificate serial:       01936AB49548157DAD28056769B212CA0009
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
Manifest number:          10C8
Signing time:             Tue 26 Nov 2024 23:00:39 +0000
Manifest this update:     Tue 26 Nov 2024 23:00:39 +0000
Manifest next update:     Wed 27 Nov 2024 23:00:39 +0000
Files and hashes:         1: tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl (hash: ltS3jHv+hbwAorGOodtSJbEQJ0c0PS+K+E41Tqgyfgs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:b4:95:48:15:7d:ad:28:05:67:69:b2:12:ca:00:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b57c8ac055c574d8cf13522b964b92314d211eae
        Validity
            Not Before: Nov 26 23:00:39 2024 GMT
            Not After : Nov 27 23:00:39 2024 GMT
        Subject: CN=fac89457c6d0c6c6170681a61c7821546c10eb7a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e5:03:e6:5a:e7:b9:33:fc:77:0a:84:96:2b:
                    a6:eb:a3:3d:e9:74:81:a4:d7:5c:b6:38:e5:52:5d:
                    23:a7:99:8a:ec:93:6e:31:c3:06:08:93:a4:0e:17:
                    07:51:53:45:41:2a:a3:47:9d:21:62:2c:9c:d5:49:
                    a1:1a:d8:0b:cf:77:78:de:ed:db:e7:91:6a:1f:6e:
                    17:74:86:ce:79:58:24:cd:9c:86:37:7f:c3:12:f0:
                    b3:b3:9d:b6:90:58:75:08:76:62:77:96:3e:7d:a8:
                    dd:12:54:bb:11:cf:52:27:47:18:05:0f:ee:05:c5:
                    95:8f:10:17:e9:87:49:26:22:90:e2:90:be:fb:a0:
                    41:8e:b6:e3:cf:30:d4:aa:24:08:0f:ee:89:18:e3:
                    6b:53:3f:ce:31:cd:9d:ed:79:2c:e9:6c:51:57:56:
                    a8:2e:a5:c9:97:60:5b:8a:ee:e2:50:18:40:54:65:
                    e5:99:36:f9:41:f7:af:9f:f5:b0:27:bd:26:17:d7:
                    bc:5b:8d:c0:c4:00:79:66:b7:52:5a:5c:c9:69:96:
                    1d:d4:da:b4:43:dd:8e:ab:5d:04:51:80:f0:9b:ab:
                    27:73:7a:47:53:45:e5:59:4f:7c:c5:34:4c:55:4d:
                    bf:22:7b:fc:0d:4d:53:04:e9:f3:6b:79:aa:85:56:
                    a5:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:C8:94:57:C6:D0:C6:C6:17:06:81:A6:1C:78:21:54:6C:10:EB:7A
            X509v3 Authority Key Identifier:
                keyid:B5:7C:8A:C0:55:C5:74:D8:CF:13:52:2B:96:4B:92:31:4D:21:1E:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXyKwFXFdNjPE1IrlkuSMU0hHq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/289f40-a233-4c63-b93e-8e4c7c7b6504/1/tXyKwFXFdNjPE1IrlkuSMU0hHq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:3b:67:c3:3e:3e:1f:73:87:9b:39:fb:4d:d8:75:30:38:dc:
         15:6b:e0:2b:6d:f0:76:ed:f9:34:21:3f:41:44:c2:9c:d6:9c:
         f5:07:c9:47:1a:6c:7b:8b:73:cf:fa:db:12:e4:c7:e0:b9:45:
         b9:55:1a:da:96:c7:5b:09:10:56:cb:49:bd:73:6a:bc:43:eb:
         bd:72:92:63:ae:db:dc:c5:b9:f1:6a:3e:54:d0:b2:2c:5e:7b:
         be:10:2b:9c:80:e7:1a:a7:7f:d9:05:49:ed:e6:be:ff:59:a6:
         f1:63:57:bc:61:9d:6f:4c:3a:44:84:18:b5:a2:e8:ac:4c:dc:
         f5:2b:83:44:f8:2d:fa:34:a3:f1:7c:70:8f:f1:29:b8:18:37:
         34:21:90:fc:de:c5:43:2c:50:42:2d:e8:e0:4f:b6:10:6f:2c:
         92:08:9d:3f:61:bb:c8:e0:b9:3e:74:7f:b6:99:a9:db:1d:2e:
         02:21:b4:b1:89:cb:7e:75:90:03:b8:2f:aa:72:57:59:0d:d6:
         51:22:de:b1:35:5a:96:1b:69:a6:b4:a7:7c:ac:a2:91:ec:0a:
         76:6d:93:a8:e5:a8:02:92:b8:4f:c9:b6:f5:19:f2:6c:c3:be:
         ac:a0:a8:84:c0:7f:89:7a:a9:a4:e9:ce:67:de:ae:31:69:b3:
         1c:6a:3c:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqtJVIFX2tKAVnabISygAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1N2M4YWMwNTVjNTc0ZDhjZjEzNTIyYjk2NGI5MjMxNGQy
MTFlYWUwHhcNMjQxMTI2MjMwMDM5WhcNMjQxMTI3MjMwMDM5WjAzMTEwLwYDVQQD
EyhmYWM4OTQ1N2M2ZDBjNmM2MTcwNjgxYTYxYzc4MjE1NDZjMTBlYjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOUD5lrnuTP8dwqElium66M96XSB
pNdctjjlUl0jp5mK7JNuMcMGCJOkDhcHUVNFQSqjR50hYiyc1UmhGtgLz3d43u3b
55FqH24XdIbOeVgkzZyGN3/DEvCzs522kFh1CHZid5Y+fajdElS7Ec9SJ0cYBQ/u
BcWVjxAX6YdJJiKQ4pC++6BBjrbjzzDUqiQID+6JGONrUz/OMc2d7Xks6WxRV1ao
LqXJl2Bbiu7iUBhAVGXlmTb5Qfevn/WwJ70mF9e8W43AxAB5ZrdSWlzJaZYd1Nq0
Q92Oq10EUYDwm6snc3pHU0XlWU98xTRMVU2/Inv8DU1TBOnza3mqhValywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPrIlFfG0MbGFwaBphx4IVRsEOt6MB8GA1UdIwQY
MBaAFLV8isBVxXTYzxNSK5ZLkjFNIR6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8yODlmNDAtYTIzMy00YzYzLWI5M2Ut
OGU0YzdjN2I2NTA0LzEvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8yODlmNDAtYTIzMy00YzYzLWI5M2UtOGU0YzdjN2I2NTA0
LzEvdFh5S3dGWEZkTmpQRTFJcmxrdVNNVTBoSHE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTtnwz4+
H3OHmzn7Tdh1MDjcFWvgK23wdu35NCE/QUTCnNac9QfJRxpse4tzz/rbEuTH4LlF
uVUa2pbHWwkQVstJvXNqvEPrvXKSY67b3MW58Wo+VNCyLF57vhArnIDnGqd/2QVJ
7ea+/1mm8WNXvGGdb0w6RIQYtaLorEzc9SuDRPgt+jSj8Xxwj/EpuBg3NCGQ/N7F
QyxQQi3o4E+2EG8skgidP2G7yOC5PnR/tpmp2x0uAiG0sYnLfnWQA7gvqnJXWQ3W
USLesTValhtpprSnfKyikewKdm2TqOWoApK4T8m29RnybMO+rKCohMB/iXqppOnO
Z96uMWmzHGo8Hg==
-----END CERTIFICATE-----