Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          OYhXBH7Q3thWKBq51HmaIc4EGyxMi8yerFjx3u9Rp4M=
Subject key identifier:   48:58:1C:AF:D1:95:24:F3:A6:37:7D:0B:EC:09:21:55:DF:D1:35:F5
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       019358788A1B9A3D542F35C5E88864B227E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          10B1
Signing time:             Sat 23 Nov 2024 10:01:54 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:54 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:54 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: NhWAb2sucAcN5LGffXRyDF8494s2h8pbDwRxfYW3lkg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:8a:1b:9a:3d:54:2f:35:c5:e8:88:64:b2:27:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: Nov 23 10:01:54 2024 GMT
            Not After : Nov 24 10:01:54 2024 GMT
        Subject: CN=48581cafd19524f3a6377d0bec092155dfd135f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:60:d2:1d:33:63:95:33:99:15:4f:61:a5:a3:
                    e2:cf:44:d8:e8:6e:58:99:56:d7:02:51:61:78:dd:
                    ed:79:db:35:ad:80:64:55:c9:ef:ec:c8:bb:b1:4b:
                    90:d7:29:70:08:46:8a:46:93:b3:04:d5:dc:c4:88:
                    86:05:5e:fc:6c:c0:40:cd:6b:c4:9f:db:88:94:56:
                    ad:38:88:70:50:b9:21:0b:ae:9a:ca:6e:9e:01:40:
                    b0:af:ba:84:38:84:6d:5c:0e:a2:85:b9:55:23:ad:
                    20:2e:77:35:2d:40:20:06:b6:fb:88:f4:95:e6:c7:
                    6c:bd:90:d0:55:38:88:51:75:9b:5a:cf:e2:d0:d4:
                    cb:a3:c5:c7:f2:ae:98:73:70:f6:5c:c3:61:4c:1c:
                    50:1f:9c:75:8e:6f:1b:98:8d:ca:7b:c2:93:ff:0c:
                    7f:13:4d:54:7e:b8:6c:07:5f:9f:2d:86:1c:68:29:
                    cb:cd:c5:48:a0:c5:26:78:6c:0d:39:95:0b:2a:d6:
                    56:7f:d3:8a:4c:66:1e:b8:6c:34:36:ac:71:af:c8:
                    ac:e1:57:c7:e1:8b:81:c6:62:28:6b:27:7b:cd:4e:
                    87:0d:02:dd:c6:f5:b1:84:13:7f:b3:f4:61:12:a7:
                    07:9b:9c:75:0f:fc:11:2e:02:f5:94:a2:1b:ac:4f:
                    d2:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:58:1C:AF:D1:95:24:F3:A6:37:7D:0B:EC:09:21:55:DF:D1:35:F5
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:6b:3b:66:8e:12:37:73:fb:8e:cd:c6:e6:42:1d:79:b3:67:
         cf:aa:95:cb:e5:5e:68:7f:49:f7:ee:0a:a6:f9:ee:ec:a8:6a:
         0f:de:12:7c:42:e2:7c:dd:55:cc:ed:59:2a:7f:51:a3:fb:78:
         df:50:2b:f9:b5:5f:95:f1:10:c2:ba:6e:54:e6:df:06:14:a1:
         8a:f9:31:dd:5c:2f:c9:b8:ee:12:97:ed:bc:3e:c5:bf:97:5d:
         d9:56:cb:73:1d:0b:6d:a1:3d:e9:b7:ed:22:10:e9:f0:a9:91:
         9f:38:6d:c5:dc:80:c6:a5:a4:ed:ce:f0:1a:4a:98:84:1e:32:
         98:d6:4e:38:48:78:6f:fc:a6:00:08:21:8c:e2:2b:80:b9:30:
         fd:a6:94:f2:22:9a:bb:72:6b:20:9d:bb:37:e1:d1:dd:a2:9a:
         ab:48:4b:a9:2e:9e:3b:a2:d1:aa:bd:f1:4e:3e:2a:1a:89:bc:
         b8:cf:92:02:02:c9:8a:6e:9a:38:96:27:59:d5:8a:1d:77:cc:
         52:a9:7e:27:fb:ee:79:82:92:7d:70:ae:11:ec:ba:68:c9:59:
         1b:7d:3d:b0:67:c0:e1:e7:16:3c:5b:c8:70:bb:cd:a5:17:03:
         2e:83:d8:a8:5b:97:40:b3:20:5e:3c:d7:7f:5d:df:19:bc:73:
         40:9c:69:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeIobmj1ULzXF6IhksifoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjQxMTIzMTAwMTU0WhcNMjQxMTI0MTAwMTU0WjAzMTEwLwYDVQQD
Eyg0ODU4MWNhZmQxOTUyNGYzYTYzNzdkMGJlYzA5MjE1NWRmZDEzNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7WDSHTNjlTOZFU9hpaPiz0TY6G5Y
mVbXAlFheN3teds1rYBkVcnv7Mi7sUuQ1ylwCEaKRpOzBNXcxIiGBV78bMBAzWvE
n9uIlFatOIhwULkhC66aym6eAUCwr7qEOIRtXA6ihblVI60gLnc1LUAgBrb7iPSV
5sdsvZDQVTiIUXWbWs/i0NTLo8XH8q6Yc3D2XMNhTBxQH5x1jm8bmI3Ke8KT/wx/
E01UfrhsB1+fLYYcaCnLzcVIoMUmeGwNOZULKtZWf9OKTGYeuGw0Nqxxr8is4VfH
4YuBxmIoayd7zU6HDQLdxvWxhBN/s/RhEqcHm5x1D/wRLgL1lKIbrE/SjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEhYHK/RlSTzpjd9C+wJIVXf0TX1MB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiGs7Zo4S
N3P7js3G5kIdebNnz6qVy+VeaH9J9+4Kpvnu7KhqD94SfELifN1VzO1ZKn9Ro/t4
31Ar+bVflfEQwrpuVObfBhShivkx3VwvybjuEpftvD7Fv5dd2VbLcx0LbaE96bft
IhDp8KmRnzhtxdyAxqWk7c7wGkqYhB4ymNZOOEh4b/ymAAghjOIrgLkw/aaU8iKa
u3JrIJ27N+HR3aKaq0hLqS6eO6LRqr3xTj4qGom8uM+SAgLJim6aOJYnWdWKHXfM
Uql+J/vueYKSfXCuEey6aMlZG309sGfA4ecWPFvIcLvNpRcDLoPYqFuXQLMgXjzX
f13fGbxzQJxpXw==
-----END CERTIFICATE-----