Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
File:                     ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json)
Hash identifier:          KWPmTXnvrmcF37cvJkjSV6LE9QMaJysLlrYVsUckXEg=
Subject key identifier:   98:C9:FB:E8:69:CC:CE:9F:AF:E1:08:61:56:61:96:88:E5:7C:E1:32
Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED
Certificate issuer:       /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
Certificate serial:       01935689C88032DD5F721DC3B237934755B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
Manifest number:          0874
Signing time:             Sat 23 Nov 2024 01:01:30 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:30 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:30 +0000
Files and hashes:         1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: SJnXKPdI3heDjFlr1R1RVEeGFOyPKi3A7qJqt2SylBE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:c8:80:32:dd:5f:72:1d:c3:b2:37:93:47:55:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed
        Validity
            Not Before: Nov 23 01:01:30 2024 GMT
            Not After : Nov 24 01:01:30 2024 GMT
        Subject: CN=98c9fbe869ccce9fafe1086156619688e57ce132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:61:09:1f:29:6b:97:79:18:cd:46:6e:45:e7:
                    39:1f:73:39:05:db:ef:77:b0:d6:a2:d6:f6:d2:bf:
                    ad:75:20:cc:fb:d0:7e:17:16:6a:65:4e:c4:9b:51:
                    f6:e6:33:64:91:c9:e7:a4:8c:2a:44:b1:fa:6e:66:
                    b2:31:f0:5e:20:11:87:a1:60:3f:69:8a:a3:e0:bf:
                    c6:5b:4b:59:d4:c1:36:5e:88:d4:c7:cf:e6:28:2d:
                    03:5a:25:dc:32:eb:f7:b9:80:95:1a:87:dd:0e:b2:
                    8e:9c:75:e3:06:dc:b2:4a:97:a4:d4:27:5f:54:c3:
                    32:d3:21:9e:7c:6c:7b:17:33:39:a8:02:6f:3f:3c:
                    9f:a7:5a:9b:0f:ec:02:87:b8:5c:86:59:d3:80:7a:
                    e9:2c:12:92:32:c1:b5:1d:1a:84:70:42:2c:c1:45:
                    5e:a2:fa:b0:7a:ee:87:4a:10:e7:90:e3:ed:ef:89:
                    8d:21:49:89:c4:dd:dd:31:37:45:5a:61:2f:3b:19:
                    8d:cd:88:a6:8d:64:e1:f8:e5:c6:29:25:a5:88:37:
                    29:80:3d:01:c7:2e:00:31:b5:78:91:d8:f8:bf:10:
                    23:30:30:57:4c:16:5f:42:e9:d1:ff:cd:bf:fc:6e:
                    b5:f2:dd:81:7d:4f:b4:ed:c1:d5:cc:d0:50:98:38:
                    f0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:C9:FB:E8:69:CC:CE:9F:AF:E1:08:61:56:61:96:88:E5:7C:E1:32
            X509v3 Authority Key Identifier:
                keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:54:23:49:75:41:d3:09:ba:b1:0f:2e:12:0c:bc:ae:ba:90:
         52:e9:da:77:93:3c:65:7b:51:e6:8e:4c:77:07:bf:b1:0d:53:
         3f:a7:c5:7e:6f:95:fc:4b:cc:fa:14:5a:e3:80:a3:fe:65:ea:
         17:ba:ea:dd:8a:67:7c:cf:a2:62:1c:b4:de:70:52:c4:1d:9b:
         74:bf:85:5c:f7:48:bb:9a:fe:39:8c:d1:8d:2b:8d:c7:dc:4c:
         7a:06:d5:8c:a5:bd:fd:b6:85:0d:a6:a9:ca:46:7e:66:83:15:
         98:e7:2c:64:ce:be:05:1e:94:90:d8:b2:75:07:41:7d:6a:13:
         b9:62:9b:db:3c:0b:78:73:97:22:10:31:33:29:f9:0f:7b:ed:
         31:c7:8b:bc:2a:0b:91:46:35:b7:b4:82:6d:a2:c2:08:80:6f:
         c1:dc:70:ea:6e:f7:66:05:79:60:16:7a:ec:01:96:8f:16:82:
         bd:d0:14:91:4f:83:d4:24:22:ca:cd:cf:e0:ee:f4:e9:1d:42:
         96:2a:53:96:3f:99:b8:bc:9d:3c:46:c2:26:79:cd:c3:d0:46:
         f2:fd:63:c0:bb:14:92:fd:c7:30:f3:bd:dc:95:d4:e4:30:93:
         53:93:55:f8:3f:54:28:32:1c:d4:1b:d1:66:72:ea:84:8a:bf:
         5c:37:96:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiciAMt1fch3DsjeTR1W3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj
OGEyZWQwHhcNMjQxMTIzMDEwMTMwWhcNMjQxMTI0MDEwMTMwWjAzMTEwLwYDVQQD
Eyg5OGM5ZmJlODY5Y2NjZTlmYWZlMTA4NjE1NjYxOTY4OGU1N2NlMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGEJHylrl3kYzUZuRec5H3M5Bdvv
d7DWotb20r+tdSDM+9B+FxZqZU7Em1H25jNkkcnnpIwqRLH6bmayMfBeIBGHoWA/
aYqj4L/GW0tZ1ME2XojUx8/mKC0DWiXcMuv3uYCVGofdDrKOnHXjBtyySpek1Cdf
VMMy0yGefGx7FzM5qAJvPzyfp1qbD+wCh7hchlnTgHrpLBKSMsG1HRqEcEIswUVe
ovqweu6HShDnkOPt74mNIUmJxN3dMTdFWmEvOxmNzYimjWTh+OXGKSWliDcpgD0B
xy4AMbV4kdj4vxAjMDBXTBZfQunR/82//G618t2BfU+07cHVzNBQmDjwjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJjJ++hpzM6fr+EIYVZhlojlfOEyMB8GA1UdIwQY
MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt
MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh
LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABVQjSXVB
0wm6sQ8uEgy8rrqQUunad5M8ZXtR5o5Mdwe/sQ1TP6fFfm+V/EvM+hRa44Cj/mXq
F7rq3YpnfM+iYhy03nBSxB2bdL+FXPdIu5r+OYzRjSuNx9xMegbVjKW9/baFDaap
ykZ+ZoMVmOcsZM6+BR6UkNiydQdBfWoTuWKb2zwLeHOXIhAxMyn5D3vtMceLvCoL
kUY1t7SCbaLCCIBvwdxw6m73ZgV5YBZ67AGWjxaCvdAUkU+D1CQiys3P4O706R1C
lipTlj+ZuLydPEbCJnnNw9BG8v1jwLsUkv3HMPO93JXU5DCTU5NV+D9UKDIc1BvR
ZnLqhIq/XDeW/g==
-----END CERTIFICATE-----