Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
File:                     0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft (raw, json)
Hash identifier:          BsMYegWHacQYmxxSzFbhM3RzL5Z49lHEEpQu9S7y9tc=
Subject key identifier:   B7:16:49:1D:75:EC:6B:21:A7:01:9D:87:9D:C6:70:93:9B:D3:7C:AA
Authority key identifier: D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D
Certificate issuer:       /CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
Certificate serial:       0193591BEE5221D5EF35632BA7613F97083D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
Manifest number:          12AE
Signing time:             Sat 23 Nov 2024 13:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 13:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 13:00:22 +0000
Files and hashes:         1: 0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl (hash: WrtZq5tOz08+OO1bjM96CxHuvWYpjA/xORiHV5/xUiY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:59:1b:ee:52:21:d5:ef:35:63:2b:a7:61:3f:97:08:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d00bd4d5682ce608e27cbe221a2677ecb507497d
        Validity
            Not Before: Nov 23 13:00:22 2024 GMT
            Not After : Nov 24 13:00:22 2024 GMT
        Subject: CN=b716491d75ec6b21a7019d879dc670939bd37caa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:8f:41:83:7a:88:2d:c8:f0:b2:74:c3:3c:c7:
                    36:1e:c1:59:d4:15:9a:d2:fd:98:2c:5a:eb:0e:38:
                    4f:c6:f1:64:53:50:f2:f0:ea:8e:d8:a9:1a:a6:63:
                    f0:72:3a:31:86:f9:95:5c:ee:84:e5:88:a0:90:e7:
                    c2:f3:89:00:be:c6:de:5b:1b:27:bd:09:19:84:79:
                    01:51:5c:7a:86:ab:7e:be:63:ad:40:69:ed:27:e4:
                    90:8f:46:1d:d7:ab:d9:67:f5:66:48:fb:83:bc:83:
                    98:24:82:15:a1:10:cb:1e:5c:07:c5:bb:f1:18:cc:
                    de:e9:d6:48:c1:c8:01:70:51:27:c8:b2:05:49:4b:
                    b3:b3:2e:c2:10:87:3d:cc:76:85:21:4d:49:06:a1:
                    bd:9b:87:97:60:4d:4e:f1:71:5b:5f:33:fe:46:02:
                    41:a8:5a:bf:52:28:0e:6e:9a:85:c9:22:13:12:86:
                    95:62:ef:26:60:54:58:b5:e4:b3:13:8a:62:46:67:
                    24:15:94:ba:1d:2c:7f:06:27:41:cb:79:6f:1d:4c:
                    81:2f:52:10:ad:35:c1:21:68:95:e0:5c:be:c6:15:
                    8c:2c:06:27:41:25:2f:b3:1f:96:a4:72:5e:12:30:
                    19:a6:b8:2e:ac:77:02:9a:2f:db:b3:2b:65:dc:d5:
                    3c:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:16:49:1D:75:EC:6B:21:A7:01:9D:87:9D:C6:70:93:9B:D3:7C:AA
            X509v3 Authority Key Identifier:
                keyid:D0:0B:D4:D5:68:2C:E6:08:E2:7C:BE:22:1A:26:77:EC:B5:07:49:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AvU1Wgs5gjifL4iGiZ37LUHSX0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/299522-932c-487a-af3d-eb9300672ae4/1/0AvU1Wgs5gjifL4iGiZ37LUHSX0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:eb:39:e6:e9:c2:0f:7e:44:50:d4:e2:e9:98:eb:cd:09:a9:
         b3:ff:34:77:87:ac:59:dd:c0:fb:91:4a:e6:1f:21:93:62:56:
         4f:6f:c2:26:69:29:09:41:51:c8:e9:38:9a:ca:1a:c9:95:43:
         f4:63:ce:57:fb:62:f8:77:4e:d9:27:45:85:b9:e7:fa:3f:ed:
         1b:2e:32:bd:65:66:45:57:70:10:9e:81:05:d5:2c:ad:a2:b2:
         c1:51:9b:cb:44:a7:21:9d:f5:7e:c7:3f:78:3c:85:01:97:b2:
         62:9b:7b:fb:1a:35:d0:4d:df:3b:41:49:67:cd:42:a2:23:ff:
         f1:87:f9:9d:c3:80:e9:6a:ea:ea:50:50:bd:b5:1a:b2:4a:36:
         8a:49:8c:1e:f4:f5:6b:e1:e2:17:44:b6:fa:54:48:0f:4f:97:
         2a:40:67:f7:e5:3a:45:98:66:6f:af:0f:16:27:2f:fb:c2:58:
         03:4b:62:27:af:67:75:a3:51:30:e5:c0:89:88:57:e6:42:02:
         41:72:04:70:a4:85:89:7e:d7:e2:64:5f:5b:c9:ad:f8:f5:4d:
         46:45:c1:f5:42:4b:9d:3f:8a:e2:c4:f8:b9:65:97:66:62:4f:
         03:f8:14:3e:72:75:df:aa:69:2b:08:cd:d4:25:6b:18:ea:5f:
         13:ed:e4:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNZG+5SIdXvNWMrp2E/lwg9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGJkNGQ1NjgyY2U2MDhlMjdjYmUyMjFhMjY3N2VjYjUw
NzQ5N2QwHhcNMjQxMTIzMTMwMDIyWhcNMjQxMTI0MTMwMDIyWjAzMTEwLwYDVQQD
EyhiNzE2NDkxZDc1ZWM2YjIxYTcwMTlkODc5ZGM2NzA5MzliZDM3Y2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY9Bg3qILcjwsnTDPMc2HsFZ1BWa
0v2YLFrrDjhPxvFkU1Dy8OqO2KkapmPwcjoxhvmVXO6E5YigkOfC84kAvsbeWxsn
vQkZhHkBUVx6hqt+vmOtQGntJ+SQj0Yd16vZZ/VmSPuDvIOYJIIVoRDLHlwHxbvx
GMze6dZIwcgBcFEnyLIFSUuzsy7CEIc9zHaFIU1JBqG9m4eXYE1O8XFbXzP+RgJB
qFq/UigObpqFySITEoaVYu8mYFRYteSzE4piRmckFZS6HSx/BidBy3lvHUyBL1IQ
rTXBIWiV4Fy+xhWMLAYnQSUvsx+WpHJeEjAZprgurHcCmi/bsytl3NU82wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLcWSR117GshpwGdh53GcJOb03yqMB8GA1UdIwQY
MBaAFNAL1NVoLOYI4ny+Ihomd+y1B0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2Qt
ZWI5MzAwNjcyYWU0LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8yOTk1MjItOTMyYy00ODdhLWFmM2QtZWI5MzAwNjcyYWU0
LzEvMEF2VTFXZ3M1Z2ppZkw0aUdpWjM3TFVIU1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+s55unC
D35EUNTi6ZjrzQmps/80d4esWd3A+5FK5h8hk2JWT2/CJmkpCUFRyOk4msoayZVD
9GPOV/ti+HdO2SdFhbnn+j/tGy4yvWVmRVdwEJ6BBdUsraKywVGby0SnIZ31fsc/
eDyFAZeyYpt7+xo10E3fO0FJZ81CoiP/8Yf5ncOA6Wrq6lBQvbUasko2ikmMHvT1
a+HiF0S2+lRID0+XKkBn9+U6RZhmb68PFicv+8JYA0tiJ69ndaNRMOXAiYhX5kIC
QXIEcKSFiX7X4mRfW8mt+PVNRkXB9UJLnT+K4sT4uWWXZmJPA/gUPnJ136ppKwjN
1CVrGOpfE+3kRQ==
-----END CERTIFICATE-----