Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
File:                     I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft (raw, json)
Hash identifier:          wmOM6tUraVKviSRWVhoE5p2h2acu0caQ8lfu4ryt2eg=
Subject key identifier:   1C:C9:81:B9:36:88:8E:A1:A3:D1:C1:46:94:64:C5:3A:37:4F:D4:72
Authority key identifier: 23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0
Certificate issuer:       /CN=23f91084058819889a4a8f32ea347759543134f0
Certificate serial:       01935508CEF4C1A1E7A99669B0C2DBC9CF93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
Manifest number:          136D
Signing time:             Fri 22 Nov 2024 18:01:00 +0000
Manifest this update:     Fri 22 Nov 2024 18:01:00 +0000
Manifest next update:     Sat 23 Nov 2024 18:01:00 +0000
Files and hashes:         1: I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl (hash: 4l4dYkswS+0N+tqyt/8dOgQj7qbbPK55ULAK65DK3MA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:08:ce:f4:c1:a1:e7:a9:96:69:b0:c2:db:c9:cf:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23f91084058819889a4a8f32ea347759543134f0
        Validity
            Not Before: Nov 22 18:01:00 2024 GMT
            Not After : Nov 23 18:01:00 2024 GMT
        Subject: CN=1cc981b936888ea1a3d1c1469464c53a374fd472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:bb:14:15:45:dc:9e:6c:af:64:33:33:6c:21:
                    9c:fc:c0:8a:7d:48:c2:3d:2e:2f:e1:19:31:f4:9c:
                    7d:9a:75:18:4d:73:b6:cc:b6:4c:16:48:94:92:b1:
                    ab:ee:dc:79:ee:b3:78:82:c9:48:56:6b:e6:ee:c3:
                    2e:b7:16:1c:03:11:62:f3:29:70:5e:73:26:3c:e6:
                    9c:67:19:07:3e:7c:9b:3c:42:2c:99:3c:61:4b:42:
                    af:0c:79:f2:37:fd:db:d5:ef:06:70:27:9f:c4:f6:
                    78:bb:af:ab:fe:5f:1b:32:8e:fe:30:b3:e6:07:56:
                    92:37:3a:f1:c9:55:7e:c7:f4:06:2b:11:1a:48:89:
                    50:dd:7e:eb:c2:6f:00:1d:83:49:9f:d5:be:ab:30:
                    47:0b:de:1a:8b:e1:55:27:96:5a:01:68:8b:29:50:
                    7c:51:17:9a:d8:64:4a:24:6f:2a:ea:2b:3f:a5:10:
                    e5:5f:d5:7c:6d:f8:36:11:26:c0:df:b9:e5:c4:6e:
                    17:83:e1:84:36:f9:a1:e4:c6:98:52:65:af:37:73:
                    54:c3:e3:11:b2:f5:a4:54:14:2f:01:e5:ec:44:c7:
                    da:1f:ec:37:a2:4b:13:65:78:3c:88:14:cd:5c:d3:
                    f8:17:2c:62:e8:e4:50:88:c4:2c:cd:f5:de:4e:a2:
                    16:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:C9:81:B9:36:88:8E:A1:A3:D1:C1:46:94:64:C5:3A:37:4F:D4:72
            X509v3 Authority Key Identifier:
                keyid:23:F9:10:84:05:88:19:88:9A:4A:8F:32:EA:34:77:59:54:31:34:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I_kQhAWIGYiaSo8y6jR3WVQxNPA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/205007-79c6-4852-8924-fdced45d2fec/1/I_kQhAWIGYiaSo8y6jR3WVQxNPA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:67:5a:57:41:f2:df:8c:ec:24:d6:11:42:37:8e:3d:91:71:
         02:b7:ba:16:9b:79:ba:8a:95:d8:b0:d1:33:f5:b3:53:33:01:
         8b:12:06:d4:f3:a3:1c:dd:37:d2:f3:f4:92:ac:1d:9d:c3:7e:
         be:92:b4:cc:60:ff:b9:7e:96:a0:8a:b5:0b:5a:7b:c3:a9:b7:
         14:2f:97:b4:be:33:83:ef:00:dc:b7:b4:79:43:14:f9:99:46:
         f3:12:98:19:8e:1a:2f:f4:90:13:6f:e9:e6:46:a3:7d:21:59:
         34:18:ce:1e:b3:62:f1:65:05:b0:19:24:ed:d2:51:ff:97:72:
         3e:10:9d:05:fa:68:7a:be:fc:c2:79:04:8e:d0:d3:73:c9:26:
         3b:19:9b:0b:c9:41:e7:b3:59:42:e7:8c:ed:ec:cb:84:2f:65:
         f0:b6:32:e4:f9:f5:64:a3:6b:1d:39:60:1a:00:7a:4d:85:de:
         f6:ed:01:3f:a4:32:74:7a:8d:b0:0d:9e:77:c6:89:dc:3c:27:
         57:a6:c4:b9:7c:c5:ab:87:f1:d1:8b:e8:c3:ff:f8:cd:bc:9a:
         72:40:9e:be:8b:a2:87:aa:5c:f8:18:db:79:ba:99:99:31:40:
         5c:f9:d9:cf:b1:0e:73:f1:6f:4b:f8:c0:14:5b:da:e4:93:af:
         6a:12:dc:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVCM70waHnqZZpsMLbyc+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZjkxMDg0MDU4ODE5ODg5YTRhOGYzMmVhMzQ3NzU5NTQz
MTM0ZjAwHhcNMjQxMTIyMTgwMTAwWhcNMjQxMTIzMTgwMTAwWjAzMTEwLwYDVQQD
EygxY2M5ODFiOTM2ODg4ZWExYTNkMWMxNDY5NDY0YzUzYTM3NGZkNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubsUFUXcnmyvZDMzbCGc/MCKfUjC
PS4v4Rkx9Jx9mnUYTXO2zLZMFkiUkrGr7tx57rN4gslIVmvm7sMutxYcAxFi8ylw
XnMmPOacZxkHPnybPEIsmTxhS0KvDHnyN/3b1e8GcCefxPZ4u6+r/l8bMo7+MLPm
B1aSNzrxyVV+x/QGKxEaSIlQ3X7rwm8AHYNJn9W+qzBHC94ai+FVJ5ZaAWiLKVB8
URea2GRKJG8q6is/pRDlX9V8bfg2ESbA37nlxG4Xg+GENvmh5MaYUmWvN3NUw+MR
svWkVBQvAeXsRMfaH+w3oksTZXg8iBTNXNP4Fyxi6ORQiMQszfXeTqIWYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBzJgbk2iI6ho9HBRpRkxTo3T9RyMB8GA1UdIwQY
MBaAFCP5EIQFiBmImkqPMuo0d1lUMTTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQt
ZmRjZWQ0NWQyZmVjLzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8yMDUwMDctNzljNi00ODUyLTg5MjQtZmRjZWQ0NWQyZmVj
LzEvSV9rUWhBV0lHWWlhU284eTZqUjNXVlF4TlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD2daV0Hy
34zsJNYRQjeOPZFxAre6Fpt5uoqV2LDRM/WzUzMBixIG1POjHN030vP0kqwdncN+
vpK0zGD/uX6WoIq1C1p7w6m3FC+XtL4zg+8A3Le0eUMU+ZlG8xKYGY4aL/SQE2/p
5kajfSFZNBjOHrNi8WUFsBkk7dJR/5dyPhCdBfpoer78wnkEjtDTc8kmOxmbC8lB
57NZQueM7ezLhC9l8LYy5Pn1ZKNrHTlgGgB6TYXe9u0BP6QydHqNsA2ed8aJ3Dwn
V6bEuXzFq4fx0Yvow//4zbyackCevouih6pc+BjbebqZmTFAXPnZz7EOc/FvS/jA
FFva5JOvahLc7Q==
-----END CERTIFICATE-----