Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
File:                     _4MmzOvF_DL70ONP7n85u6iPuaI.mft (raw, json)
Hash identifier:          t+KYeX0rXt/b4tAKfTjjyF98v+hm0Bb3ZpExzdyyMPA=
Subject key identifier:   6E:25:D5:C1:6C:90:54:DA:82:11:60:3E:EC:65:AD:60:ED:FC:FF:B8
Authority key identifier: FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2
Certificate issuer:       /CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
Certificate serial:       01935576A5CD37947ED30E2CA14AC5D4A7AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
Manifest number:          0EF0
Signing time:             Fri 22 Nov 2024 20:00:59 +0000
Manifest this update:     Fri 22 Nov 2024 20:00:59 +0000
Manifest next update:     Sat 23 Nov 2024 20:00:59 +0000
Files and hashes:         1: _4MmzOvF_DL70ONP7n85u6iPuaI.crl (hash: HROdx7KnWBUosxNJIp6LesYOaxMOEbLf+aX4A0X8ENo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 20:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:55:76:a5:cd:37:94:7e:d3:0e:2c:a1:4a:c5:d4:a7:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
        Validity
            Not Before: Nov 22 20:00:59 2024 GMT
            Not After : Nov 23 20:00:59 2024 GMT
        Subject: CN=6e25d5c16c9054da8211603eec65ad60edfcffb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:fb:5a:82:41:4b:89:bf:ce:6f:03:af:0e:20:
                    6e:73:12:1e:74:bb:71:9d:42:61:1b:d7:a2:12:a2:
                    ef:b4:53:bb:35:d6:76:00:f6:b1:e3:65:82:b8:d0:
                    37:59:d8:06:b3:79:95:26:5a:e1:de:3f:23:26:5d:
                    74:35:b2:53:ed:c6:6c:04:e1:ca:59:59:be:22:b9:
                    9e:18:39:b9:43:7d:58:c4:2a:fc:7c:2d:08:d1:90:
                    ca:62:17:04:f0:72:f0:97:44:e0:37:c9:d6:f4:7a:
                    32:16:3b:a6:91:55:80:80:81:98:c9:aa:53:04:f9:
                    f8:51:ca:d3:2f:de:98:bb:80:66:a1:a8:f7:a7:bb:
                    62:8f:1a:48:1e:72:5c:1c:de:1d:6e:ca:35:5b:db:
                    94:f5:b7:a8:30:e3:42:49:74:92:06:77:a5:90:38:
                    a0:cb:8d:10:fa:84:09:ee:1f:de:d3:5c:31:1c:98:
                    a0:96:78:ce:6f:9f:1e:89:99:31:c2:a8:72:81:ea:
                    97:f8:77:3b:fa:82:d1:83:f8:a8:46:12:58:a7:2a:
                    ca:5d:9e:a4:48:ed:94:0f:13:a6:51:c9:c3:a1:91:
                    a9:e5:fe:3b:1a:43:57:c8:88:28:32:47:79:2f:13:
                    90:a5:a9:88:da:53:52:04:02:3e:27:00:8a:bb:cb:
                    0e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:25:D5:C1:6C:90:54:DA:82:11:60:3E:EC:65:AD:60:ED:FC:FF:B8
            X509v3 Authority Key Identifier:
                keyid:FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:1d:d5:55:8f:46:81:b7:a3:a0:6c:6e:3c:33:20:06:26:7d:
         3f:a6:56:78:16:14:d6:db:10:03:c3:2f:9d:75:e7:b9:50:a6:
         2c:a8:0d:28:b7:37:b2:fb:84:08:a8:a9:46:e3:73:a0:db:6a:
         50:cf:fc:e9:68:db:da:5f:0f:b9:c9:46:16:27:43:5a:fe:26:
         04:07:7a:81:76:fa:6f:c3:78:b4:5f:e3:4a:89:28:60:a9:cd:
         3f:d3:f2:96:c9:78:2b:70:ab:6a:e4:69:f7:e8:89:d0:cf:13:
         34:3d:87:f3:f4:ea:51:ad:22:d4:af:cd:cc:e4:ec:ff:4f:cd:
         05:66:e7:6d:90:8d:ee:a2:cd:ba:53:28:ae:30:f9:13:97:53:
         5a:73:d9:0f:c2:26:e3:b3:bb:c5:c7:79:79:e9:94:62:bd:17:
         09:33:d9:de:c1:68:38:3d:81:71:09:5a:72:ab:ac:c0:af:e4:
         1f:1a:8a:07:e0:45:38:de:37:2e:8e:62:b3:97:d2:f1:16:74:
         50:77:7f:0b:00:2d:02:55:14:cd:30:36:6b:fc:21:0b:9b:58:
         45:19:dc:b8:c7:46:9e:ed:ed:fc:a0:93:98:5d:16:c7:89:8c:
         17:f7:bf:af:a8:4b:ef:ea:2a:2f:0b:87:2e:9f:7a:af:64:a4:
         a5:c5:38:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNVdqXNN5R+0w4soUrF1KesMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODMyNmNjZWJjNWZjMzJmYmQwZTM0ZmVlN2YzOWJiYTg4
ZmI5YTIwHhcNMjQxMTIyMjAwMDU5WhcNMjQxMTIzMjAwMDU5WjAzMTEwLwYDVQQD
Eyg2ZTI1ZDVjMTZjOTA1NGRhODIxMTYwM2VlYzY1YWQ2MGVkZmNmZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPtagkFLib/ObwOvDiBucxIedLtx
nUJhG9eiEqLvtFO7NdZ2APax42WCuNA3WdgGs3mVJlrh3j8jJl10NbJT7cZsBOHK
WVm+IrmeGDm5Q31YxCr8fC0I0ZDKYhcE8HLwl0TgN8nW9HoyFjumkVWAgIGYyapT
BPn4UcrTL96Yu4Bmoaj3p7tijxpIHnJcHN4dbso1W9uU9beoMONCSXSSBnelkDig
y40Q+oQJ7h/e01wxHJiglnjOb58eiZkxwqhygeqX+Hc7+oLRg/ioRhJYpyrKXZ6k
SO2UDxOmUcnDoZGp5f47GkNXyIgoMkd5LxOQpamI2lNSBAI+JwCKu8sOOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4l1cFskFTaghFgPuxlrWDt/P+4MB8GA1UdIwQY
MBaAFP+DJszrxfwy+9DjT+5/Obuoj7miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEt
OGIxMzQ0YjdkNWE2LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEtOGIxMzQ0YjdkNWE2
LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsR3VVY9G
gbejoGxuPDMgBiZ9P6ZWeBYU1tsQA8MvnXXnuVCmLKgNKLc3svuECKipRuNzoNtq
UM/86Wjb2l8PuclGFidDWv4mBAd6gXb6b8N4tF/jSokoYKnNP9Pylsl4K3CrauRp
9+iJ0M8TND2H8/TqUa0i1K/NzOTs/0/NBWbnbZCN7qLNulMorjD5E5dTWnPZD8Im
47O7xcd5eemUYr0XCTPZ3sFoOD2BcQlacquswK/kHxqKB+BFON43Lo5is5fS8RZ0
UHd/CwAtAlUUzTA2a/whC5tYRRncuMdGnu3t/KCTmF0Wx4mMF/e/r6hL7+oqLwuH
Lp96r2SkpcU4KA==
-----END CERTIFICATE-----