Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File:                     rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier:          JpfaymGUkIUazUe20YBi25zmAl/gYGtsNQP/djIiMu4=
Subject key identifier:   81:D6:B4:5B:FE:6B:59:93:ED:B5:99:1A:BA:C4:65:F6:19:F0:E9:E5
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer:       /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial:       01936A7D5B1E59946E7792E660B262609B88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number:          E2
Signing time:             Tue 26 Nov 2024 22:00:20 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:20 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:20 +0000
Files and hashes:         1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: BhRqZKf/sbofu1zx9tJ8ala/BGLX8n09s/4ZVFjutV4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:5b:1e:59:94:6e:77:92:e6:60:b2:62:60:9b:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
        Validity
            Not Before: Nov 26 22:00:20 2024 GMT
            Not After : Nov 27 22:00:20 2024 GMT
        Subject: CN=81d6b45bfe6b5993edb5991abac465f619f0e9e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a3:97:9e:18:a9:b4:f6:24:5d:95:00:85:43:
                    22:d3:11:dd:6d:76:88:6f:68:b5:b0:2d:29:ec:4c:
                    9e:02:7c:da:b8:41:51:53:a3:38:11:62:a5:7e:2c:
                    e5:45:6f:7b:91:65:7b:57:ac:41:b5:16:4d:f4:d6:
                    4a:56:0c:1a:83:a2:db:f4:f8:93:1f:70:d7:b1:f7:
                    e1:74:61:ba:2c:1b:4f:25:93:86:e0:34:10:55:eb:
                    bf:7c:fa:61:f9:ad:fb:e8:34:ee:08:d1:d5:2c:c5:
                    6c:a4:dc:06:f7:04:b3:77:1a:eb:fb:03:34:5e:34:
                    1d:79:23:a1:24:94:4d:f5:cd:f4:59:54:b8:a5:4d:
                    51:6d:15:27:12:96:4a:c6:9a:3d:ec:26:76:99:3a:
                    1b:2a:6d:84:b6:5a:1a:9d:fa:3f:6a:35:55:65:d6:
                    34:27:b7:e6:a9:1e:b0:40:f2:2f:f4:8b:3f:1b:ac:
                    e2:95:52:1f:6b:9b:80:d0:7c:4f:a2:13:89:ff:34:
                    8d:9b:9e:1e:57:52:1b:f1:04:13:34:bc:b4:71:1f:
                    77:28:32:a8:82:87:79:f6:49:35:34:f1:b1:3b:1a:
                    de:0b:54:79:d2:14:a0:de:9f:0d:98:c4:6b:94:d0:
                    19:7a:74:2c:aa:3b:9b:26:15:70:81:67:59:08:50:
                    46:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:D6:B4:5B:FE:6B:59:93:ED:B5:99:1A:BA:C4:65:F6:19:F0:E9:E5
            X509v3 Authority Key Identifier:
                keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:56:59:2a:7e:e4:de:7c:94:58:92:10:42:69:86:ec:92:a8:
         d6:b0:ce:5e:39:d6:64:23:37:f9:e7:72:dc:4f:38:d7:04:5d:
         3e:a7:f7:c5:a0:e4:ec:15:7b:eb:1b:d1:54:c8:51:5a:2d:e3:
         d7:5d:4b:3b:0d:06:82:e0:18:74:48:53:aa:23:ab:90:c8:35:
         c2:13:57:20:f1:9d:5e:89:d8:bf:fa:aa:e0:b6:a6:d7:97:36:
         b3:54:53:57:15:7f:22:42:60:2f:99:39:d4:c8:2d:23:7d:a1:
         84:ef:68:61:dc:6e:d0:8b:dc:6f:fc:eb:95:a9:4d:f7:cd:69:
         32:1c:89:42:0b:3b:cb:79:79:eb:54:43:3d:ef:8e:11:54:32:
         ad:d2:63:81:0c:82:1c:27:91:7e:c0:e5:68:80:b8:4f:cd:05:
         8a:74:64:30:0a:3f:44:83:60:3d:00:09:95:64:f4:a1:e9:90:
         8d:db:f0:67:04:95:30:48:f8:00:ee:cd:a5:40:fe:02:4b:01:
         7f:f1:3f:de:74:15:cf:60:c5:7d:2e:60:4e:37:0f:c3:98:67:
         2d:53:d2:fd:81:f8:5c:59:46:79:46:44:cc:f0:fe:18:f4:aa:
         7d:0c:4c:11:10:04:14:c5:db:f8:76:53:28:77:f6:35:17:cf:
         83:c6:f4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfVseWZRud5LmYLJiYJuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjQxMTI2MjIwMDIwWhcNMjQxMTI3MjIwMDIwWjAzMTEwLwYDVQQD
Eyg4MWQ2YjQ1YmZlNmI1OTkzZWRiNTk5MWFiYWM0NjVmNjE5ZjBlOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqOXnhiptPYkXZUAhUMi0xHdbXaI
b2i1sC0p7EyeAnzauEFRU6M4EWKlfizlRW97kWV7V6xBtRZN9NZKVgwag6Lb9PiT
H3DXsffhdGG6LBtPJZOG4DQQVeu/fPph+a376DTuCNHVLMVspNwG9wSzdxrr+wM0
XjQdeSOhJJRN9c30WVS4pU1RbRUnEpZKxpo97CZ2mTobKm2Etloanfo/ajVVZdY0
J7fmqR6wQPIv9Is/G6zilVIfa5uA0HxPohOJ/zSNm54eV1Ib8QQTNLy0cR93KDKo
god59kk1NPGxOxreC1R50hSg3p8NmMRrlNAZenQsqjubJhVwgWdZCFBGZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIHWtFv+a1mT7bWZGrrEZfYZ8OnlMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFZZKn7k
3nyUWJIQQmmG7JKo1rDOXjnWZCM3+edy3E841wRdPqf3xaDk7BV76xvRVMhRWi3j
111LOw0GguAYdEhTqiOrkMg1whNXIPGdXonYv/qq4Lam15c2s1RTVxV/IkJgL5k5
1MgtI32hhO9oYdxu0Ivcb/zrlalN981pMhyJQgs7y3l561RDPe+OEVQyrdJjgQyC
HCeRfsDlaIC4T80FinRkMAo/RINgPQAJlWT0oemQjdvwZwSVMEj4AO7NpUD+AksB
f/E/3nQVz2DFfS5gTjcPw5hnLVPS/YH4XFlGeUZEzPD+GPSqfQxMERAEFMXb+HZT
KHf2NRfPg8b0rQ==
-----END CERTIFICATE-----