Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
File:                     Y-ftmpXgsiN2kMdL_njP7eLETnw.mft (raw, json)
Hash identifier:          7/ffUk2fpdTuCQtvQF/c3//4JIoTrAXcofIGZ9hanZ8=
Subject key identifier:   EB:60:DF:C6:5E:BB:2C:C4:26:30:B9:BD:2D:A5:24:13:05:AF:E4:0F
Authority key identifier: 63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C
Certificate issuer:       /CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
Certificate serial:       0193568A4D614F797CA19B9FE738DFA97085
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
Manifest number:          06C7
Signing time:             Sat 23 Nov 2024 01:02:04 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:04 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:04 +0000
Files and hashes:         1: Y-ftmpXgsiN2kMdL_njP7eLETnw.crl (hash: 4Ty4BXumi56ODGGzKEioBaa06x+gIJLKkmKVvaUO07A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:4d:61:4f:79:7c:a1:9b:9f:e7:38:df:a9:70:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e7ed9a95e0b2237690c74bfe78cfede2c44e7c
        Validity
            Not Before: Nov 23 01:02:04 2024 GMT
            Not After : Nov 24 01:02:04 2024 GMT
        Subject: CN=eb60dfc65ebb2cc42630b9bd2da5241305afe40f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1d:78:8c:1b:1e:40:92:8e:08:49:22:3e:06:
                    a1:2b:6b:8e:3a:00:e6:73:f4:cd:82:4f:43:59:43:
                    22:65:5d:3f:2c:00:e5:69:cd:2e:a0:2c:36:88:ee:
                    30:a9:dc:7f:fa:c0:04:9e:5d:83:b6:23:fa:ca:c9:
                    32:9d:cc:82:98:c7:21:0a:64:79:33:ca:e7:08:73:
                    25:e7:e8:0b:24:e8:4a:ea:28:f2:c7:1a:88:f1:07:
                    69:a5:c4:ad:7b:7e:82:af:93:28:c8:58:b0:8b:06:
                    03:82:91:74:74:ea:50:b7:0d:56:c7:09:ce:d8:cc:
                    32:b6:70:9d:bb:5e:68:59:da:f3:41:b7:1c:3e:8d:
                    f4:24:e8:a9:98:92:fb:f9:72:75:98:e1:a0:8f:e4:
                    58:f0:a7:b4:c0:14:68:06:02:97:c8:2f:34:f1:ab:
                    80:b5:d4:34:87:ea:21:22:ad:c2:ba:7a:b6:5e:a1:
                    7e:1b:aa:51:33:ab:dc:18:2c:70:8c:85:96:e2:d8:
                    17:e0:06:e5:56:b8:cc:d1:55:85:db:bb:cf:44:36:
                    7e:8d:94:f0:31:ac:f3:40:a0:6a:b9:11:26:3e:77:
                    8c:83:c8:bc:7c:a3:04:da:57:5e:e7:fb:bc:25:a7:
                    3a:1f:d9:bc:d4:e4:23:78:00:86:0e:b2:52:50:e3:
                    ff:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:60:DF:C6:5E:BB:2C:C4:26:30:B9:BD:2D:A5:24:13:05:AF:E4:0F
            X509v3 Authority Key Identifier:
                keyid:63:E7:ED:9A:95:E0:B2:23:76:90:C7:4B:FE:78:CF:ED:E2:C4:4E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-ftmpXgsiN2kMdL_njP7eLETnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f0c914-e83f-493a-8b07-19b2d41bea79/1/Y-ftmpXgsiN2kMdL_njP7eLETnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         23:9f:b2:3c:14:44:c0:16:ad:97:46:00:ff:44:39:09:08:4a:
         fe:21:13:62:01:19:b0:f5:0a:14:43:67:b1:d8:c4:9f:bd:74:
         28:74:6f:07:89:0b:5d:38:40:9d:ae:88:86:cf:a4:e3:96:35:
         62:2c:14:dc:bd:f6:a3:63:aa:e6:51:02:c5:c3:b5:12:fc:7b:
         e2:30:25:ef:a6:bb:7d:e3:c3:43:60:cd:af:1d:d6:3f:2f:c9:
         15:66:e7:10:d7:4b:83:86:e5:16:c9:a2:34:15:af:cc:54:e6:
         15:96:b1:f5:ac:b9:ce:79:f7:da:00:5e:91:85:f3:96:49:fc:
         b2:03:b3:06:e8:d4:86:5d:b9:c4:44:cd:ac:45:9f:34:a4:ab:
         89:ae:e3:25:21:78:ee:7c:6d:1d:17:69:47:cc:5d:9c:09:c9:
         08:33:48:44:02:bf:77:9c:1e:b4:7a:31:2b:58:c1:4c:98:99:
         4a:bf:40:1b:32:51:ec:95:83:23:c2:c6:38:12:eb:9d:92:e1:
         3c:69:7e:f9:db:a1:93:75:fa:f7:8a:7c:3a:96:db:99:38:87:
         be:37:80:32:d8:d6:32:8f:85:73:c6:e9:34:31:60:3a:cb:9a:
         da:43:1f:b1:5b:d8:f0:d6:ab:32:9c:b2:68:6d:b9:27:f3:09:
         61:c9:a7:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWik1hT3l8oZuf5zjfqXCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTdlZDlhOTVlMGIyMjM3NjkwYzc0YmZlNzhjZmVkZTJj
NDRlN2MwHhcNMjQxMTIzMDEwMjA0WhcNMjQxMTI0MDEwMjA0WjAzMTEwLwYDVQQD
EyhlYjYwZGZjNjVlYmIyY2M0MjYzMGI5YmQyZGE1MjQxMzA1YWZlNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB14jBseQJKOCEkiPgahK2uOOgDm
c/TNgk9DWUMiZV0/LADlac0uoCw2iO4wqdx/+sAEnl2DtiP6yskyncyCmMchCmR5
M8rnCHMl5+gLJOhK6ijyxxqI8QdppcSte36Cr5MoyFiwiwYDgpF0dOpQtw1WxwnO
2MwytnCdu15oWdrzQbccPo30JOipmJL7+XJ1mOGgj+RY8Ke0wBRoBgKXyC808auA
tdQ0h+ohIq3Cunq2XqF+G6pRM6vcGCxwjIWW4tgX4AblVrjM0VWF27vPRDZ+jZTw
MazzQKBquREmPneMg8i8fKME2lde5/u8Jac6H9m81OQjeACGDrJSUOP/CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtg38ZeuyzEJjC5vS2lJBMFr+QPMB8GA1UdIwQY
MBaAFGPn7ZqV4LIjdpDHS/54z+3ixE58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDct
MTliMmQ0MWJlYTc5LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMGM5MTQtZTgzZi00OTNhLThiMDctMTliMmQ0MWJlYTc5
LzEvWS1mdG1wWGdzaU4ya01kTF9ualA3ZUxFVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI5+yPBRE
wBatl0YA/0Q5CQhK/iETYgEZsPUKFENnsdjEn710KHRvB4kLXThAna6Ihs+k45Y1
YiwU3L32o2Oq5lECxcO1Evx74jAl76a7fePDQ2DNrx3WPy/JFWbnENdLg4blFsmi
NBWvzFTmFZax9ay5znn32gBekYXzlkn8sgOzBujUhl25xETNrEWfNKSria7jJSF4
7nxtHRdpR8xdnAnJCDNIRAK/d5wetHoxK1jBTJiZSr9AGzJR7JWDI8LGOBLrnZLh
PGl++duhk3X694p8OpbbmTiHvjeAMtjWMo+Fc8bpNDFgOsua2kMfsVvY8NarMpyy
aG25J/MJYcmnHA==
-----END CERTIFICATE-----