Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
File:                     cUt8OIAz4WI_xti-t69cOUJRkds.mft (raw, json)
Hash identifier:          4huX/nRlV7roKmLEjXTAVfmPJNuim2IGG+7Kj3uJb6Q=
Subject key identifier:   E6:B7:2D:BA:C3:22:3E:92:E3:95:80:AB:00:8A:FE:D7:DC:DF:31:6A
Authority key identifier: 71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB
Certificate issuer:       /CN=714b7c388033e1623fc6d8beb7af5c39425191db
Certificate serial:       019369D940E57E6E463A4CFC96B02D199CB4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
Manifest number:          0532
Signing time:             Tue 26 Nov 2024 19:01:05 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:05 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:05 +0000
Files and hashes:         1: cUt8OIAz4WI_xti-t69cOUJRkds.crl (hash: N7tvxaOYpF+tdyfvqf0FSHQYEsNWZijs7hhzv2HIJxs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:40:e5:7e:6e:46:3a:4c:fc:96:b0:2d:19:9c:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=714b7c388033e1623fc6d8beb7af5c39425191db
        Validity
            Not Before: Nov 26 19:01:05 2024 GMT
            Not After : Nov 27 19:01:05 2024 GMT
        Subject: CN=e6b72dbac3223e92e39580ab008afed7dcdf316a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7b:7b:ab:a0:f9:20:7b:6c:de:59:bc:0c:a5:
                    d7:f7:ae:54:b2:a8:97:f8:c5:47:e3:3c:7d:cd:8c:
                    94:55:23:c6:ed:df:f2:28:72:0a:3d:56:d7:8c:a1:
                    a6:98:7b:1e:db:74:e7:ca:4e:a5:d6:60:2d:85:b2:
                    e1:e6:17:d6:3b:4f:18:61:4f:36:2c:59:41:17:10:
                    06:ca:45:6e:f3:96:04:54:34:b6:71:ec:95:65:b3:
                    0a:68:d7:87:20:70:8d:0e:74:13:8d:4e:e5:1d:4c:
                    35:72:b5:44:cd:c0:43:25:13:93:74:b5:74:23:81:
                    0e:ad:cb:9a:98:ae:fd:8c:4a:67:d5:84:ab:ef:7d:
                    e8:1b:44:d7:c6:a2:ce:87:fd:fd:02:b2:b4:db:3f:
                    95:2f:b8:16:bd:71:85:b3:e0:fa:6c:99:4f:64:15:
                    32:02:4d:65:eb:d6:4c:1f:60:6c:2b:0b:99:88:e4:
                    f8:be:b3:1f:96:b1:0f:45:15:e7:d7:d0:2c:e0:34:
                    db:7e:9f:6a:d3:1b:44:c6:1b:02:5a:41:79:72:49:
                    c0:ad:3f:20:83:70:31:d9:19:d0:a3:ad:3a:5f:b8:
                    7b:d9:f7:42:3a:a1:20:e3:b1:c1:a2:b2:be:46:bb:
                    16:46:8e:cb:43:1c:20:1d:40:0f:e0:c8:aa:26:2b:
                    1f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:B7:2D:BA:C3:22:3E:92:E3:95:80:AB:00:8A:FE:D7:DC:DF:31:6A
            X509v3 Authority Key Identifier:
                keyid:71:4B:7C:38:80:33:E1:62:3F:C6:D8:BE:B7:AF:5C:39:42:51:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cUt8OIAz4WI_xti-t69cOUJRkds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e0564d-9453-4dc2-aca2-a038be15b97b/1/cUt8OIAz4WI_xti-t69cOUJRkds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:ec:3c:72:66:ee:a1:d5:37:71:a9:22:a8:46:46:47:ad:1f:
         c6:f1:19:0c:b3:32:ec:d3:82:c0:14:7f:8b:3a:99:70:7b:65:
         b3:79:77:e7:b7:a1:d2:a1:61:e3:f3:60:23:85:1f:93:d7:e2:
         a5:ad:86:72:19:ae:e0:fa:b1:75:b8:d6:f1:c6:6f:ef:e6:2b:
         f2:6c:14:ae:08:ee:88:e9:54:c0:81:9b:1d:8b:5c:8b:57:5f:
         c4:c1:ce:92:c9:ca:35:5a:2b:63:d0:14:b4:56:65:d8:d4:e0:
         02:e5:6b:74:04:e9:d9:ce:78:07:01:d8:67:74:b1:f6:77:7b:
         59:4e:4b:10:3f:ed:a5:80:a3:14:c6:e4:24:9c:7e:50:18:d6:
         16:30:e4:98:e0:57:2b:f9:f9:1e:26:b6:84:ab:1f:a2:c3:06:
         43:6d:9e:b7:43:ab:13:35:54:8a:a1:c1:bc:e1:6c:ed:f8:c4:
         82:27:74:0d:b9:11:96:7c:c0:5d:e1:0d:2b:48:81:84:17:5d:
         3f:e3:95:6d:c3:dc:83:0e:d9:cf:30:56:3c:df:ba:ae:93:cf:
         27:fb:50:47:f1:b7:8d:f4:fe:32:ef:f4:0b:74:49:de:b0:9e:
         3d:f1:19:ea:a4:81:86:2f:34:77:ed:70:ee:25:a6:d4:23:17:
         4d:52:7b:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2UDlfm5GOkz8lrAtGZy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNGI3YzM4ODAzM2UxNjIzZmM2ZDhiZWI3YWY1YzM5NDI1
MTkxZGIwHhcNMjQxMTI2MTkwMTA1WhcNMjQxMTI3MTkwMTA1WjAzMTEwLwYDVQQD
EyhlNmI3MmRiYWMzMjIzZTkyZTM5NTgwYWIwMDhhZmVkN2RjZGYzMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3t7q6D5IHts3lm8DKXX965UsqiX
+MVH4zx9zYyUVSPG7d/yKHIKPVbXjKGmmHse23Tnyk6l1mAthbLh5hfWO08YYU82
LFlBFxAGykVu85YEVDS2ceyVZbMKaNeHIHCNDnQTjU7lHUw1crVEzcBDJROTdLV0
I4EOrcuamK79jEpn1YSr733oG0TXxqLOh/39ArK02z+VL7gWvXGFs+D6bJlPZBUy
Ak1l69ZMH2BsKwuZiOT4vrMflrEPRRXn19As4DTbfp9q0xtExhsCWkF5cknArT8g
g3Ax2RnQo606X7h72fdCOqEg47HBorK+RrsWRo7LQxwgHUAP4MiqJisfbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOa3LbrDIj6S45WAqwCK/tfc3zFqMB8GA1UdIwQY
MBaAFHFLfDiAM+FiP8bYvrevXDlCUZHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTIt
YTAzOGJlMTViOTdiLzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMDU2NGQtOTQ1My00ZGMyLWFjYTItYTAzOGJlMTViOTdi
LzEvY1V0OE9JQXo0V0lfeHRpLXQ2OWNPVUpSa2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd+w8cmbu
odU3cakiqEZGR60fxvEZDLMy7NOCwBR/izqZcHtls3l357eh0qFh4/NgI4Ufk9fi
pa2Gchmu4PqxdbjW8cZv7+Yr8mwUrgjuiOlUwIGbHYtci1dfxMHOksnKNVorY9AU
tFZl2NTgAuVrdATp2c54BwHYZ3Sx9nd7WU5LED/tpYCjFMbkJJx+UBjWFjDkmOBX
K/n5Hia2hKsfosMGQ22et0OrEzVUiqHBvOFs7fjEgid0DbkRlnzAXeENK0iBhBdd
P+OVbcPcgw7ZzzBWPN+6rpPPJ/tQR/G3jfT+Mu/0C3RJ3rCePfEZ6qSBhi80d+1w
7iWm1CMXTVJ7mg==
-----END CERTIFICATE-----