Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
File:                     Ad0iu63J75fJwaOGG21rTE3dhoc.mft (raw, json)
Hash identifier:          uCNuQf6Kfu1NxWXaLLCjDDEgxKpW1lQALWgBC8EGGKY=
Subject key identifier:   45:66:86:10:3B:69:97:89:42:4C:C0:D6:19:3F:D7:06:82:E2:EE:91
Authority key identifier: 01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87
Certificate issuer:       /CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
Certificate serial:       019356898A98E5F29563E51CB71242F4CFAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
Manifest number:          0D62
Signing time:             Sat 23 Nov 2024 01:01:14 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:14 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:14 +0000
Files and hashes:         1: Ad0iu63J75fJwaOGG21rTE3dhoc.crl (hash: +ylR41Cs1ONhsgJL+LXZKw1Ai7xWD6cfRGv0CJNVJW4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:8a:98:e5:f2:95:63:e5:1c:b7:12:42:f4:cf:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01dd22bbadc9ef97c9c1a3861b6d6b4c4ddd8687
        Validity
            Not Before: Nov 23 01:01:14 2024 GMT
            Not After : Nov 24 01:01:14 2024 GMT
        Subject: CN=456686103b699789424cc0d6193fd70682e2ee91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:53:c1:02:5b:d9:da:ca:17:6b:c6:4d:7e:78:
                    e8:fe:27:2b:55:45:e9:91:98:86:bf:6d:1e:62:69:
                    ed:28:36:a5:c3:3b:96:ab:8c:fd:f5:2b:03:56:8f:
                    aa:75:ae:1e:db:71:64:7a:06:54:87:63:48:59:6c:
                    fa:32:4c:6b:a4:d6:fa:2b:1b:20:ec:d7:83:1f:a3:
                    6c:b6:df:ce:a2:a7:ff:8e:73:da:2a:60:7e:12:4c:
                    fb:ba:35:27:c8:68:5f:32:f9:fd:5b:2a:99:b1:0b:
                    9a:e1:12:fc:a9:d7:5a:b3:58:83:fd:f6:03:01:a6:
                    dd:21:b5:bd:90:50:56:79:20:20:a1:15:09:6a:bb:
                    14:68:4e:3b:49:35:e8:01:5d:50:6a:2d:57:17:5e:
                    73:9d:d3:31:ff:5a:d0:d6:78:f8:67:94:b7:28:45:
                    02:23:8e:8d:c5:6e:1b:c3:f9:5e:ad:68:46:dd:35:
                    42:83:ae:2e:a9:41:23:91:bb:42:da:88:7b:4f:f0:
                    92:a1:36:ef:52:c7:63:fe:ab:44:92:56:2f:60:9a:
                    11:1a:e9:26:e3:2e:47:fd:be:73:de:f0:78:a1:1e:
                    de:16:f9:e4:03:77:05:47:27:77:6c:17:e4:11:4d:
                    da:33:a8:c8:c2:58:4d:b1:eb:ef:4e:c3:02:7d:78:
                    a2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:66:86:10:3B:69:97:89:42:4C:C0:D6:19:3F:D7:06:82:E2:EE:91
            X509v3 Authority Key Identifier:
                keyid:01:DD:22:BB:AD:C9:EF:97:C9:C1:A3:86:1B:6D:6B:4C:4D:DD:86:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ad0iu63J75fJwaOGG21rTE3dhoc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/857a83-6ed0-41c6-bdd6-707db2524e6b/1/Ad0iu63J75fJwaOGG21rTE3dhoc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:c0:e3:fd:8b:58:e9:33:18:48:9e:08:b8:89:39:6f:66:d4:
         3b:27:69:84:5c:48:8e:34:41:0c:64:c1:61:c3:5e:09:9b:7a:
         56:92:4d:f1:d1:06:13:79:c6:0e:92:33:21:34:3e:88:05:79:
         98:df:12:d6:96:78:5d:e6:23:00:d5:ce:bc:e1:89:94:cf:d1:
         e2:c6:75:a9:c6:8e:da:63:a6:aa:09:3d:0c:01:11:16:d5:0f:
         6d:d8:cc:81:21:22:47:06:c1:35:ff:4d:d9:b2:9c:04:88:78:
         5c:77:b4:24:87:c6:3e:ef:67:20:92:f6:e1:57:57:04:39:c8:
         7f:e9:ed:0e:27:8b:61:25:04:e8:9c:29:0b:90:5a:70:d6:f3:
         31:8f:62:80:4d:5f:31:63:b1:b1:4f:ab:46:51:7a:1e:d4:58:
         3c:67:43:64:cd:ca:e8:e6:b1:d6:7e:01:b2:42:3d:a9:24:40:
         c6:0c:36:f5:b1:f3:96:59:b9:58:ab:9b:22:37:81:6d:df:8a:
         d8:a4:69:e0:da:9e:13:a8:71:a1:46:79:c4:87:27:8c:f6:d0:
         6d:be:ad:61:2e:25:c8:15:de:2b:fb:93:67:95:54:5b:99:26:
         f3:fb:52:02:7c:2d:86:e3:a0:e2:2c:57:9f:70:6e:54:14:48:
         ff:31:cc:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiYqY5fKVY+UctxJC9M+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZGQyMmJiYWRjOWVmOTdjOWMxYTM4NjFiNmQ2YjRjNGRk
ZDg2ODcwHhcNMjQxMTIzMDEwMTE0WhcNMjQxMTI0MDEwMTE0WjAzMTEwLwYDVQQD
Eyg0NTY2ODYxMDNiNjk5Nzg5NDI0Y2MwZDYxOTNmZDcwNjgyZTJlZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FPBAlvZ2soXa8ZNfnjo/icrVUXp
kZiGv20eYmntKDalwzuWq4z99SsDVo+qda4e23FkegZUh2NIWWz6MkxrpNb6Kxsg
7NeDH6Nstt/Ooqf/jnPaKmB+Ekz7ujUnyGhfMvn9WyqZsQua4RL8qddas1iD/fYD
AabdIbW9kFBWeSAgoRUJarsUaE47STXoAV1Qai1XF15zndMx/1rQ1nj4Z5S3KEUC
I46NxW4bw/lerWhG3TVCg64uqUEjkbtC2oh7T/CSoTbvUsdj/qtEklYvYJoRGukm
4y5H/b5z3vB4oR7eFvnkA3cFRyd3bBfkEU3aM6jIwlhNsevvTsMCfXiiKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEVmhhA7aZeJQkzA1hk/1waC4u6RMB8GA1UdIwQY
MBaAFAHdIrutye+XycGjhhtta0xN3YaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYt
NzA3ZGIyNTI0ZTZiLzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NTdhODMtNmVkMC00MWM2LWJkZDYtNzA3ZGIyNTI0ZTZi
LzEvQWQwaXU2M0o3NWZKd2FPR0cyMXJURTNkaG9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasDj/YtY
6TMYSJ4IuIk5b2bUOydphFxIjjRBDGTBYcNeCZt6VpJN8dEGE3nGDpIzITQ+iAV5
mN8S1pZ4XeYjANXOvOGJlM/R4sZ1qcaO2mOmqgk9DAERFtUPbdjMgSEiRwbBNf9N
2bKcBIh4XHe0JIfGPu9nIJL24VdXBDnIf+ntDieLYSUE6JwpC5BacNbzMY9igE1f
MWOxsU+rRlF6HtRYPGdDZM3K6Oax1n4BskI9qSRAxgw29bHzllm5WKubIjeBbd+K
2KRp4NqeE6hxoUZ5xIcnjPbQbb6tYS4lyBXeK/uTZ5VUW5km8/tSAnwthuOg4ixX
n3BuVBRI/zHMHg==
-----END CERTIFICATE-----