Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
File:                     pgkmXYlPp5_NZUL6zAujiXOMhFk.mft (raw, json)
Hash identifier:          mw6M08shF0+IC20t7XL9TYPWKwASo49jkoCgCKzfR1I=
Subject key identifier:   C2:39:B4:A0:F3:B4:56:37:C2:EF:BF:D6:45:B6:06:56:36:E2:E7:2A
Authority key identifier: A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59
Certificate issuer:       /CN=a609265d894fa79fcd6542facc0ba389738c8459
Certificate serial:       01935689F897E18D234FB5F04DFDE44D96F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
Manifest number:          0689
Signing time:             Sat 23 Nov 2024 01:01:42 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:42 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:42 +0000
Files and hashes:         1: pgkmXYlPp5_NZUL6zAujiXOMhFk.crl (hash: gcEJMgoXLAFRNg+g1nlf8ZLPxTQbrTbxwhx0CkY2Q0o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:f8:97:e1:8d:23:4f:b5:f0:4d:fd:e4:4d:96:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a609265d894fa79fcd6542facc0ba389738c8459
        Validity
            Not Before: Nov 23 01:01:42 2024 GMT
            Not After : Nov 24 01:01:42 2024 GMT
        Subject: CN=c239b4a0f3b45637c2efbfd645b6065636e2e72a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:a9:40:8e:b9:89:31:5c:22:6d:08:25:6b:26:
                    e2:d5:0c:dd:b5:0d:3d:54:66:b2:b2:8e:f3:d5:2f:
                    76:47:74:db:2b:cc:0c:bd:47:ba:69:be:10:04:21:
                    ca:1d:ed:c1:b5:7b:f4:ce:0a:fc:32:51:89:ee:64:
                    1c:b2:1a:f3:1a:b9:15:cd:3c:e7:32:38:aa:51:80:
                    38:5f:c0:2c:70:c0:f4:97:4c:23:9a:72:0d:22:31:
                    92:91:11:70:a8:ab:57:0f:c2:6c:27:03:e7:16:a4:
                    3b:9f:1f:a5:06:26:17:a4:55:b5:22:54:5b:46:06:
                    3a:29:5e:14:f4:bc:cc:26:77:f9:a0:35:ab:5a:e6:
                    21:89:88:76:f8:8f:cc:8f:be:41:38:3c:ff:f4:46:
                    a6:a7:34:e3:c5:de:a9:e9:62:b3:55:39:1c:0a:2c:
                    de:30:a2:27:2f:ca:63:86:e2:e0:6a:48:bf:50:3d:
                    e3:01:6d:fd:79:82:b0:a0:ed:0a:07:bd:80:31:75:
                    2c:43:6c:6f:02:aa:5f:49:45:2a:4d:c6:45:80:6c:
                    1c:cb:ae:88:42:f4:fd:d1:3f:de:39:46:1e:4c:60:
                    27:00:15:2c:b2:72:04:78:a9:e5:a8:61:cd:65:a2:
                    4f:88:22:9a:46:e4:48:1f:03:17:92:4a:d3:e8:10:
                    60:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:39:B4:A0:F3:B4:56:37:C2:EF:BF:D6:45:B6:06:56:36:E2:E7:2A
            X509v3 Authority Key Identifier:
                keyid:A6:09:26:5D:89:4F:A7:9F:CD:65:42:FA:CC:0B:A3:89:73:8C:84:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgkmXYlPp5_NZUL6zAujiXOMhFk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/730d4d-d4ab-4279-b225-6dc0da1f5dee/1/pgkmXYlPp5_NZUL6zAujiXOMhFk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:0d:36:76:4e:ab:5e:9b:f9:cd:a1:32:c8:17:c0:76:e2:57:
         01:e0:be:f1:26:3d:13:de:00:2a:ef:6f:e6:b0:e6:f8:1e:dd:
         d1:8f:7f:b6:eb:65:f4:74:b7:3e:ba:38:f1:13:86:6f:7b:46:
         a4:df:35:45:78:90:5d:82:c7:4b:b7:55:f8:4c:b8:24:85:a2:
         6e:58:f6:35:f3:34:05:dc:3c:28:d2:17:34:f6:a9:f4:29:e5:
         e0:c4:e6:2f:e5:22:84:a5:10:d4:d4:98:3a:98:23:ed:54:cd:
         7c:d7:e2:8b:f9:44:a3:3b:c3:4e:b4:f0:d0:7e:2b:e0:8f:30:
         b1:e2:66:c1:86:2b:19:56:1f:0f:b1:d0:b0:b5:a4:3b:3c:b7:
         38:9a:a2:3d:22:65:06:12:90:fa:a2:fd:99:5e:a6:c3:82:91:
         db:e1:94:04:b2:05:ec:61:71:44:d3:86:5a:df:13:a6:d8:65:
         91:e2:03:b3:b7:53:b2:b9:22:e0:10:7c:bd:e1:37:57:d5:73:
         9a:e1:74:32:bf:88:0f:8e:1b:a7:6c:c3:5b:56:b8:d4:9d:2e:
         bf:17:8a:21:a3:e2:fa:96:1a:41:13:6c:d2:92:a2:61:55:e6:
         bd:96:c1:9e:05:3c:2d:41:61:d4:94:d4:cc:86:37:77:10:13:
         d4:53:f2:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWifiX4Y0jT7XwTf3kTZb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MDkyNjVkODk0ZmE3OWZjZDY1NDJmYWNjMGJhMzg5NzM4
Yzg0NTkwHhcNMjQxMTIzMDEwMTQyWhcNMjQxMTI0MDEwMTQyWjAzMTEwLwYDVQQD
EyhjMjM5YjRhMGYzYjQ1NjM3YzJlZmJmZDY0NWI2MDY1NjM2ZTJlNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmalAjrmJMVwibQglaybi1QzdtQ09
VGayso7z1S92R3TbK8wMvUe6ab4QBCHKHe3BtXv0zgr8MlGJ7mQcshrzGrkVzTzn
MjiqUYA4X8AscMD0l0wjmnINIjGSkRFwqKtXD8JsJwPnFqQ7nx+lBiYXpFW1IlRb
RgY6KV4U9LzMJnf5oDWrWuYhiYh2+I/Mj75BODz/9EampzTjxd6p6WKzVTkcCize
MKInL8pjhuLgaki/UD3jAW39eYKwoO0KB72AMXUsQ2xvAqpfSUUqTcZFgGwcy66I
QvT90T/eOUYeTGAnABUssnIEeKnlqGHNZaJPiCKaRuRIHwMXkkrT6BBgHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMI5tKDztFY3wu+/1kW2BlY24ucqMB8GA1UdIwQY
MBaAFKYJJl2JT6efzWVC+swLo4lzjIRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUt
NmRjMGRhMWY1ZGVlLzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS83MzBkNGQtZDRhYi00Mjc5LWIyMjUtNmRjMGRhMWY1ZGVl
LzEvcGdrbVhZbFBwNV9OWlVMNnpBdWppWE9NaEZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfQ02dk6r
Xpv5zaEyyBfAduJXAeC+8SY9E94AKu9v5rDm+B7d0Y9/tutl9HS3Pro48ROGb3tG
pN81RXiQXYLHS7dV+Ey4JIWiblj2NfM0Bdw8KNIXNPap9Cnl4MTmL+UihKUQ1NSY
Opgj7VTNfNfii/lEozvDTrTw0H4r4I8wseJmwYYrGVYfD7HQsLWkOzy3OJqiPSJl
BhKQ+qL9mV6mw4KR2+GUBLIF7GFxRNOGWt8TpthlkeIDs7dTsrki4BB8veE3V9Vz
muF0Mr+ID44bp2zDW1a41J0uvxeKIaPi+pYaQRNs0pKiYVXmvZbBngU8LUFh1JTU
zIY3dxAT1FPyWg==
-----END CERTIFICATE-----