Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
File:                     CUsU8URwOb33-d7l-ik4XB3OlZ0.mft (raw, json)
Hash identifier:          oHXv1itZqqV+1d0nZFkL35zXL16/t0mtDp/PAjmK64Q=
Subject key identifier:   80:3C:E0:45:3C:75:EB:F8:90:02:68:95:D6:5B:83:55:F2:80:C0:AD
Authority key identifier: 09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D
Certificate issuer:       /CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
Certificate serial:       019369D91CC58A6EFDE4B1B36923627FFD07
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
Manifest number:          130A
Signing time:             Tue 26 Nov 2024 19:00:56 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:56 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:56 +0000
Files and hashes:         1: CUsU8URwOb33-d7l-ik4XB3OlZ0.crl (hash: enxnIj4KaEUuWSN2j92GVc94WGwnHWPCfuZeOad+33s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:1c:c5:8a:6e:fd:e4:b1:b3:69:23:62:7f:fd:07
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=094b14f1447039bdf7f9dee5fa29385c1dce959d
        Validity
            Not Before: Nov 26 19:00:56 2024 GMT
            Not After : Nov 27 19:00:56 2024 GMT
        Subject: CN=803ce0453c75ebf890026895d65b8355f280c0ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a1:b5:aa:fb:05:2b:32:dd:f2:55:d0:4b:b0:
                    d3:2b:c9:f5:cd:d6:32:f4:3b:58:39:45:62:50:7e:
                    49:cd:b0:4c:15:a6:28:94:b5:be:f6:8f:5c:45:99:
                    95:47:49:aa:4f:62:c7:14:c2:75:df:3c:10:20:6f:
                    2f:97:f2:11:96:42:59:84:04:e7:28:5a:9d:82:f0:
                    74:25:10:f9:bd:da:b4:25:1b:71:00:8e:5a:20:0b:
                    7c:ff:1a:c3:ec:8a:fa:8a:88:7b:07:42:72:73:db:
                    a2:c8:fb:4d:ff:ce:d7:f1:02:2f:1b:90:2c:bf:c3:
                    58:27:07:a1:d7:a4:2c:f3:9e:ce:21:22:45:92:29:
                    e6:6a:50:2a:b2:ac:ed:33:1e:87:e3:d8:28:71:98:
                    bd:44:6b:33:0a:20:76:5d:d5:e1:54:2f:54:39:fd:
                    e0:c0:45:3d:cc:aa:58:2d:42:88:0a:4f:6d:e1:81:
                    2c:c6:ff:2c:83:32:94:6c:d8:12:7d:9a:5d:c1:f3:
                    3b:6a:4a:d3:88:33:93:8f:0a:5c:d4:a4:a4:13:87:
                    a0:e2:43:ed:ad:47:a1:ad:5c:54:9b:9e:e3:9f:77:
                    2e:cd:d9:4d:b8:e3:ba:11:06:25:50:2d:d5:66:56:
                    56:48:e0:ad:f1:61:6e:6a:e5:da:1a:51:c0:42:5e:
                    88:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:3C:E0:45:3C:75:EB:F8:90:02:68:95:D6:5B:83:55:F2:80:C0:AD
            X509v3 Authority Key Identifier:
                keyid:09:4B:14:F1:44:70:39:BD:F7:F9:DE:E5:FA:29:38:5C:1D:CE:95:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUsU8URwOb33-d7l-ik4XB3OlZ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/606939-cc69-4cfa-843e-50b64cbd0fe1/1/CUsU8URwOb33-d7l-ik4XB3OlZ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:0f:de:78:1c:ea:4c:32:de:a7:64:d0:39:fd:de:db:e3:84:
         5a:51:d0:b1:a4:3d:50:b8:81:30:85:73:b4:4a:fd:36:ee:3d:
         4d:da:37:fb:a7:35:46:1a:0a:56:51:0f:cd:87:a4:e8:0c:79:
         ce:90:3e:f4:1c:ab:32:b6:8e:4b:f3:3a:1e:f9:07:1d:3e:0c:
         37:7c:3c:c6:b4:2f:c6:84:9c:a0:f4:d6:02:53:99:a6:39:0b:
         6d:6e:e9:5e:9e:6c:28:9f:1b:b5:ce:63:50:ad:46:d6:27:14:
         c0:15:da:15:04:10:f9:83:83:e5:5d:b6:e8:f3:c8:9c:5e:94:
         9e:1c:6f:0d:de:3c:43:ef:e7:fc:eb:fd:4d:eb:39:df:72:f7:
         ef:4f:c6:93:43:92:e0:24:6c:5d:e2:03:61:1b:64:b6:5e:6a:
         d1:0d:08:b2:ac:01:16:4d:d0:47:95:77:ef:64:fd:3a:ff:22:
         1c:3a:88:b0:eb:b9:7a:48:a3:99:56:3c:e4:48:73:47:f0:6e:
         d2:02:ba:b3:ea:b7:8d:d9:d9:f9:41:3e:96:da:b9:5c:b5:49:
         55:bb:52:28:21:55:48:43:87:18:c2:b3:81:9f:e9:a0:3a:90:
         23:2c:fa:1d:0d:62:78:29:ac:76:75:d6:1a:fa:46:6e:3e:98:
         d5:53:af:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2RzFim795LGzaSNif/0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NGIxNGYxNDQ3MDM5YmRmN2Y5ZGVlNWZhMjkzODVjMWRj
ZTk1OWQwHhcNMjQxMTI2MTkwMDU2WhcNMjQxMTI3MTkwMDU2WjAzMTEwLwYDVQQD
Eyg4MDNjZTA0NTNjNzVlYmY4OTAwMjY4OTVkNjViODM1NWYyODBjMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6G1qvsFKzLd8lXQS7DTK8n1zdYy
9DtYOUViUH5JzbBMFaYolLW+9o9cRZmVR0mqT2LHFMJ13zwQIG8vl/IRlkJZhATn
KFqdgvB0JRD5vdq0JRtxAI5aIAt8/xrD7Ir6ioh7B0Jyc9uiyPtN/87X8QIvG5As
v8NYJweh16Qs857OISJFkinmalAqsqztMx6H49gocZi9RGszCiB2XdXhVC9UOf3g
wEU9zKpYLUKICk9t4YEsxv8sgzKUbNgSfZpdwfM7akrTiDOTjwpc1KSkE4eg4kPt
rUehrVxUm57jn3cuzdlNuOO6EQYlUC3VZlZWSOCt8WFuauXaGlHAQl6InQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIA84EU8dev4kAJoldZbg1XygMCtMB8GA1UdIwQY
MBaAFAlLFPFEcDm99/ne5fopOFwdzpWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2Ut
NTBiNjRjYmQwZmUxLzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82MDY5MzktY2M2OS00Y2ZhLTg0M2UtNTBiNjRjYmQwZmUx
LzEvQ1VzVThVUndPYjMzLWQ3bC1pazRYQjNPbFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoA/eeBzq
TDLep2TQOf3e2+OEWlHQsaQ9ULiBMIVztEr9Nu49Tdo3+6c1RhoKVlEPzYek6Ax5
zpA+9ByrMraOS/M6HvkHHT4MN3w8xrQvxoScoPTWAlOZpjkLbW7pXp5sKJ8btc5j
UK1G1icUwBXaFQQQ+YOD5V226PPInF6UnhxvDd48Q+/n/Ov9Tes533L370/Gk0OS
4CRsXeIDYRtktl5q0Q0IsqwBFk3QR5V372T9Ov8iHDqIsOu5ekijmVY85EhzR/Bu
0gK6s+q3jdnZ+UE+ltq5XLVJVbtSKCFVSEOHGMKzgZ/poDqQIyz6HQ1ieCmsdnXW
GvpGbj6Y1VOvug==
-----END CERTIFICATE-----