Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
File:                     GNo6QLEX-yVyzPekwnLS7GklKRw.mft (raw, json)
Hash identifier:          VPnzczjJ6S7MBB2IQxAB62kUSkzDOPPGGeH/wiHcc1U=
Subject key identifier:   F2:3A:11:20:09:3D:C7:F4:88:EF:1A:1E:4B:8E:7B:B7:E7:B7:93:C5
Authority key identifier: 18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C
Certificate issuer:       /CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
Certificate serial:       01923AA746DF2DA80DD9190C3369ABDF0884
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
Manifest number:          12DA
Signing time:             Sat 28 Sep 2024 22:01:34 +0000
Manifest this update:     Sat 28 Sep 2024 22:01:34 +0000
Manifest next update:     Sun 29 Sep 2024 22:01:34 +0000
Files and hashes:         1: GNo6QLEX-yVyzPekwnLS7GklKRw.crl (hash: Lj3p31XAyRG+CiZ3h798wGDhW/qgKdSx3lBaGWpin+M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Sep 2024 16:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:3a:a7:46:df:2d:a8:0d:d9:19:0c:33:69:ab:df:08:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18da3a40b117fb2572ccf7a4c272d2ec6925291c
        Validity
            Not Before: Sep 28 22:01:34 2024 GMT
            Not After : Sep 29 22:01:34 2024 GMT
        Subject: CN=f23a1120093dc7f488ef1a1e4b8e7bb7e7b793c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c2:a0:ee:16:6e:e4:77:7d:c7:d5:82:77:af:
                    39:d6:a8:fb:ef:0d:98:94:25:3c:0d:2a:0d:9b:f6:
                    76:2c:ab:04:a4:f5:4c:27:50:61:04:99:3a:09:fa:
                    02:98:1a:b2:aa:8b:78:f0:ac:5a:1f:a4:87:0f:e8:
                    ed:26:34:7f:1b:48:ac:ee:e7:a4:e3:93:7d:bd:ab:
                    77:c3:50:0b:d7:c4:39:3d:4f:1b:86:d9:2c:32:2e:
                    0c:b1:70:50:67:0f:20:98:e2:20:70:ca:70:8c:ea:
                    75:b9:92:33:5c:f6:0d:b1:b2:f7:b6:82:77:d1:5d:
                    b3:a5:e7:96:47:00:99:c8:2c:22:31:43:9d:ca:89:
                    bc:3b:57:df:e9:c1:f8:d3:7a:af:e6:04:f8:b2:60:
                    59:2c:13:44:b1:5f:51:20:9d:e5:60:54:fe:5b:7b:
                    33:ea:1c:4f:3e:8f:0f:7e:c0:0a:05:26:3b:d5:c3:
                    de:d0:4e:d5:e5:61:c2:12:38:86:10:67:f8:d7:d7:
                    21:96:c0:0b:cc:fa:5f:05:b9:02:4f:c2:6f:63:1b:
                    79:94:78:b8:5c:8d:59:eb:a5:62:ee:d4:75:14:c5:
                    1d:fd:cd:52:b5:54:e0:85:71:6c:ad:b5:2f:9f:12:
                    a5:2e:13:62:ed:df:f1:7e:a5:09:11:ac:59:c0:de:
                    c6:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:3A:11:20:09:3D:C7:F4:88:EF:1A:1E:4B:8E:7B:B7:E7:B7:93:C5
            X509v3 Authority Key Identifier:
                keyid:18:DA:3A:40:B1:17:FB:25:72:CC:F7:A4:C2:72:D2:EC:69:25:29:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNo6QLEX-yVyzPekwnLS7GklKRw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/28979b-0a34-4a5c-a2fe-698d912b7346/1/GNo6QLEX-yVyzPekwnLS7GklKRw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c8:a7:d5:3e:e5:8d:96:4e:82:e1:53:4e:71:e8:e4:96:a5:39:
         2a:2a:34:f2:5a:f7:25:b9:5c:ab:08:40:69:2a:c4:d4:35:22:
         0c:b7:21:4d:5b:43:3a:75:4d:42:ca:cf:e1:42:ac:32:79:c9:
         c4:69:81:bc:5d:7e:e4:24:77:02:c9:0f:2f:82:e1:7c:6b:ab:
         02:53:aa:73:dc:c2:8f:66:a8:46:50:27:32:cd:81:17:7f:6d:
         be:9f:29:80:c1:ac:a3:6b:a8:e3:c0:0f:7f:0c:59:1d:f9:92:
         be:da:d9:19:3f:68:47:75:3c:6a:2d:11:2c:ef:9c:24:5c:5a:
         70:18:52:90:bb:58:08:84:78:4b:7e:a5:b1:9a:44:d5:19:d1:
         4f:cf:a9:3d:a2:7d:b2:c3:23:2f:6a:9f:d5:e7:69:b2:22:3b:
         2f:0a:5e:33:53:c6:23:6a:9c:b7:28:4a:1a:60:15:73:85:41:
         6a:af:93:d8:94:87:f2:3c:46:50:4a:38:46:ea:7c:2e:19:19:
         eb:3a:ac:ce:d2:04:1d:d7:18:8c:d0:54:18:84:2d:de:3e:b8:
         04:94:03:da:e1:eb:de:97:b0:52:6a:5b:50:33:e9:2f:b8:19:
         3e:d7:55:1d:9f:3f:b7:80:17:ad:c5:62:5f:42:1a:6f:38:32:
         43:00:b8:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI6p0bfLagN2RkMM2mr3wiEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZGEzYTQwYjExN2ZiMjU3MmNjZjdhNGMyNzJkMmVjNjky
NTI5MWMwHhcNMjQwOTI4MjIwMTM0WhcNMjQwOTI5MjIwMTM0WjAzMTEwLwYDVQQD
EyhmMjNhMTEyMDA5M2RjN2Y0ODhlZjFhMWU0YjhlN2JiN2U3Yjc5M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosKg7hZu5Hd9x9WCd6851qj77w2Y
lCU8DSoNm/Z2LKsEpPVMJ1BhBJk6CfoCmBqyqot48KxaH6SHD+jtJjR/G0is7uek
45N9vat3w1AL18Q5PU8bhtksMi4MsXBQZw8gmOIgcMpwjOp1uZIzXPYNsbL3toJ3
0V2zpeeWRwCZyCwiMUOdyom8O1ff6cH403qv5gT4smBZLBNEsV9RIJ3lYFT+W3sz
6hxPPo8PfsAKBSY71cPe0E7V5WHCEjiGEGf419chlsALzPpfBbkCT8JvYxt5lHi4
XI1Z66Vi7tR1FMUd/c1StVTghXFsrbUvnxKlLhNi7d/xfqUJEaxZwN7GVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPI6ESAJPcf0iO8aHkuOe7fnt5PFMB8GA1UdIwQY
MBaAFBjaOkCxF/slcsz3pMJy0uxpJSkcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUt
Njk4ZDkxMmI3MzQ2LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODk3OWItMGEzNC00YTVjLWEyZmUtNjk4ZDkxMmI3MzQ2
LzEvR05vNlFMRVgteVZ5elBla3duTFM3R2tsS1J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyKfVPuWN
lk6C4VNOcejklqU5Kio08lr3JblcqwhAaSrE1DUiDLchTVtDOnVNQsrP4UKsMnnJ
xGmBvF1+5CR3AskPL4LhfGurAlOqc9zCj2aoRlAnMs2BF39tvp8pgMGso2uo48AP
fwxZHfmSvtrZGT9oR3U8ai0RLO+cJFxacBhSkLtYCIR4S36lsZpE1RnRT8+pPaJ9
ssMjL2qf1edpsiI7LwpeM1PGI2qctyhKGmAVc4VBaq+T2JSH8jxGUEo4Rup8LhkZ
6zqsztIEHdcYjNBUGIQt3j64BJQD2uHr3pewUmpbUDPpL7gZPtdVHZ8/t4AXrcVi
X0IabzgyQwC4aQ==
-----END CERTIFICATE-----