Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
File:                     Vu9y3nfRt-K0RwW2y85jlCHam-8.mft (raw, json)
Hash identifier:          dcZ36p28n+J8LxRx8kZ5ck534E4Nge3rqost3GnTsDQ=
Subject key identifier:   65:D3:82:E3:3E:86:63:1C:0F:22:3F:28:78:0F:61:1C:89:25:76:3F
Authority key identifier: 56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF
Certificate issuer:       /CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
Certificate serial:       019356F696889B9CAD2D8CF68FDBAE5DA1D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
Manifest number:          01B3
Signing time:             Sat 23 Nov 2024 03:00:21 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:21 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:21 +0000
Files and hashes:         1: Vu9y3nfRt-K0RwW2y85jlCHam-8.crl (hash: iyl+2M5yUBOe9ItWBtHzNId6El6huLXQXpFvrgTiiQM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:96:88:9b:9c:ad:2d:8c:f6:8f:db:ae:5d:a1:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56ef72de77d1b7e2b44705b6cbce639421da9bef
        Validity
            Not Before: Nov 23 03:00:21 2024 GMT
            Not After : Nov 24 03:00:21 2024 GMT
        Subject: CN=65d382e33e86631c0f223f28780f611c8925763f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:e7:f2:a6:c3:39:00:55:32:4a:e3:70:c0:ce:
                    ed:86:2a:7c:72:1e:23:6a:3d:76:74:be:c5:11:c2:
                    8a:54:8a:24:85:68:00:60:f6:2b:c2:91:fc:e9:26:
                    49:62:37:f9:dd:2b:89:8d:39:d6:7b:4a:3c:3f:09:
                    9a:f9:de:77:9b:e5:34:ad:8a:12:62:a7:aa:c0:54:
                    f6:ea:cb:3a:84:0e:96:0d:53:ba:dd:53:ed:8b:9c:
                    a7:d8:9a:b5:cd:bc:ac:4f:fe:90:45:a2:f6:1e:20:
                    17:e7:19:b6:6a:27:fe:35:9a:3a:86:10:4f:81:b5:
                    dd:b9:ed:18:79:12:88:3b:f0:19:08:e2:63:23:dc:
                    ef:af:32:76:27:29:12:4c:d0:ed:a9:dd:4a:2f:0c:
                    7d:90:d0:80:61:73:c2:1a:3f:8a:41:ec:78:17:48:
                    f6:02:b5:4d:b1:bd:89:00:7e:ab:7e:01:01:0c:41:
                    56:78:2f:91:c2:54:92:b9:ce:f2:b3:bf:b7:76:19:
                    3d:2f:db:d8:0c:2e:04:30:e7:8f:f8:40:e0:aa:21:
                    71:7e:3c:2f:19:28:4e:d0:a9:df:25:14:1f:5d:60:
                    cb:45:ef:6d:96:0c:04:26:75:a6:a4:9d:84:a4:eb:
                    f9:68:8d:4d:4f:f7:15:d9:26:5e:1c:cb:81:23:b7:
                    77:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:D3:82:E3:3E:86:63:1C:0F:22:3F:28:78:0F:61:1C:89:25:76:3F
            X509v3 Authority Key Identifier:
                keyid:56:EF:72:DE:77:D1:B7:E2:B4:47:05:B6:CB:CE:63:94:21:DA:9B:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vu9y3nfRt-K0RwW2y85jlCHam-8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/71fdd5-c29d-4d38-8ef9-4f656f29a51b/1/Vu9y3nfRt-K0RwW2y85jlCHam-8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:60:0d:25:85:f3:a5:09:4d:de:4f:fd:1d:ea:45:a5:e2:f2:
         ea:d5:b1:3b:fc:01:8e:da:16:64:5c:fa:8b:a0:7d:88:3e:c4:
         d3:50:4b:33:28:ab:f5:31:0b:d6:66:f1:a8:e6:f3:79:df:63:
         20:d7:16:ee:73:26:09:c4:b4:4a:88:d7:97:96:5c:03:79:5d:
         5b:28:02:21:36:49:81:89:a7:35:69:fa:f4:80:ad:a5:51:f2:
         8a:9e:f6:57:36:a5:a8:a9:72:07:56:a6:a9:c6:76:44:28:3e:
         e0:18:e5:98:7c:ab:8f:ba:27:b9:e1:b0:d7:6e:df:96:12:6d:
         a4:50:e2:83:c2:d2:c8:7c:36:25:00:e8:5d:fa:04:d7:aa:ed:
         0a:fd:69:a3:11:e1:35:3e:15:72:09:d7:86:13:a5:db:9d:99:
         2c:a8:f3:cf:eb:c5:3b:43:37:62:10:98:39:3a:40:df:8a:dd:
         dc:e2:c7:48:b2:d6:c9:a7:70:8c:37:f3:73:1c:cc:95:a0:1a:
         51:55:14:7c:62:f7:e7:dd:b7:b2:db:77:81:9e:42:75:89:bd:
         1b:ae:38:78:25:d5:6d:f0:61:ae:c1:bd:85:93:37:24:01:ed:
         c0:67:5a:68:5d:42:d1:68:e6:9c:d0:32:fd:d4:df:24:c2:ac:
         0c:10:0b:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9paIm5ytLYz2j9uuXaHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZWY3MmRlNzdkMWI3ZTJiNDQ3MDViNmNiY2U2Mzk0MjFk
YTliZWYwHhcNMjQxMTIzMDMwMDIxWhcNMjQxMTI0MDMwMDIxWjAzMTEwLwYDVQQD
Eyg2NWQzODJlMzNlODY2MzFjMGYyMjNmMjg3ODBmNjExYzg5MjU3NjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwefypsM5AFUySuNwwM7thip8ch4j
aj12dL7FEcKKVIokhWgAYPYrwpH86SZJYjf53SuJjTnWe0o8Pwma+d53m+U0rYoS
YqeqwFT26ss6hA6WDVO63VPti5yn2Jq1zbysT/6QRaL2HiAX5xm2aif+NZo6hhBP
gbXdue0YeRKIO/AZCOJjI9zvrzJ2JykSTNDtqd1KLwx9kNCAYXPCGj+KQex4F0j2
ArVNsb2JAH6rfgEBDEFWeC+RwlSSuc7ys7+3dhk9L9vYDC4EMOeP+EDgqiFxfjwv
GShO0KnfJRQfXWDLRe9tlgwEJnWmpJ2EpOv5aI1NT/cV2SZeHMuBI7d33wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXTguM+hmMcDyI/KHgPYRyJJXY/MB8GA1UdIwQY
MBaAFFbvct530bfitEcFtsvOY5Qh2pvvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjkt
NGY2NTZmMjlhNTFiLzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MWZkZDUtYzI5ZC00ZDM4LThlZjktNGY2NTZmMjlhNTFi
LzEvVnU5eTNuZlJ0LUswUndXMnk4NWpsQ0hhbS04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWANJYXz
pQlN3k/9HepFpeLy6tWxO/wBjtoWZFz6i6B9iD7E01BLMyir9TEL1mbxqObzed9j
INcW7nMmCcS0SojXl5ZcA3ldWygCITZJgYmnNWn69ICtpVHyip72VzalqKlyB1am
qcZ2RCg+4BjlmHyrj7onueGw127flhJtpFDig8LSyHw2JQDoXfoE16rtCv1poxHh
NT4VcgnXhhOl252ZLKjzz+vFO0M3YhCYOTpA34rd3OLHSLLWyadwjDfzcxzMlaAa
UVUUfGL35923stt3gZ5CdYm9G644eCXVbfBhrsG9hZM3JAHtwGdaaF1C0WjmnNAy
/dTfJMKsDBALoQ==
-----END CERTIFICATE-----