Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
File:                     I1PVKkAkkfT5n-VHG90aXdb0K7w.mft (raw, json)
Hash identifier:          DMn+b+lF1bMMVLWE60rVAkYh0Vn8oHU+pLyk4tcbGFo=
Subject key identifier:   9A:63:D3:01:76:2F:A6:26:6E:5E:5F:89:D8:BC:12:A6:75:24:F3:BB
Authority key identifier: 23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC
Certificate issuer:       /CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
Certificate serial:       019406B39E5C40860A9BD2B5A6E850206012
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
Manifest number:          13C6
Signing time:             Fri 27 Dec 2024 06:00:22 +0000
Manifest this update:     Fri 27 Dec 2024 06:00:22 +0000
Manifest next update:     Sat 28 Dec 2024 06:00:22 +0000
Files and hashes:         1: I1PVKkAkkfT5n-VHG90aXdb0K7w.crl (hash: +lgLBhuzAKwgt99tnSgy1Xx9kZvjbT/2i/2N1pdn/4g=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:b3:9e:5c:40:86:0a:9b:d2:b5:a6:e8:50:20:60:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2353d52a402491f4f99fe5471bdd1a5dd6f42bbc
        Validity
            Not Before: Dec 27 06:00:22 2024 GMT
            Not After : Dec 28 06:00:22 2024 GMT
        Subject: CN=9a63d301762fa6266e5e5f89d8bc12a67524f3bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:b3:35:c6:94:3a:98:ef:ee:7a:d2:b4:76:92:
                    e1:2d:a9:fb:7c:02:21:60:8e:68:a6:65:4e:9b:b9:
                    af:47:bb:31:ca:f8:b7:06:3e:23:05:dd:6a:93:38:
                    24:a6:4d:c0:7a:90:b0:ef:72:3f:2f:88:ab:52:6a:
                    09:17:7b:69:bd:40:b0:f1:7e:cf:e3:c5:01:a3:20:
                    25:6a:bc:52:6b:80:b2:09:9f:7f:eb:3f:5d:f5:6a:
                    38:a0:b2:a3:e7:c4:5c:1f:6e:b7:cf:b1:b4:8d:eb:
                    56:75:1e:da:85:e8:66:6f:fc:e5:81:b5:e7:b9:2d:
                    e2:16:7f:d3:14:71:a5:66:10:a0:50:26:25:ee:94:
                    07:fb:8a:09:0a:a0:49:67:1d:2f:bb:42:6a:4f:bd:
                    95:71:d8:67:08:59:57:51:6c:39:64:6c:2e:30:6f:
                    10:c5:60:cb:87:13:d6:75:35:96:58:05:64:5d:cf:
                    a2:e5:b8:f7:c6:e0:93:05:ff:11:25:55:70:1e:ec:
                    9e:d1:a5:25:75:a4:65:5d:9d:00:55:34:3a:1f:d3:
                    0c:af:bf:b7:56:f9:8a:ee:0a:9a:dd:b9:0d:70:b5:
                    03:76:fb:43:8e:e4:58:8b:b7:99:76:bf:ec:7c:e5:
                    ff:28:74:4a:76:93:c0:d0:88:dd:e6:ff:91:29:d0:
                    1b:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:63:D3:01:76:2F:A6:26:6E:5E:5F:89:D8:BC:12:A6:75:24:F3:BB
            X509v3 Authority Key Identifier:
                keyid:23:53:D5:2A:40:24:91:F4:F9:9F:E5:47:1B:DD:1A:5D:D6:F4:2B:BC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1PVKkAkkfT5n-VHG90aXdb0K7w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1f1af6-dd1b-4117-ac17-deab8586f2ce/1/I1PVKkAkkfT5n-VHG90aXdb0K7w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8d:2d:10:6a:ed:52:f2:97:47:eb:49:34:79:ba:89:7f:ca:b7:
         27:ff:18:2b:50:e8:53:05:6b:20:43:d5:66:9d:90:de:17:83:
         8a:36:f3:da:cf:8d:34:ab:24:c4:78:f0:3f:97:0c:df:99:74:
         32:34:81:0e:1d:7c:0c:71:ff:8b:5c:a7:8c:50:67:c6:32:0f:
         a7:97:57:45:f4:86:ca:70:e6:5e:95:53:d7:0e:c5:bd:c8:ae:
         3d:2f:6d:7c:fc:aa:8e:ba:7b:d3:35:28:3c:0d:05:c3:06:8a:
         bc:20:33:01:65:be:3a:75:20:03:de:41:75:aa:3e:f4:d7:64:
         b2:21:6c:d1:75:7a:4b:47:9e:c2:b2:08:82:7b:63:11:1a:55:
         1c:77:7f:9d:be:5b:76:62:c7:29:18:a2:9d:4d:8f:9f:87:83:
         f1:9c:73:48:aa:f4:77:6c:a4:f8:e5:3d:f1:66:6c:30:04:da:
         b3:39:11:f8:57:ab:06:e5:f0:17:6b:8c:54:43:4b:2d:82:bf:
         9f:80:a0:f4:8b:0a:50:6c:75:9d:2a:13:89:fa:65:d9:ba:93:
         8a:31:da:80:8f:be:af:a0:3f:68:31:91:f5:8c:42:a7:e3:7b:
         4d:c7:db:69:82:d5:a7:5e:b8:fa:7f:25:16:39:c0:7c:44:09:
         12:f2:39:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGs55cQIYKm9K1puhQIGASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTNkNTJhNDAyNDkxZjRmOTlmZTU0NzFiZGQxYTVkZDZm
NDJiYmMwHhcNMjQxMjI3MDYwMDIyWhcNMjQxMjI4MDYwMDIyWjAzMTEwLwYDVQQD
Eyg5YTYzZDMwMTc2MmZhNjI2NmU1ZTVmODlkOGJjMTJhNjc1MjRmM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLM1xpQ6mO/uetK0dpLhLan7fAIh
YI5opmVOm7mvR7sxyvi3Bj4jBd1qkzgkpk3AepCw73I/L4irUmoJF3tpvUCw8X7P
48UBoyAlarxSa4CyCZ9/6z9d9Wo4oLKj58RcH263z7G0jetWdR7ahehmb/zlgbXn
uS3iFn/TFHGlZhCgUCYl7pQH+4oJCqBJZx0vu0JqT72VcdhnCFlXUWw5ZGwuMG8Q
xWDLhxPWdTWWWAVkXc+i5bj3xuCTBf8RJVVwHuye0aUldaRlXZ0AVTQ6H9MMr7+3
VvmK7gqa3bkNcLUDdvtDjuRYi7eZdr/sfOX/KHRKdpPA0Ijd5v+RKdAbRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpj0wF2L6Ymbl5fidi8EqZ1JPO7MB8GA1UdIwQY
MBaAFCNT1SpAJJH0+Z/lRxvdGl3W9Cu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTct
ZGVhYjg1ODZmMmNlLzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZjFhZjYtZGQxYi00MTE3LWFjMTctZGVhYjg1ODZmMmNl
LzEvSTFQVktrQWtrZlQ1bi1WSEc5MGFYZGIwSzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjS0Qau1S
8pdH60k0ebqJf8q3J/8YK1DoUwVrIEPVZp2Q3heDijbz2s+NNKskxHjwP5cM35l0
MjSBDh18DHH/i1ynjFBnxjIPp5dXRfSGynDmXpVT1w7FvciuPS9tfPyqjrp70zUo
PA0FwwaKvCAzAWW+OnUgA95Bdao+9NdksiFs0XV6S0eewrIIgntjERpVHHd/nb5b
dmLHKRiinU2Pn4eD8ZxzSKr0d2yk+OU98WZsMATaszkR+FerBuXwF2uMVENLLYK/
n4Cg9IsKUGx1nSoTifpl2bqTijHagI++r6A/aDGR9YxCp+N7TcfbaYLVp164+n8l
FjnAfEQJEvI52A==
-----END CERTIFICATE-----