Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          452xPTgxPRszoG0OBu17qfZRZWZvbKc0F64sk/MHkQI=
Subject key identifier:   19:D7:1A:07:D8:20:7A:16:36:63:1B:95:7B:68:EA:A8:22:53:74:55
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       01940647E08285F0D839C41315132BAB261B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          13C9
Signing time:             Fri 27 Dec 2024 04:02:41 +0000
Manifest this update:     Fri 27 Dec 2024 04:02:41 +0000
Manifest next update:     Sat 28 Dec 2024 04:02:41 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: A8bspKe0jWBdOmn5Th9h7ahuOE9raD9OSs+ktidRmGY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:47:e0:82:85:f0:d8:39:c4:13:15:13:2b:ab:26:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: Dec 27 04:02:41 2024 GMT
            Not After : Dec 28 04:02:41 2024 GMT
        Subject: CN=19d71a07d8207a1636631b957b68eaa822537455
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:20:57:ba:f5:5e:d2:dd:92:bb:94:9b:ce:7f:
                    6c:b7:f6:39:db:af:66:84:24:a4:b4:d7:e8:47:1f:
                    7f:1c:4d:ba:ed:91:cf:c6:5a:0c:c6:43:01:ed:66:
                    1d:18:ca:a5:9f:59:ad:f7:2a:09:e3:2e:b1:7b:c1:
                    3d:6a:74:dc:9d:18:39:91:b3:ef:5c:d5:85:4e:f2:
                    51:53:97:6c:b5:bc:7d:a0:47:eb:5b:b6:f9:a5:bd:
                    d4:d3:c5:b1:0d:05:6a:0f:ba:27:b4:85:02:69:65:
                    a0:15:be:4e:cc:15:20:18:6c:f5:8c:9a:eb:4d:37:
                    6c:2d:86:61:01:a8:45:76:5f:db:5c:67:2c:40:2d:
                    72:f7:f3:d3:5d:d0:06:ec:6f:ed:24:3c:24:98:ec:
                    1b:79:6a:c2:9d:95:f1:0d:4b:7f:de:ad:83:2d:0e:
                    cd:d4:ed:bd:6b:e4:21:fe:1f:03:2c:68:d7:c0:b4:
                    f6:a9:ce:10:ba:d7:40:ff:87:71:13:0f:ce:fb:4e:
                    0a:e5:2a:f5:25:04:37:03:1c:7a:0a:d7:d7:a2:15:
                    70:db:55:95:c6:8d:64:63:1d:62:6c:bd:71:0a:bc:
                    34:aa:98:d3:90:41:65:d1:69:b8:bd:b9:67:67:a6:
                    a9:07:26:fe:07:92:e0:f3:47:71:aa:c4:46:4b:bc:
                    f5:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:D7:1A:07:D8:20:7A:16:36:63:1B:95:7B:68:EA:A8:22:53:74:55
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:e5:3e:6b:cf:c2:31:51:0b:1e:b8:ab:97:09:e1:f0:f9:6e:
         83:60:54:f6:c1:11:16:2e:c0:0e:92:2a:b9:d0:c9:89:6c:b3:
         7b:70:19:f1:af:62:6a:8a:5b:cb:6c:5e:54:a0:0c:f7:ab:92:
         2e:7d:a6:99:76:ae:24:d6:8e:78:6e:95:29:cc:30:2a:9e:63:
         fa:05:df:46:ea:65:a6:63:45:a1:76:36:38:de:a7:a7:7e:57:
         6e:49:1b:11:00:85:16:1c:bb:2b:ee:d3:45:e3:54:f5:e0:21:
         65:4d:33:b9:35:26:56:01:b6:25:92:44:2e:2a:1f:c6:81:8e:
         20:ab:87:11:67:55:a9:42:90:24:64:48:e6:28:5b:3c:c5:cc:
         73:fd:d4:75:df:c2:da:bb:51:87:a0:e8:5b:1a:43:aa:49:01:
         9d:37:55:77:b6:39:71:01:2f:74:17:44:19:b4:52:e3:ab:dd:
         17:a6:dc:67:a3:62:38:f4:02:a2:67:1b:e5:0a:bf:1b:4c:5e:
         cd:69:02:15:2f:50:33:42:59:e1:0f:79:a1:13:c7:4a:9c:06:
         72:09:9f:76:a5:93:97:13:e8:0e:58:83:a8:41:73:2c:5d:bd:
         5d:b2:2f:9a:57:44:cc:11:de:17:f1:18:91:48:5e:6a:1d:9e:
         85:5b:14:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGR+CChfDYOcQTFRMrqyYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjQxMjI3MDQwMjQxWhcNMjQxMjI4MDQwMjQxWjAzMTEwLwYDVQQD
EygxOWQ3MWEwN2Q4MjA3YTE2MzY2MzFiOTU3YjY4ZWFhODIyNTM3NDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyBXuvVe0t2Su5Sbzn9st/Y5269m
hCSktNfoRx9/HE267ZHPxloMxkMB7WYdGMqln1mt9yoJ4y6xe8E9anTcnRg5kbPv
XNWFTvJRU5dstbx9oEfrW7b5pb3U08WxDQVqD7ontIUCaWWgFb5OzBUgGGz1jJrr
TTdsLYZhAahFdl/bXGcsQC1y9/PTXdAG7G/tJDwkmOwbeWrCnZXxDUt/3q2DLQ7N
1O29a+Qh/h8DLGjXwLT2qc4QutdA/4dxEw/O+04K5Sr1JQQ3Axx6CtfXohVw21WV
xo1kYx1ibL1xCrw0qpjTkEFl0Wm4vblnZ6apByb+B5Lg80dxqsRGS7z17QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnXGgfYIHoWNmMblXto6qgiU3RVMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOU+a8/C
MVELHrirlwnh8Plug2BU9sERFi7ADpIqudDJiWyze3AZ8a9iaopby2xeVKAM96uS
Ln2mmXauJNaOeG6VKcwwKp5j+gXfRuplpmNFoXY2ON6np35XbkkbEQCFFhy7K+7T
ReNU9eAhZU0zuTUmVgG2JZJELiofxoGOIKuHEWdVqUKQJGRI5ihbPMXMc/3Udd/C
2rtRh6DoWxpDqkkBnTdVd7Y5cQEvdBdEGbRS46vdF6bcZ6NiOPQComcb5Qq/G0xe
zWkCFS9QM0JZ4Q95oRPHSpwGcgmfdqWTlxPoDliDqEFzLF29XbIvmldEzBHeF/EY
kUheah2ehVsU5g==
-----END CERTIFICATE-----