Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
File:                     IgTxXPMNc4SLB038rCYTgAYVatQ.mft (raw, json)
Hash identifier:          DyMW5AGravusqXPQ1is7ItNld0sAL5jSQ1Xsnj8EGvc=
Subject key identifier:   4E:8C:37:9B:B6:3E:35:B1:82:5F:A0:86:7E:05:C6:0C:4A:57:CD:2A
Authority key identifier: 22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4
Certificate issuer:       /CN=2204f15cf30d73848b074dfcac26138006156ad4
Certificate serial:       01935689BCA9E55DCF0759D00B50614A79E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
Manifest number:          0A7E
Signing time:             Sat 23 Nov 2024 01:01:27 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:27 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:27 +0000
Files and hashes:         1: IgTxXPMNc4SLB038rCYTgAYVatQ.crl (hash: mCwvBDuknoYMZ5oBQNQ5lOTATvS4PqiJdggTB45nvgk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:bc:a9:e5:5d:cf:07:59:d0:0b:50:61:4a:79:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2204f15cf30d73848b074dfcac26138006156ad4
        Validity
            Not Before: Nov 23 01:01:27 2024 GMT
            Not After : Nov 24 01:01:27 2024 GMT
        Subject: CN=4e8c379bb63e35b1825fa0867e05c60c4a57cd2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:db:e4:88:ec:25:bc:aa:e6:f7:dd:4e:97:51:
                    cb:fd:3b:cf:03:cf:f0:e2:69:14:76:19:05:cc:49:
                    a0:e2:ef:62:f3:5b:85:40:87:c0:fb:91:97:79:e2:
                    ee:33:ea:9a:24:94:e5:cd:e5:8c:2a:1a:95:b0:9d:
                    92:16:5e:d4:55:85:5a:50:79:89:5f:91:81:2d:cb:
                    56:08:d4:a9:56:3c:de:28:00:a6:4a:42:a5:e8:d7:
                    c3:f3:bf:e9:28:34:07:34:02:13:90:14:82:83:d1:
                    41:ef:f5:60:9d:55:12:05:ad:76:e7:9e:1a:90:88:
                    cd:8b:41:ec:77:00:bc:2a:b9:5f:fa:31:8f:e2:f3:
                    03:6d:ea:ed:8e:7a:7c:cf:0b:da:68:9a:8a:e9:11:
                    c7:59:a3:8e:ef:de:ff:53:70:20:d4:0f:cb:e4:d6:
                    c7:cd:b8:f4:88:1e:a5:2a:fb:e2:bc:28:55:39:6a:
                    93:3c:97:8c:b9:37:d8:20:92:55:30:d5:c9:37:66:
                    44:9e:24:0e:e6:23:e7:9b:ae:dc:d7:1d:5e:4c:8c:
                    9c:bd:5f:fe:9e:f4:6f:47:b7:e6:97:d8:b9:61:cb:
                    a3:69:a3:ce:60:32:51:61:4f:f3:4d:9a:18:f9:c3:
                    45:c1:12:71:60:5d:43:be:ee:52:55:f4:f9:7b:92:
                    ad:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:8C:37:9B:B6:3E:35:B1:82:5F:A0:86:7E:05:C6:0C:4A:57:CD:2A
            X509v3 Authority Key Identifier:
                keyid:22:04:F1:5C:F3:0D:73:84:8B:07:4D:FC:AC:26:13:80:06:15:6A:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IgTxXPMNc4SLB038rCYTgAYVatQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3872cf-aa59-4c98-b7a3-c1b10239dd58/1/IgTxXPMNc4SLB038rCYTgAYVatQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:dd:18:81:5b:3f:36:c7:cf:df:a4:14:1a:5b:ec:d0:55:f0:
         90:8b:be:b6:cf:a4:19:e6:d3:ef:cb:26:bc:ea:bd:19:3e:2b:
         5f:44:80:60:a2:5e:d2:fb:ec:5a:ce:e9:b1:ba:bf:66:38:cb:
         a4:0a:20:f2:3b:5e:ab:08:d5:6e:f0:e0:75:6f:88:93:ee:e9:
         42:b2:37:49:2c:fa:c3:6f:7f:3b:d4:ce:1f:d6:7a:e5:06:64:
         b0:ad:96:10:d3:97:2f:e3:02:26:65:87:db:6e:94:e9:52:97:
         75:10:49:cd:7f:b1:b0:db:42:39:b2:49:71:b0:86:f0:3d:f0:
         15:1f:5c:c7:54:ea:f4:60:9d:e0:3a:00:12:42:48:d7:a3:cf:
         83:7d:6c:8c:50:2f:b4:69:b5:e4:81:a0:ab:66:1e:22:73:8f:
         32:49:23:a3:a5:42:ab:4f:b8:79:f7:f1:d6:5b:91:2a:a2:44:
         46:a7:b7:e7:47:9f:1b:79:4d:c1:f3:f1:9e:3e:01:11:94:68:
         c3:8c:61:07:b1:77:c0:74:54:35:ff:dd:b7:78:f9:fd:91:9e:
         ec:29:3e:e9:c8:f8:51:f6:c4:e9:cf:41:2e:88:b3:a1:26:ef:
         84:e0:9f:f9:76:12:40:ec:a6:52:77:d0:59:69:8d:d1:08:2e:
         c7:73:ad:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWibyp5V3PB1nQC1BhSnnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDRmMTVjZjMwZDczODQ4YjA3NGRmY2FjMjYxMzgwMDYx
NTZhZDQwHhcNMjQxMTIzMDEwMTI3WhcNMjQxMTI0MDEwMTI3WjAzMTEwLwYDVQQD
Eyg0ZThjMzc5YmI2M2UzNWIxODI1ZmEwODY3ZTA1YzYwYzRhNTdjZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NvkiOwlvKrm991Ol1HL/TvPA8/w
4mkUdhkFzEmg4u9i81uFQIfA+5GXeeLuM+qaJJTlzeWMKhqVsJ2SFl7UVYVaUHmJ
X5GBLctWCNSpVjzeKACmSkKl6NfD87/pKDQHNAITkBSCg9FB7/VgnVUSBa12554a
kIjNi0HsdwC8Krlf+jGP4vMDbertjnp8zwvaaJqK6RHHWaOO797/U3Ag1A/L5NbH
zbj0iB6lKvvivChVOWqTPJeMuTfYIJJVMNXJN2ZEniQO5iPnm67c1x1eTIycvV/+
nvRvR7fml9i5YcujaaPOYDJRYU/zTZoY+cNFwRJxYF1Dvu5SVfT5e5KtywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6MN5u2PjWxgl+ghn4FxgxKV80qMB8GA1UdIwQY
MBaAFCIE8VzzDXOEiwdN/KwmE4AGFWrUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMt
YzFiMTAyMzlkZDU4LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODcyY2YtYWE1OS00Yzk4LWI3YTMtYzFiMTAyMzlkZDU4
LzEvSWdUeFhQTU5jNFNMQjAzOHJDWVRnQVlWYXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQt0YgVs/
NsfP36QUGlvs0FXwkIu+ts+kGebT78smvOq9GT4rX0SAYKJe0vvsWs7psbq/ZjjL
pAog8jteqwjVbvDgdW+Ik+7pQrI3SSz6w29/O9TOH9Z65QZksK2WENOXL+MCJmWH
226U6VKXdRBJzX+xsNtCObJJcbCG8D3wFR9cx1Tq9GCd4DoAEkJI16PPg31sjFAv
tGm15IGgq2YeInOPMkkjo6VCq0+4effx1luRKqJERqe350efG3lNwfPxnj4BEZRo
w4xhB7F3wHRUNf/dt3j5/ZGe7Ck+6cj4UfbE6c9BLoizoSbvhOCf+XYSQOymUnfQ
WWmN0Qgux3Otgg==
-----END CERTIFICATE-----