Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
File:                     daRvv8jeUjM5XHPeUflVO7doRgU.mft (raw, json)
Hash identifier:          OGgo1qq25HOwFGAHG/l664Lyv+PykosNuK0LT8gLMVk=
Subject key identifier:   F4:33:AE:CC:35:6B:2F:90:46:0C:60:0B:94:9A:5A:1F:21:20:26:9F
Authority key identifier: 75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05
Certificate issuer:       /CN=75a46fbfc8de5233395c73de51f9553bb7684605
Certificate serial:       01935689BD4FFA51C9B8FD3748A93D509102
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 01:01:27 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:27 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:27 +0000
Files and hashes:         1: daRvv8jeUjM5XHPeUflVO7doRgU.crl (hash: Ed0Oppc+mKFPJkhiWng4FvWJAaohDV7H9EpNX/o0Z4k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:bd:4f:fa:51:c9:b8:fd:37:48:a9:3d:50:91:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=75a46fbfc8de5233395c73de51f9553bb7684605
        Validity
            Not Before: Nov 23 01:01:27 2024 GMT
            Not After : Nov 24 01:01:27 2024 GMT
        Subject: CN=f433aecc356b2f90460c600b949a5a1f2120269f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:66:0e:35:15:fa:d9:e0:21:dd:2d:8c:8f:97:
                    f0:e0:f7:c5:cf:3e:66:82:35:52:61:8a:0f:42:d9:
                    72:fd:73:c6:06:83:b5:c7:ac:88:87:95:4f:62:e5:
                    94:ce:38:12:bc:33:bb:19:c0:68:f6:37:f6:82:ac:
                    8f:dd:1f:d3:43:c5:35:90:1d:ee:15:e9:89:bb:47:
                    3a:bc:b5:29:8a:0f:5a:73:81:a3:c5:f1:ab:92:10:
                    d5:97:7b:82:62:76:33:d1:e6:9e:7e:c6:c4:07:df:
                    42:e7:a5:9e:b3:d1:75:bb:eb:e4:20:13:c1:99:11:
                    4d:5c:c4:60:f1:18:86:ae:1d:27:e6:c6:7c:a9:95:
                    e6:58:4e:a5:a6:d6:ec:d0:bc:a8:a7:a0:fb:28:35:
                    a2:65:13:51:c9:a5:ca:98:52:42:f7:5d:fc:ef:fb:
                    09:9a:c2:32:0a:07:98:55:55:43:3e:8b:8f:2a:b3:
                    b9:f8:00:10:81:7d:62:c0:a0:eb:31:05:1e:be:29:
                    ba:4a:7a:01:ba:58:a2:aa:03:e1:9d:1e:58:bb:56:
                    f9:60:d0:7c:e5:2f:f0:b5:64:b0:e5:35:8f:f0:49:
                    61:77:23:4e:c6:b5:3f:2f:85:ab:9f:0d:45:20:6e:
                    9f:6e:cf:03:aa:db:a9:22:76:0d:30:f3:7e:51:2b:
                    46:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:33:AE:CC:35:6B:2F:90:46:0C:60:0B:94:9A:5A:1F:21:20:26:9F
            X509v3 Authority Key Identifier:
                keyid:75:A4:6F:BF:C8:DE:52:33:39:5C:73:DE:51:F9:55:3B:B7:68:46:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/daRvv8jeUjM5XHPeUflVO7doRgU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/427e2c-96f6-4e43-914a-8c7c54f3c5b0/1/daRvv8jeUjM5XHPeUflVO7doRgU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:a4:9e:0d:be:97:88:30:b7:e9:df:ae:08:de:b6:32:14:42:
         38:7c:0c:5c:73:25:ea:95:e1:77:0f:99:3a:8b:db:6f:26:f9:
         dd:7d:0b:cc:c8:9a:33:5b:f8:5c:ca:4d:77:bd:bd:ea:fc:f2:
         70:5b:6f:bd:33:8c:a5:84:36:99:38:fd:b6:d7:33:75:1a:0b:
         f5:58:e2:4b:6a:af:8c:73:71:60:93:b3:19:53:fc:3a:42:9b:
         46:6a:95:64:9e:4a:b2:c7:25:f0:5d:e3:73:54:2a:53:8b:e4:
         87:79:5b:2f:56:c7:31:8f:6e:e9:d2:b2:dc:00:f3:1d:ed:5c:
         81:94:dc:aa:02:dd:dc:8a:34:9a:78:31:b5:1b:86:20:c3:f2:
         7d:41:69:35:c9:aa:01:e4:80:d4:6b:fe:73:c8:77:45:66:ca:
         79:b4:33:82:15:24:22:3d:97:64:fe:33:6b:a3:68:12:40:9d:
         54:17:53:e6:b5:67:dd:4e:ac:db:82:1b:8b:ed:51:8b:ac:36:
         c5:93:0d:24:28:41:42:59:f5:36:dc:47:d0:a2:c6:0c:f1:2b:
         8f:e6:c3:cf:54:f0:4c:40:34:47:2c:0d:c0:0d:de:56:08:04:
         06:86:82:ee:e8:2b:e2:bf:62:eb:eb:b2:9a:69:8f:fd:cd:d2:
         70:73:85:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWib1P+lHJuP03SKk9UJECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YTQ2ZmJmYzhkZTUyMzMzOTVjNzNkZTUxZjk1NTNiYjc2
ODQ2MDUwHhcNMjQxMTIzMDEwMTI3WhcNMjQxMTI0MDEwMTI3WjAzMTEwLwYDVQQD
EyhmNDMzYWVjYzM1NmIyZjkwNDYwYzYwMGI5NDlhNWExZjIxMjAyNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GYONRX62eAh3S2Mj5fw4PfFzz5m
gjVSYYoPQtly/XPGBoO1x6yIh5VPYuWUzjgSvDO7GcBo9jf2gqyP3R/TQ8U1kB3u
FemJu0c6vLUpig9ac4GjxfGrkhDVl3uCYnYz0eaefsbEB99C56Wes9F1u+vkIBPB
mRFNXMRg8RiGrh0n5sZ8qZXmWE6lptbs0Lyop6D7KDWiZRNRyaXKmFJC91387/sJ
msIyCgeYVVVDPouPKrO5+AAQgX1iwKDrMQUevim6SnoBuliiqgPhnR5Yu1b5YNB8
5S/wtWSw5TWP8ElhdyNOxrU/L4Wrnw1FIG6fbs8DqtupInYNMPN+UStGrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQzrsw1ay+QRgxgC5SaWh8hICafMB8GA1UdIwQY
MBaAFHWkb7/I3lIzOVxz3lH5VTu3aEYFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEt
OGM3YzU0ZjNjNWIwLzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS80MjdlMmMtOTZmNi00ZTQzLTkxNGEtOGM3YzU0ZjNjNWIw
LzEvZGFSdnY4amVVak01WEhQZVVmbFZPN2RvUmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACaSeDb6X
iDC36d+uCN62MhRCOHwMXHMl6pXhdw+ZOovbbyb53X0LzMiaM1v4XMpNd7296vzy
cFtvvTOMpYQ2mTj9ttczdRoL9VjiS2qvjHNxYJOzGVP8OkKbRmqVZJ5Ksscl8F3j
c1QqU4vkh3lbL1bHMY9u6dKy3ADzHe1cgZTcqgLd3Io0mngxtRuGIMPyfUFpNcmq
AeSA1Gv+c8h3RWbKebQzghUkIj2XZP4za6NoEkCdVBdT5rVn3U6s24Ibi+1Ri6w2
xZMNJChBQln1NtxH0KLGDPErj+bDz1TwTEA0RywNwA3eVggEBoaC7ugr4r9i6+uy
mmmP/c3ScHOFyQ==
-----END CERTIFICATE-----