Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
File:                     xlkRwmkydt2NDOt_hKoqtJ79EIk.mft (raw, json)
Hash identifier:          oHKIJ20FEHcoZkZTkNZwfc8g0ZQ2ls0Admkyz+Hk/4k=
Subject key identifier:   AB:E5:D3:C2:CA:A4:28:7C:B9:B3:D6:C7:4F:87:4A:FE:FC:2D:46:1C
Authority key identifier: C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89
Certificate issuer:       /CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
Certificate serial:       019357646838E4F279F736D1DDA5C2E60AA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
Manifest number:          016E
Signing time:             Sat 23 Nov 2024 05:00:18 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:18 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:18 +0000
Files and hashes:         1: xlkRwmkydt2NDOt_hKoqtJ79EIk.crl (hash: wloJwKJ0kxivR1zOJE48U4eVNMscJw3mx15Q1yL3PuM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:68:38:e4:f2:79:f7:36:d1:dd:a5:c2:e6:0a:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c65911c2693276dd8d0ceb7f84aa2ab49efd1089
        Validity
            Not Before: Nov 23 05:00:18 2024 GMT
            Not After : Nov 24 05:00:18 2024 GMT
        Subject: CN=abe5d3c2caa4287cb9b3d6c74f874afefc2d461c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3c:3f:03:43:da:43:ae:dc:40:5e:de:2e:66:
                    2b:9a:d1:be:21:af:4a:13:14:f3:cc:d1:01:4c:a1:
                    54:80:c4:31:30:86:be:4f:30:02:4b:be:8e:9e:13:
                    ce:db:18:a7:9a:b6:51:11:3d:5d:38:58:00:70:4a:
                    38:ad:c3:82:7e:89:aa:39:4d:b7:47:23:88:e4:20:
                    6c:9b:65:4a:a8:66:99:48:32:01:42:3e:0f:1a:1e:
                    55:8b:b1:56:96:31:fc:ce:83:3d:33:13:39:8e:f4:
                    9a:0c:55:da:a7:0a:64:84:1d:d1:70:05:f9:65:4d:
                    b9:39:8f:66:ec:f8:0a:ac:44:11:26:d7:83:da:1e:
                    4c:e4:65:dc:08:70:4a:07:55:5f:8b:8b:85:c5:3f:
                    b6:63:24:08:cb:a0:7d:2b:12:f5:de:aa:3d:95:1e:
                    b4:a2:da:b1:85:4f:2a:f4:5b:24:8c:3e:8d:d5:ac:
                    dd:ff:bf:c8:18:24:2f:46:5a:11:93:c2:df:a3:30:
                    9a:78:19:f0:a7:6c:5d:e2:af:2a:5d:08:b3:02:78:
                    40:f7:5c:78:60:96:d9:7f:0f:b5:70:f2:9a:b4:63:
                    66:f5:a8:ec:91:f1:0e:13:a1:af:db:de:e2:27:ce:
                    30:89:c8:4d:2d:63:2c:2b:24:3d:47:e8:3e:56:1c:
                    e0:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:E5:D3:C2:CA:A4:28:7C:B9:B3:D6:C7:4F:87:4A:FE:FC:2D:46:1C
            X509v3 Authority Key Identifier:
                keyid:C6:59:11:C2:69:32:76:DD:8D:0C:EB:7F:84:AA:2A:B4:9E:FD:10:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlkRwmkydt2NDOt_hKoqtJ79EIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e28279-9de9-48ab-b86f-a6e80949a029/1/xlkRwmkydt2NDOt_hKoqtJ79EIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:67:5e:4f:4a:28:26:f1:e1:b0:bf:ea:a9:be:cf:9e:8b:6a:
         b9:89:d7:57:ed:d1:b0:0b:ef:63:ed:5b:26:45:28:30:24:a7:
         d4:4a:d1:8a:12:ad:9c:d1:af:ce:31:9b:c2:4d:28:e7:24:3d:
         8a:f5:ee:ff:f4:3c:f0:ea:d1:97:00:95:68:0b:05:3d:06:70:
         85:87:7f:4c:6c:1a:2b:81:65:1a:e1:34:22:bc:98:8a:e8:19:
         b6:7e:1a:6d:9e:f2:dd:16:08:65:87:17:cb:20:17:55:ff:36:
         92:1d:74:ba:1a:61:8f:3c:72:93:4c:ce:4e:de:f5:8e:c3:25:
         d9:81:07:a3:0a:f9:f6:0c:8d:2d:aa:ec:84:26:79:da:ff:b2:
         40:f7:89:59:03:c4:99:e1:1a:ed:2d:f9:25:58:e9:13:74:a4:
         fb:98:53:33:fd:ee:af:2d:46:d7:c7:85:5d:2d:c4:70:72:24:
         f1:d4:b6:cf:43:a9:cc:41:2f:db:58:0d:98:ae:82:0f:12:ab:
         98:50:b2:38:7d:10:8a:3b:f1:94:11:22:4e:64:15:81:85:0c:
         07:20:1e:64:2c:d2:4b:f7:70:ad:e4:b6:e0:37:c9:a5:c4:5c:
         8b:44:b5:45:28:3a:2b:99:11:0e:99:a3:40:57:be:d0:51:1f:
         9f:5e:d8:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZGg45PJ59zbR3aXC5gqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NTkxMWMyNjkzMjc2ZGQ4ZDBjZWI3Zjg0YWEyYWI0OWVm
ZDEwODkwHhcNMjQxMTIzMDUwMDE4WhcNMjQxMTI0MDUwMDE4WjAzMTEwLwYDVQQD
EyhhYmU1ZDNjMmNhYTQyODdjYjliM2Q2Yzc0Zjg3NGFmZWZjMmQ0NjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDw/A0PaQ67cQF7eLmYrmtG+Ia9K
ExTzzNEBTKFUgMQxMIa+TzACS76OnhPO2xinmrZRET1dOFgAcEo4rcOCfomqOU23
RyOI5CBsm2VKqGaZSDIBQj4PGh5Vi7FWljH8zoM9MxM5jvSaDFXapwpkhB3RcAX5
ZU25OY9m7PgKrEQRJteD2h5M5GXcCHBKB1Vfi4uFxT+2YyQIy6B9KxL13qo9lR60
otqxhU8q9FskjD6N1azd/7/IGCQvRloRk8LfozCaeBnwp2xd4q8qXQizAnhA91x4
YJbZfw+1cPKatGNm9ajskfEOE6Gv297iJ84wichNLWMsKyQ9R+g+VhzgRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKvl08LKpCh8ubPWx0+HSv78LUYcMB8GA1UdIwQY
MBaAFMZZEcJpMnbdjQzrf4SqKrSe/RCJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYt
YTZlODA5NDlhMDI5LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjgyNzktOWRlOS00OGFiLWI4NmYtYTZlODA5NDlhMDI5
LzEveGxrUndta3lkdDJORE90X2hLb3F0Sjc5RUlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlGdeT0oo
JvHhsL/qqb7PnotquYnXV+3RsAvvY+1bJkUoMCSn1ErRihKtnNGvzjGbwk0o5yQ9
ivXu//Q88OrRlwCVaAsFPQZwhYd/TGwaK4FlGuE0IryYiugZtn4abZ7y3RYIZYcX
yyAXVf82kh10uhphjzxyk0zOTt71jsMl2YEHowr59gyNLarshCZ52v+yQPeJWQPE
meEa7S35JVjpE3Sk+5hTM/3ury1G18eFXS3EcHIk8dS2z0OpzEEv21gNmK6CDxKr
mFCyOH0QijvxlBEiTmQVgYUMByAeZCzSS/dwreS24DfJpcRci0S1RSg6K5kRDpmj
QFe+0FEfn17Y/g==
-----END CERTIFICATE-----