Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
File:                     36U2RiiDKd9mVeJT5WsihIG-lZY.mft (raw, json)
Hash identifier:          F7OgnNV/jqT5o69gwl64tmBPUQyYfIb1M6nVpgxagSQ=
Subject key identifier:   26:45:8E:4A:E7:5A:4F:70:6E:CA:C1:F8:58:55:98:29:79:E1:92:06
Authority key identifier: DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96
Certificate issuer:       /CN=dfa53646288329df6655e253e56b228481be9596
Certificate serial:       01940646210AFE1A517278D2E60ED5B0BCD2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
Manifest number:          6E
Signing time:             Fri 27 Dec 2024 04:00:46 +0000
Manifest this update:     Fri 27 Dec 2024 04:00:46 +0000
Manifest next update:     Sat 28 Dec 2024 04:00:46 +0000
Files and hashes:         1: 36U2RiiDKd9mVeJT5WsihIG-lZY.crl (hash: IDOncFcU2XFEuCBO3gEUs2sftdrXb0hlEEkiXOd8Q+U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 04:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:21:0a:fe:1a:51:72:78:d2:e6:0e:d5:b0:bc:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfa53646288329df6655e253e56b228481be9596
        Validity
            Not Before: Dec 27 04:00:46 2024 GMT
            Not After : Dec 28 04:00:46 2024 GMT
        Subject: CN=26458e4ae75a4f706ecac1f85855982979e19206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:95:65:61:0f:87:63:20:d6:62:cd:58:5c:2d:
                    01:b3:58:92:bf:0d:46:72:92:7f:3e:bb:b7:24:c6:
                    b6:29:17:75:06:6a:e5:a0:c3:02:3f:d0:e7:2d:98:
                    4d:ca:9f:d8:84:cc:99:f2:fd:01:be:46:48:6a:16:
                    c3:0e:49:5e:20:a0:95:e8:dc:e5:08:4c:8e:77:ba:
                    5c:a7:a4:fb:60:2e:4d:ac:4a:df:cb:12:bd:c2:d1:
                    a0:28:89:87:c4:a6:a7:58:b7:15:c1:df:69:7d:74:
                    4d:8e:93:79:f9:a8:da:37:a4:31:26:77:a0:85:51:
                    5c:ac:aa:fe:14:68:8d:25:d6:fe:5f:ce:66:e1:6f:
                    e7:9c:06:ae:87:a2:8c:bd:1a:87:5c:ca:e4:c3:93:
                    90:29:2a:50:b3:f0:47:89:93:5e:e1:89:6e:dd:1e:
                    c5:e5:de:cf:ad:67:f6:3e:ca:b1:3f:b6:dc:58:c8:
                    40:d1:9d:a6:c5:e4:dd:5a:35:fe:37:d9:d5:f9:0c:
                    ce:ef:ee:07:d9:b4:29:b6:cb:57:1a:16:a8:02:29:
                    42:26:8e:2e:14:98:c4:0b:9e:36:f5:4a:10:db:31:
                    c9:99:d7:6b:3c:2c:fe:ef:2f:30:b2:3d:00:bd:fa:
                    84:b3:d4:37:61:5c:8b:03:c5:48:13:d3:70:68:ba:
                    9d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                26:45:8E:4A:E7:5A:4F:70:6E:CA:C1:F8:58:55:98:29:79:E1:92:06
            X509v3 Authority Key Identifier:
                keyid:DF:A5:36:46:28:83:29:DF:66:55:E2:53:E5:6B:22:84:81:BE:95:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36U2RiiDKd9mVeJT5WsihIG-lZY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/49fe06-36f1-411c-85c3-79afd1188d37/1/36U2RiiDKd9mVeJT5WsihIG-lZY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0a:af:4d:66:0e:68:c4:10:91:2b:c1:80:22:99:4a:df:ee:1f:
         77:4a:88:66:8b:d2:de:64:18:d5:2b:60:9c:88:ae:ed:6b:f8:
         5a:99:12:da:77:49:76:69:74:65:4d:89:da:12:97:23:76:3f:
         be:e2:3c:6d:94:b8:8c:d7:79:2f:93:b8:1d:df:fd:ba:71:d1:
         1e:9f:8a:49:4d:79:c9:05:a5:69:21:01:c6:11:b1:96:02:96:
         97:ef:67:68:40:e1:1b:73:97:37:86:d9:b1:05:73:83:20:55:
         90:46:91:38:c0:3f:45:af:10:21:5f:e4:ab:7a:2d:64:b4:1c:
         3f:83:31:11:d7:36:39:a2:cc:f1:dd:b0:46:84:71:05:35:99:
         79:9d:4a:7d:f4:fc:8a:cb:a6:bb:7f:c6:6b:f2:59:b3:3f:c2:
         c4:18:38:dc:7b:93:39:fd:0d:66:02:74:3a:2d:25:3b:18:37:
         ea:dd:68:9a:82:2f:8a:d6:7d:7f:69:62:a6:66:c3:d7:59:47:
         66:55:e1:ec:15:d1:75:99:65:3c:ce:85:1c:5b:fb:fa:19:c6:
         f8:8b:3e:48:ec:d4:ab:50:6d:1a:b1:4c:7d:8c:c3:9b:02:bd:
         dd:2d:91:b6:80:b6:35:f6:e6:a6:d2:c8:be:a9:f6:6e:c1:0e:
         df:88:fe:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRiEK/hpRcnjS5g7VsLzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTUzNjQ2Mjg4MzI5ZGY2NjU1ZTI1M2U1NmIyMjg0ODFi
ZTk1OTYwHhcNMjQxMjI3MDQwMDQ2WhcNMjQxMjI4MDQwMDQ2WjAzMTEwLwYDVQQD
EygyNjQ1OGU0YWU3NWE0ZjcwNmVjYWMxZjg1ODU1OTgyOTc5ZTE5MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJVlYQ+HYyDWYs1YXC0Bs1iSvw1G
cpJ/Pru3JMa2KRd1BmrloMMCP9DnLZhNyp/YhMyZ8v0BvkZIahbDDkleIKCV6Nzl
CEyOd7pcp6T7YC5NrErfyxK9wtGgKImHxKanWLcVwd9pfXRNjpN5+ajaN6QxJneg
hVFcrKr+FGiNJdb+X85m4W/nnAauh6KMvRqHXMrkw5OQKSpQs/BHiZNe4Ylu3R7F
5d7PrWf2PsqxP7bcWMhA0Z2mxeTdWjX+N9nV+QzO7+4H2bQptstXGhaoAilCJo4u
FJjEC5429UoQ2zHJmddrPCz+7y8wsj0AvfqEs9Q3YVyLA8VIE9NwaLqd3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZFjkrnWk9wbsrB+FhVmCl54ZIGMB8GA1UdIwQY
MBaAFN+lNkYogynfZlXiU+VrIoSBvpWWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMt
NzlhZmQxMTg4ZDM3LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80OWZlMDYtMzZmMS00MTFjLTg1YzMtNzlhZmQxMTg4ZDM3
LzEvMzZVMlJpaURLZDltVmVKVDVXc2loSUctbFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACq9NZg5o
xBCRK8GAIplK3+4fd0qIZovS3mQY1StgnIiu7Wv4WpkS2ndJdml0ZU2J2hKXI3Y/
vuI8bZS4jNd5L5O4Hd/9unHRHp+KSU15yQWlaSEBxhGxlgKWl+9naEDhG3OXN4bZ
sQVzgyBVkEaROMA/Ra8QIV/kq3otZLQcP4MxEdc2OaLM8d2wRoRxBTWZeZ1KffT8
isumu3/Ga/JZsz/CxBg43HuTOf0NZgJ0Oi0lOxg36t1omoIvitZ9f2lipmbD11lH
ZlXh7BXRdZllPM6FHFv7+hnG+Is+SOzUq1BtGrFMfYzDmwK93S2RtoC2NfbmptLI
vqn2bsEO34j+Zg==
-----END CERTIFICATE-----