Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
File:                     2nGl-6KA1tAY7MOp1-WMPGEeav0.mft (raw, json)
Hash identifier:          ESDZBVXaxewXro1zsxKeR9s1wF8liv+WGXtjiASretE=
Subject key identifier:   8B:8E:C4:79:A7:91:29:AC:E4:A1:99:A8:2D:91:4E:AE:EE:D4:2F:71
Authority key identifier: DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD
Certificate issuer:       /CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
Certificate serial:       019367EBC5A01386C0051EE77D3731FCE8FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
Manifest number:          1376
Signing time:             Tue 26 Nov 2024 10:02:04 +0000
Manifest this update:     Tue 26 Nov 2024 10:02:04 +0000
Manifest next update:     Wed 27 Nov 2024 10:02:04 +0000
Files and hashes:         1: 2nGl-6KA1tAY7MOp1-WMPGEeav0.crl (hash: aeIR2ZXEz4wSV3PPkKaIv/9eXuQI/SY83HiTFb4WNIU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:67:eb:c5:a0:13:86:c0:05:1e:e7:7d:37:31:fc:e8:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da71a5fba280d6d018ecc3a9d7e58c3c611e6afd
        Validity
            Not Before: Nov 26 10:02:04 2024 GMT
            Not After : Nov 27 10:02:04 2024 GMT
        Subject: CN=8b8ec479a79129ace4a199a82d914eaeeed42f71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d6:c7:9f:c1:9d:00:3f:a1:be:73:0f:9d:6b:
                    69:0a:cf:cc:65:ec:f6:ba:38:72:86:9a:bf:bf:20:
                    8a:26:0b:0b:71:cf:05:ba:07:56:1f:15:dd:76:b6:
                    e8:9d:bc:01:c8:9d:a6:2c:20:98:46:a8:a0:93:e6:
                    a2:a6:9c:4a:98:05:94:83:07:6f:75:03:a7:ff:28:
                    e6:c3:b8:12:8f:75:cb:7b:41:33:9e:a5:9f:15:f2:
                    34:53:05:f5:fc:a6:44:f2:81:2c:61:7b:4e:54:5d:
                    57:ab:09:b7:18:11:4f:a0:62:a9:a7:3b:fb:4d:4e:
                    ee:da:b1:79:77:5d:62:44:8b:cd:3e:24:30:fb:62:
                    b7:67:ae:8b:8e:78:de:d2:56:82:4d:65:12:b9:d1:
                    bf:60:21:5c:4b:ee:22:c2:47:f6:06:fd:5d:38:e7:
                    47:fa:0f:e1:e1:b8:16:f6:a3:3a:c6:af:40:8f:a9:
                    fc:53:93:b0:04:72:9c:4b:01:1f:9e:78:5e:01:89:
                    0a:bf:57:38:dc:87:7c:db:93:04:21:25:00:13:08:
                    cb:f6:31:eb:e0:09:8b:1f:d1:d0:1c:62:89:01:a7:
                    52:7b:36:c8:b0:fd:b3:88:3e:4c:4d:54:97:9d:47:
                    71:a2:c9:2b:34:a1:73:dd:dc:e1:e6:d2:4b:63:6a:
                    ae:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:8E:C4:79:A7:91:29:AC:E4:A1:99:A8:2D:91:4E:AE:EE:D4:2F:71
            X509v3 Authority Key Identifier:
                keyid:DA:71:A5:FB:A2:80:D6:D0:18:EC:C3:A9:D7:E5:8C:3C:61:1E:6A:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2nGl-6KA1tAY7MOp1-WMPGEeav0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/242692-a050-4783-8f7f-4c240a973d1e/1/2nGl-6KA1tAY7MOp1-WMPGEeav0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:12:c3:f9:41:26:05:86:42:dc:92:7d:84:67:7f:a7:06:39:
         96:d0:58:cb:b3:b2:4d:b8:03:bd:9d:2b:e2:7c:9a:aa:9a:60:
         c4:2b:e4:ce:87:57:93:a6:ce:5b:1f:43:d0:a9:2d:11:c5:2e:
         ac:ac:5e:00:04:97:31:e4:c0:45:00:31:cb:ca:75:9b:3d:0e:
         c4:51:a3:7f:0a:3f:bd:12:9b:ae:11:5e:68:a2:b6:28:cf:a0:
         0e:b1:60:56:17:93:cf:d3:7e:9c:cc:cf:a5:27:60:45:dd:35:
         b9:dd:e4:ad:b0:37:df:3b:31:87:c3:e9:de:67:6d:7a:60:d9:
         7c:ac:b3:a6:c8:12:72:55:08:f1:39:50:ec:5f:58:92:e3:94:
         9f:1f:93:74:66:61:90:1a:15:8a:9b:04:ce:7d:11:5c:ee:7a:
         85:ef:46:9e:7e:3f:02:d0:29:25:ca:ea:b9:33:41:5c:74:8b:
         2b:00:5a:f7:0f:5b:2a:37:91:7b:56:3d:2a:17:d0:00:48:6f:
         6d:c4:12:7d:de:0b:a2:e8:9a:da:2f:1f:af:df:31:34:42:9f:
         e9:42:86:e0:34:2e:57:49:a5:27:7b:da:53:bf:87:a7:92:11:
         d6:8a:d0:e5:81:a6:e8:2d:ec:df:5b:99:f0:1c:16:19:d5:5f:
         de:b7:f7:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNn68WgE4bABR7nfTcx/Oj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNzFhNWZiYTI4MGQ2ZDAxOGVjYzNhOWQ3ZTU4YzNjNjEx
ZTZhZmQwHhcNMjQxMTI2MTAwMjA0WhcNMjQxMTI3MTAwMjA0WjAzMTEwLwYDVQQD
Eyg4YjhlYzQ3OWE3OTEyOWFjZTRhMTk5YTgyZDkxNGVhZWVlZDQyZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtbHn8GdAD+hvnMPnWtpCs/MZez2
ujhyhpq/vyCKJgsLcc8FugdWHxXddrbonbwByJ2mLCCYRqigk+aippxKmAWUgwdv
dQOn/yjmw7gSj3XLe0EznqWfFfI0UwX1/KZE8oEsYXtOVF1Xqwm3GBFPoGKppzv7
TU7u2rF5d11iRIvNPiQw+2K3Z66Ljnje0laCTWUSudG/YCFcS+4iwkf2Bv1dOOdH
+g/h4bgW9qM6xq9Aj6n8U5OwBHKcSwEfnnheAYkKv1c43Id825MEISUAEwjL9jHr
4AmLH9HQHGKJAadSezbIsP2ziD5MTVSXnUdxoskrNKFz3dzh5tJLY2qutQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuOxHmnkSms5KGZqC2RTq7u1C9xMB8GA1UdIwQY
MBaAFNpxpfuigNbQGOzDqdfljDxhHmr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2Yt
NGMyNDBhOTczZDFlLzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8yNDI2OTItYTA1MC00NzgzLThmN2YtNGMyNDBhOTczZDFl
LzEvMm5HbC02S0ExdEFZN01PcDEtV01QR0VlYXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfhLD+UEm
BYZC3JJ9hGd/pwY5ltBYy7OyTbgDvZ0r4nyaqppgxCvkzodXk6bOWx9D0KktEcUu
rKxeAASXMeTARQAxy8p1mz0OxFGjfwo/vRKbrhFeaKK2KM+gDrFgVheTz9N+nMzP
pSdgRd01ud3krbA33zsxh8Pp3mdtemDZfKyzpsgSclUI8TlQ7F9YkuOUnx+TdGZh
kBoVipsEzn0RXO56he9Gnn4/AtApJcrquTNBXHSLKwBa9w9bKjeRe1Y9KhfQAEhv
bcQSfd4Louia2i8fr98xNEKf6UKG4DQuV0mlJ3vaU7+Hp5IR1orQ5YGm6C3s31uZ
8BwWGdVf3rf3wA==
-----END CERTIFICATE-----