Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
File:                     BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft (raw, json)
Hash identifier:          3E9D0eztfaY2d3gABtFOhA8zh1wdfH8a63WaoeeHjy8=
Subject key identifier:   38:B8:67:EE:75:72:60:5C:90:FC:6D:DA:7E:6F:D2:B7:74:DC:D5:C0
Authority key identifier: 04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6
Certificate issuer:       /CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
Certificate serial:       0194064678E79B240342F0E286E01E099C1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
Manifest number:          0A24
Signing time:             Fri 27 Dec 2024 04:01:09 +0000
Manifest this update:     Fri 27 Dec 2024 04:01:09 +0000
Manifest next update:     Sat 28 Dec 2024 04:01:09 +0000
Files and hashes:         1: BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl (hash: rNu3WMwL2RFdEmBgup8Q7UgyD+sgPyaPZuAna2bRJOw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:46:78:e7:9b:24:03:42:f0:e2:86:e0:1e:09:9c:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=04b61e5140cd8984f7fe2010db59ebdb2f3ed4e6
        Validity
            Not Before: Dec 27 04:01:09 2024 GMT
            Not After : Dec 28 04:01:09 2024 GMT
        Subject: CN=38b867ee7572605c90fc6dda7e6fd2b774dcd5c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:68:fe:ed:78:8c:10:3c:61:63:34:f5:dd:0e:
                    41:e3:b9:64:c0:f5:c3:a1:86:3c:1f:99:ed:be:4e:
                    ad:75:06:15:ff:df:68:da:35:59:ab:30:88:07:e2:
                    8f:77:f5:14:9c:bc:4b:87:56:66:31:55:d1:d2:ac:
                    f4:40:7b:4d:6c:c9:88:fd:bc:d4:07:d1:70:e3:ce:
                    05:3b:5c:7c:42:78:2f:4c:84:f2:96:9c:fa:b3:b2:
                    2c:81:c9:c5:d3:19:ac:11:fc:44:2d:fc:00:f8:1e:
                    76:29:57:85:26:23:44:aa:3a:d2:da:81:2b:6d:50:
                    94:7e:14:4f:41:34:56:4a:6c:0e:e1:4c:db:44:90:
                    82:db:e0:b6:cb:35:15:c9:64:6d:c5:5f:14:ae:39:
                    ea:2a:e9:b7:cf:4b:54:e1:39:23:1f:4f:07:56:bb:
                    0f:01:92:53:9e:2d:84:17:57:59:77:93:d6:aa:fe:
                    ef:4d:33:2f:64:43:ae:da:5a:67:43:44:1b:b6:36:
                    46:1d:14:f3:a2:e1:d9:94:e3:b4:84:53:41:91:c5:
                    39:aa:69:9a:a7:a2:c3:76:ab:ec:53:af:21:df:6e:
                    b6:c8:82:ab:cd:80:54:fc:b9:8c:18:64:05:41:90:
                    d6:99:b1:7f:c4:46:36:f8:69:1e:3b:37:5e:8f:bb:
                    07:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B8:67:EE:75:72:60:5C:90:FC:6D:DA:7E:6F:D2:B7:74:DC:D5:C0
            X509v3 Authority Key Identifier:
                keyid:04:B6:1E:51:40:CD:89:84:F7:FE:20:10:DB:59:EB:DB:2F:3E:D4:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BLYeUUDNiYT3_iAQ21nr2y8-1OY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/d4ef16-2795-4f39-9be9-6175e83c6a2b/1/BLYeUUDNiYT3_iAQ21nr2y8-1OY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:a0:09:1a:90:fb:f1:94:94:aa:d3:0c:67:cc:f8:23:11:ef:
         16:aa:3a:ac:72:88:88:2c:59:48:01:e0:1d:17:a5:0c:fd:0c:
         1e:f2:ba:b1:14:3d:19:91:f3:90:14:22:01:9a:76:40:af:d4:
         d1:c0:39:d9:f4:c4:58:58:ab:31:72:27:4f:2f:dd:08:b5:eb:
         a1:dd:5b:eb:d9:cb:24:6f:d8:ce:0e:8f:d9:65:c2:bd:67:e6:
         24:f3:ee:9a:de:29:78:d5:91:8b:62:fa:39:1a:a3:48:07:de:
         89:c9:ae:a9:07:94:78:be:ae:0c:32:97:d4:9b:9a:e1:2d:a1:
         d9:a1:86:f9:1a:63:c8:e1:78:81:22:c1:87:2d:39:15:b7:a9:
         91:59:a5:05:45:20:e7:10:20:44:9b:b8:af:c5:2f:82:fc:e6:
         f9:a6:55:9b:02:8d:92:f5:9b:7c:d9:eb:30:38:b4:8c:53:7c:
         3c:ca:84:3c:8a:e6:96:b2:b5:2a:d4:ca:7b:4b:f0:e3:e4:4a:
         f3:11:e8:43:8f:08:d0:e6:39:a5:bd:dc:87:b8:09:e5:3c:66:
         e3:24:e6:95:cb:f7:52:d5:7f:04:68:5c:36:d7:86:b2:8a:2f:
         a2:6e:55:51:d3:55:66:8e:58:82:6c:ad:0f:c9:5c:1e:9d:cd:
         88:47:ba:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGRnjnmyQDQvDihuAeCZwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YjYxZTUxNDBjZDg5ODRmN2ZlMjAxMGRiNTllYmRiMmYz
ZWQ0ZTYwHhcNMjQxMjI3MDQwMTA5WhcNMjQxMjI4MDQwMTA5WjAzMTEwLwYDVQQD
EygzOGI4NjdlZTc1NzI2MDVjOTBmYzZkZGE3ZTZmZDJiNzc0ZGNkNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmj+7XiMEDxhYzT13Q5B47lkwPXD
oYY8H5ntvk6tdQYV/99o2jVZqzCIB+KPd/UUnLxLh1ZmMVXR0qz0QHtNbMmI/bzU
B9Fw484FO1x8QngvTITylpz6s7IsgcnF0xmsEfxELfwA+B52KVeFJiNEqjrS2oEr
bVCUfhRPQTRWSmwO4UzbRJCC2+C2yzUVyWRtxV8UrjnqKum3z0tU4TkjH08HVrsP
AZJTni2EF1dZd5PWqv7vTTMvZEOu2lpnQ0QbtjZGHRTzouHZlOO0hFNBkcU5qmma
p6LDdqvsU68h3262yIKrzYBU/LmMGGQFQZDWmbF/xEY2+GkeOzdej7sHJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi4Z+51cmBckPxt2n5v0rd03NXAMB8GA1UdIwQY
MBaAFAS2HlFAzYmE9/4gENtZ69svPtTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTkt
NjE3NWU4M2M2YTJiLzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9kNGVmMTYtMjc5NS00ZjM5LTliZTktNjE3NWU4M2M2YTJi
LzEvQkxZZVVVRE5pWVQzX2lBUTIxbnIyeTgtMU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ6AJGpD7
8ZSUqtMMZ8z4IxHvFqo6rHKIiCxZSAHgHRelDP0MHvK6sRQ9GZHzkBQiAZp2QK/U
0cA52fTEWFirMXInTy/dCLXrod1b69nLJG/Yzg6P2WXCvWfmJPPumt4peNWRi2L6
ORqjSAfeicmuqQeUeL6uDDKX1Jua4S2h2aGG+RpjyOF4gSLBhy05FbepkVmlBUUg
5xAgRJu4r8Uvgvzm+aZVmwKNkvWbfNnrMDi0jFN8PMqEPIrmlrK1KtTKe0vw4+RK
8xHoQ48I0OY5pb3ch7gJ5Txm4yTmlcv3UtV/BGhcNteGsoovom5VUdNVZo5Ygmyt
D8lcHp3NiEe68Q==
-----END CERTIFICATE-----