Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
File:                     wq8ZpG9azIz4_QNiSmG3koqBjNA.mft (raw, json)
Hash identifier:          HB2ghgZ0zkYQsu0WJTORCH4SRJvtVthJ/iRU94FPaHs=
Subject key identifier:   E4:38:48:EC:DD:3B:EC:96:C8:94:F8:48:9B:32:B7:E0:76:20:3C:2A
Authority key identifier: C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0
Certificate issuer:       /CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
Certificate serial:       0193568AD9B61573CD1D12F544D68BA989CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 01:02:40 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:40 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:40 +0000
Files and hashes:         1: wq8ZpG9azIz4_QNiSmG3koqBjNA.crl (hash: 49I1YPfaxtu2ZFIMyfPBDvmGBXl9oDiLo7iGiow+MZU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:d9:b6:15:73:cd:1d:12:f5:44:d6:8b:a9:89:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2af19a46f5acc8cf8fd03624a61b7928a818cd0
        Validity
            Not Before: Nov 23 01:02:40 2024 GMT
            Not After : Nov 24 01:02:40 2024 GMT
        Subject: CN=e43848ecdd3bec96c894f8489b32b7e076203c2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:eb:7d:23:71:a5:49:5b:9e:5c:f4:e8:6e:bc:
                    5d:4a:41:40:3c:4f:8e:95:4c:18:54:e2:c7:82:39:
                    65:02:e8:45:ba:5c:bb:a6:d2:86:08:b3:4f:34:ad:
                    34:65:78:12:96:b2:3b:02:22:db:f0:30:60:4b:31:
                    55:21:ab:af:c0:23:e4:88:af:df:44:10:23:84:3a:
                    24:2a:49:e0:6d:a5:d9:ef:38:b8:03:54:3a:f4:99:
                    85:4e:13:99:67:71:dc:9e:f8:ca:8d:53:75:cf:86:
                    18:47:ce:1f:ea:36:13:f0:e0:ca:95:ef:5c:ce:ef:
                    b6:7b:b4:d8:7d:c4:36:f3:e8:15:c2:f2:a0:16:36:
                    fa:d5:f4:fe:2b:fb:8d:fd:1b:c8:d7:9d:a2:d5:99:
                    a6:b6:de:bc:ce:52:51:94:e7:a5:4a:d7:19:ce:9e:
                    c2:79:4b:4c:de:9e:2b:0b:04:e1:88:41:06:9f:c0:
                    6a:b1:03:87:52:af:18:ef:a7:bf:c4:06:22:60:3e:
                    a8:cb:b9:59:77:07:e0:1f:72:b8:dd:08:76:0c:0f:
                    a5:c0:6a:12:de:de:e0:3f:04:43:d0:b5:52:6b:97:
                    86:66:10:4a:25:d4:9e:2c:3f:9b:86:93:46:f6:0a:
                    ce:1b:a2:d9:ca:ee:d2:9b:fe:a5:2b:e4:c4:5a:a7:
                    ec:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:38:48:EC:DD:3B:EC:96:C8:94:F8:48:9B:32:B7:E0:76:20:3C:2A
            X509v3 Authority Key Identifier:
                keyid:C2:AF:19:A4:6F:5A:CC:8C:F8:FD:03:62:4A:61:B7:92:8A:81:8C:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq8ZpG9azIz4_QNiSmG3koqBjNA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2f94ec-8337-4249-babc-5636814a9337/1/wq8ZpG9azIz4_QNiSmG3koqBjNA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:83:db:79:5e:4f:04:8b:08:56:c3:b0:00:33:48:54:99:b1:
         37:3b:31:f6:43:ac:cb:12:93:3e:84:fd:9e:ff:57:0b:bd:cf:
         cd:22:3c:07:18:00:be:9b:f7:02:28:56:1c:a2:24:58:5b:a5:
         49:d2:66:f1:56:17:d9:7f:c5:68:f9:1a:56:5d:a0:9b:43:49:
         ac:01:5f:e5:ac:7d:ba:66:70:9d:71:1f:57:ea:f6:ce:b9:9b:
         8f:24:96:01:94:a8:e5:d4:c5:6d:ab:fc:13:7b:97:ce:e0:a1:
         4e:d4:dc:20:e3:ab:9f:22:4e:d0:0e:b0:6c:ef:c0:45:00:c5:
         2f:5b:e6:2b:f5:f0:a4:f5:d0:5b:53:e8:ea:7e:fc:11:3c:58:
         a8:f8:d2:47:99:04:e3:5c:90:00:20:70:06:c8:dc:84:59:32:
         c7:14:2e:7d:56:43:cb:a8:3f:f0:d0:fa:b6:c8:39:f8:54:a1:
         7c:06:98:4c:93:b9:64:30:42:6f:a5:33:a6:c7:0d:c0:10:58:
         f0:11:80:41:0f:a2:00:ae:a9:0c:2b:71:61:24:8e:58:7e:f9:
         68:94:d0:97:64:45:c2:e3:88:93:94:3a:c6:17:8f:fe:77:b1:
         f6:37:20:5a:ae:9f:86:18:77:73:fa:f5:12:aa:fb:d9:86:e0:
         d2:db:d2:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWitm2FXPNHRL1RNaLqYnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWYxOWE0NmY1YWNjOGNmOGZkMDM2MjRhNjFiNzkyOGE4
MThjZDAwHhcNMjQxMTIzMDEwMjQwWhcNMjQxMTI0MDEwMjQwWjAzMTEwLwYDVQQD
EyhlNDM4NDhlY2RkM2JlYzk2Yzg5NGY4NDg5YjMyYjdlMDc2MjAzYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOt9I3GlSVueXPTobrxdSkFAPE+O
lUwYVOLHgjllAuhFuly7ptKGCLNPNK00ZXgSlrI7AiLb8DBgSzFVIauvwCPkiK/f
RBAjhDokKkngbaXZ7zi4A1Q69JmFThOZZ3HcnvjKjVN1z4YYR84f6jYT8ODKle9c
zu+2e7TYfcQ28+gVwvKgFjb61fT+K/uN/RvI152i1Zmmtt68zlJRlOelStcZzp7C
eUtM3p4rCwThiEEGn8BqsQOHUq8Y76e/xAYiYD6oy7lZdwfgH3K43Qh2DA+lwGoS
3t7gPwRD0LVSa5eGZhBKJdSeLD+bhpNG9grOG6LZyu7Sm/6lK+TEWqfs4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOQ4SOzdO+yWyJT4SJsyt+B2IDwqMB8GA1UdIwQY
MBaAFMKvGaRvWsyM+P0DYkpht5KKgYzQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMt
NTYzNjgxNGE5MzM3LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZjk0ZWMtODMzNy00MjQ5LWJhYmMtNTYzNjgxNGE5MzM3
LzEvd3E4WnBHOWF6SXo0X1FOaVNtRzNrb3FCak5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOIPbeV5P
BIsIVsOwADNIVJmxNzsx9kOsyxKTPoT9nv9XC73PzSI8BxgAvpv3AihWHKIkWFul
SdJm8VYX2X/FaPkaVl2gm0NJrAFf5ax9umZwnXEfV+r2zrmbjySWAZSo5dTFbav8
E3uXzuChTtTcIOOrnyJO0A6wbO/ARQDFL1vmK/XwpPXQW1Po6n78ETxYqPjSR5kE
41yQACBwBsjchFkyxxQufVZDy6g/8ND6tsg5+FShfAaYTJO5ZDBCb6UzpscNwBBY
8BGAQQ+iAK6pDCtxYSSOWH75aJTQl2RFwuOIk5Q6xheP/nex9jcgWq6fhhh3c/r1
Eqr72Ybg0tvSLg==
-----END CERTIFICATE-----