Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
File:                     jzAoLIbxBGuTEkzycOEU5fAm_3M.mft (raw, json)
Hash identifier:          XK1NB0AICT/yejon7SlxuhnbVZo3cixwEmLe3Jtp0Hk=
Subject key identifier:   7D:30:8B:06:E9:C9:0E:E4:3B:BB:98:B1:5E:8C:49:59:33:D1:21:3D
Authority key identifier: 8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73
Certificate issuer:       /CN=8f30282c86f1046b93124cf270e114e5f026ff73
Certificate serial:       019365FCBBD985BCD22814C56089B202D1FA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
Manifest number:          0D37
Signing time:             Tue 26 Nov 2024 01:01:22 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:22 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:22 +0000
Files and hashes:         1: jzAoLIbxBGuTEkzycOEU5fAm_3M.crl (hash: yDyCMcbVDcih+x2u3ICCaAPVleQdyhZoInbzCjiMizk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:bb:d9:85:bc:d2:28:14:c5:60:89:b2:02:d1:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f30282c86f1046b93124cf270e114e5f026ff73
        Validity
            Not Before: Nov 26 01:01:22 2024 GMT
            Not After : Nov 27 01:01:22 2024 GMT
        Subject: CN=7d308b06e9c90ee43bbb98b15e8c495933d1213d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:fb:4c:7d:fb:77:68:a0:8b:0e:b2:c8:7f:6b:
                    63:16:fb:61:54:49:6a:71:64:4c:8d:ce:ac:c9:be:
                    5e:12:c3:37:4b:e0:01:da:bc:1e:f6:e2:40:d6:63:
                    ac:7f:ec:5d:2a:d2:84:17:9e:a8:95:f3:21:87:95:
                    cc:8a:15:b2:f5:82:17:5a:9b:f3:e6:58:9a:5e:cb:
                    21:13:29:57:60:38:e6:18:9f:e8:44:b6:4d:c9:36:
                    4c:f3:60:98:08:52:8f:94:50:06:91:21:fc:5a:f5:
                    89:5f:42:71:cd:ec:6e:49:f7:04:f9:58:ae:ab:d8:
                    23:54:5c:75:7c:b1:61:26:ca:08:e1:a9:52:69:3f:
                    52:f3:00:da:26:b3:1a:d4:68:c0:c8:bb:51:1f:9f:
                    5f:d5:6d:b4:a1:39:47:51:02:c5:29:44:73:89:f5:
                    54:6c:9b:49:d1:f7:54:70:6d:38:47:43:e8:86:10:
                    93:2b:f9:62:d6:16:3d:1d:d1:51:61:0c:c9:50:9f:
                    7a:bb:89:47:d8:29:84:4a:12:74:d8:ed:9f:d8:af:
                    e9:be:a5:3e:0e:42:4e:cc:ec:14:34:64:fb:4f:91:
                    f4:99:13:79:4a:3f:c4:36:db:6a:66:fd:28:0f:fa:
                    e7:5c:7e:f1:18:a0:69:70:94:17:39:23:50:cd:ad:
                    a8:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:30:8B:06:E9:C9:0E:E4:3B:BB:98:B1:5E:8C:49:59:33:D1:21:3D
            X509v3 Authority Key Identifier:
                keyid:8F:30:28:2C:86:F1:04:6B:93:12:4C:F2:70:E1:14:E5:F0:26:FF:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzAoLIbxBGuTEkzycOEU5fAm_3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6cd798-31d4-4478-9962-f98796f51022/1/jzAoLIbxBGuTEkzycOEU5fAm_3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:7e:bd:68:29:a5:de:1f:66:b2:13:9a:bf:db:c5:72:b9:63:
         72:46:e6:f1:b1:6d:cc:77:f0:e0:85:c0:78:35:fe:e6:a5:43:
         36:f6:2a:39:8b:b9:82:eb:39:cc:db:60:ba:72:c5:a4:88:c5:
         c0:c5:71:35:f6:e3:26:33:8a:c7:c8:e0:d3:44:63:24:86:5a:
         a8:04:36:47:8a:4c:15:ca:19:0b:7b:76:20:90:da:56:19:18:
         bc:a8:9d:4e:77:1e:0c:5d:f7:93:79:52:81:c3:85:4c:1b:c7:
         a2:d1:1c:e0:68:55:33:60:5b:c1:97:37:10:b8:ad:6a:68:f4:
         12:f8:c3:0c:9c:da:e6:b5:0b:0d:f7:5d:96:fb:56:8e:24:3c:
         07:a3:3b:f6:3f:26:78:aa:00:5b:5c:79:c9:44:fe:fc:5d:e3:
         7f:95:42:7e:7d:50:2b:e9:bd:95:02:7f:69:ba:9a:34:6e:6a:
         cb:7f:21:6a:df:69:77:a9:02:3d:25:d6:01:12:44:de:d3:93:
         9c:28:94:16:cb:08:8f:af:dc:b6:51:e2:9b:d2:75:80:2c:b5:
         b9:29:b0:b8:0f:f9:57:56:70:9e:70:9b:44:35:95:8c:6e:7c:
         b5:4e:95:e0:32:be:5a:57:fe:0d:77:87:0f:f4:47:9c:75:eb:
         81:0d:c4:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/LvZhbzSKBTFYImyAtH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzAyODJjODZmMTA0NmI5MzEyNGNmMjcwZTExNGU1ZjAy
NmZmNzMwHhcNMjQxMTI2MDEwMTIyWhcNMjQxMTI3MDEwMTIyWjAzMTEwLwYDVQQD
Eyg3ZDMwOGIwNmU5YzkwZWU0M2JiYjk4YjE1ZThjNDk1OTMzZDEyMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvtMfft3aKCLDrLIf2tjFvthVElq
cWRMjc6syb5eEsM3S+AB2rwe9uJA1mOsf+xdKtKEF56olfMhh5XMihWy9YIXWpvz
5liaXsshEylXYDjmGJ/oRLZNyTZM82CYCFKPlFAGkSH8WvWJX0JxzexuSfcE+Viu
q9gjVFx1fLFhJsoI4alSaT9S8wDaJrMa1GjAyLtRH59f1W20oTlHUQLFKURzifVU
bJtJ0fdUcG04R0PohhCTK/li1hY9HdFRYQzJUJ96u4lH2CmEShJ02O2f2K/pvqU+
DkJOzOwUNGT7T5H0mRN5Sj/ENttqZv0oD/rnXH7xGKBpcJQXOSNQza2oFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH0wiwbpyQ7kO7uYsV6MSVkz0SE9MB8GA1UdIwQY
MBaAFI8wKCyG8QRrkxJM8nDhFOXwJv9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjIt
Zjk4Nzk2ZjUxMDIyLzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2Q3OTgtMzFkNC00NDc4LTk5NjItZjk4Nzk2ZjUxMDIy
LzEvanpBb0xJYnhCR3VURWt6eWNPRVU1ZkFtXzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApX69aCml
3h9mshOav9vFcrljckbm8bFtzHfw4IXAeDX+5qVDNvYqOYu5gus5zNtgunLFpIjF
wMVxNfbjJjOKx8jg00RjJIZaqAQ2R4pMFcoZC3t2IJDaVhkYvKidTnceDF33k3lS
gcOFTBvHotEc4GhVM2BbwZc3ELitamj0EvjDDJza5rULDfddlvtWjiQ8B6M79j8m
eKoAW1x5yUT+/F3jf5VCfn1QK+m9lQJ/abqaNG5qy38hat9pd6kCPSXWARJE3tOT
nCiUFssIj6/ctlHim9J1gCy1uSmwuA/5V1ZwnnCbRDWVjG58tU6V4DK+Wlf+DXeH
D/RHnHXrgQ3EFA==
-----END CERTIFICATE-----