Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
File:                     udCVzONbOja-8QjvdipiGvRmJiE.mft (raw, json)
Hash identifier:          ANjKAx+E2VY6s961FEzOUc00cf1z8knpkOcwKSSN1ko=
Subject key identifier:   71:1C:6B:D7:A3:65:1F:6A:B9:F1:AB:99:23:9B:FD:F7:ED:68:71:EC
Authority key identifier: B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21
Certificate issuer:       /CN=b9d095cce35b3a36bef108ef762a621af4662621
Certificate serial:       01920A617040FBC0CE491E9EF5A7253C63E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
Manifest number:          19
Signing time:             Thu 19 Sep 2024 13:03:30 +0000
Manifest this update:     Thu 19 Sep 2024 13:03:30 +0000
Manifest next update:     Fri 20 Sep 2024 13:03:30 +0000
Files and hashes:         1: udCVzONbOja-8QjvdipiGvRmJiE.crl (hash: 8TnvdWEuYoGjXlsqa3Ye9vYqktIMOqc9m0RaGKZNgmM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 20 Sep 2024 13:03:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:0a:61:70:40:fb:c0:ce:49:1e:9e:f5:a7:25:3c:63:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9d095cce35b3a36bef108ef762a621af4662621
        Validity
            Not Before: Sep 19 13:03:30 2024 GMT
            Not After : Sep 20 13:03:30 2024 GMT
        Subject: CN=711c6bd7a3651f6ab9f1ab99239bfdf7ed6871ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:28:e0:5c:f6:0d:6e:30:66:d1:70:c8:ef:5e:
                    bd:8a:95:14:c9:22:cf:77:d9:eb:6d:f7:49:39:2b:
                    50:e8:66:88:c3:53:bb:77:5d:6e:bc:98:4c:bc:ea:
                    06:93:db:52:5c:e2:b8:e4:bd:3f:89:eb:9d:41:68:
                    e5:a4:e5:41:b6:f8:44:9c:08:bb:65:48:2b:4f:d6:
                    f8:3a:71:d5:35:54:08:a4:4b:33:2e:d2:89:0d:a1:
                    5b:1a:e5:13:aa:00:12:c5:d5:6e:47:bf:d2:8f:ef:
                    10:a5:dd:82:af:3e:a0:4d:ba:e6:c7:b5:9a:01:33:
                    99:ea:b6:dd:ec:63:c6:5c:73:a3:a1:b7:18:55:67:
                    6c:5b:f2:75:89:1d:27:44:f3:0a:bb:91:f1:a9:e4:
                    60:f1:0b:57:a0:ca:7a:b3:e2:01:5e:ea:47:4f:d7:
                    db:a0:0c:34:0f:5e:18:db:5d:ec:69:47:1c:13:9a:
                    f6:df:75:a3:cc:0c:a0:48:67:04:ac:a1:45:64:8d:
                    ff:29:ef:25:9a:95:ca:5f:8c:9a:11:5e:92:60:a2:
                    f0:4e:d2:18:cf:99:f8:61:d9:f3:1c:50:fe:ca:04:
                    9f:95:45:3a:26:37:04:bb:dd:dc:62:70:d6:78:03:
                    7c:b9:69:80:0b:bf:b0:8e:81:b9:f4:e6:f4:88:9c:
                    db:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1C:6B:D7:A3:65:1F:6A:B9:F1:AB:99:23:9B:FD:F7:ED:68:71:EC
            X509v3 Authority Key Identifier:
                keyid:B9:D0:95:CC:E3:5B:3A:36:BE:F1:08:EF:76:2A:62:1A:F4:66:26:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/udCVzONbOja-8QjvdipiGvRmJiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/281cc2-959e-4192-bdde-8c70bc847bc5/1/udCVzONbOja-8QjvdipiGvRmJiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:ea:66:61:cd:03:07:55:a3:b7:ae:f3:67:e9:01:6c:14:1d:
         d6:86:15:f3:03:24:cb:ed:ae:e3:67:b3:10:55:2c:20:9b:e4:
         b7:be:df:9e:5d:25:f7:8d:07:54:7a:12:a7:49:11:74:a5:43:
         09:6c:c7:08:73:09:ba:6d:3c:8c:74:85:1d:b9:bf:ef:1c:f6:
         4c:11:fe:e2:fd:51:e3:9b:18:ba:22:28:a4:58:79:ab:16:09:
         52:da:49:c5:39:0a:26:df:8f:8e:b5:2c:71:37:45:0a:e4:c1:
         1a:8f:91:3b:48:94:57:4a:cb:f2:bd:2e:cd:5a:61:69:fe:88:
         05:09:88:89:51:62:75:37:5a:29:47:de:2a:61:16:42:50:8e:
         8d:c7:1d:56:30:84:8a:7a:d3:26:72:37:6e:a5:19:51:f5:18:
         2e:68:5d:15:6e:24:9f:7f:a2:c5:7c:e4:17:52:55:e6:0d:e2:
         00:cc:30:40:a1:43:d2:5c:31:83:76:18:77:c4:ad:68:e1:c5:
         ce:2c:84:36:5b:08:ac:53:35:eb:76:5a:e5:40:e8:16:6b:77:
         9b:a1:5c:b6:ce:3e:67:09:93:b0:ae:47:be:ac:ee:b5:52:37:
         60:9e:9e:53:ff:ba:89:f5:e5:f1:84:8d:6b:88:3f:f4:41:52:
         b8:2d:30:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZIKYXBA+8DOSR6e9aclPGPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZDA5NWNjZTM1YjNhMzZiZWYxMDhlZjc2MmE2MjFhZjQ2
NjI2MjEwHhcNMjQwOTE5MTMwMzMwWhcNMjQwOTIwMTMwMzMwWjAzMTEwLwYDVQQD
Eyg3MTFjNmJkN2EzNjUxZjZhYjlmMWFiOTkyMzliZmRmN2VkNjg3MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyjgXPYNbjBm0XDI7169ipUUySLP
d9nrbfdJOStQ6GaIw1O7d11uvJhMvOoGk9tSXOK45L0/ieudQWjlpOVBtvhEnAi7
ZUgrT9b4OnHVNVQIpEszLtKJDaFbGuUTqgASxdVuR7/Sj+8Qpd2Crz6gTbrmx7Wa
ATOZ6rbd7GPGXHOjobcYVWdsW/J1iR0nRPMKu5HxqeRg8QtXoMp6s+IBXupHT9fb
oAw0D14Y213saUccE5r233WjzAygSGcErKFFZI3/Ke8lmpXKX4yaEV6SYKLwTtIY
z5n4YdnzHFD+ygSflUU6JjcEu93cYnDWeAN8uWmAC7+wjoG59Ob0iJzbEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEca9ejZR9qufGrmSOb/fftaHHsMB8GA1UdIwQY
MBaAFLnQlczjWzo2vvEI73YqYhr0ZiYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUt
OGM3MGJjODQ3YmM1LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yODFjYzItOTU5ZS00MTkyLWJkZGUtOGM3MGJjODQ3YmM1
LzEvdWRDVnpPTmJPamEtOFFqdmRpcGlHdlJtSmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOpmYc0D
B1Wjt67zZ+kBbBQd1oYV8wMky+2u42ezEFUsIJvkt77fnl0l940HVHoSp0kRdKVD
CWzHCHMJum08jHSFHbm/7xz2TBH+4v1R45sYuiIopFh5qxYJUtpJxTkKJt+PjrUs
cTdFCuTBGo+RO0iUV0rL8r0uzVphaf6IBQmIiVFidTdaKUfeKmEWQlCOjccdVjCE
inrTJnI3bqUZUfUYLmhdFW4kn3+ixXzkF1JV5g3iAMwwQKFD0lwxg3YYd8StaOHF
ziyENlsIrFM163Za5UDoFmt3m6Fcts4+ZwmTsK5HvqzutVI3YJ6eU/+6ifXl8YSN
a4g/9EFSuC0wtQ==
-----END CERTIFICATE-----