Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
File:                     yPGA3UiWddR5NSX-5s__Rpcv8zw.mft (raw, json)
Hash identifier:          ZJLc8jOqByTruewpYK+fc27wVkHcBqGvPzRIdBdrMSk=
Subject key identifier:   68:93:D3:76:9A:1F:02:6D:10:FD:57:C1:AF:7D:7F:AD:56:29:CE:D6
Authority key identifier: C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C
Certificate issuer:       /CN=c8f180dd489675d4793525fee6cfff46972ff33c
Certificate serial:       019356F69FCC1ECF4D53C280FA4B76956916
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
Manifest number:          136E
Signing time:             Sat 23 Nov 2024 03:00:23 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:23 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:23 +0000
Files and hashes:         1: yPGA3UiWddR5NSX-5s__Rpcv8zw.crl (hash: RyCTW4gMYfGrgFKUZ31KC4uXAGAkzRf1Xnd3+XeSHZY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:9f:cc:1e:cf:4d:53:c2:80:fa:4b:76:95:69:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8f180dd489675d4793525fee6cfff46972ff33c
        Validity
            Not Before: Nov 23 03:00:23 2024 GMT
            Not After : Nov 24 03:00:23 2024 GMT
        Subject: CN=6893d3769a1f026d10fd57c1af7d7fad5629ced6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:88:6c:90:a9:da:4f:d8:ae:02:0e:e5:36:5d:
                    bb:6e:a9:83:38:a1:99:b9:b2:cc:b2:4a:75:bb:a5:
                    cb:6a:3d:98:22:89:11:d3:81:b5:41:da:22:a1:4a:
                    c4:85:42:5c:21:1e:6a:2a:4c:57:0b:3c:6d:58:df:
                    8d:60:90:7d:19:5e:50:40:37:f3:e9:a5:23:8b:56:
                    97:82:88:71:f4:e4:1e:7d:a2:2d:02:d6:4e:8d:d7:
                    1b:4b:22:a4:11:e5:9f:3e:43:79:8a:c9:6a:34:72:
                    77:a2:8c:22:58:96:28:5b:66:aa:6f:54:70:3b:9a:
                    60:6c:84:3c:e2:f2:55:bd:fc:f8:30:03:bb:91:63:
                    47:de:a0:dd:77:91:51:83:25:d9:cd:ed:42:68:71:
                    b7:5e:75:90:f6:66:75:b6:39:6a:94:84:79:ef:8c:
                    9c:44:45:8a:42:7b:c0:34:71:d7:da:de:39:87:f2:
                    e1:4f:30:d7:b6:f4:7b:9d:ec:de:9c:46:bd:a6:03:
                    3a:c7:0f:78:7e:d6:6b:89:1a:9e:73:12:ad:be:9f:
                    67:a2:7f:c7:c7:dc:4f:d5:3c:bf:1f:7f:51:d2:ff:
                    cf:ba:2d:96:bb:d0:04:2b:1c:1d:1b:aa:27:63:be:
                    11:a8:c4:49:11:4a:cf:ff:53:f9:65:11:14:16:c3:
                    61:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:93:D3:76:9A:1F:02:6D:10:FD:57:C1:AF:7D:7F:AD:56:29:CE:D6
            X509v3 Authority Key Identifier:
                keyid:C8:F1:80:DD:48:96:75:D4:79:35:25:FE:E6:CF:FF:46:97:2F:F3:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPGA3UiWddR5NSX-5s__Rpcv8zw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/67f1c5-8229-4173-99c1-dbd760045eb7/1/yPGA3UiWddR5NSX-5s__Rpcv8zw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:91:d3:74:dc:7e:4a:d8:9b:36:87:aa:e9:b2:ca:8c:f6:03:
         dc:a6:02:03:f4:71:02:3e:bd:3e:4c:39:09:4e:6e:ed:93:e5:
         5c:53:35:62:b8:41:b9:c6:dd:49:a6:8c:ff:14:e0:b1:7c:41:
         50:e0:3e:01:91:5c:8f:c6:f7:f1:a4:1c:99:89:87:18:1e:27:
         e0:52:0a:ba:88:68:5f:83:0f:8e:c0:64:5c:09:4a:8a:41:e7:
         28:f3:a7:81:f1:06:97:37:f1:04:b1:83:9a:4c:7b:cb:35:ef:
         90:6c:e0:01:1c:ec:f4:7b:0b:7e:d5:c0:14:08:04:90:e3:36:
         51:19:4a:a2:b4:24:c6:43:8f:7f:59:b3:ab:2f:2b:85:e7:11:
         0a:20:e2:68:61:c8:38:89:7c:eb:c0:fd:28:57:1e:a0:24:31:
         8a:fe:e4:cf:f4:97:ee:b7:38:19:2d:0f:8b:70:ef:41:3d:ac:
         12:0c:58:cf:a7:e9:ee:5a:d1:04:df:38:cc:28:9e:93:ff:1a:
         65:0c:94:69:ee:84:da:45:fc:fd:f4:de:f0:67:1d:f2:96:e7:
         6f:11:6b:9e:55:60:cd:9d:e0:87:30:e5:98:86:dc:df:a5:c6:
         b9:bd:20:f2:b8:f5:8a:03:77:47:81:04:8c:fe:af:a3:b6:61:
         40:51:34:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9p/MHs9NU8KA+kt2lWkWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZjE4MGRkNDg5Njc1ZDQ3OTM1MjVmZWU2Y2ZmZjQ2OTcy
ZmYzM2MwHhcNMjQxMTIzMDMwMDIzWhcNMjQxMTI0MDMwMDIzWjAzMTEwLwYDVQQD
Eyg2ODkzZDM3NjlhMWYwMjZkMTBmZDU3YzFhZjdkN2ZhZDU2MjljZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24hskKnaT9iuAg7lNl27bqmDOKGZ
ubLMskp1u6XLaj2YIokR04G1QdoioUrEhUJcIR5qKkxXCzxtWN+NYJB9GV5QQDfz
6aUji1aXgohx9OQefaItAtZOjdcbSyKkEeWfPkN5islqNHJ3oowiWJYoW2aqb1Rw
O5pgbIQ84vJVvfz4MAO7kWNH3qDdd5FRgyXZze1CaHG3XnWQ9mZ1tjlqlIR574yc
REWKQnvANHHX2t45h/LhTzDXtvR7nezenEa9pgM6xw94ftZriRqecxKtvp9non/H
x9xP1Ty/H39R0v/Pui2Wu9AEKxwdG6onY74RqMRJEUrP/1P5ZREUFsNhRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGiT03aaHwJtEP1Xwa99f61WKc7WMB8GA1UdIwQY
MBaAFMjxgN1IlnXUeTUl/ubP/0aXL/M8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEt
ZGJkNzYwMDQ1ZWI3LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82N2YxYzUtODIyOS00MTczLTk5YzEtZGJkNzYwMDQ1ZWI3
LzEveVBHQTNVaVdkZFI1TlNYLTVzX19ScGN2OHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpHTdNx+
StibNoeq6bLKjPYD3KYCA/RxAj69Pkw5CU5u7ZPlXFM1YrhBucbdSaaM/xTgsXxB
UOA+AZFcj8b38aQcmYmHGB4n4FIKuohoX4MPjsBkXAlKikHnKPOngfEGlzfxBLGD
mkx7yzXvkGzgARzs9HsLftXAFAgEkOM2URlKorQkxkOPf1mzqy8rhecRCiDiaGHI
OIl868D9KFceoCQxiv7kz/SX7rc4GS0Pi3DvQT2sEgxYz6fp7lrRBN84zCiek/8a
ZQyUae6E2kX8/fTe8Gcd8pbnbxFrnlVgzZ3ghzDlmIbc36XGub0g8rj1igN3R4EE
jP6vo7ZhQFE0jA==
-----END CERTIFICATE-----