Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
File:                     w9bWn9WH0FQXblPRknJoI2GxZzY.mft (raw, json)
Hash identifier:          +4nyqvjQ6jYv9NDIUdx3ADQkc50j1xfML93tEoi1R+8=
Subject key identifier:   AB:5B:B4:EA:21:F8:3A:6A:42:A3:A6:5B:54:41:A2:19:0E:05:8C:B7
Authority key identifier: C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36
Certificate issuer:       /CN=c3d6d69fd587d054176e53d19272682361b16736
Certificate serial:       019369D9249FE50B8FBDDA82FFAA3BD42A55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 19:00:58 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:58 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:58 +0000
Files and hashes:         1: w9bWn9WH0FQXblPRknJoI2GxZzY.crl (hash: PfacJoB0HM6reHRI3MMvbgdk3DJCDBpfIMDHA7dh1Js=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:24:9f:e5:0b:8f:bd:da:82:ff:aa:3b:d4:2a:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3d6d69fd587d054176e53d19272682361b16736
        Validity
            Not Before: Nov 26 19:00:58 2024 GMT
            Not After : Nov 27 19:00:58 2024 GMT
        Subject: CN=ab5bb4ea21f83a6a42a3a65b5441a2190e058cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:16:16:d8:7f:13:64:a8:75:3e:3d:60:c8:27:
                    d6:e4:41:cf:c7:20:f5:a8:25:3d:45:dd:4d:d1:67:
                    e7:8d:07:73:91:50:c5:ad:11:78:30:ff:6f:f0:b8:
                    91:60:21:b5:61:e5:e1:6d:49:21:27:ba:9a:f6:89:
                    97:68:15:4f:a1:0a:5c:8c:b1:32:26:ea:21:df:c9:
                    9b:ec:c4:91:60:dc:4f:1b:de:dd:df:7f:c5:e3:fd:
                    1a:b6:6e:5a:38:f5:c5:5a:ce:99:cd:b6:29:c2:78:
                    46:3b:8b:4c:7d:9a:f1:fc:f7:67:50:3e:60:e7:8d:
                    3b:7f:cb:26:6a:99:b5:5f:58:c6:8b:9c:50:0b:a5:
                    7c:41:cb:24:30:64:da:e6:d4:c8:27:2e:5a:6d:ed:
                    cc:b7:1f:9b:b1:cf:87:23:5d:2d:8a:66:43:ae:ce:
                    fd:ac:60:3a:9f:ad:3e:6b:68:7e:61:6f:6c:03:ed:
                    25:69:19:85:4f:34:39:00:65:f2:e9:8c:9a:47:38:
                    be:80:b1:52:17:70:6e:81:5e:1e:9f:86:ab:b0:52:
                    8b:36:79:a0:9f:ac:32:4d:96:a0:96:d8:a0:38:9e:
                    04:f7:e1:24:19:28:06:c4:46:81:a9:4c:ac:04:ca:
                    ae:14:b7:47:42:3b:2e:40:da:dd:8b:97:f9:cb:61:
                    0d:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:5B:B4:EA:21:F8:3A:6A:42:A3:A6:5B:54:41:A2:19:0E:05:8C:B7
            X509v3 Authority Key Identifier:
                keyid:C3:D6:D6:9F:D5:87:D0:54:17:6E:53:D1:92:72:68:23:61:B1:67:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w9bWn9WH0FQXblPRknJoI2GxZzY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d774bf-00fe-4379-ad24-ca0836318995/1/w9bWn9WH0FQXblPRknJoI2GxZzY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:54:ef:0a:eb:f8:ff:f3:27:52:f6:9c:40:53:0e:d4:37:38:
         35:81:d3:7e:26:fc:e2:b9:77:e3:fc:ba:e4:a0:13:61:e5:bf:
         39:81:69:a2:8c:46:e7:81:18:4d:fd:a4:43:68:72:2e:eb:7c:
         01:0d:ce:6c:a6:de:77:1e:8a:53:42:ce:9b:82:a6:34:ce:8b:
         ce:09:55:73:8b:4f:60:b6:af:01:cc:c6:e8:ab:df:fb:c9:8a:
         f6:bc:61:b9:27:81:0c:58:47:cc:09:72:61:e6:f4:4d:f9:ed:
         61:b7:27:e1:23:91:85:6d:94:d1:f7:73:01:8f:4d:4c:80:e8:
         58:50:e1:9b:ed:7e:92:ed:b5:76:dd:e0:05:08:67:e2:92:7b:
         40:e4:f1:50:76:3e:15:a2:4e:c2:89:e7:97:e1:f2:3d:6f:3a:
         32:6d:bb:21:92:05:0b:56:72:30:53:d6:45:62:8f:0a:2b:17:
         f4:d9:c0:71:b3:c3:08:03:c8:73:72:87:2a:a9:c6:9f:2b:48:
         77:50:79:d3:18:e1:96:de:58:13:0e:54:b6:c4:21:4a:15:df:
         e5:ce:c9:6b:e3:22:3e:bf:24:ea:0e:40:99:d0:40:7c:65:0f:
         82:dc:ef:2f:4e:de:b5:4e:a1:68:57:76:ea:9e:30:bd:fd:d0:
         8c:8a:a5:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2SSf5QuPvdqC/6o71CpVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzZDZkNjlmZDU4N2QwNTQxNzZlNTNkMTkyNzI2ODIzNjFi
MTY3MzYwHhcNMjQxMTI2MTkwMDU4WhcNMjQxMTI3MTkwMDU4WjAzMTEwLwYDVQQD
EyhhYjViYjRlYTIxZjgzYTZhNDJhM2E2NWI1NDQxYTIxOTBlMDU4Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxYW2H8TZKh1Pj1gyCfW5EHPxyD1
qCU9Rd1N0WfnjQdzkVDFrRF4MP9v8LiRYCG1YeXhbUkhJ7qa9omXaBVPoQpcjLEy
Juoh38mb7MSRYNxPG97d33/F4/0atm5aOPXFWs6ZzbYpwnhGO4tMfZrx/PdnUD5g
5407f8smapm1X1jGi5xQC6V8QcskMGTa5tTIJy5abe3Mtx+bsc+HI10timZDrs79
rGA6n60+a2h+YW9sA+0laRmFTzQ5AGXy6YyaRzi+gLFSF3BugV4en4arsFKLNnmg
n6wyTZagltigOJ4E9+EkGSgGxEaBqUysBMquFLdHQjsuQNrdi5f5y2ENAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKtbtOoh+DpqQqOmW1RBohkOBYy3MB8GA1UdIwQY
MBaAFMPW1p/Vh9BUF25T0ZJyaCNhsWc2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQt
Y2EwODM2MzE4OTk1LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9kNzc0YmYtMDBmZS00Mzc5LWFkMjQtY2EwODM2MzE4OTk1
LzEvdzliV245V0gwRlFYYmxQUmtuSm9JMkd4WnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAolTvCuv4
//MnUvacQFMO1Dc4NYHTfib84rl34/y65KATYeW/OYFpooxG54EYTf2kQ2hyLut8
AQ3ObKbedx6KU0LOm4KmNM6LzglVc4tPYLavAczG6Kvf+8mK9rxhuSeBDFhHzAly
Yeb0TfntYbcn4SORhW2U0fdzAY9NTIDoWFDhm+1+ku21dt3gBQhn4pJ7QOTxUHY+
FaJOwonnl+HyPW86Mm27IZIFC1ZyMFPWRWKPCisX9NnAcbPDCAPIc3KHKqnGnytI
d1B50xjhlt5YEw5UtsQhShXf5c7Ja+MiPr8k6g5AmdBAfGUPgtzvL07etU6haFd2
6p4wvf3QjIqlog==
-----END CERTIFICATE-----