Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
File:                     0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft (raw, json)
Hash identifier:          yfxGOy9LWFBDZNgVqZf8hDnP2QFxNgHozvnJdIDV47U=
Subject key identifier:   B2:06:4D:79:5A:B3:BC:95:E0:6F:31:8E:97:45:5C:14:BD:D4:6C:AB
Authority key identifier: D2:26:1D:EE:6D:54:DD:53:6E:F7:00:F2:D9:D8:19:7C:86:09:39:66
Certificate issuer:       /CN=d2261dee6d54dd536ef700f2d9d8197c86093966
Certificate serial:       019369D8E5AB17DC4C8D0BB1E9C2ECE6C25C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
Manifest number:          130A
Signing time:             Tue 26 Nov 2024 19:00:42 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:42 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:42 +0000
Files and hashes:         1: 0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl (hash: EvbyxI/K4ta9Tc/lpCgjUhtgC3WofNwDPSvYKsAMisw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d8:e5:ab:17:dc:4c:8d:0b:b1:e9:c2:ec:e6:c2:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2261dee6d54dd536ef700f2d9d8197c86093966
        Validity
            Not Before: Nov 26 19:00:42 2024 GMT
            Not After : Nov 27 19:00:42 2024 GMT
        Subject: CN=b2064d795ab3bc95e06f318e97455c14bdd46cab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b0:79:8f:09:26:f4:f2:4b:ce:41:e5:4c:b2:
                    31:87:75:4d:91:d2:60:93:a4:3c:ee:7e:53:49:2d:
                    69:d2:fc:15:b5:d3:69:d9:60:6a:52:f5:09:cf:96:
                    40:be:81:bf:0c:80:e9:76:e7:78:4c:ce:23:48:18:
                    4c:2f:53:eb:ae:a8:99:52:0d:36:18:96:b3:01:e3:
                    50:15:c5:ed:d7:25:06:b1:38:f4:81:59:04:31:81:
                    ac:3c:6c:0d:71:ea:38:e2:b2:7d:eb:3a:d3:d6:34:
                    81:98:2f:cd:86:35:c9:45:fc:a8:14:eb:7e:01:f2:
                    db:54:ea:43:3a:bb:99:f8:35:76:c6:5e:1a:11:91:
                    a6:69:4a:cc:f8:49:23:d2:83:49:46:25:f1:ff:87:
                    7e:6e:68:c6:74:8d:ce:aa:d0:19:6b:82:f2:97:3a:
                    3e:58:19:fb:a3:bd:d0:58:71:16:df:5f:0a:46:24:
                    32:1e:45:65:4c:6d:3f:4f:53:3c:ab:f5:ad:cc:ff:
                    e0:ab:81:c1:92:f4:34:7c:b0:80:73:f4:d2:b7:f5:
                    9c:a3:c2:f4:7f:d7:94:87:21:dc:c3:db:37:3d:67:
                    86:ae:1e:7e:6f:c6:4c:e1:64:a2:2c:17:45:14:94:
                    5d:24:8d:2b:11:97:57:af:33:6d:18:d1:ee:77:90:
                    8c:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:06:4D:79:5A:B3:BC:95:E0:6F:31:8E:97:45:5C:14:BD:D4:6C:AB
            X509v3 Authority Key Identifier:
                keyid:D2:26:1D:EE:6D:54:DD:53:6E:F7:00:F2:D9:D8:19:7C:86:09:39:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0iYd7m1U3VNu9wDy2dgZfIYJOWY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bacec3-491b-440b-8b48-6f0f46f4d4b4/1/0iYd7m1U3VNu9wDy2dgZfIYJOWY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:9f:1f:95:72:89:8b:8d:2b:ca:84:b1:26:89:8d:87:9d:ea:
         14:e0:13:90:b9:98:5f:fc:0d:f9:21:88:1c:c6:9e:36:c1:ce:
         5c:1e:7b:54:d7:5f:2e:ce:65:f8:2c:46:dd:5d:d4:36:cf:5b:
         20:5c:66:75:20:49:34:b8:66:4a:7a:8c:62:4c:ca:a0:b7:f1:
         20:63:8d:12:93:b7:99:0a:d6:b9:9a:00:2b:37:1b:d5:93:cd:
         57:7f:90:46:6c:b5:2d:70:09:ce:88:10:2d:10:2a:80:c8:ee:
         9e:49:e7:4f:5e:49:cc:e1:9e:1a:68:6a:a1:ab:7c:6a:fc:44:
         11:95:21:68:ec:b0:8c:00:1c:57:a4:5c:78:cb:2f:08:1e:ed:
         3a:f2:4f:00:7a:70:c3:0e:65:d4:9c:4b:05:26:1d:5f:44:d1:
         0f:7c:c8:f4:83:c2:d7:76:b9:83:28:42:5d:a8:71:d5:1f:b4:
         90:b5:7c:60:ac:74:64:ac:e8:17:35:36:bc:f9:1f:15:2a:26:
         23:48:b3:52:2e:ed:5a:fe:f0:15:68:bd:99:6e:f4:17:b1:6a:
         78:61:f4:38:c0:41:0e:36:f2:68:24:af:4d:15:8a:03:3e:9b:
         b2:db:46:af:20:08:ff:94:db:e2:cb:18:05:65:d0:54:ee:79:
         ba:ff:0a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2OWrF9xMjQux6cLs5sJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMjYxZGVlNmQ1NGRkNTM2ZWY3MDBmMmQ5ZDgxOTdjODYw
OTM5NjYwHhcNMjQxMTI2MTkwMDQyWhcNMjQxMTI3MTkwMDQyWjAzMTEwLwYDVQQD
EyhiMjA2NGQ3OTVhYjNiYzk1ZTA2ZjMxOGU5NzQ1NWMxNGJkZDQ2Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurB5jwkm9PJLzkHlTLIxh3VNkdJg
k6Q87n5TSS1p0vwVtdNp2WBqUvUJz5ZAvoG/DIDpdud4TM4jSBhML1PrrqiZUg02
GJazAeNQFcXt1yUGsTj0gVkEMYGsPGwNceo44rJ96zrT1jSBmC/NhjXJRfyoFOt+
AfLbVOpDOruZ+DV2xl4aEZGmaUrM+Ekj0oNJRiXx/4d+bmjGdI3OqtAZa4Lylzo+
WBn7o73QWHEW318KRiQyHkVlTG0/T1M8q/WtzP/gq4HBkvQ0fLCAc/TSt/Wco8L0
f9eUhyHcw9s3PWeGrh5+b8ZM4WSiLBdFFJRdJI0rEZdXrzNtGNHud5CMXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIGTXlas7yV4G8xjpdFXBS91GyrMB8GA1UdIwQY
MBaAFNImHe5tVN1TbvcA8tnYGXyGCTlmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iYWNlYzMtNDkxYi00NDBiLThiNDgt
NmYwZjQ2ZjRkNGI0LzEvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iYWNlYzMtNDkxYi00NDBiLThiNDgtNmYwZjQ2ZjRkNGI0
LzEvMGlZZDdtMVUzVk51OXdEeTJkZ1pmSVlKT1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHp8flXKJ
i40ryoSxJomNh53qFOATkLmYX/wN+SGIHMaeNsHOXB57VNdfLs5l+CxG3V3UNs9b
IFxmdSBJNLhmSnqMYkzKoLfxIGONEpO3mQrWuZoAKzcb1ZPNV3+QRmy1LXAJzogQ
LRAqgMjunknnT15JzOGeGmhqoat8avxEEZUhaOywjAAcV6RceMsvCB7tOvJPAHpw
ww5l1JxLBSYdX0TRD3zI9IPC13a5gyhCXahx1R+0kLV8YKx0ZKzoFzU2vPkfFSom
I0izUi7tWv7wFWi9mW70F7FqeGH0OMBBDjbyaCSvTRWKAz6bsttGryAI/5Tb4ssY
BWXQVO55uv8K5g==
-----END CERTIFICATE-----