Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
File:                     4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft (raw, json)
Hash identifier:          LJtcXCNR+fF2l0Mr2dZ03iNfqUy5XF1C0GVOa5YatZ4=
Subject key identifier:   38:4E:84:75:04:63:80:FB:4F:40:8D:32:5A:C4:55:72:56:3C:72:12
Authority key identifier: E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C
Certificate issuer:       /CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
Certificate serial:       019406B3B86DA273EE07DB61F2DC4B9241D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
Manifest number:          07CD
Signing time:             Fri 27 Dec 2024 06:00:28 +0000
Manifest this update:     Fri 27 Dec 2024 06:00:28 +0000
Manifest next update:     Sat 28 Dec 2024 06:00:28 +0000
Files and hashes:         1: 4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl (hash: p8OwkczICqfl1zjXdxW65ddPiEG0Dcf4wcirhQyNJt4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:b3:b8:6d:a2:73:ee:07:db:61:f2:dc:4b:92:41:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
        Validity
            Not Before: Dec 27 06:00:28 2024 GMT
            Not After : Dec 28 06:00:28 2024 GMT
        Subject: CN=384e8475046380fb4f408d325ac45572563c7212
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f8:fa:c4:78:60:f0:da:ab:d8:d4:79:a3:1b:5b:
                    74:6a:2b:3d:eb:7c:67:41:1c:ea:c8:15:5d:31:91:
                    ff:68:fd:93:1c:ab:6f:19:3b:83:74:cd:4e:91:bf:
                    40:d8:eb:5d:66:11:f5:0e:7a:27:9d:a9:23:b2:46:
                    1e:7f:00:85:18:dc:98:da:bf:00:8a:7f:a0:6f:00:
                    5a:d9:fb:2d:c5:69:99:63:b2:e5:27:a8:e9:ee:27:
                    47:0e:4e:52:32:f9:9a:55:4d:fb:f1:cd:07:e7:97:
                    94:79:67:4e:5c:53:80:90:4d:a9:88:7c:57:41:82:
                    59:31:c2:83:71:c8:2c:f9:38:f1:08:30:4d:0a:95:
                    3f:65:b7:5c:c4:92:48:e8:d5:ab:85:c0:79:b5:8a:
                    aa:8b:25:d7:44:a7:e1:7e:ac:3f:1f:74:3b:78:f3:
                    3c:8e:3e:0f:c0:46:36:8d:b9:59:bf:dd:85:6e:d7:
                    39:b7:18:04:e7:df:1d:8f:a7:0f:46:c7:7f:a1:4b:
                    49:03:14:08:95:76:90:ac:de:5f:3e:2e:2b:a4:15:
                    f0:b9:46:03:98:62:c3:61:a4:f4:29:c8:35:ee:bc:
                    62:6d:84:13:85:5d:66:8d:5a:73:55:3f:95:cc:04:
                    bc:4d:69:5a:0d:6c:c9:e0:7e:c4:f6:34:ee:1f:c8:
                    ee:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:4E:84:75:04:63:80:FB:4F:40:8D:32:5A:C4:55:72:56:3C:72:12
            X509v3 Authority Key Identifier:
                keyid:E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         52:2f:55:e3:5f:d9:23:2a:25:cc:b1:54:2d:3f:1b:08:39:71:
         c3:34:72:9e:f4:ea:02:e9:a1:ba:54:fe:70:85:16:64:58:86:
         a7:4f:f2:4d:cd:b9:a2:1f:fa:84:23:39:52:df:29:c4:69:84:
         ab:9f:21:b0:b1:9f:90:21:74:a3:f8:4b:d4:04:19:96:77:8b:
         80:30:58:cb:5c:93:95:e4:f6:42:cf:60:4f:96:84:61:5b:d3:
         77:a4:0c:a5:cc:aa:b4:79:be:df:a4:bb:2b:f3:cc:ed:50:3a:
         21:85:62:cc:e4:94:bb:7f:f6:8a:13:2f:69:33:7e:ba:45:df:
         4d:94:54:6f:b5:1e:f4:17:72:e1:41:29:53:77:e7:3f:f6:8b:
         82:7e:21:7c:d7:e5:f7:9e:b3:a3:eb:aa:d3:f0:67:41:10:56:
         56:b5:16:f8:48:2b:14:d4:4b:fc:e0:e0:c3:c5:b7:36:10:31:
         d0:7b:58:11:28:8d:64:1c:b5:67:75:82:39:15:6b:08:20:88:
         bb:eb:12:a8:9b:ef:0e:2b:38:e2:9f:b8:7e:a2:2a:99:b3:1c:
         78:5c:24:77:21:53:6a:fa:b1:94:44:f1:7b:01:b6:9c:90:b6:
         e4:64:ea:84:db:c0:bb:41:a6:35:50:c2:23:14:e3:06:a1:9c:
         9d:f2:2c:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGs7htonPuB9th8txLkkHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMGE2ZjJlNjMzZmNmM2FkZWY4NzI1Y2M1YmUwZWE3OTE1
ZGQ0MGMwHhcNMjQxMjI3MDYwMDI4WhcNMjQxMjI4MDYwMDI4WjAzMTEwLwYDVQQD
EygzODRlODQ3NTA0NjM4MGZiNGY0MDhkMzI1YWM0NTU3MjU2M2M3MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PrEeGDw2qvY1HmjG1t0ais963xn
QRzqyBVdMZH/aP2THKtvGTuDdM1Okb9A2OtdZhH1DnonnakjskYefwCFGNyY2r8A
in+gbwBa2fstxWmZY7LlJ6jp7idHDk5SMvmaVU378c0H55eUeWdOXFOAkE2piHxX
QYJZMcKDccgs+TjxCDBNCpU/ZbdcxJJI6NWrhcB5tYqqiyXXRKfhfqw/H3Q7ePM8
jj4PwEY2jblZv92Fbtc5txgE598dj6cPRsd/oUtJAxQIlXaQrN5fPi4rpBXwuUYD
mGLDYaT0Kcg17rxibYQThV1mjVpzVT+VzAS8TWlaDWzJ4H7E9jTuH8juQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDhOhHUEY4D7T0CNMlrEVXJWPHISMB8GA1UdIwQY
MBaAFOAKby5jP8863vhyXMW+DqeRXdQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUt
ZDA5NmYxZTI1ZTk3LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUtZDA5NmYxZTI1ZTk3
LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUi9V41/Z
IyolzLFULT8bCDlxwzRynvTqAumhulT+cIUWZFiGp0/yTc25oh/6hCM5Ut8pxGmE
q58hsLGfkCF0o/hL1AQZlneLgDBYy1yTleT2Qs9gT5aEYVvTd6QMpcyqtHm+36S7
K/PM7VA6IYVizOSUu3/2ihMvaTN+ukXfTZRUb7Ue9Bdy4UEpU3fnP/aLgn4hfNfl
956zo+uq0/BnQRBWVrUW+EgrFNRL/ODgw8W3NhAx0HtYESiNZBy1Z3WCORVrCCCI
u+sSqJvvDis44p+4fqIqmbMceFwkdyFTavqxlETxewG2nJC25GTqhNvAu0GmNVDC
IxTjBqGcnfIsmg==
-----END CERTIFICATE-----