Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
File:                     ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft (raw, json)
Hash identifier:          +hQKWqF4yGeezXLPFxvfJn1KbNYv/TDU0LGQ+QmJMxc=
Subject key identifier:   49:A6:67:F2:33:D9:85:22:00:A0:15:7C:45:55:6B:5B:B0:94:77:95
Authority key identifier: 72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30
Certificate issuer:       /CN=7224d6f072521ad6eb3d029b189f42d240a91530
Certificate serial:       01936A7DF4EE3A7FC9E48A2FBE9E8D5E1070
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 22:00:59 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:59 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:59 +0000
Files and hashes:         1: ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl (hash: ZYYdiqyxU70O1RRjEgXlCnOmBFsYU51tWAlP06HDl0M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:f4:ee:3a:7f:c9:e4:8a:2f:be:9e:8d:5e:10:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7224d6f072521ad6eb3d029b189f42d240a91530
        Validity
            Not Before: Nov 26 22:00:59 2024 GMT
            Not After : Nov 27 22:00:59 2024 GMT
        Subject: CN=49a667f233d9852200a0157c45556b5bb0947795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7f:0d:59:49:f2:b6:fb:b3:2d:ec:25:56:d1:
                    01:ec:41:8e:0a:07:2a:09:81:7d:72:ba:f7:4d:b9:
                    ff:93:db:70:68:73:93:c2:63:68:47:40:6b:b5:b6:
                    2b:8b:04:df:ed:2a:8b:9f:7a:7a:eb:d8:56:a9:fa:
                    7d:50:fb:93:23:72:4a:8b:a1:9f:39:68:9e:b9:cd:
                    d5:26:02:7d:53:9d:21:fb:5c:3f:7c:90:39:9b:6b:
                    d9:49:28:78:bb:cf:3b:bb:47:89:b8:af:70:12:ef:
                    47:2b:52:b4:1c:ce:bc:c7:28:dd:d8:3a:9f:33:92:
                    ae:74:ac:ca:0f:09:ad:a1:1c:42:67:dd:c6:28:2f:
                    94:3e:f1:50:9f:93:8a:dc:eb:b6:ac:ac:a5:43:da:
                    97:6b:a4:bb:6c:7c:6d:9f:d3:f0:b1:75:37:a4:4f:
                    e4:aa:32:78:c6:48:b1:64:0a:28:f2:f8:cc:24:eb:
                    62:b9:3b:94:2a:f7:db:b8:7a:95:16:31:64:b4:62:
                    ad:f0:0a:2c:d6:f7:36:7b:b6:53:d6:17:66:80:f2:
                    3d:35:d7:50:ee:96:b4:e7:d5:e8:14:d6:5b:e7:29:
                    86:81:25:8a:ab:ba:d3:93:f5:fd:6b:02:c2:44:ae:
                    8d:7a:48:1c:69:7c:43:55:83:f0:dd:11:00:47:08:
                    32:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:A6:67:F2:33:D9:85:22:00:A0:15:7C:45:55:6B:5B:B0:94:77:95
            X509v3 Authority Key Identifier:
                keyid:72:24:D6:F0:72:52:1A:D6:EB:3D:02:9B:18:9F:42:D2:40:A9:15:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/43f2d0-51eb-45c5-bbbe-9c1370da939e/1/ciTW8HJSGtbrPQKbGJ9C0kCpFTA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:fa:ac:df:19:50:59:29:92:5e:28:d8:55:fb:b6:ba:63:da:
         c5:f1:d9:eb:19:3d:25:30:f0:8b:7a:37:a6:e9:17:52:c0:12:
         3d:74:25:97:ab:55:36:dc:5a:58:28:32:d8:58:5f:70:58:bf:
         24:8c:97:67:53:03:d3:25:3d:ae:a1:a9:a7:cd:86:63:10:03:
         ff:19:e5:a8:02:b2:b6:82:bc:93:59:7b:b5:b7:7d:76:d7:48:
         23:7a:30:72:f8:3a:ea:f6:9b:b4:b3:8d:4b:9d:a5:fe:1c:5e:
         45:19:89:46:80:01:37:ce:ae:c0:71:20:4b:a0:f4:53:99:6e:
         e0:39:fb:79:3b:dc:6a:2c:cc:1c:df:43:34:a7:97:7f:56:12:
         f3:ed:38:5f:e5:02:4b:f0:ae:a8:b8:40:b0:b9:5e:9b:00:b6:
         d7:11:18:7f:c6:c8:07:61:58:42:f5:cd:7c:7f:42:14:e6:05:
         ce:5e:02:1b:da:3e:a9:ab:a5:af:49:87:5e:6d:5d:20:23:6b:
         17:c0:4f:22:df:b7:54:a2:6f:0e:7e:98:bb:fe:9b:d0:85:94:
         4b:57:38:e3:f6:22:fd:a1:1f:fc:46:15:ab:f2:ce:59:b7:b6:
         13:42:7b:69:b3:ae:23:99:f9:ce:f6:bd:76:27:99:28:9e:64:
         8d:aa:a9:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqffTuOn/J5Iovvp6NXhBwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjRkNmYwNzI1MjFhZDZlYjNkMDI5YjE4OWY0MmQyNDBh
OTE1MzAwHhcNMjQxMTI2MjIwMDU5WhcNMjQxMTI3MjIwMDU5WjAzMTEwLwYDVQQD
Eyg0OWE2NjdmMjMzZDk4NTIyMDBhMDE1N2M0NTU1NmI1YmIwOTQ3Nzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH8NWUnytvuzLewlVtEB7EGOCgcq
CYF9crr3Tbn/k9twaHOTwmNoR0BrtbYriwTf7SqLn3p669hWqfp9UPuTI3JKi6Gf
OWieuc3VJgJ9U50h+1w/fJA5m2vZSSh4u887u0eJuK9wEu9HK1K0HM68xyjd2Dqf
M5KudKzKDwmtoRxCZ93GKC+UPvFQn5OK3Ou2rKylQ9qXa6S7bHxtn9PwsXU3pE/k
qjJ4xkixZAoo8vjMJOtiuTuUKvfbuHqVFjFktGKt8Aos1vc2e7ZT1hdmgPI9NddQ
7pa059XoFNZb5ymGgSWKq7rTk/X9awLCRK6NekgcaXxDVYPw3REARwgyWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEmmZ/Iz2YUiAKAVfEVVa1uwlHeVMB8GA1UdIwQY
MBaAFHIk1vByUhrW6z0CmxifQtJAqRUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUt
OWMxMzcwZGE5MzllLzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS80M2YyZDAtNTFlYi00NWM1LWJiYmUtOWMxMzcwZGE5Mzll
LzEvY2lUVzhISlNHdGJyUFFLYkdKOUMwa0NwRlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXvqs3xlQ
WSmSXijYVfu2umPaxfHZ6xk9JTDwi3o3pukXUsASPXQll6tVNtxaWCgy2FhfcFi/
JIyXZ1MD0yU9rqGpp82GYxAD/xnlqAKytoK8k1l7tbd9dtdII3owcvg66vabtLON
S52l/hxeRRmJRoABN86uwHEgS6D0U5lu4Dn7eTvcaizMHN9DNKeXf1YS8+04X+UC
S/CuqLhAsLlemwC21xEYf8bIB2FYQvXNfH9CFOYFzl4CG9o+qaulr0mHXm1dICNr
F8BPIt+3VKJvDn6Yu/6b0IWUS1c44/Yi/aEf/EYVq/LOWbe2E0J7abOuI5n5zva9
dieZKJ5kjaqpgw==
-----END CERTIFICATE-----