Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
File:                     XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft (raw, json)
Hash identifier:          oQj19ljtUHh+nZ+YIGrPuqE/9vbGCxtQlYgN+b+w97M=
Subject key identifier:   D6:B9:C6:22:27:82:B7:DB:F8:A0:2B:D3:F0:25:E8:D3:E8:09:6F:69
Authority key identifier: 5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79
Certificate issuer:       /CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
Certificate serial:       019369D89A297D8C3D4CA171F8AB11175C7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 19:00:23 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:23 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:23 +0000
Files and hashes:         1: XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl (hash: 6A0Atu+IwLe3B5rGs0cOnGZd9CUWXKEbx/f/T7pkJcU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d8:9a:29:7d:8c:3d:4c:a1:71:f8:ab:11:17:5c:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dfaafb61a0c74a049d96bcde59cb942cc8d5579
        Validity
            Not Before: Nov 26 19:00:23 2024 GMT
            Not After : Nov 27 19:00:23 2024 GMT
        Subject: CN=d6b9c6222782b7dbf8a02bd3f025e8d3e8096f69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e2:b7:5d:77:6e:06:6b:d8:ac:51:a0:53:31:
                    76:a9:c9:56:5f:55:7e:af:38:29:d0:13:25:04:bc:
                    d5:79:fa:f7:a0:d6:df:53:30:3b:67:68:07:57:e6:
                    3f:f8:5e:a0:b7:04:12:77:64:b3:a8:ab:6b:14:20:
                    84:2f:0e:47:0c:8a:0a:0c:7d:d9:21:ad:05:51:ed:
                    1b:45:a0:d3:c3:2d:f9:29:2f:f6:f3:49:03:85:e2:
                    bb:37:42:f5:94:99:43:f2:86:2b:5a:ab:b6:71:5b:
                    9d:a0:ec:9b:a9:b4:7b:b0:1f:58:dc:82:ee:72:41:
                    90:63:c5:55:c3:b3:c6:0f:97:fa:71:51:0d:ab:ce:
                    45:83:4a:4d:3f:91:5e:f9:be:0e:84:8d:a8:16:b8:
                    ba:80:ca:04:50:30:c9:ce:c5:d3:12:db:e2:2c:e9:
                    4f:08:02:be:7e:08:23:9a:67:b8:2e:0d:e9:ce:2c:
                    7e:35:b6:bd:85:a3:bc:eb:69:26:51:ea:16:b5:fc:
                    64:e7:2d:b1:99:90:f8:8c:31:2a:c4:2b:64:ef:d6:
                    fe:06:06:39:df:d8:fa:32:05:ad:0e:ab:a5:e2:f5:
                    c3:1c:21:e7:45:c1:c7:ee:3f:23:bf:6b:be:87:55:
                    c2:fe:b7:d5:43:f1:d0:ec:78:de:31:04:6a:1a:a1:
                    1f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:B9:C6:22:27:82:B7:DB:F8:A0:2B:D3:F0:25:E8:D3:E8:09:6F:69
            X509v3 Authority Key Identifier:
                keyid:5D:FA:AF:B6:1A:0C:74:A0:49:D9:6B:CD:E5:9C:B9:42:CC:8D:55:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4942f6-f58c-4eef-918b-f2d9f0e7a697/1/XfqvthoMdKBJ2WvN5Zy5QsyNVXk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:7d:ed:73:d1:e8:01:55:a7:6f:45:90:8b:c9:44:8f:23:b0:
         20:ab:f8:3a:73:ff:a5:f2:df:0a:9b:aa:db:5d:58:f0:e3:78:
         03:b8:63:f9:61:70:76:1a:ec:1e:c3:3d:25:38:ea:34:22:7d:
         c4:55:9b:61:1c:dc:b4:20:ed:04:b2:44:01:0f:5a:74:28:ef:
         ca:8b:7b:83:d8:20:d3:a3:e1:2a:ba:bb:6c:b9:58:3c:2c:f2:
         94:5b:c6:c9:b6:c9:71:d9:d3:f6:bb:69:b3:7e:bc:b2:39:5a:
         5a:ef:9b:81:5c:1d:cf:ee:8a:5b:09:cb:91:51:a0:ef:94:21:
         8f:c0:01:a9:3a:bd:32:94:88:ee:47:09:6e:41:1a:d0:fe:84:
         e1:9e:1b:f5:85:53:aa:c1:62:b2:0e:a5:56:68:61:53:8a:c4:
         a3:4c:46:43:78:52:17:21:cc:ca:70:93:f7:96:81:71:09:e8:
         3d:4a:ac:58:c0:95:11:f5:4c:08:57:af:fb:bb:de:75:61:e3:
         22:4e:35:45:57:ca:a8:13:f8:92:da:ff:a8:14:40:5e:95:3a:
         03:05:0b:fd:78:2a:4f:27:6a:d9:d8:78:ac:02:82:f2:3b:fe:
         91:b7:42:85:b4:e6:d7:63:c9:e8:11:4f:1e:4b:50:5e:f2:e7:
         bb:54:a5:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2JopfYw9TKFx+KsRF1x/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZmFhZmI2MWEwYzc0YTA0OWQ5NmJjZGU1OWNiOTQyY2M4
ZDU1NzkwHhcNMjQxMTI2MTkwMDIzWhcNMjQxMTI3MTkwMDIzWjAzMTEwLwYDVQQD
EyhkNmI5YzYyMjI3ODJiN2RiZjhhMDJiZDNmMDI1ZThkM2U4MDk2ZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOK3XXduBmvYrFGgUzF2qclWX1V+
rzgp0BMlBLzVefr3oNbfUzA7Z2gHV+Y/+F6gtwQSd2SzqKtrFCCELw5HDIoKDH3Z
Ia0FUe0bRaDTwy35KS/280kDheK7N0L1lJlD8oYrWqu2cVudoOybqbR7sB9Y3ILu
ckGQY8VVw7PGD5f6cVENq85Fg0pNP5Fe+b4OhI2oFri6gMoEUDDJzsXTEtviLOlP
CAK+fggjmme4Lg3pzix+Nba9haO862kmUeoWtfxk5y2xmZD4jDEqxCtk79b+BgY5
39j6MgWtDqul4vXDHCHnRcHH7j8jv2u+h1XC/rfVQ/HQ7HjeMQRqGqEfDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNa5xiIngrfb+KAr0/Al6NPoCW9pMB8GA1UdIwQY
MBaAFF36r7YaDHSgSdlrzeWcuULMjVV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGIt
ZjJkOWYwZTdhNjk3LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80OTQyZjYtZjU4Yy00ZWVmLTkxOGItZjJkOWYwZTdhNjk3
LzEvWGZxdnRob01kS0JKMld2TjVaeTVRc3lOVlhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH33tc9Ho
AVWnb0WQi8lEjyOwIKv4OnP/pfLfCpuq211Y8ON4A7hj+WFwdhrsHsM9JTjqNCJ9
xFWbYRzctCDtBLJEAQ9adCjvyot7g9gg06PhKrq7bLlYPCzylFvGybbJcdnT9rtp
s368sjlaWu+bgVwdz+6KWwnLkVGg75Qhj8ABqTq9MpSI7kcJbkEa0P6E4Z4b9YVT
qsFisg6lVmhhU4rEo0xGQ3hSFyHMynCT95aBcQnoPUqsWMCVEfVMCFev+7vedWHj
Ik41RVfKqBP4ktr/qBRAXpU6AwUL/XgqTydq2dh4rAKC8jv+kbdChbTm12PJ6BFP
HktQXvLnu1SlnQ==
-----END CERTIFICATE-----