Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
File:                     qCYCgPNU92LV7fNMisgW4cIHG1k.mft (raw, json)
Hash identifier:          7ErTBG+7cikM/2jWOeznGL3h09q6RlJGY24Vh8CVfXg=
Subject key identifier:   B1:60:A8:38:01:2B:9F:0C:46:17:35:4D:87:55:A0:1F:91:C1:A6:55
Authority key identifier: A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59
Certificate issuer:       /CN=a8260280f354f762d5edf34c8ac816e1c2071b59
Certificate serial:       019368C5FFA923061526EE3A2121FAB19FDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
Manifest number:          1378
Signing time:             Tue 26 Nov 2024 14:00:26 +0000
Manifest this update:     Tue 26 Nov 2024 14:00:26 +0000
Manifest next update:     Wed 27 Nov 2024 14:00:26 +0000
Files and hashes:         1: qCYCgPNU92LV7fNMisgW4cIHG1k.crl (hash: KTSljYftj69bJ1y0ff3IKd1T24wR78EnE99NNyuujtg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 14:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:c5:ff:a9:23:06:15:26:ee:3a:21:21:fa:b1:9f:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a8260280f354f762d5edf34c8ac816e1c2071b59
        Validity
            Not Before: Nov 26 14:00:26 2024 GMT
            Not After : Nov 27 14:00:26 2024 GMT
        Subject: CN=b160a838012b9f0c4617354d8755a01f91c1a655
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:67:7e:ab:a8:8c:bd:b2:9c:e6:f4:a7:be:ad:
                    38:61:ef:46:71:3c:57:64:17:e7:be:45:b2:77:9f:
                    e0:4d:1c:64:92:bb:22:ab:15:21:7b:a4:4b:21:1b:
                    7a:f1:95:0c:ee:f0:4e:4f:55:1d:b5:24:c4:4c:aa:
                    58:00:66:88:31:5e:1f:01:f4:e5:e2:fb:29:b3:51:
                    34:87:84:57:27:45:13:14:2e:63:bb:a7:af:76:9e:
                    04:29:f4:0f:78:f4:d1:b2:5d:3b:83:5f:d8:72:d3:
                    a6:1f:68:d0:37:88:34:a2:5e:c0:5f:19:ed:e3:d6:
                    75:11:4e:fb:79:f1:14:4d:f8:04:88:e3:89:2c:99:
                    76:14:d3:93:8b:ce:3a:e1:66:a0:34:89:30:58:ed:
                    fb:c8:ca:3f:a9:1f:5a:0e:ac:7b:4f:55:e0:60:0f:
                    ac:70:b1:a5:39:4d:c2:40:c6:d4:2a:a7:a0:77:55:
                    a5:d5:b8:98:c0:38:62:a6:43:64:a8:5c:c0:5f:28:
                    db:52:e6:1d:5f:8b:f7:e4:9d:e7:1a:d4:99:c5:89:
                    e9:ef:b3:96:1e:1d:74:ac:c3:6b:bf:ba:3e:bd:9e:
                    8b:23:7e:6b:b8:8c:6e:22:1b:dc:49:46:3e:6d:b4:
                    9a:0b:9a:01:81:d9:5e:a8:d5:62:3b:fd:e5:a2:7c:
                    ac:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:60:A8:38:01:2B:9F:0C:46:17:35:4D:87:55:A0:1F:91:C1:A6:55
            X509v3 Authority Key Identifier:
                keyid:A8:26:02:80:F3:54:F7:62:D5:ED:F3:4C:8A:C8:16:E1:C2:07:1B:59

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCYCgPNU92LV7fNMisgW4cIHG1k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/a303fd-36a6-438d-96da-183a47a45b2a/1/qCYCgPNU92LV7fNMisgW4cIHG1k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:51:94:c1:d5:94:d5:df:6d:b7:d8:3d:28:f1:d0:45:5e:90:
         bd:49:ad:2f:3c:ab:53:57:25:01:06:ee:a0:7a:dd:e1:25:25:
         cc:70:9c:02:b1:b6:65:ce:3e:f9:c6:1d:a1:03:c0:ed:8a:3c:
         2e:ad:3f:09:b9:13:2e:d2:b9:98:d4:78:1f:2a:96:3d:d1:e7:
         3b:8f:34:19:cd:68:1a:5b:10:3b:45:15:dc:b9:d3:ed:f9:38:
         2d:68:53:61:82:24:e3:28:a1:e6:ba:8e:86:92:5d:ee:1c:f3:
         a5:bf:95:88:36:e3:dd:ae:d9:7a:1c:46:66:a9:2e:f0:16:05:
         f7:7d:eb:9c:8e:61:9b:ef:a0:ee:13:93:70:1c:a9:22:a4:b1:
         a4:de:2e:5a:9f:be:a2:41:e5:09:d4:aa:b3:87:f5:fe:09:38:
         70:56:da:fd:a7:c5:ce:c6:f1:1f:86:bc:3f:c0:21:3f:91:ec:
         2a:4b:9c:f1:c5:6d:24:da:11:a5:b2:54:17:ea:9b:d5:45:39:
         56:e7:bb:87:5c:b1:73:e2:14:db:df:31:13:61:85:2f:74:01:
         d4:ab:98:db:1d:44:c4:19:b7:c4:94:0f:da:d1:dd:38:29:94:
         e5:9b:50:eb:e1:b7:8b:28:72:16:32:7c:9e:7b:b1:64:14:fd:
         c8:d4:94:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNoxf+pIwYVJu46ISH6sZ/dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjYwMjgwZjM1NGY3NjJkNWVkZjM0YzhhYzgxNmUxYzIw
NzFiNTkwHhcNMjQxMTI2MTQwMDI2WhcNMjQxMTI3MTQwMDI2WjAzMTEwLwYDVQQD
EyhiMTYwYTgzODAxMmI5ZjBjNDYxNzM1NGQ4NzU1YTAxZjkxYzFhNjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGd+q6iMvbKc5vSnvq04Ye9GcTxX
ZBfnvkWyd5/gTRxkkrsiqxUhe6RLIRt68ZUM7vBOT1UdtSTETKpYAGaIMV4fAfTl
4vsps1E0h4RXJ0UTFC5ju6evdp4EKfQPePTRsl07g1/YctOmH2jQN4g0ol7AXxnt
49Z1EU77efEUTfgEiOOJLJl2FNOTi8464WagNIkwWO37yMo/qR9aDqx7T1XgYA+s
cLGlOU3CQMbUKqegd1Wl1biYwDhipkNkqFzAXyjbUuYdX4v35J3nGtSZxYnp77OW
Hh10rMNrv7o+vZ6LI35ruIxuIhvcSUY+bbSaC5oBgdleqNViO/3lonysfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFgqDgBK58MRhc1TYdVoB+RwaZVMB8GA1UdIwQY
MBaAFKgmAoDzVPdi1e3zTIrIFuHCBxtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEt
MTgzYTQ3YTQ1YjJhLzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hMzAzZmQtMzZhNi00MzhkLTk2ZGEtMTgzYTQ3YTQ1YjJh
LzEvcUNZQ2dQTlU5MkxWN2ZOTWlzZ1c0Y0lIRzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARFGUwdWU
1d9tt9g9KPHQRV6QvUmtLzyrU1clAQbuoHrd4SUlzHCcArG2Zc4++cYdoQPA7Yo8
Lq0/CbkTLtK5mNR4HyqWPdHnO480Gc1oGlsQO0UV3LnT7fk4LWhTYYIk4yih5rqO
hpJd7hzzpb+ViDbj3a7ZehxGZqku8BYF933rnI5hm++g7hOTcBypIqSxpN4uWp++
okHlCdSqs4f1/gk4cFba/afFzsbxH4a8P8AhP5HsKkuc8cVtJNoRpbJUF+qb1UU5
Vue7h1yxc+IU298xE2GFL3QB1KuY2x1ExBm3xJQP2tHdOCmU5ZtQ6+G3iyhyFjJ8
nnuxZBT9yNSUiw==
-----END CERTIFICATE-----