Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
File:                     214_2Taim0KaFIK070HDJuKTfSo.mft (raw, json)
Hash identifier:          kjYphqCdqvnzeW7Wte4C4eXDrpeORm4HPEpKzCO7NFM=
Subject key identifier:   2C:0A:24:76:AA:93:07:F0:1F:A5:FD:C5:3E:AC:D2:06:39:AA:89:09
Authority key identifier: DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A
Certificate issuer:       /CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
Certificate serial:       01936858933DE468FF89DE7B0B084C20932D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 12:00:55 +0000
Manifest this update:     Tue 26 Nov 2024 12:00:55 +0000
Manifest next update:     Wed 27 Nov 2024 12:00:55 +0000
Files and hashes:         1: 214_2Taim0KaFIK070HDJuKTfSo.crl (hash: azDoAF6vGdCdgrVR3Ty8GRBYrKAPh8zj+JQaRfah3dU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 12:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:68:58:93:3d:e4:68:ff:89:de:7b:0b:08:4c:20:93:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
        Validity
            Not Before: Nov 26 12:00:55 2024 GMT
            Not After : Nov 27 12:00:55 2024 GMT
        Subject: CN=2c0a2476aa9307f01fa5fdc53eacd20639aa8909
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:90:bf:01:c2:02:cf:0b:2e:3a:13:da:ae:46:
                    23:7b:e7:9b:65:6e:72:e9:28:ac:f9:f8:2e:4f:90:
                    a9:7c:f3:a9:06:4a:7a:01:23:88:fd:8a:a9:17:df:
                    eb:ec:bf:bf:49:06:d1:1c:bb:75:f3:b8:cf:a0:05:
                    8a:01:75:ce:61:73:63:eb:27:f2:c8:f4:ce:5f:ae:
                    2d:03:15:48:b2:36:8d:4b:94:61:d9:d0:22:d2:47:
                    a5:c1:e2:c5:cc:df:29:23:ee:78:eb:48:69:ea:20:
                    09:f3:db:37:5a:f4:9e:4c:f1:02:81:4c:65:38:dd:
                    ad:43:c5:e5:2f:75:18:5b:ad:86:c2:f5:ba:0b:8f:
                    3a:c5:9a:98:04:67:61:e7:cc:8d:16:cb:dc:7b:1e:
                    09:8d:c3:a3:16:79:9e:8a:0d:5b:05:48:12:a9:4a:
                    16:ef:c1:81:6b:fe:ab:96:78:f4:db:e8:bd:c6:8c:
                    a2:a0:d6:65:5c:27:72:29:0a:19:09:d6:09:27:43:
                    75:73:ab:f3:31:9c:9e:a7:2c:93:6f:89:f5:72:8e:
                    c0:8b:86:74:5f:80:9b:db:d8:b5:2e:b0:ed:c4:91:
                    89:5f:14:08:e2:80:d7:04:06:06:95:3e:ee:17:b7:
                    55:9b:ab:ac:7f:26:72:c7:60:40:70:93:39:11:86:
                    79:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:0A:24:76:AA:93:07:F0:1F:A5:FD:C5:3E:AC:D2:06:39:AA:89:09
            X509v3 Authority Key Identifier:
                keyid:DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:19:e4:1f:9c:64:1d:c8:7d:85:ee:3e:e6:3c:dc:fd:47:b6:
         6f:90:29:d9:2d:a6:2d:98:18:b2:08:18:40:16:f9:d5:a2:3e:
         1f:08:5f:43:c6:5c:67:70:0a:58:ad:ac:f3:bc:1c:c8:4a:90:
         30:66:e3:ad:5a:24:66:c0:6b:f2:f9:27:b6:13:82:f7:7e:2b:
         ef:e3:48:6d:05:ef:2b:6b:4f:00:40:c8:e3:5b:18:32:80:2c:
         03:73:fc:94:11:75:7f:57:18:fb:72:81:0b:78:8f:8a:f4:08:
         9c:73:e3:ef:fb:ed:c6:db:95:9c:9d:21:5a:9a:16:bf:4e:a8:
         a8:9e:2b:4c:90:1f:09:b8:b7:5d:28:b1:8d:1a:ce:1a:08:d1:
         97:79:4d:09:17:1d:fd:21:85:ec:7f:f2:f9:f1:bd:f9:2a:73:
         60:12:be:5a:39:99:8d:21:18:ef:7a:a8:a8:06:4a:4c:34:90:
         ca:45:62:4b:a3:05:b4:fc:d6:4c:dd:db:6d:44:c5:c3:d0:f3:
         df:97:56:a1:02:46:32:90:19:4e:7f:20:1f:a4:d5:82:ef:1a:
         1b:d5:65:3b:3b:1d:0a:55:71:7d:2b:50:a9:74:1b:7e:db:b6:
         6f:0b:88:ad:d8:5f:8c:69:c4:44:3c:0e:ba:d3:fa:8a:2e:c2:
         75:ac:85:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNoWJM95Gj/id57CwhMIJMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNWUzZmQ5MzZhMjliNDI5YTE0ODJiNGVmNDFjMzI2ZTI5
MzdkMmEwHhcNMjQxMTI2MTIwMDU1WhcNMjQxMTI3MTIwMDU1WjAzMTEwLwYDVQQD
EygyYzBhMjQ3NmFhOTMwN2YwMWZhNWZkYzUzZWFjZDIwNjM5YWE4OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJC/AcICzwsuOhParkYje+ebZW5y
6Sis+fguT5CpfPOpBkp6ASOI/YqpF9/r7L+/SQbRHLt187jPoAWKAXXOYXNj6yfy
yPTOX64tAxVIsjaNS5Rh2dAi0kelweLFzN8pI+5460hp6iAJ89s3WvSeTPECgUxl
ON2tQ8XlL3UYW62GwvW6C486xZqYBGdh58yNFsvcex4JjcOjFnmeig1bBUgSqUoW
78GBa/6rlnj02+i9xoyioNZlXCdyKQoZCdYJJ0N1c6vzMZyepyyTb4n1co7Ai4Z0
X4Cb29i1LrDtxJGJXxQI4oDXBAYGlT7uF7dVm6usfyZyx2BAcJM5EYZ5HQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwKJHaqkwfwH6X9xT6s0gY5qokJMB8GA1UdIwQY
MBaAFNteP9k2optCmhSCtO9Bwybik30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmIt
N2U1NzY5MWJiZWQ5LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmItN2U1NzY5MWJiZWQ5
LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXxnkH5xk
Hch9he4+5jzc/Ue2b5Ap2S2mLZgYsggYQBb51aI+HwhfQ8ZcZ3AKWK2s87wcyEqQ
MGbjrVokZsBr8vknthOC934r7+NIbQXvK2tPAEDI41sYMoAsA3P8lBF1f1cY+3KB
C3iPivQInHPj7/vtxtuVnJ0hWpoWv06oqJ4rTJAfCbi3XSixjRrOGgjRl3lNCRcd
/SGF7H/y+fG9+SpzYBK+WjmZjSEY73qoqAZKTDSQykViS6MFtPzWTN3bbUTFw9Dz
35dWoQJGMpAZTn8gH6TVgu8aG9VlOzsdClVxfStQqXQbftu2bwuIrdhfjGnERDwO
utP6ii7CdayFyA==
-----END CERTIFICATE-----