Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
File:                     Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft (raw, json)
Hash identifier:          TsJ33AKd/VDwHfdnVvXGFzwpfEuiuHi9W0cwWMptb4w=
Subject key identifier:   C5:6E:AF:81:1D:29:23:70:B3:F6:39:FC:5D:B8:15:FA:DC:42:8F:02
Authority key identifier: 63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7
Certificate issuer:       /CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
Certificate serial:       019369D8B1A17F8A645F07F0B80CE864053A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
Manifest number:          085B
Signing time:             Tue 26 Nov 2024 19:00:28 +0000
Manifest this update:     Tue 26 Nov 2024 19:00:28 +0000
Manifest next update:     Wed 27 Nov 2024 19:00:28 +0000
Files and hashes:         1: Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl (hash: 2iDxgxeXSImNf94WUhNyU8IXMGBCMzj1tyPxNjsH4DY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d8:b1:a1:7f:8a:64:5f:07:f0:b8:0c:e8:64:05:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6371d2fbecf2f90dc7f49517a440da5339f4a6c7
        Validity
            Not Before: Nov 26 19:00:28 2024 GMT
            Not After : Nov 27 19:00:28 2024 GMT
        Subject: CN=c56eaf811d292370b3f639fc5db815fadc428f02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9e:1e:c9:d2:57:99:09:04:b7:0b:7b:25:90:
                    55:c9:c2:b6:17:4b:75:d6:5a:ad:f7:82:bb:24:db:
                    8a:e8:e5:c1:6f:ab:dd:96:17:7b:a4:42:ef:83:12:
                    80:7a:03:83:bb:cb:c9:b4:c2:42:19:f1:d1:13:f8:
                    22:e9:52:98:28:49:39:89:20:c7:58:60:60:60:8f:
                    2c:3b:35:f0:d1:2d:c3:51:c0:48:ab:d4:57:3a:09:
                    69:28:48:51:3b:36:36:0a:45:63:a2:cb:8a:8e:14:
                    bc:30:cc:99:b4:b8:60:f0:a7:6d:a4:2a:3f:7b:8f:
                    f6:4f:8a:fc:c3:fb:15:77:3a:63:ed:b4:7f:04:b7:
                    50:66:9f:b8:b2:c2:91:fc:ca:1b:61:09:c0:fe:91:
                    8f:89:e6:a6:1c:36:84:c8:c8:6e:fb:4c:21:ca:92:
                    14:18:ff:f7:f8:ed:15:e7:e4:03:7d:ef:f4:c3:57:
                    87:5a:da:57:78:54:c5:4b:9c:cd:c5:85:a4:b0:81:
                    21:9f:95:a5:03:a2:23:5e:0d:12:4a:69:95:3b:8e:
                    f9:ba:16:f2:a0:d8:57:00:f2:f8:b6:e0:5c:3f:05:
                    4e:5d:98:b5:93:cf:72:c1:45:0f:61:e2:24:9b:58:
                    b7:f1:7e:76:5d:40:57:8a:e6:a0:ac:fe:86:39:eb:
                    90:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:6E:AF:81:1D:29:23:70:B3:F6:39:FC:5D:B8:15:FA:DC:42:8F:02
            X509v3 Authority Key Identifier:
                keyid:63:71:D2:FB:EC:F2:F9:0D:C7:F4:95:17:A4:40:DA:53:39:F4:A6:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y3HS--zy-Q3H9JUXpEDaUzn0psc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/a95f77-591b-411e-bfb0-7e14d3598f09/1/Y3HS--zy-Q3H9JUXpEDaUzn0psc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:13:66:6c:8f:f7:3e:04:c8:12:ff:4c:2c:2b:36:bf:08:ab:
         10:1a:e6:22:27:aa:ae:93:6d:5a:79:d4:8b:a9:e3:e4:c9:cf:
         10:17:7e:23:78:84:ff:69:5b:14:63:94:97:9b:45:f8:f9:ba:
         81:1f:82:7d:cd:91:1f:e2:0d:cb:77:6c:a0:bc:d2:ff:3b:24:
         f5:c8:8a:aa:34:fb:a4:66:7a:67:6e:bb:5e:45:c7:c3:f0:e0:
         84:33:39:2f:d9:e1:67:61:a8:df:db:04:f9:fd:5f:d3:ea:04:
         c5:66:e8:3f:f4:e5:ad:00:69:ec:5d:d9:ab:85:b6:e6:ec:2d:
         15:f8:32:af:56:03:13:8a:11:1f:9f:2d:70:ba:3d:c3:da:00:
         ce:78:cc:93:be:0b:48:39:98:e9:fc:ff:55:7c:ec:f5:53:aa:
         62:5c:22:d3:ad:33:0d:2d:b7:2a:af:6d:c2:99:3b:37:32:8f:
         d5:d7:b5:58:13:ae:23:ae:c4:64:dc:6b:5d:87:f4:95:bb:e3:
         93:39:3a:bc:51:6e:f9:f5:da:03:e5:6c:8f:56:a1:47:63:24:
         cd:ef:96:f6:25:31:2b:2b:0a:61:3b:73:7e:0c:ca:af:62:4c:
         26:1a:c0:20:fb:28:e3:0c:21:bb:de:76:47:b9:4d:46:af:26:
         34:4f:78:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2LGhf4pkXwfwuAzoZAU6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNzFkMmZiZWNmMmY5MGRjN2Y0OTUxN2E0NDBkYTUzMzlm
NGE2YzcwHhcNMjQxMTI2MTkwMDI4WhcNMjQxMTI3MTkwMDI4WjAzMTEwLwYDVQQD
EyhjNTZlYWY4MTFkMjkyMzcwYjNmNjM5ZmM1ZGI4MTVmYWRjNDI4ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp4eydJXmQkEtwt7JZBVycK2F0t1
1lqt94K7JNuK6OXBb6vdlhd7pELvgxKAegODu8vJtMJCGfHRE/gi6VKYKEk5iSDH
WGBgYI8sOzXw0S3DUcBIq9RXOglpKEhROzY2CkVjosuKjhS8MMyZtLhg8KdtpCo/
e4/2T4r8w/sVdzpj7bR/BLdQZp+4ssKR/MobYQnA/pGPieamHDaEyMhu+0whypIU
GP/3+O0V5+QDfe/0w1eHWtpXeFTFS5zNxYWksIEhn5WlA6IjXg0SSmmVO475uhby
oNhXAPL4tuBcPwVOXZi1k89ywUUPYeIkm1i38X52XUBXiuagrP6GOeuQRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMVur4EdKSNws/Y5/F24FfrcQo8CMB8GA1UdIwQY
MBaAFGNx0vvs8vkNx/SVF6RA2lM59KbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAt
N2UxNGQzNTk4ZjA5LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hOTVmNzctNTkxYi00MTFlLWJmYjAtN2UxNGQzNTk4ZjA5
LzEvWTNIUy0tenktUTNIOUpVWHBFRGFVem4wcHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfBNmbI/3
PgTIEv9MLCs2vwirEBrmIieqrpNtWnnUi6nj5MnPEBd+I3iE/2lbFGOUl5tF+Pm6
gR+Cfc2RH+INy3dsoLzS/zsk9ciKqjT7pGZ6Z267XkXHw/DghDM5L9nhZ2Go39sE
+f1f0+oExWboP/TlrQBp7F3Zq4W25uwtFfgyr1YDE4oRH58tcLo9w9oAznjMk74L
SDmY6fz/VXzs9VOqYlwi060zDS23Kq9twpk7NzKP1de1WBOuI67EZNxrXYf0lbvj
kzk6vFFu+fXaA+Vsj1ahR2Mkze+W9iUxKysKYTtzfgzKr2JMJhrAIPso4wwhu952
R7lNRq8mNE944Q==
-----END CERTIFICATE-----