Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          W/Ih6uxoHSa0Umge90bm7G2bYTz5P3phZ6QI/IFkMC8=
Subject key identifier:   16:08:74:28:EE:B0:5A:ED:DE:6D:9E:41:9F:52:D6:BA:A0:C1:ED:89
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       01935689829544A5274465B066C69A1A7AFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          112F
Signing time:             Sat 23 Nov 2024 01:01:12 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:12 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:12 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: olaUE/hvI8yWwVkAJvr72jOC/kgyE97FR/q+vO+F1/E=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:82:95:44:a5:27:44:65:b0:66:c6:9a:1a:7a:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: Nov 23 01:01:12 2024 GMT
            Not After : Nov 24 01:01:12 2024 GMT
        Subject: CN=16087428eeb05aedde6d9e419f52d6baa0c1ed89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:36:30:38:79:fd:20:00:16:58:5a:ce:f8:bc:
                    00:e0:3e:2a:06:ec:1f:7e:44:de:c2:fc:c3:3c:8c:
                    98:6b:16:0f:d4:cd:05:bf:6b:b9:7f:d1:5a:1f:c8:
                    14:0b:22:35:18:12:e7:a6:88:3c:e5:8c:3f:63:5d:
                    33:c2:f9:03:30:31:a9:d9:c9:15:bf:48:2f:cc:22:
                    40:54:a3:5f:cf:56:ab:c8:62:69:c1:87:cd:d4:21:
                    55:ea:cf:59:52:48:cd:78:8b:3d:50:78:6d:18:8a:
                    e2:4d:4b:f3:26:b6:6a:a9:92:02:ac:50:78:31:b3:
                    d1:ae:68:81:0d:79:b5:df:6d:0c:39:cb:02:74:15:
                    62:6d:ec:d4:40:6c:c6:0e:5f:9d:39:05:e6:20:c2:
                    67:dc:58:74:f8:34:15:9f:dd:2b:f5:33:e5:c6:f7:
                    fe:a4:10:97:5f:3e:19:7e:3d:b6:57:e3:b3:37:ee:
                    31:07:1e:78:12:f0:65:c7:f2:1b:df:8e:4a:01:3b:
                    5f:44:88:ef:a2:5b:b0:24:64:5e:5a:49:3e:be:b3:
                    29:f2:81:0c:f2:87:e4:d4:b3:d7:ff:36:8d:8c:5d:
                    f7:a7:65:3b:0d:a2:24:67:3e:34:a7:f8:78:5a:0e:
                    0c:77:f7:7e:94:e1:9e:06:15:56:89:a7:3f:27:88:
                    6e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:08:74:28:EE:B0:5A:ED:DE:6D:9E:41:9F:52:D6:BA:A0:C1:ED:89
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:70:19:a2:b2:f5:d1:92:0d:d4:2a:d1:34:a5:39:4f:07:4b:
         86:3d:ff:f3:fd:54:6c:cd:8a:fc:62:b1:78:32:59:0c:2a:f2:
         36:54:8b:34:90:f6:2a:09:38:1c:c3:3f:11:f0:58:0a:da:67:
         10:81:eb:7f:8e:4a:1b:eb:93:5a:40:69:ee:e6:71:f6:34:22:
         3a:ae:53:59:5a:c2:a4:5a:b1:83:0e:e7:13:4e:c1:0b:00:03:
         71:91:9b:d6:08:90:53:b0:29:73:56:50:42:f4:10:13:27:59:
         63:b0:3a:e4:7f:7d:43:cd:f7:b8:d8:65:eb:6a:01:6e:01:d6:
         76:34:de:89:cd:fa:d7:b6:19:aa:10:09:41:6f:96:5f:35:ae:
         ba:58:40:5b:da:1c:b2:01:52:1a:19:c8:86:2a:75:c2:40:01:
         96:f4:77:79:90:30:a0:0c:bc:ed:0a:ff:6c:b4:b4:f3:9d:d5:
         af:03:30:09:e4:a0:d0:3c:4a:24:5b:a5:89:12:b9:74:7c:a5:
         c7:49:11:a1:34:02:ab:53:9d:c9:08:7c:84:5a:2a:97:27:aa:
         63:c3:f1:57:d7:d4:7e:e9:d5:64:95:d6:c5:4f:f1:40:e2:8e:
         18:e5:41:23:fd:38:a7:e6:1a:7f:f5:b5:cc:e6:48:21:91:b1:
         f6:47:01:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiYKVRKUnRGWwZsaaGnr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjQxMTIzMDEwMTEyWhcNMjQxMTI0MDEwMTEyWjAzMTEwLwYDVQQD
EygxNjA4NzQyOGVlYjA1YWVkZGU2ZDllNDE5ZjUyZDZiYWEwYzFlZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTYwOHn9IAAWWFrO+LwA4D4qBuwf
fkTewvzDPIyYaxYP1M0Fv2u5f9FaH8gUCyI1GBLnpog85Yw/Y10zwvkDMDGp2ckV
v0gvzCJAVKNfz1aryGJpwYfN1CFV6s9ZUkjNeIs9UHhtGIriTUvzJrZqqZICrFB4
MbPRrmiBDXm1320MOcsCdBVibezUQGzGDl+dOQXmIMJn3Fh0+DQVn90r9TPlxvf+
pBCXXz4Zfj22V+OzN+4xBx54EvBlx/Ib345KATtfRIjvoluwJGReWkk+vrMp8oEM
8ofk1LPX/zaNjF33p2U7DaIkZz40p/h4Wg4Md/d+lOGeBhVWiac/J4huMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBYIdCjusFrt3m2eQZ9S1rqgwe2JMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHAZorL1
0ZIN1CrRNKU5TwdLhj3/8/1UbM2K/GKxeDJZDCryNlSLNJD2Kgk4HMM/EfBYCtpn
EIHrf45KG+uTWkBp7uZx9jQiOq5TWVrCpFqxgw7nE07BCwADcZGb1giQU7Apc1ZQ
QvQQEydZY7A65H99Q833uNhl62oBbgHWdjTeic3617YZqhAJQW+WXzWuulhAW9oc
sgFSGhnIhip1wkABlvR3eZAwoAy87Qr/bLS0853VrwMwCeSg0DxKJFuliRK5dHyl
x0kRoTQCq1OdyQh8hFoqlyeqY8PxV9fUfunVZJXWxU/xQOKOGOVBI/04p+Yaf/W1
zOZIIZGx9kcB6w==
-----END CERTIFICATE-----