Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          F2GGqLaaAUFZU/h4pDMJlRSmyxT4jNjzsr6BKCwKxBE=
Subject key identifier:   23:6C:BC:6F:D0:2C:3A:9C:66:62:A5:C1:6C:F5:97:31:1C:61:D8:8F
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       01936A7D67463B1927573D2B44A715694E24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          07DB
Signing time:             Tue 26 Nov 2024 22:00:23 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:23 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:23 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: uKJuQfxcjlJjwErfwfMGR8zgZMa/3NG5tJobQBW5kzQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:67:46:3b:19:27:57:3d:2b:44:a7:15:69:4e:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: Nov 26 22:00:23 2024 GMT
            Not After : Nov 27 22:00:23 2024 GMT
        Subject: CN=236cbc6fd02c3a9c6662a5c16cf597311c61d88f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:de:06:27:27:44:82:e6:7f:15:cb:db:97:7d:
                    e3:31:e9:a0:f2:e8:4c:80:0e:05:ed:03:4f:81:0c:
                    93:c8:df:99:4c:4f:8d:0c:ef:5d:17:73:b2:08:c2:
                    8e:ae:2d:df:9d:f8:2f:c7:d7:0e:08:d9:cf:60:45:
                    c4:da:ef:27:dc:25:e8:08:57:d9:38:ea:e9:c6:a1:
                    56:af:ca:69:1d:36:3c:7d:09:b7:1d:e8:fe:e8:36:
                    34:dc:90:1f:3d:e5:31:46:6f:18:bc:0a:26:56:3a:
                    e9:f4:d9:98:b9:cc:4c:84:d3:fb:b6:82:d9:69:15:
                    cc:94:55:d1:07:86:0b:14:30:30:8e:3c:5f:1f:13:
                    92:31:9e:41:ad:23:69:ea:4c:42:f3:6e:3b:4e:4f:
                    38:3c:01:24:6f:91:6b:06:cb:46:b5:bf:0a:34:0f:
                    40:44:e1:ad:90:ee:b0:2d:51:72:cc:4b:f5:e8:8c:
                    a0:1d:8c:dc:26:ac:93:43:98:df:3c:1a:b7:0c:65:
                    73:ff:e8:89:ad:ae:fe:40:76:94:01:9d:e2:f0:b9:
                    0a:35:3b:bc:9c:d3:da:3a:bc:6d:35:7b:ee:03:24:
                    aa:42:e9:53:28:95:1c:d4:57:a4:dc:9d:25:47:df:
                    0b:d5:8e:69:39:c6:ca:74:91:f9:3c:e0:9c:79:cc:
                    e2:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:6C:BC:6F:D0:2C:3A:9C:66:62:A5:C1:6C:F5:97:31:1C:61:D8:8F
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         00:44:23:8a:d2:d4:59:a5:ef:c5:a1:ce:5c:66:cb:2e:13:03:
         a2:ac:14:48:27:c3:02:3d:4f:cf:59:8f:dd:88:b5:52:ea:b0:
         d4:c8:b1:58:79:5b:a3:9c:d3:0e:9d:15:cd:ab:4d:1c:be:94:
         a4:89:0d:25:c9:95:71:01:93:bc:9d:7f:b6:a9:30:3d:00:36:
         ae:e9:a1:02:e6:e2:83:89:a0:6c:79:df:b7:af:0c:45:58:e9:
         ff:e6:1c:af:af:80:36:fd:b5:61:6c:ba:98:20:40:4b:1b:2b:
         41:f8:06:9e:38:f1:d4:44:30:70:d7:a4:5c:68:ca:42:cb:a3:
         82:43:37:83:6b:2c:5c:75:6e:ed:f3:16:ad:4b:58:b9:ff:93:
         4e:9f:a4:cd:c2:12:bf:ae:0a:6a:8d:f0:cd:2f:90:73:65:95:
         df:d5:90:49:e5:49:78:70:b8:47:d3:af:d3:54:af:f9:78:53:
         83:34:86:9f:43:1e:f6:84:65:9a:c0:df:7b:ab:0c:ea:c0:c0:
         2c:cf:98:0f:42:89:5a:26:44:76:63:3c:04:00:a2:04:02:0b:
         de:53:6d:d2:93:86:c5:76:e6:bc:db:9f:fa:27:e7:ae:1c:be:
         ab:6d:2d:69:8d:05:1b:20:b7:d3:14:fa:d8:c2:f6:0a:08:39:
         4a:f1:dd:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfWdGOxknVz0rRKcVaU4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjQxMTI2MjIwMDIzWhcNMjQxMTI3MjIwMDIzWjAzMTEwLwYDVQQD
EygyMzZjYmM2ZmQwMmMzYTljNjY2MmE1YzE2Y2Y1OTczMTFjNjFkODhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4t4GJydEguZ/Fcvbl33jMemg8uhM
gA4F7QNPgQyTyN+ZTE+NDO9dF3OyCMKOri3fnfgvx9cOCNnPYEXE2u8n3CXoCFfZ
OOrpxqFWr8ppHTY8fQm3Hej+6DY03JAfPeUxRm8YvAomVjrp9NmYucxMhNP7toLZ
aRXMlFXRB4YLFDAwjjxfHxOSMZ5BrSNp6kxC8247Tk84PAEkb5FrBstGtb8KNA9A
ROGtkO6wLVFyzEv16IygHYzcJqyTQ5jfPBq3DGVz/+iJra7+QHaUAZ3i8LkKNTu8
nNPaOrxtNXvuAySqQulTKJUc1Fek3J0lR98L1Y5pOcbKdJH5POCcecziFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCNsvG/QLDqcZmKlwWz1lzEcYdiPMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAEQjitLU
WaXvxaHOXGbLLhMDoqwUSCfDAj1Pz1mP3Yi1Uuqw1MixWHlbo5zTDp0VzatNHL6U
pIkNJcmVcQGTvJ1/tqkwPQA2rumhAubig4mgbHnft68MRVjp/+Ycr6+ANv21YWy6
mCBASxsrQfgGnjjx1EQwcNekXGjKQsujgkM3g2ssXHVu7fMWrUtYuf+TTp+kzcIS
v64Kao3wzS+Qc2WV39WQSeVJeHC4R9Ov01Sv+XhTgzSGn0Me9oRlmsDfe6sM6sDA
LM+YD0KJWiZEdmM8BACiBAIL3lNt0pOGxXbmvNuf+ifnrhy+q20taY0FGyC30xT6
2ML2Cgg5SvHdBg==
-----END CERTIFICATE-----