Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
File:                     0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft (raw, json)
Hash identifier:          BlVVXouNtMPuI96p/NothPnM2aiqIfaddVuPTtgrgD8=
Subject key identifier:   92:B4:E2:F2:F0:CE:BB:2A:DA:D9:75:14:9D:A8:9F:A3:B5:C9:62:28
Authority key identifier: D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95
Certificate issuer:       /CN=d170d4dde23a92166a67bb13f60bc70b667d8695
Certificate serial:       01936A46A7FF31AFD1BF076D8F05B1468334
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
Manifest number:          10B2
Signing time:             Tue 26 Nov 2024 21:00:35 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:35 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:35 +0000
Files and hashes:         1: 0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl (hash: OVF5qY0actKqkdESlz9O4UiiuyPfXBArTPg1/d83z0I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:a7:ff:31:af:d1:bf:07:6d:8f:05:b1:46:83:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d170d4dde23a92166a67bb13f60bc70b667d8695
        Validity
            Not Before: Nov 26 21:00:35 2024 GMT
            Not After : Nov 27 21:00:35 2024 GMT
        Subject: CN=92b4e2f2f0cebb2adad975149da89fa3b5c96228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:08:49:a7:9a:2d:16:9b:36:a6:3a:5d:5b:4a:
                    53:b4:f6:39:de:b3:7c:5f:aa:26:13:13:5c:cc:09:
                    9e:a8:3c:9c:51:e8:7d:48:4a:4c:ae:c1:ee:d6:f7:
                    fc:03:9e:37:ca:f8:e2:10:7c:7b:65:e5:49:a6:59:
                    30:d7:33:4d:f2:b4:a0:6d:f7:d4:ce:e8:8c:2b:6e:
                    28:f3:c2:ab:b3:ba:7e:42:d1:08:9b:92:d8:5f:c9:
                    f5:37:30:d0:b8:38:d5:a1:fd:31:d1:b3:03:bb:a7:
                    e6:a3:8f:60:58:d4:16:6e:d4:ad:99:58:32:61:c7:
                    25:a5:ba:30:e8:14:50:d2:79:e4:e6:c0:87:60:e5:
                    ef:6f:4f:c0:d3:cd:c5:af:72:e7:8d:da:32:4b:af:
                    12:0e:a9:b2:1e:1a:f0:5b:9b:e0:b4:fa:ce:7d:55:
                    fd:f0:9b:ea:c5:4e:fb:52:f6:fb:74:df:53:fb:d4:
                    8b:ec:41:a9:39:98:92:32:b4:e6:91:ef:fd:f7:45:
                    b3:6b:3d:56:11:80:de:2b:71:27:90:39:f2:34:84:
                    37:05:8b:b4:b2:ac:84:f8:1a:e7:6c:9d:ca:14:f9:
                    ea:95:3d:5d:e6:b7:4a:00:8b:a9:6b:42:47:fa:d6:
                    d1:24:a6:9f:6d:97:6a:05:cf:62:27:63:b6:f7:b5:
                    a6:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B4:E2:F2:F0:CE:BB:2A:DA:D9:75:14:9D:A8:9F:A3:B5:C9:62:28
            X509v3 Authority Key Identifier:
                keyid:D1:70:D4:DD:E2:3A:92:16:6A:67:BB:13:F6:0B:C7:0B:66:7D:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/56a6ec-37be-4368-9434-7a5714f8e6da/1/0XDU3eI6khZqZ7sT9gvHC2Z9hpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         95:15:9c:45:df:62:8c:49:fe:7d:b2:83:63:aa:e2:c6:cb:eb:
         b8:99:79:7c:3c:53:b5:ec:2c:f2:e5:ee:d7:76:fe:1f:4f:36:
         3a:9e:fa:c5:19:de:a7:b8:c3:c1:a9:71:6b:4a:5f:8f:57:ba:
         68:1e:02:48:3c:bb:d7:55:99:47:60:a9:ce:10:81:53:c4:ef:
         7f:3d:db:9f:5b:a4:bb:f2:32:20:ee:b8:85:b1:bf:32:7a:3a:
         b8:d5:fb:7c:7c:a7:d9:b4:6e:dd:17:cd:72:1d:4f:20:31:f5:
         41:ad:b7:a7:32:5a:e1:0f:16:0a:68:bf:ae:40:26:02:2b:a2:
         60:f1:f4:21:7b:eb:6f:fa:8f:b7:c6:d1:fb:f6:8b:e8:b1:b2:
         fe:d3:86:8a:d3:ab:00:4a:32:ec:13:aa:bf:51:e7:d0:91:19:
         d9:65:ce:dd:c9:a3:87:e4:f9:87:c5:56:36:03:2a:76:8a:43:
         b6:2a:56:ef:38:89:66:8d:85:b9:f1:dd:07:7f:b9:69:ff:9e:
         0e:af:e0:e6:4b:49:1a:ef:d6:ba:8e:88:0b:e1:56:c1:a4:c8:
         fa:b2:7e:2e:96:73:86:6b:3f:da:49:15:f0:6d:3a:28:3a:eb:
         c8:f4:9f:87:0a:73:61:19:31:89:57:ae:71:6e:c2:a8:95:3e:
         fa:4d:76:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRqf/Ma/RvwdtjwWxRoM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxNzBkNGRkZTIzYTkyMTY2YTY3YmIxM2Y2MGJjNzBiNjY3
ZDg2OTUwHhcNMjQxMTI2MjEwMDM1WhcNMjQxMTI3MjEwMDM1WjAzMTEwLwYDVQQD
Eyg5MmI0ZTJmMmYwY2ViYjJhZGFkOTc1MTQ5ZGE4OWZhM2I1Yzk2MjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAhJp5otFps2pjpdW0pTtPY53rN8
X6omExNczAmeqDycUeh9SEpMrsHu1vf8A543yvjiEHx7ZeVJplkw1zNN8rSgbffU
zuiMK24o88Krs7p+QtEIm5LYX8n1NzDQuDjVof0x0bMDu6fmo49gWNQWbtStmVgy
Ycclpbow6BRQ0nnk5sCHYOXvb0/A083Fr3LnjdoyS68SDqmyHhrwW5vgtPrOfVX9
8JvqxU77Uvb7dN9T+9SL7EGpOZiSMrTmke/990Wzaz1WEYDeK3EnkDnyNIQ3BYu0
sqyE+BrnbJ3KFPnqlT1d5rdKAIupa0JH+tbRJKafbZdqBc9iJ2O297Wm/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJK04vLwzrsq2tl1FJ2on6O1yWIoMB8GA1UdIwQY
MBaAFNFw1N3iOpIWame7E/YLxwtmfYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQt
N2E1NzE0ZjhlNmRhLzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC81NmE2ZWMtMzdiZS00MzY4LTk0MzQtN2E1NzE0ZjhlNmRh
LzEvMFhEVTNlSTZraFpxWjdzVDlndkhDMlo5aHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlRWcRd9i
jEn+fbKDY6rixsvruJl5fDxTtews8uXu13b+H082Op76xRnep7jDwalxa0pfj1e6
aB4CSDy711WZR2CpzhCBU8Tvfz3bn1uku/IyIO64hbG/Mno6uNX7fHyn2bRu3RfN
ch1PIDH1Qa23pzJa4Q8WCmi/rkAmAiuiYPH0IXvrb/qPt8bR+/aL6LGy/tOGitOr
AEoy7BOqv1Hn0JEZ2WXO3cmjh+T5h8VWNgMqdopDtipW7ziJZo2FufHdB3+5af+e
Dq/g5ktJGu/Wuo6IC+FWwaTI+rJ+LpZzhms/2kkV8G06KDrryPSfhwpzYRkxiVeu
cW7CqJU++k129g==
-----END CERTIFICATE-----