Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
File:                     XNhYOyEXQQSea7GalG2DGqvxGtM.mft (raw, json)
Hash identifier:          jlMM+2HfkA05zeoOwsPy6o2N2kI2GjyR2ir549xxcjE=
Subject key identifier:   76:58:D1:01:68:A6:42:90:36:90:6C:55:A1:EB:B9:57:93:43:6C:B6
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Certificate issuer:       /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial:       01935878BCC000BF6EAB15A1959854CC89CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
Manifest number:          12B1
Signing time:             Sat 23 Nov 2024 10:02:07 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:07 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:07 +0000
Files and hashes:         1: XNhYOyEXQQSea7GalG2DGqvxGtM.crl (hash: acnOUptpNUM7sXitC5tXMVqVPU/MOg4ssXw+1HgWao8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:bc:c0:00:bf:6e:ab:15:a1:95:98:54:cc:89:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
        Validity
            Not Before: Nov 23 10:02:07 2024 GMT
            Not After : Nov 24 10:02:07 2024 GMT
        Subject: CN=7658d10168a6429036906c55a1ebb95793436cb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:78:d0:87:91:06:7a:c6:05:f7:de:0b:2d:c9:
                    cc:f8:65:95:a4:1d:6d:09:a7:52:ed:37:d5:5d:5a:
                    f8:c2:93:9a:c8:48:14:0b:40:e9:e8:98:89:2d:b8:
                    64:6c:8b:54:5c:39:1e:1f:e7:ad:43:98:fd:76:57:
                    74:62:99:cb:19:06:d6:a3:bd:a2:f4:52:ae:1b:ef:
                    18:e3:f7:94:a1:c3:fa:1e:30:1f:82:ad:ce:a3:5f:
                    9a:41:9c:a7:27:33:f4:c9:0e:12:c4:bc:07:5b:da:
                    a8:f5:96:11:07:2a:a9:c9:83:ad:8c:b8:a8:51:a1:
                    1b:39:5b:ee:48:38:b3:89:1e:33:f1:7c:1c:72:47:
                    b4:d9:95:ad:47:84:8e:c0:6f:48:07:e8:6a:55:bc:
                    7c:25:8d:f0:dc:5d:a6:d2:0d:14:56:6a:9e:f9:6e:
                    bf:e1:af:5b:1b:fb:fc:14:af:0a:32:4a:4e:40:12:
                    3d:fb:c0:76:8a:7d:90:c2:46:b7:d0:6b:8f:79:65:
                    fa:fa:59:0f:6c:45:63:3a:b5:2e:25:ba:75:f3:e3:
                    37:76:ac:63:49:74:33:06:d5:a7:80:54:5e:b7:7d:
                    b5:1e:12:33:f1:0e:a6:08:ea:dd:b3:10:fe:9d:1a:
                    a1:c7:67:65:33:ed:15:77:b3:6b:2e:37:c7:f1:ec:
                    6d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:58:D1:01:68:A6:42:90:36:90:6C:55:A1:EB:B9:57:93:43:6C:B6
            X509v3 Authority Key Identifier:
                keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:2d:e0:d4:12:be:78:9e:07:1c:4f:4e:93:ad:bb:5d:51:b7:
         ba:bb:bd:e2:76:57:7e:9a:3a:31:2c:40:16:a2:2e:86:55:ec:
         fc:cf:29:71:07:e4:cf:ee:bf:37:2b:fd:34:8d:c0:1b:10:21:
         18:c4:ea:61:15:ed:2f:f1:0a:42:64:d6:fe:88:02:1a:6e:02:
         19:02:96:8c:d1:34:18:9f:1c:70:a0:1c:c4:92:83:7a:c8:88:
         ce:d0:55:24:22:45:79:b3:fe:22:53:9a:77:26:4f:ff:5c:a6:
         d9:17:c8:99:01:0c:37:b7:fc:5d:28:0d:77:19:e8:5a:a7:d1:
         19:e7:ec:88:fd:1f:66:c3:08:b0:7d:a0:ee:8a:20:69:49:76:
         81:c0:17:4f:d3:71:21:81:db:da:35:fe:07:e2:56:59:74:39:
         9d:05:40:25:a2:ce:5c:7f:df:40:53:44:91:57:6a:85:bc:8f:
         e3:be:09:8d:e4:8f:ce:a7:06:70:da:dd:6c:9d:78:fe:cf:ea:
         61:ef:32:0e:b1:9b:b3:e7:6b:00:c5:ce:90:ec:6d:99:a4:9e:
         b5:98:3e:16:bb:9f:e7:4d:ff:dd:76:d2:f5:db:c8:e1:cc:5f:
         3b:aa:2b:01:6b:18:85:42:ab:65:71:7e:56:49:0f:d6:17:a7:
         b6:6f:04:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeLzAAL9uqxWhlZhUzInNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjQxMTIzMTAwMjA3WhcNMjQxMTI0MTAwMjA3WjAzMTEwLwYDVQQD
Eyg3NjU4ZDEwMTY4YTY0MjkwMzY5MDZjNTVhMWViYjk1NzkzNDM2Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHjQh5EGesYF994LLcnM+GWVpB1t
CadS7TfVXVr4wpOayEgUC0Dp6JiJLbhkbItUXDkeH+etQ5j9dld0YpnLGQbWo72i
9FKuG+8Y4/eUocP6HjAfgq3Oo1+aQZynJzP0yQ4SxLwHW9qo9ZYRByqpyYOtjLio
UaEbOVvuSDiziR4z8Xwccke02ZWtR4SOwG9IB+hqVbx8JY3w3F2m0g0UVmqe+W6/
4a9bG/v8FK8KMkpOQBI9+8B2in2Qwka30GuPeWX6+lkPbEVjOrUuJbp18+M3dqxj
SXQzBtWngFRet321HhIz8Q6mCOrdsxD+nRqhx2dlM+0Vd7NrLjfH8extnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZY0QFopkKQNpBsVaHruVeTQ2y2MB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEC3g1BK+
eJ4HHE9Ok627XVG3uru94nZXfpo6MSxAFqIuhlXs/M8pcQfkz+6/Nyv9NI3AGxAh
GMTqYRXtL/EKQmTW/ogCGm4CGQKWjNE0GJ8ccKAcxJKDesiIztBVJCJFebP+IlOa
dyZP/1ym2RfImQEMN7f8XSgNdxnoWqfRGefsiP0fZsMIsH2g7oogaUl2gcAXT9Nx
IYHb2jX+B+JWWXQ5nQVAJaLOXH/fQFNEkVdqhbyP474JjeSPzqcGcNrdbJ14/s/q
Ye8yDrGbs+drAMXOkOxtmaSetZg+Fruf503/3XbS9dvI4cxfO6orAWsYhUKrZXF+
VkkP1hentm8EVA==
-----END CERTIFICATE-----