Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
File:                     YDRE4ZlioZHv0vIWoSji9M_io94.mft (raw, json)
Hash identifier:          8af1oAkSZdhIwhu43B/1nI1nbj4iXmZ/pO2jHiR7yDg=
Subject key identifier:   E9:D8:BD:00:2A:80:2E:27:A2:0F:22:20:75:81:BA:D5:77:67:15:31
Authority key identifier: 60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE
Certificate issuer:       /CN=603444e19962a191efd2f216a128e2f4cfe2a3de
Certificate serial:       01935688EAC11426A829E5C0D4FFE5D71789
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
Manifest number:          038B
Signing time:             Sat 23 Nov 2024 01:00:33 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:33 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:33 +0000
Files and hashes:         1: YDRE4ZlioZHv0vIWoSji9M_io94.crl (hash: m966GcNuAh/HLNgdQOcX/gS/ikAceLRvQfwRfP7doWs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:ea:c1:14:26:a8:29:e5:c0:d4:ff:e5:d7:17:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=603444e19962a191efd2f216a128e2f4cfe2a3de
        Validity
            Not Before: Nov 23 01:00:33 2024 GMT
            Not After : Nov 24 01:00:33 2024 GMT
        Subject: CN=e9d8bd002a802e27a20f22207581bad577671531
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a1:25:f2:32:c7:2c:0f:f7:f1:27:93:7f:7a:
                    1c:4d:68:f9:3e:b3:f3:df:21:fa:9b:5c:72:23:ed:
                    15:ba:b1:e7:40:38:2d:ed:0b:b0:8e:19:2e:e4:08:
                    69:8f:b4:06:c4:04:02:b1:a4:81:1b:c3:7d:50:dc:
                    a2:8e:25:70:9e:a9:10:50:0f:37:a7:fc:b7:32:a7:
                    ba:0c:cb:ad:7f:20:42:ab:a9:ce:dc:f6:82:ce:4e:
                    71:b6:7c:f6:32:5b:c2:4c:59:7f:fd:f4:b1:82:a6:
                    8a:1f:35:ce:57:e3:9e:de:1b:ec:a8:6f:38:9f:a9:
                    f7:74:b7:e3:c4:b6:b4:7b:f3:a9:70:80:24:1d:33:
                    e2:4f:6c:ea:e0:0b:7f:94:be:9c:ff:b2:e0:da:13:
                    5b:13:45:e1:f9:98:78:ae:c0:03:8d:51:24:49:77:
                    e2:04:03:b0:4c:4c:75:30:01:56:06:32:26:26:6e:
                    d1:e8:63:3b:fa:56:77:60:a1:96:17:d9:f0:32:d8:
                    cf:7d:0a:b5:62:9b:06:7a:a8:21:0a:c7:93:bc:5a:
                    6a:34:b7:6f:94:f1:a2:cf:e2:4b:8b:87:9a:11:e4:
                    8a:2f:49:9d:45:b3:ec:d2:d4:68:7e:5f:af:f0:00:
                    e6:2c:fa:c7:b2:8a:e1:40:37:5c:b1:c4:f7:dc:cb:
                    db:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:D8:BD:00:2A:80:2E:27:A2:0F:22:20:75:81:BA:D5:77:67:15:31
            X509v3 Authority Key Identifier:
                keyid:60:34:44:E1:99:62:A1:91:EF:D2:F2:16:A1:28:E2:F4:CF:E2:A3:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDRE4ZlioZHv0vIWoSji9M_io94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/1f32cb-dab2-4a9f-ae77-8447e29c1524/1/YDRE4ZlioZHv0vIWoSji9M_io94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:43:9c:e4:cd:cb:c5:b0:6e:46:53:1e:ad:cc:5c:18:33:2e:
         19:fb:59:6a:3a:95:96:11:9e:d8:e9:2d:d0:b0:81:76:90:23:
         4f:b2:4e:17:9c:2e:4f:69:5b:07:16:81:9c:26:94:9d:e8:b1:
         33:1d:0f:56:38:52:a8:b4:d0:ae:32:03:14:d5:dd:3a:c7:04:
         45:c9:f8:2a:39:da:aa:0c:7c:e1:5e:f4:88:58:ff:cd:cb:6f:
         cd:f6:21:59:84:53:8f:df:72:29:c0:fa:65:f6:7d:40:ed:7f:
         a6:e9:41:99:68:37:03:18:3b:e9:60:c2:d0:73:41:85:f6:8c:
         b7:21:91:97:29:f5:53:8f:1f:fc:4f:d5:26:cf:d4:18:42:83:
         9b:52:ce:fe:6d:d5:49:06:5b:a5:57:bd:79:23:f8:fd:54:3b:
         87:91:c8:0e:e3:c3:8e:09:78:7a:da:35:f7:a5:4e:2c:51:65:
         0d:d5:de:b4:33:50:8a:75:e4:6b:c2:81:1a:02:6a:d3:f7:da:
         b1:72:84:e7:84:65:2f:c9:9b:dd:fe:7e:b3:b5:bc:7a:5f:36:
         7e:d6:06:b9:99:1a:8a:fc:f6:37:d9:04:4e:0e:49:0c:3d:f0:
         9c:02:7e:26:51:4b:b2:35:6e:ed:67:bf:4f:62:6a:73:b4:ae:
         9d:0a:49:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiOrBFCaoKeXA1P/l1xeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzQ0NGUxOTk2MmExOTFlZmQyZjIxNmExMjhlMmY0Y2Zl
MmEzZGUwHhcNMjQxMTIzMDEwMDMzWhcNMjQxMTI0MDEwMDMzWjAzMTEwLwYDVQQD
EyhlOWQ4YmQwMDJhODAyZTI3YTIwZjIyMjA3NTgxYmFkNTc3NjcxNTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqEl8jLHLA/38SeTf3ocTWj5PrPz
3yH6m1xyI+0VurHnQDgt7Quwjhku5Ahpj7QGxAQCsaSBG8N9UNyijiVwnqkQUA83
p/y3Mqe6DMutfyBCq6nO3PaCzk5xtnz2MlvCTFl//fSxgqaKHzXOV+Oe3hvsqG84
n6n3dLfjxLa0e/OpcIAkHTPiT2zq4At/lL6c/7Lg2hNbE0Xh+Zh4rsADjVEkSXfi
BAOwTEx1MAFWBjImJm7R6GM7+lZ3YKGWF9nwMtjPfQq1YpsGeqghCseTvFpqNLdv
lPGiz+JLi4eaEeSKL0mdRbPs0tRofl+v8ADmLPrHsorhQDdcscT33Mvb7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOnYvQAqgC4nog8iIHWButV3ZxUxMB8GA1UdIwQY
MBaAFGA0ROGZYqGR79LyFqEo4vTP4qPeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzct
ODQ0N2UyOWMxNTI0LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8xZjMyY2ItZGFiMi00YTlmLWFlNzctODQ0N2UyOWMxNTI0
LzEvWURSRTRabGlvWkh2MHZJV29Tamk5TV9pbzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEOc5M3L
xbBuRlMercxcGDMuGftZajqVlhGe2Okt0LCBdpAjT7JOF5wuT2lbBxaBnCaUneix
Mx0PVjhSqLTQrjIDFNXdOscERcn4Kjnaqgx84V70iFj/zctvzfYhWYRTj99yKcD6
ZfZ9QO1/pulBmWg3Axg76WDC0HNBhfaMtyGRlyn1U48f/E/VJs/UGEKDm1LO/m3V
SQZbpVe9eSP4/VQ7h5HIDuPDjgl4eto196VOLFFlDdXetDNQinXka8KBGgJq0/fa
sXKE54RlL8mb3f5+s7W8el82ftYGuZkaivz2N9kETg5JDD3wnAJ+JlFLsjVu7We/
T2Jqc7SunQpJ8A==
-----END CERTIFICATE-----