Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          63Ol8gdaMis9GLryfkCIXCqH5KSPAYkedk9jtg5V0gQ=
Subject key identifier:   E3:04:2A:7F:7A:D7:73:41:78:8B:78:29:05:E1:36:43:20:49:C0:0A
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       01935688E6A6D1CF14169B2ED3A2EE3C531B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          02EA
Signing time:             Sat 23 Nov 2024 01:00:32 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:32 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:32 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: qCVIaweXdbbMRYJCmyRDKsKhh8WhMVAqS9J+yqakJ2Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:e6:a6:d1:cf:14:16:9b:2e:d3:a2:ee:3c:53:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: Nov 23 01:00:32 2024 GMT
            Not After : Nov 24 01:00:32 2024 GMT
        Subject: CN=e3042a7f7ad77341788b782905e136432049c00a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f3:b5:e1:6d:2e:fc:ea:c9:63:78:33:c2:0e:
                    16:e0:ae:fb:a8:f7:dc:45:3b:85:a2:e7:1e:8c:46:
                    9e:65:ab:0e:56:49:0a:2f:3c:54:9c:5b:b5:91:6d:
                    63:34:fe:83:db:45:1b:a2:c1:86:8f:e9:5c:f2:a3:
                    84:4e:c0:31:7a:4b:5e:4c:1a:e9:7a:68:61:1d:a3:
                    75:6b:8f:96:0b:ee:04:0d:c1:b8:38:18:c1:29:5b:
                    e5:81:f9:50:a7:9b:14:b3:b1:d8:92:45:f3:b6:35:
                    2f:88:b6:09:79:2f:01:61:1f:95:c2:41:36:c6:8a:
                    5e:5c:d3:20:95:0b:78:9f:1b:43:37:a5:4e:2f:a6:
                    13:3a:61:19:50:61:e8:2a:25:d7:d2:f6:29:d2:2f:
                    44:18:06:cb:21:fd:0f:14:df:8f:ca:88:21:ac:50:
                    91:62:1d:20:ee:f9:c8:8d:6d:a4:c1:11:19:28:0c:
                    09:ed:77:67:0f:a1:a3:42:9b:dd:8c:67:ff:7c:4f:
                    9b:5b:6d:2f:e3:c9:db:70:65:72:77:d8:ce:45:64:
                    fc:89:02:d6:39:b7:8a:83:2b:f2:60:f3:f8:25:9f:
                    35:2e:bd:c3:a9:ea:59:7a:2f:d2:95:e0:f7:10:05:
                    c1:8e:a8:ed:1d:af:e2:4e:8d:e6:58:ee:00:34:5a:
                    cb:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:04:2A:7F:7A:D7:73:41:78:8B:78:29:05:E1:36:43:20:49:C0:0A
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:f0:b9:ec:8b:a6:e4:d6:4a:c8:4a:c4:cb:55:7e:e3:08:9e:
         cc:21:20:69:62:1f:60:62:0d:61:d4:fa:bb:ec:75:1e:fa:2c:
         19:5a:fe:85:68:eb:fd:41:ac:7a:9d:43:c3:a2:15:e5:e0:34:
         f3:2a:40:86:f5:8f:07:bb:cd:5b:f0:6f:c8:ad:af:02:a8:a5:
         6d:35:26:d0:e4:d0:a9:7c:f3:53:08:c3:ed:96:a8:bd:e3:eb:
         e3:11:6d:92:03:a8:c8:33:1e:fb:11:5d:23:c5:b5:86:f1:9e:
         a3:cb:45:4d:dd:de:c0:77:51:ac:3e:42:bb:11:f7:7f:55:80:
         d0:b2:04:1c:bc:de:99:fb:cc:13:5b:77:02:ab:02:33:a8:8e:
         1b:9b:14:c0:90:40:2f:45:e2:15:eb:d5:fe:f6:88:a0:88:44:
         d8:04:b0:ce:e9:ce:25:61:8f:ac:7b:bc:5d:16:a3:04:87:cc:
         78:c4:e1:4e:62:43:c7:31:2f:08:c5:e0:4d:96:dd:b1:92:4c:
         f3:c6:85:a6:ce:a1:be:ab:a2:2e:98:f8:5b:b4:5a:86:2a:9e:
         6d:3b:aa:46:34:cd:58:28:d5:b8:7c:ab:7f:7f:e1:a2:d6:64:
         4e:99:8a:3c:f3:a4:0b:17:2c:0c:88:86:98:9c:11:78:a9:5f:
         de:bc:bd:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiOam0c8UFpsu06LuPFMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjQxMTIzMDEwMDMyWhcNMjQxMTI0MDEwMDMyWjAzMTEwLwYDVQQD
EyhlMzA0MmE3ZjdhZDc3MzQxNzg4Yjc4MjkwNWUxMzY0MzIwNDljMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvO14W0u/OrJY3gzwg4W4K77qPfc
RTuFoucejEaeZasOVkkKLzxUnFu1kW1jNP6D20UbosGGj+lc8qOETsAxekteTBrp
emhhHaN1a4+WC+4EDcG4OBjBKVvlgflQp5sUs7HYkkXztjUviLYJeS8BYR+VwkE2
xopeXNMglQt4nxtDN6VOL6YTOmEZUGHoKiXX0vYp0i9EGAbLIf0PFN+PyoghrFCR
Yh0g7vnIjW2kwREZKAwJ7XdnD6GjQpvdjGf/fE+bW20v48nbcGVyd9jORWT8iQLW
ObeKgyvyYPP4JZ81Lr3DqepZei/SleD3EAXBjqjtHa/iTo3mWO4ANFrLowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMEKn9613NBeIt4KQXhNkMgScAKMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARPC57Ium
5NZKyErEy1V+4wiezCEgaWIfYGINYdT6u+x1HvosGVr+hWjr/UGsep1Dw6IV5eA0
8ypAhvWPB7vNW/BvyK2vAqilbTUm0OTQqXzzUwjD7ZaovePr4xFtkgOoyDMe+xFd
I8W1hvGeo8tFTd3ewHdRrD5CuxH3f1WA0LIEHLzemfvME1t3AqsCM6iOG5sUwJBA
L0XiFevV/vaIoIhE2ASwzunOJWGPrHu8XRajBIfMeMThTmJDxzEvCMXgTZbdsZJM
88aFps6hvquiLpj4W7RahiqebTuqRjTNWCjVuHyrf3/hotZkTpmKPPOkCxcsDIiG
mJwReKlf3ry9pA==
-----END CERTIFICATE-----