Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
File:                     sTI2xNBokx4LRMmLKQqPqlVKA7k.mft (raw, json)
Hash identifier:          SkDBggwW0k2P29LIZw0777q2qQf3lBOo7Z8VsHgYiSg=
Subject key identifier:   80:C1:B8:37:D8:31:40:13:20:C0:1A:24:4C:FC:E1:7C:EC:A1:22:26
Authority key identifier: B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9
Certificate issuer:       /CN=b13236c4d068931e0b44c98b290a8faa554a03b9
Certificate serial:       019356F68C51057A9EBE598C3695E43A614E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
Manifest number:          0138
Signing time:             Sat 23 Nov 2024 03:00:18 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:18 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:18 +0000
Files and hashes:         1: sTI2xNBokx4LRMmLKQqPqlVKA7k.crl (hash: BWEH33YVClWXcAQEcn+GHCGo13zjsYhKf0lEZv/QT04=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:8c:51:05:7a:9e:be:59:8c:36:95:e4:3a:61:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b13236c4d068931e0b44c98b290a8faa554a03b9
        Validity
            Not Before: Nov 23 03:00:18 2024 GMT
            Not After : Nov 24 03:00:18 2024 GMT
        Subject: CN=80c1b837d831401320c01a244cfce17ceca12226
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2c:dd:b8:e6:40:b4:00:e7:50:bc:4e:ce:2e:
                    95:04:3f:04:39:1f:2e:52:b9:20:35:61:a5:c5:3f:
                    2c:70:ed:46:7c:ca:c9:41:a9:73:1b:52:63:d0:02:
                    a5:ef:58:47:f8:cb:92:ec:cb:a2:09:52:95:65:e8:
                    fe:b5:75:a0:75:53:88:ec:4e:a8:ba:9b:ed:76:06:
                    77:f0:7b:e7:9b:b4:c3:4b:41:61:ac:96:72:9b:52:
                    70:42:ec:73:b8:d3:0f:d5:66:40:3b:68:80:11:ae:
                    8f:c6:e5:47:a1:22:69:38:58:e5:59:62:03:46:81:
                    06:be:97:d8:81:40:d9:24:67:a3:36:cc:ef:4c:f6:
                    4d:02:1d:a9:08:8a:fd:84:2c:2d:fa:2e:ae:c8:0b:
                    8e:14:85:0e:0b:8e:8c:2a:5c:24:61:16:c0:73:3d:
                    85:fb:cb:8a:da:71:aa:f0:ca:3b:c0:ff:fd:13:2f:
                    cf:b2:d7:f8:a0:25:e8:90:08:cc:17:41:e9:84:5f:
                    c1:1c:99:30:c3:39:85:4e:2a:82:b0:2a:b8:fd:9b:
                    1d:86:9f:a1:2f:35:24:fb:31:9f:fe:ca:23:6d:fb:
                    67:b5:92:20:1c:3d:27:3f:13:45:f8:b8:45:88:45:
                    12:63:a4:7c:00:f6:c1:6d:11:83:dc:af:76:6b:f4:
                    b5:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:C1:B8:37:D8:31:40:13:20:C0:1A:24:4C:FC:E1:7C:EC:A1:22:26
            X509v3 Authority Key Identifier:
                keyid:B1:32:36:C4:D0:68:93:1E:0B:44:C9:8B:29:0A:8F:AA:55:4A:03:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTI2xNBokx4LRMmLKQqPqlVKA7k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5729fa-59dd-4346-8c00-2dd11984b35f/1/sTI2xNBokx4LRMmLKQqPqlVKA7k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:1c:bd:b1:62:18:c7:93:07:22:55:13:d0:6e:7f:d3:03:63:
         87:14:41:ed:d0:49:31:19:d8:fa:a3:9c:d9:aa:e1:54:0c:9d:
         66:2b:03:54:cc:3c:1d:b1:d5:6d:8d:b3:33:8e:08:3f:43:4f:
         c4:e2:90:ca:92:a4:eb:56:a7:63:f0:2a:df:a2:f3:ea:04:e6:
         96:f4:15:05:18:5f:3f:9b:80:42:be:78:81:02:f9:52:93:4f:
         8f:55:ad:21:e0:37:52:ed:13:6d:d4:86:5e:2d:25:1d:ab:6e:
         b1:56:ad:d0:36:32:cb:11:4b:3b:38:71:f4:85:55:12:d8:cb:
         78:6d:84:6a:f8:ec:a1:b2:3f:ba:e6:d7:a4:d3:3d:c9:3a:69:
         d4:a0:09:82:9d:fb:6e:8b:80:73:b4:56:e0:c7:ee:6d:f6:5a:
         22:cc:0b:37:ec:4e:c1:12:3b:e3:23:e5:b3:4c:55:48:a1:f1:
         e5:62:6d:95:2c:2e:6f:d5:28:9a:13:6e:6b:5d:87:7d:e1:97:
         ef:f1:5c:98:00:04:5b:a1:d4:96:de:bf:ba:af:81:59:e8:73:
         c5:97:5b:90:2b:4d:1b:a6:0d:c0:b9:fb:79:ed:29:b1:7f:6e:
         32:df:05:2d:95:bc:eb:97:ad:18:36:11:2d:ac:11:a2:77:01:
         b3:69:19:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9oxRBXqevlmMNpXkOmFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzIzNmM0ZDA2ODkzMWUwYjQ0Yzk4YjI5MGE4ZmFhNTU0
YTAzYjkwHhcNMjQxMTIzMDMwMDE4WhcNMjQxMTI0MDMwMDE4WjAzMTEwLwYDVQQD
Eyg4MGMxYjgzN2Q4MzE0MDEzMjBjMDFhMjQ0Y2ZjZTE3Y2VjYTEyMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCzduOZAtADnULxOzi6VBD8EOR8u
UrkgNWGlxT8scO1GfMrJQalzG1Jj0AKl71hH+MuS7MuiCVKVZej+tXWgdVOI7E6o
upvtdgZ38Hvnm7TDS0FhrJZym1JwQuxzuNMP1WZAO2iAEa6PxuVHoSJpOFjlWWID
RoEGvpfYgUDZJGejNszvTPZNAh2pCIr9hCwt+i6uyAuOFIUOC46MKlwkYRbAcz2F
+8uK2nGq8Mo7wP/9Ey/Pstf4oCXokAjMF0HphF/BHJkwwzmFTiqCsCq4/Zsdhp+h
LzUk+zGf/sojbftntZIgHD0nPxNF+LhFiEUSY6R8APbBbRGD3K92a/S1kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIDBuDfYMUATIMAaJEz84XzsoSImMB8GA1UdIwQY
MBaAFLEyNsTQaJMeC0TJiykKj6pVSgO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAt
MmRkMTE5ODRiMzVmLzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81NzI5ZmEtNTlkZC00MzQ2LThjMDAtMmRkMTE5ODRiMzVm
LzEvc1RJMnhOQm9reDRMUk1tTEtRcVBxbFZLQTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADRy9sWIY
x5MHIlUT0G5/0wNjhxRB7dBJMRnY+qOc2arhVAydZisDVMw8HbHVbY2zM44IP0NP
xOKQypKk61anY/Aq36Lz6gTmlvQVBRhfP5uAQr54gQL5UpNPj1WtIeA3Uu0TbdSG
Xi0lHatusVat0DYyyxFLOzhx9IVVEtjLeG2EavjsobI/uubXpNM9yTpp1KAJgp37
bouAc7RW4MfubfZaIswLN+xOwRI74yPls0xVSKHx5WJtlSwub9UomhNua12HfeGX
7/FcmAAEW6HUlt6/uq+BWehzxZdbkCtNG6YNwLn7ee0psX9uMt8FLZW865etGDYR
LawRoncBs2kZbw==
-----END CERTIFICATE-----