Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
File:                     NREZcs9Nkki9sYjTtBmuD7flZGs.mft (raw, json)
Hash identifier:          +mzMfXrXU14t4KarWx8EN5zePHdgCgj5kIGBZRXmbP8=
Subject key identifier:   6C:38:07:57:70:55:ED:86:5B:A4:0F:B4:A5:AB:91:91:18:71:22:97
Authority key identifier: 35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B
Certificate issuer:       /CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
Certificate serial:       019369DAA4DECF6F48B78D59AB28AC50D503
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
Manifest number:          0B89
Signing time:             Tue 26 Nov 2024 19:02:36 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:36 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:36 +0000
Files and hashes:         1: NREZcs9Nkki9sYjTtBmuD7flZGs.crl (hash: dtJAoDDFi6d2wgrZkAM/mbYtP8Xz6sIWIFYEughTZ00=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:a4:de:cf:6f:48:b7:8d:59:ab:28:ac:50:d5:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35111972cf4d9248bdb188d3b419ae0fb7e5646b
        Validity
            Not Before: Nov 26 19:02:36 2024 GMT
            Not After : Nov 27 19:02:36 2024 GMT
        Subject: CN=6c3807577055ed865ba40fb4a5ab919118712297
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:5e:02:ba:88:64:9c:ff:54:36:0c:43:5e:9b:
                    0a:c7:f7:c9:cf:08:dd:e5:19:d5:c7:52:8b:6d:1b:
                    5b:88:b4:e4:48:01:45:8e:dc:7a:e6:07:bb:8d:24:
                    72:28:38:3c:38:23:73:10:09:68:f9:1f:31:b9:3d:
                    4a:82:79:34:eb:03:05:bc:fb:57:d6:6e:72:36:77:
                    fa:73:d6:ca:1d:da:c9:93:4c:f7:81:05:cd:60:f5:
                    7c:99:24:d4:ce:ee:32:a9:20:2d:46:54:c4:78:c0:
                    f5:dd:8a:68:42:9e:94:db:49:1f:30:58:02:c4:24:
                    d5:a5:f8:a2:10:49:65:01:25:df:81:59:fb:58:68:
                    82:4e:ec:7b:21:17:db:e2:8f:50:cf:90:3d:a5:89:
                    52:d4:12:3f:7b:78:fe:0c:0d:2e:b9:fa:3a:2e:c7:
                    ad:79:f7:05:06:55:23:de:0f:82:3c:e4:c5:51:f5:
                    8f:99:3a:c1:1d:ef:0c:a5:28:86:9f:97:fe:02:56:
                    4d:30:7f:1c:ad:42:22:70:52:0d:e2:28:d1:ae:d8:
                    44:b0:82:36:28:a4:35:72:3f:39:19:22:18:af:32:
                    6f:84:45:bf:33:ba:44:37:fa:b6:1a:12:61:cd:e2:
                    af:df:3c:72:f7:5e:90:57:0c:31:83:d4:e5:1a:a1:
                    9d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:38:07:57:70:55:ED:86:5B:A4:0F:B4:A5:AB:91:91:18:71:22:97
            X509v3 Authority Key Identifier:
                keyid:35:11:19:72:CF:4D:92:48:BD:B1:88:D3:B4:19:AE:0F:B7:E5:64:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NREZcs9Nkki9sYjTtBmuD7flZGs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f6b2bd-190b-4d0f-ba46-59e6325dd22b/1/NREZcs9Nkki9sYjTtBmuD7flZGs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:fa:6a:57:a0:ad:77:89:8c:67:4d:e2:66:61:2f:2a:b0:07:
         41:60:ad:66:60:93:85:5c:69:58:9f:03:9e:d3:f7:22:8d:57:
         7f:c4:7a:e6:c6:11:64:19:ae:b8:c1:4d:46:ec:d2:68:6b:5e:
         08:7f:b2:44:50:fe:f6:80:df:99:f8:f7:c9:d4:41:fd:c6:d6:
         18:a8:69:69:77:d9:e0:4a:af:23:58:41:54:48:8d:3e:d8:b4:
         69:2d:c1:53:64:bd:e9:ff:b5:fa:27:4d:c1:40:af:96:04:5a:
         42:3e:d6:3d:c3:45:66:73:ef:a0:85:c5:d3:3f:d1:29:c9:c0:
         12:f0:22:5b:c6:e1:fa:4e:ab:4b:f3:34:e9:b8:01:36:ce:c2:
         47:d3:da:b3:4a:4b:9f:cd:1f:f8:c9:ea:03:ef:4f:37:62:4f:
         4d:e9:5f:2e:d5:cb:2c:03:46:d9:2a:54:65:72:8f:e3:f8:2c:
         44:47:7d:7a:8e:9d:3c:65:3c:63:7b:94:cd:df:34:b6:35:ea:
         02:ea:86:02:64:82:76:ca:af:a6:aa:b5:95:85:f4:19:ac:9b:
         8e:90:8a:2e:dc:c5:be:7c:6d:9d:63:6c:fa:67:ff:2e:38:c7:
         03:32:27:b1:f0:80:2b:9b:02:91:0f:3a:59:44:bf:43:31:6f:
         be:94:1e:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2qTez29It41ZqyisUNUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTExOTcyY2Y0ZDkyNDhiZGIxODhkM2I0MTlhZTBmYjdl
NTY0NmIwHhcNMjQxMTI2MTkwMjM2WhcNMjQxMTI3MTkwMjM2WjAzMTEwLwYDVQQD
Eyg2YzM4MDc1NzcwNTVlZDg2NWJhNDBmYjRhNWFiOTE5MTE4NzEyMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV4CuohknP9UNgxDXpsKx/fJzwjd
5RnVx1KLbRtbiLTkSAFFjtx65ge7jSRyKDg8OCNzEAlo+R8xuT1Kgnk06wMFvPtX
1m5yNnf6c9bKHdrJk0z3gQXNYPV8mSTUzu4yqSAtRlTEeMD13YpoQp6U20kfMFgC
xCTVpfiiEEllASXfgVn7WGiCTux7IRfb4o9Qz5A9pYlS1BI/e3j+DA0uufo6Lset
efcFBlUj3g+CPOTFUfWPmTrBHe8MpSiGn5f+AlZNMH8crUIicFIN4ijRrthEsII2
KKQ1cj85GSIYrzJvhEW/M7pEN/q2GhJhzeKv3zxy916QVwwxg9TlGqGdyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGw4B1dwVe2GW6QPtKWrkZEYcSKXMB8GA1UdIwQY
MBaAFDURGXLPTZJIvbGI07QZrg+35WRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYt
NTllNjMyNWRkMjJiLzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNmIyYmQtMTkwYi00ZDBmLWJhNDYtNTllNjMyNWRkMjJi
LzEvTlJFWmNzOU5ra2k5c1lqVHRCbXVEN2ZsWkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvpqV6Ct
d4mMZ03iZmEvKrAHQWCtZmCThVxpWJ8DntP3Io1Xf8R65sYRZBmuuMFNRuzSaGte
CH+yRFD+9oDfmfj3ydRB/cbWGKhpaXfZ4EqvI1hBVEiNPti0aS3BU2S96f+1+idN
wUCvlgRaQj7WPcNFZnPvoIXF0z/RKcnAEvAiW8bh+k6rS/M06bgBNs7CR9Pas0pL
n80f+MnqA+9PN2JPTelfLtXLLANG2SpUZXKP4/gsREd9eo6dPGU8Y3uUzd80tjXq
AuqGAmSCdsqvpqq1lYX0GaybjpCKLtzFvnxtnWNs+mf/LjjHAzInsfCAK5sCkQ86
WUS/QzFvvpQeJA==
-----END CERTIFICATE-----