Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
File:                     4N8zRFExdiUqLLaQvPcF1kmBEfU.mft (raw, json)
Hash identifier:          zn8nV2z1ZgKhhmO26GCMDvWKvAPn8TLIhCZ+4hFJUEA=
Subject key identifier:   19:9D:7B:CE:16:4A:77:04:AB:0B:69:72:3E:4B:14:00:BA:87:60:88
Authority key identifier: E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5
Certificate issuer:       /CN=e0df3344513176252a2cb690bcf705d6498111f5
Certificate serial:       019405A136A9B85DDFBF956DC86E5BA38EDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
Manifest number:          06E6
Signing time:             Fri 27 Dec 2024 01:00:38 +0000
Manifest this update:     Fri 27 Dec 2024 01:00:38 +0000
Manifest next update:     Sat 28 Dec 2024 01:00:38 +0000
Files and hashes:         1: 4N8zRFExdiUqLLaQvPcF1kmBEfU.crl (hash: Rg7uGGePRYtD1LJis2Xa48gTxyQTAwqkpezi/A+PsPA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:05:a1:36:a9:b8:5d:df:bf:95:6d:c8:6e:5b:a3:8e:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0df3344513176252a2cb690bcf705d6498111f5
        Validity
            Not Before: Dec 27 01:00:38 2024 GMT
            Not After : Dec 28 01:00:38 2024 GMT
        Subject: CN=199d7bce164a7704ab0b69723e4b1400ba876088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c5:4f:02:0a:87:e3:68:13:92:f1:9a:d7:d6:
                    1b:02:61:8f:71:24:57:9f:94:4c:b1:d1:a8:c4:e3:
                    26:5b:bc:3d:ff:66:4e:d3:d6:f8:60:41:33:3d:87:
                    03:1a:a2:40:ea:f4:ad:a0:b2:8e:69:47:d8:94:7c:
                    e9:13:69:db:49:e0:aa:e1:dd:b0:fc:29:4e:12:8b:
                    a5:b2:5d:ec:ea:e7:46:68:c9:ad:5e:cb:73:18:1f:
                    d3:70:e7:c2:ac:99:6c:c5:7f:91:b3:00:d3:aa:0a:
                    a3:4d:36:0b:ce:bc:04:9d:b0:8a:e1:73:20:a5:16:
                    71:ec:0e:3f:76:84:6c:2e:2e:fe:70:96:4e:16:cc:
                    30:ee:73:23:a9:08:f8:22:a3:d4:f2:af:6a:01:ec:
                    47:e1:87:c2:c2:7e:88:17:5b:e3:51:b2:15:23:47:
                    9e:6e:c3:e4:82:5c:19:18:9a:6e:37:02:33:04:a1:
                    8f:0b:ec:9a:ad:3e:11:b6:99:4e:30:e0:e0:01:2e:
                    28:c6:73:1c:9f:14:7b:20:b4:f6:a6:c2:eb:af:2d:
                    af:4e:6a:49:c4:c0:1c:41:5f:e1:a6:d8:01:60:5f:
                    c0:12:7c:93:37:58:9e:00:b3:9d:78:e9:85:92:c1:
                    07:b9:a2:f8:12:28:9e:69:8c:a9:32:89:0c:ee:28:
                    59:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:9D:7B:CE:16:4A:77:04:AB:0B:69:72:3E:4B:14:00:BA:87:60:88
            X509v3 Authority Key Identifier:
                keyid:E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:8e:8a:ec:0c:97:1e:e1:2d:81:10:dd:23:77:20:ec:ab:95:
         22:54:1b:ef:00:34:de:7e:0f:e7:17:17:46:ce:f7:56:72:2b:
         67:00:17:99:56:73:1b:bc:8f:8f:fa:72:5b:eb:d6:cb:e8:b6:
         43:d9:18:d6:b5:2c:f6:fb:a1:c6:9b:ab:5d:c9:23:1b:52:df:
         1a:40:38:d5:86:a1:32:f9:ee:c1:db:f1:4a:93:aa:c4:7f:2a:
         85:af:9e:46:67:62:d4:dc:9c:dc:5a:d4:d7:81:c7:2d:ff:42:
         7c:1a:78:f8:81:36:cb:ce:bf:16:bf:cb:93:ef:dc:b9:23:1c:
         4c:34:36:e3:41:1f:02:d3:37:17:af:dd:77:2d:df:96:59:b0:
         77:ed:08:eb:d4:81:8c:c0:c1:79:e1:48:3a:05:4f:16:65:52:
         cb:26:79:be:8a:e6:f6:a0:ec:dc:b1:02:9b:ce:ed:e6:51:9a:
         f9:9c:a1:2e:3e:3a:48:5d:b6:a7:96:db:51:11:a3:86:b9:8b:
         8e:cf:55:61:a0:ce:8b:82:dc:1f:d1:f9:98:2d:31:4a:76:42:
         dd:49:61:77:e1:9f:c0:02:c4:e6:63:bf:1f:c2:ad:46:32:e1:
         80:fd:29:8a:4f:46:4f:ac:86:f0:86:6b:8e:59:00:64:0a:bf:
         1b:db:14:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQFoTapuF3fv5VtyG5bo47eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGYzMzQ0NTEzMTc2MjUyYTJjYjY5MGJjZjcwNWQ2NDk4
MTExZjUwHhcNMjQxMjI3MDEwMDM4WhcNMjQxMjI4MDEwMDM4WjAzMTEwLwYDVQQD
EygxOTlkN2JjZTE2NGE3NzA0YWIwYjY5NzIzZTRiMTQwMGJhODc2MDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMVPAgqH42gTkvGa19YbAmGPcSRX
n5RMsdGoxOMmW7w9/2ZO09b4YEEzPYcDGqJA6vStoLKOaUfYlHzpE2nbSeCq4d2w
/ClOEoulsl3s6udGaMmtXstzGB/TcOfCrJlsxX+RswDTqgqjTTYLzrwEnbCK4XMg
pRZx7A4/doRsLi7+cJZOFsww7nMjqQj4IqPU8q9qAexH4YfCwn6IF1vjUbIVI0ee
bsPkglwZGJpuNwIzBKGPC+yarT4RtplOMODgAS4oxnMcnxR7ILT2psLrry2vTmpJ
xMAcQV/hptgBYF/AEnyTN1ieALOdeOmFksEHuaL4EiieaYypMokM7ihZjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBmde84WSncEqwtpcj5LFAC6h2CIMB8GA1UdIwQY
MBaAFODfM0RRMXYlKiy2kLz3BdZJgRH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4Njgt
MjVlMjFjOWU3ZGU5LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4NjgtMjVlMjFjOWU3ZGU5
LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARI6K7AyX
HuEtgRDdI3cg7KuVIlQb7wA03n4P5xcXRs73VnIrZwAXmVZzG7yPj/pyW+vWy+i2
Q9kY1rUs9vuhxpurXckjG1LfGkA41YahMvnuwdvxSpOqxH8qha+eRmdi1Nyc3FrU
14HHLf9CfBp4+IE2y86/Fr/Lk+/cuSMcTDQ240EfAtM3F6/ddy3fllmwd+0I69SB
jMDBeeFIOgVPFmVSyyZ5vorm9qDs3LECm87t5lGa+ZyhLj46SF22p5bbURGjhrmL
js9VYaDOi4LcH9H5mC0xSnZC3Ulhd+GfwALE5mO/H8KtRjLhgP0pik9GT6yG8IZr
jlkAZAq/G9sU5A==
-----END CERTIFICATE-----