Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
File:                     3Mx29__HFoYLOtY56_kdxN1hMAA.mft (raw, json)
Hash identifier:          1jwbEwvMKH/JxmEjsUiM/WiMpB4A8WceK/YziUrLs2k=
Subject key identifier:   BF:18:D7:D2:0A:56:18:DB:B2:B0:5D:03:E4:38:C5:C5:C8:62:99:72
Authority key identifier: DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00
Certificate issuer:       /CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
Certificate serial:       01935879340F9283BE37C8AAEFB32FDB2350
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
Manifest number:          0735
Signing time:             Sat 23 Nov 2024 10:02:38 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:38 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:38 +0000
Files and hashes:         1: 3Mx29__HFoYLOtY56_kdxN1hMAA.crl (hash: dDxpj2pa9A5RUrU/4F8rOKtyXHlOquDBI+3GnkUjudo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:79:34:0f:92:83:be:37:c8:aa:ef:b3:2f:db:23:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dccc76f7ffc716860b3ad639ebf91dc4dd613000
        Validity
            Not Before: Nov 23 10:02:38 2024 GMT
            Not After : Nov 24 10:02:38 2024 GMT
        Subject: CN=bf18d7d20a5618dbb2b05d03e438c5c5c8629972
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f9:50:61:d4:bf:30:91:b7:84:d6:79:b6:30:bb:
                    42:6a:6f:f7:ca:4d:90:3e:87:2c:68:c4:2c:8c:b3:
                    f3:ee:ee:7b:7a:8b:15:ff:4c:6d:c4:38:95:04:8a:
                    4a:a5:74:d4:9c:ca:a7:19:3d:17:81:00:be:52:9a:
                    6d:56:e4:95:61:54:b5:bb:8b:f2:a0:96:00:c2:3d:
                    35:a5:45:3f:a4:27:2f:1e:45:2c:d9:ae:54:ad:d2:
                    c4:cf:07:fe:a8:f5:b7:60:f0:b0:45:ed:e5:81:19:
                    26:7c:6e:87:a4:17:ad:79:d8:f3:c1:dd:20:39:68:
                    60:44:8a:73:a8:ff:f8:7f:d7:c1:83:ec:21:bf:56:
                    48:f1:29:32:9a:ee:c8:81:a9:d7:38:06:18:a0:eb:
                    f6:af:bd:19:1a:81:ff:33:60:b0:9c:cb:4c:52:51:
                    82:ed:ae:ff:36:c9:db:7c:7c:b5:49:66:6b:b8:82:
                    f2:aa:37:27:c7:90:75:c6:48:35:c5:dc:1d:47:2c:
                    81:3f:17:cf:e6:1d:15:47:16:e1:a4:34:58:83:bd:
                    77:55:20:fe:76:85:26:2f:89:10:b1:a2:12:85:22:
                    58:47:9c:1a:18:c5:00:c3:43:79:22:c6:fe:42:96:
                    b2:50:bc:99:8a:51:6d:b5:02:4f:e6:55:1f:75:5e:
                    c6:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:18:D7:D2:0A:56:18:DB:B2:B0:5D:03:E4:38:C5:C5:C8:62:99:72
            X509v3 Authority Key Identifier:
                keyid:DC:CC:76:F7:FF:C7:16:86:0B:3A:D6:39:EB:F9:1D:C4:DD:61:30:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Mx29__HFoYLOtY56_kdxN1hMAA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/18a67e-7cbd-4c45-889c-ae7b89174710/1/3Mx29__HFoYLOtY56_kdxN1hMAA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b1:91:d6:e3:6f:e1:f4:d7:d7:63:ca:f1:f4:50:3b:82:25:e8:
         b9:74:d0:dc:a6:db:80:68:ee:b7:12:33:8e:af:53:c9:1f:b0:
         63:b7:66:43:fd:17:aa:17:ec:49:e6:8a:15:de:17:45:be:f4:
         cc:97:d0:ba:fa:87:de:3f:fb:06:43:37:df:1a:19:60:2e:52:
         3a:1f:4c:c1:2c:f4:80:e9:00:0a:fc:58:f2:84:da:5d:29:ab:
         b9:5c:63:fc:3a:6f:a4:d7:f8:31:1c:11:05:9c:c4:2c:25:dd:
         0d:6f:1f:7d:32:a3:98:4f:12:28:26:c0:ed:12:1c:df:23:00:
         b8:65:33:cd:1e:3a:54:7f:00:06:0b:bf:f0:7f:e9:a8:d5:de:
         bd:1e:d8:6c:7f:84:c9:7b:08:5d:51:0a:99:3b:f2:a3:51:30:
         94:c7:27:40:85:e8:31:7a:d8:0e:4a:bb:24:b5:0d:7f:45:d9:
         7b:ed:e8:b3:35:71:45:04:e2:e4:be:4f:e9:4a:2c:39:36:12:
         4a:a8:43:04:05:da:40:a6:5e:e5:86:dd:61:61:e9:13:aa:9a:
         77:91:8f:59:f6:a2:be:1d:35:35:5a:c1:1a:b6:ab:e5:8c:79:
         0b:db:0c:83:2f:e1:f3:3c:05:79:c4:9b:54:fd:06:0c:27:9f:
         11:98:a8:e2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeTQPkoO+N8iq77Mv2yNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2M3NmY3ZmZjNzE2ODYwYjNhZDYzOWViZjkxZGM0ZGQ2
MTMwMDAwHhcNMjQxMTIzMTAwMjM4WhcNMjQxMTI0MTAwMjM4WjAzMTEwLwYDVQQD
EyhiZjE4ZDdkMjBhNTYxOGRiYjJiMDVkMDNlNDM4YzVjNWM4NjI5OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+VBh1L8wkbeE1nm2MLtCam/3yk2Q
PocsaMQsjLPz7u57eosV/0xtxDiVBIpKpXTUnMqnGT0XgQC+UpptVuSVYVS1u4vy
oJYAwj01pUU/pCcvHkUs2a5UrdLEzwf+qPW3YPCwRe3lgRkmfG6HpBetedjzwd0g
OWhgRIpzqP/4f9fBg+whv1ZI8Skymu7IganXOAYYoOv2r70ZGoH/M2CwnMtMUlGC
7a7/NsnbfHy1SWZruILyqjcnx5B1xkg1xdwdRyyBPxfP5h0VRxbhpDRYg713VSD+
doUmL4kQsaIShSJYR5waGMUAw0N5Isb+QpayULyZilFttQJP5lUfdV7G0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL8Y19IKVhjbsrBdA+Q4xcXIYplyMB8GA1UdIwQY
MBaAFNzMdvf/xxaGCzrWOev5HcTdYTAAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMt
YWU3Yjg5MTc0NzEwLzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xOGE2N2UtN2NiZC00YzQ1LTg4OWMtYWU3Yjg5MTc0NzEw
LzEvM014MjlfX0hGb1lMT3RZNTZfa2R4TjFoTUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsZHW42/h
9NfXY8rx9FA7giXouXTQ3KbbgGjutxIzjq9TyR+wY7dmQ/0XqhfsSeaKFd4XRb70
zJfQuvqH3j/7BkM33xoZYC5SOh9MwSz0gOkACvxY8oTaXSmruVxj/DpvpNf4MRwR
BZzELCXdDW8ffTKjmE8SKCbA7RIc3yMAuGUzzR46VH8ABgu/8H/pqNXevR7YbH+E
yXsIXVEKmTvyo1EwlMcnQIXoMXrYDkq7JLUNf0XZe+3oszVxRQTi5L5P6UosOTYS
SqhDBAXaQKZe5YbdYWHpE6qad5GPWfaivh01NVrBGrar5Yx5C9sMgy/h8zwFecSb
VP0GDCefEZio4g==
-----END CERTIFICATE-----