Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
File:                     YDe79svKAic6peIbuIjj4exnZ98.mft (raw, json)
Hash identifier:          dzevK2xC6YWUpawnZmnYB5W04F8hO1lktLdeIjGyERM=
Subject key identifier:   41:FF:58:A0:D4:6D:2C:4D:0D:9D:81:F6:EB:C3:00:58:3C:EC:3C:F0
Authority key identifier: 60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF
Certificate issuer:       /CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
Certificate serial:       019369DAADFDC118A38E55075133DE474779
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
Manifest number:          089C
Signing time:             Tue 26 Nov 2024 19:02:39 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:39 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:39 +0000
Files and hashes:         1: YDe79svKAic6peIbuIjj4exnZ98.crl (hash: oFwoKmNYj3Vs/V8t1UAgrDKJY5JSDfBbjAS1cNZ2kpA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:ad:fd:c1:18:a3:8e:55:07:51:33:de:47:47:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6037bbf6cbca02273aa5e21bb888e3e1ec6767df
        Validity
            Not Before: Nov 26 19:02:39 2024 GMT
            Not After : Nov 27 19:02:39 2024 GMT
        Subject: CN=41ff58a0d46d2c4d0d9d81f6ebc300583cec3cf0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:88:2c:ce:b3:86:e7:7a:67:c8:4b:bd:9f:1d:
                    18:0f:21:9f:df:ae:5b:6a:e3:a1:86:2d:68:5d:20:
                    b7:1a:f3:f3:51:85:c8:17:45:44:c0:cf:49:15:16:
                    59:dd:94:c1:45:b0:00:a1:b1:94:30:ff:69:31:b9:
                    98:b9:85:df:e1:de:2f:07:ba:a0:dd:f8:e5:4b:b9:
                    4d:5e:fe:8c:e8:b4:fc:4f:55:b5:10:1b:b4:78:e5:
                    87:35:bf:b8:71:9d:a5:41:78:7c:57:78:98:fc:83:
                    d2:e2:39:b6:a3:1a:4e:fc:cf:57:44:45:b8:ce:50:
                    f9:63:38:09:8b:f3:90:3e:86:c6:6f:35:3f:a9:f2:
                    4f:fe:a4:79:3d:26:8e:c1:36:6a:fe:b1:9d:e1:54:
                    d2:25:70:42:b5:49:6a:53:a4:a0:61:98:27:46:c5:
                    bc:40:ac:83:5b:21:04:49:dd:17:4d:b1:0d:82:92:
                    19:b8:38:f4:98:3d:ef:40:a3:93:b5:34:d1:d1:0a:
                    f6:55:a4:d3:83:ab:97:3a:16:8d:bb:36:3d:60:fc:
                    8e:f8:aa:c7:60:15:a3:8b:12:7a:6b:f1:ed:af:53:
                    44:68:90:79:e5:f7:14:c1:a6:79:c3:ea:49:f9:36:
                    b7:b9:a2:b7:38:4d:bb:ab:9b:3c:4d:df:4e:7a:c3:
                    85:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:FF:58:A0:D4:6D:2C:4D:0D:9D:81:F6:EB:C3:00:58:3C:EC:3C:F0
            X509v3 Authority Key Identifier:
                keyid:60:37:BB:F6:CB:CA:02:27:3A:A5:E2:1B:B8:88:E3:E1:EC:67:67:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDe79svKAic6peIbuIjj4exnZ98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/64e20c-8f61-4351-8077-fc3b3e11161d/1/YDe79svKAic6peIbuIjj4exnZ98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:47:45:57:4c:38:21:89:49:0b:a9:9d:6a:ee:5d:5a:fe:05:
         93:4b:fc:91:2e:8b:c8:ff:93:0b:be:44:60:cd:00:5f:ce:09:
         a6:24:b5:b0:96:e7:db:7c:24:95:c2:b4:0f:65:6a:c2:00:b6:
         af:78:2a:bd:ab:88:bf:b8:0a:a9:c0:b4:c2:9b:01:de:f4:e4:
         3d:e9:2b:5b:5f:e6:78:ff:79:4f:59:20:18:39:7b:aa:ba:42:
         4b:4d:7b:e5:1d:78:8d:e2:5b:01:2e:c1:63:af:aa:a2:29:0e:
         c2:b2:d7:18:c0:f7:61:3b:61:a7:da:f3:17:a6:3c:31:a4:75:
         89:52:0b:85:5a:e5:c8:5a:1c:11:ce:a1:50:49:d3:eb:fb:45:
         84:01:2e:5d:03:91:0d:56:ab:d1:bc:c3:dd:7a:8a:88:f7:a5:
         d9:72:d9:04:e3:d2:93:a1:70:18:19:cc:fd:75:b4:9b:2d:6a:
         b0:09:15:b4:9f:e6:37:a5:60:0c:be:e6:94:47:30:9e:05:7a:
         bb:38:6d:f0:3e:9e:62:b6:8a:aa:61:90:2a:7f:98:34:18:2a:
         60:eb:71:a8:51:12:f5:a4:ee:f9:19:a3:65:c7:5f:bc:09:b1:
         c1:aa:24:3b:33:56:ad:52:0c:0e:58:e7:2a:07:6a:54:e8:bc:
         90:d0:99:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2q39wRijjlUHUTPeR0d5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzdiYmY2Y2JjYTAyMjczYWE1ZTIxYmI4ODhlM2UxZWM2
NzY3ZGYwHhcNMjQxMTI2MTkwMjM5WhcNMjQxMTI3MTkwMjM5WjAzMTEwLwYDVQQD
Eyg0MWZmNThhMGQ0NmQyYzRkMGQ5ZDgxZjZlYmMzMDA1ODNjZWMzY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIgszrOG53pnyEu9nx0YDyGf365b
auOhhi1oXSC3GvPzUYXIF0VEwM9JFRZZ3ZTBRbAAobGUMP9pMbmYuYXf4d4vB7qg
3fjlS7lNXv6M6LT8T1W1EBu0eOWHNb+4cZ2lQXh8V3iY/IPS4jm2oxpO/M9XREW4
zlD5YzgJi/OQPobGbzU/qfJP/qR5PSaOwTZq/rGd4VTSJXBCtUlqU6SgYZgnRsW8
QKyDWyEESd0XTbENgpIZuDj0mD3vQKOTtTTR0Qr2VaTTg6uXOhaNuzY9YPyO+KrH
YBWjixJ6a/Htr1NEaJB55fcUwaZ5w+pJ+Ta3uaK3OE27q5s8Td9OesOFIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEH/WKDUbSxNDZ2B9uvDAFg87DzwMB8GA1UdIwQY
MBaAFGA3u/bLygInOqXiG7iI4+HsZ2ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzct
ZmMzYjNlMTExNjFkLzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82NGUyMGMtOGY2MS00MzUxLTgwNzctZmMzYjNlMTExNjFk
LzEvWURlNzlzdktBaWM2cGVJYnVJamo0ZXhuWjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjEdFV0w4
IYlJC6mdau5dWv4Fk0v8kS6LyP+TC75EYM0AX84JpiS1sJbn23wklcK0D2VqwgC2
r3gqvauIv7gKqcC0wpsB3vTkPekrW1/meP95T1kgGDl7qrpCS0175R14jeJbAS7B
Y6+qoikOwrLXGMD3YTthp9rzF6Y8MaR1iVILhVrlyFocEc6hUEnT6/tFhAEuXQOR
DVar0bzD3XqKiPel2XLZBOPSk6FwGBnM/XW0my1qsAkVtJ/mN6VgDL7mlEcwngV6
uzht8D6eYraKqmGQKn+YNBgqYOtxqFES9aTu+RmjZcdfvAmxwaokOzNWrVIMDljn
KgdqVOi8kNCZHA==
-----END CERTIFICATE-----