Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
File:                     zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json)
Hash identifier:          EoGxYU+/we0Ouh8k0Qg8hM7Pf76Ti1rRhrfmMPmjtKY=
Subject key identifier:   24:41:A8:B4:01:89:21:98:3A:DA:AA:34:FF:E8:E6:6D:A7:2B:D2:A2
Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C
Certificate issuer:       /CN=cdbc431b1c9886dc2b21008dccfde18db735371c
Certificate serial:       019356BFAEBD9BF176CAE14D5F27665306A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
Manifest number:          EB
Signing time:             Sat 23 Nov 2024 02:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 02:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 02:00:22 +0000
Files and hashes:         1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: N+KYwpmhJFK8t0SP+4JA7emX8vwzwHErSZp+5i+BTbo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 02:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:bf:ae:bd:9b:f1:76:ca:e1:4d:5f:27:66:53:06:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c
        Validity
            Not Before: Nov 23 02:00:22 2024 GMT
            Not After : Nov 24 02:00:22 2024 GMT
        Subject: CN=2441a8b4018921983adaaa34ffe8e66da72bd2a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:be:70:c6:6b:d5:52:23:bc:21:2c:fe:81:07:
                    d6:f7:e5:1d:ba:ce:c5:9e:a4:35:23:76:9b:a7:e0:
                    c0:d5:f5:86:af:c2:0b:95:60:4f:63:15:39:75:4f:
                    d3:54:7b:85:02:49:12:b1:e3:d2:35:92:97:b2:c5:
                    ee:54:9d:92:68:94:45:e6:55:81:4d:92:0a:5e:c9:
                    e5:7c:89:df:56:fb:64:fa:6f:b9:93:e0:7d:ad:46:
                    98:63:1d:e8:3d:97:cd:4f:87:a2:f6:f1:06:2d:c3:
                    8e:5c:e8:c8:75:b2:90:92:48:51:4e:a0:84:ff:c0:
                    59:dc:c0:0e:5a:68:1b:54:71:61:7e:51:05:c1:aa:
                    c9:bb:ca:d8:8f:bd:c6:c5:c9:22:63:a4:0c:ee:e7:
                    e5:bf:4a:59:8e:b7:f4:17:5a:6a:24:34:a6:04:8b:
                    fe:a1:52:d4:e8:2c:f3:52:22:4c:f9:da:cf:45:cc:
                    03:32:f4:85:ce:8a:fa:bf:70:d6:2b:bc:c1:b8:32:
                    4a:ff:b2:9a:39:73:e2:25:45:bc:0a:98:ad:97:c3:
                    60:7e:8e:d2:ed:aa:2e:96:82:ef:ca:d4:0c:05:c8:
                    69:7b:2d:8e:c3:eb:f2:c2:7b:8c:da:88:b0:7a:8d:
                    52:5f:0c:01:f6:ba:b8:d3:d8:c2:e9:ff:01:72:fa:
                    18:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:41:A8:B4:01:89:21:98:3A:DA:AA:34:FF:E8:E6:6D:A7:2B:D2:A2
            X509v3 Authority Key Identifier:
                keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:91:4c:c5:59:b0:ee:38:0c:1f:21:aa:8b:32:6f:a4:16:c5:
         8d:35:17:e1:57:8c:4d:f7:11:76:df:c5:6d:e3:91:1c:2f:1b:
         d2:ce:a9:e2:f0:28:9f:30:0e:a2:ee:7b:24:e9:db:11:99:30:
         1a:3e:66:c2:95:ef:19:3a:01:a2:f0:02:45:13:22:5a:5f:9b:
         81:b8:2f:00:ab:d4:b2:53:05:98:44:8f:94:1c:5e:41:61:75:
         f6:44:cd:ab:9f:e7:69:01:b0:86:15:20:13:52:e3:ed:0d:f4:
         7b:3a:a9:e0:6c:b2:a8:ae:36:35:3d:a4:90:b1:6e:b2:3c:da:
         dc:8b:59:20:09:77:7b:31:00:56:e7:53:cb:94:97:be:12:f7:
         f6:76:f4:ee:d6:b8:4f:54:a6:0f:ed:a6:7e:94:f0:e6:9e:7d:
         fc:49:45:cc:d6:da:70:0c:ca:0d:5b:4e:69:62:90:a0:f0:d7:
         c3:f1:f4:75:34:19:56:fe:6b:a2:1f:af:46:11:2a:e8:01:03:
         f8:eb:13:8b:1d:4d:b7:cc:4d:83:c2:8d:f8:90:27:06:b6:ab:
         5b:c7:9c:b7:a3:23:20:5f:30:a5:68:ad:e5:90:58:53:7f:c9:
         b7:ef:11:7d:10:98:83:2d:63:45:39:64:0b:3f:80:86:f3:78:
         15:d8:0f:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWv669m/F2yuFNXydmUwajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz
NTM3MWMwHhcNMjQxMTIzMDIwMDIyWhcNMjQxMTI0MDIwMDIyWjAzMTEwLwYDVQQD
EygyNDQxYThiNDAxODkyMTk4M2FkYWFhMzRmZmU4ZTY2ZGE3MmJkMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL5wxmvVUiO8ISz+gQfW9+Udus7F
nqQ1I3abp+DA1fWGr8ILlWBPYxU5dU/TVHuFAkkSsePSNZKXssXuVJ2SaJRF5lWB
TZIKXsnlfInfVvtk+m+5k+B9rUaYYx3oPZfNT4ei9vEGLcOOXOjIdbKQkkhRTqCE
/8BZ3MAOWmgbVHFhflEFwarJu8rYj73GxckiY6QM7uflv0pZjrf0F1pqJDSmBIv+
oVLU6CzzUiJM+drPRcwDMvSFzor6v3DWK7zBuDJK/7KaOXPiJUW8Cpitl8Ngfo7S
7aouloLvytQMBchpey2Ow+vywnuM2oiweo1SXwwB9rq409jC6f8BcvoY8wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRBqLQBiSGYOtqqNP/o5m2nK9KiMB8GA1UdIwQY
MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt
M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5
LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH5FMxVmw
7jgMHyGqizJvpBbFjTUX4VeMTfcRdt/FbeORHC8b0s6p4vAonzAOou57JOnbEZkw
Gj5mwpXvGToBovACRRMiWl+bgbgvAKvUslMFmESPlBxeQWF19kTNq5/naQGwhhUg
E1Lj7Q30ezqp4GyyqK42NT2kkLFusjza3ItZIAl3ezEAVudTy5SXvhL39nb07ta4
T1SmD+2mfpTw5p59/ElFzNbacAzKDVtOaWKQoPDXw/H0dTQZVv5roh+vRhEq6AED
+OsTix1Nt8xNg8KN+JAnBrarW8ect6MjIF8wpWit5ZBYU3/Jt+8RfRCYgy1jRTlk
Cz+AhvN4FdgP2w==
-----END CERTIFICATE-----