Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.mft
File:                     Ib40C2oyCYkZeIM2_OHmiSA_xL4.mft (raw, json)
Hash identifier:          /NsRXvyIchorSQPRAI8597hjPP0vuAHL1jrI5BNsQpQ=
Subject key identifier:   EA:0C:2E:DE:4B:09:B6:F0:00:DD:91:24:BD:FC:A7:CD:8F:80:B5:BE
Authority key identifier: 21:BE:34:0B:6A:32:09:89:19:78:83:36:FC:E1:E6:89:20:3F:C4:BE
Certificate issuer:       /CN=21be340b6a32098919788336fce1e689203fc4be
Certificate serial:       019357D29E5C90251C5A521537F6FF8DB6AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ib40C2oyCYkZeIM2_OHmiSA_xL4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.mft
Manifest number:          087B
Signing time:             Sat 23 Nov 2024 07:00:41 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:41 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:41 +0000
Files and hashes:         1: Ib40C2oyCYkZeIM2_OHmiSA_xL4.crl (hash: wVM4VaxJsXScCAebhoWs+HTN6+UiOK6QDrfZcWQIcSU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Ib40C2oyCYkZeIM2_OHmiSA_xL4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:9e:5c:90:25:1c:5a:52:15:37:f6:ff:8d:b6:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21be340b6a32098919788336fce1e689203fc4be
        Validity
            Not Before: Nov 23 07:00:41 2024 GMT
            Not After : Nov 24 07:00:41 2024 GMT
        Subject: CN=ea0c2ede4b09b6f000dd9124bdfca7cd8f80b5be
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:47:69:06:0d:98:50:be:43:7c:ca:b6:c2:d5:
                    16:55:06:a5:74:5a:a0:c2:60:6c:47:1b:c3:b4:fa:
                    f8:c4:87:8c:4a:b3:02:7c:19:5b:b8:ee:d4:d6:3e:
                    95:0d:8d:d1:ce:7a:ce:ec:a4:2a:29:b1:b9:2a:56:
                    da:33:b1:30:a5:00:29:08:9d:43:07:03:fe:27:01:
                    d4:03:77:1e:b5:bd:91:59:6e:02:54:ba:80:9c:23:
                    0d:12:7f:dc:48:66:52:4e:3b:c7:fa:f3:dd:70:d9:
                    51:68:4a:80:db:04:91:ad:b3:fa:b2:6b:da:19:b2:
                    c2:d8:c6:14:5b:8d:27:5f:27:6c:5f:2c:2c:82:fe:
                    cb:4e:6f:e0:00:49:48:54:54:7d:e3:17:5a:78:bc:
                    4f:67:67:f6:0d:1e:2a:56:84:7d:47:ec:9a:ed:b5:
                    5a:3c:db:fc:48:ec:40:18:d8:03:d6:ce:dc:16:dc:
                    10:16:93:bc:6e:db:20:35:41:bb:4b:5d:96:cf:dc:
                    27:0f:53:e1:d2:5f:b4:2b:c1:c0:14:eb:bb:b8:71:
                    14:5b:9c:69:82:5e:81:54:e9:06:ab:a6:22:c1:7c:
                    b9:42:d1:0f:af:e9:22:26:53:d8:cb:89:e8:48:7b:
                    51:0a:c7:5a:d0:b7:2b:56:51:50:9b:31:83:24:c0:
                    1c:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:0C:2E:DE:4B:09:B6:F0:00:DD:91:24:BD:FC:A7:CD:8F:80:B5:BE
            X509v3 Authority Key Identifier:
                keyid:21:BE:34:0B:6A:32:09:89:19:78:83:36:FC:E1:E6:89:20:3F:C4:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ib40C2oyCYkZeIM2_OHmiSA_xL4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3aab07-1085-40c3-b67e-81fed3a7e5f1/1/Ib40C2oyCYkZeIM2_OHmiSA_xL4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:6d:54:76:eb:38:62:fe:41:77:24:41:9e:d4:83:03:f0:61:
         d0:09:50:73:10:8d:00:85:19:e9:d1:dd:ae:8a:b3:94:e9:3d:
         6d:db:8b:36:dd:9d:de:21:af:47:8e:bc:62:bf:cb:e0:ac:97:
         ad:18:d0:51:2a:f7:f3:ea:b9:45:82:08:d1:92:e2:51:37:a1:
         28:cd:0a:bb:4b:d1:83:3f:9d:91:56:81:d8:20:78:83:f6:e2:
         54:64:da:1a:8d:87:b0:90:91:df:da:32:ab:2e:9e:99:9c:1b:
         f6:9e:9a:86:ff:a0:c1:b7:57:02:f6:b0:e5:b5:94:c4:f3:98:
         53:98:26:97:e6:2e:82:ab:c2:5d:68:e9:8e:91:78:3b:92:03:
         fd:3d:c0:1a:e0:e7:b4:ce:2e:cc:8b:7a:88:73:97:3e:21:30:
         cd:b0:ba:3c:39:a0:67:fa:02:7d:d4:5c:65:52:6d:53:c6:35:
         8c:d2:58:81:fa:6e:83:d1:41:33:f7:67:0c:a7:56:6d:de:8e:
         bd:1a:9e:57:36:0b:62:97:a3:69:ce:8e:ec:e6:38:94:2f:c7:
         d5:0e:50:dd:77:02:23:75:5a:6a:ac:9e:21:47:e0:e6:70:b4:
         d5:cb:9f:9a:fa:6d:78:fc:49:b1:77:ed:73:a6:54:51:15:9f:
         70:e8:dc:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0p5ckCUcWlIVN/b/jbavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmUzNDBiNmEzMjA5ODkxOTc4ODMzNmZjZTFlNjg5MjAz
ZmM0YmUwHhcNMjQxMTIzMDcwMDQxWhcNMjQxMTI0MDcwMDQxWjAzMTEwLwYDVQQD
EyhlYTBjMmVkZTRiMDliNmYwMDBkZDkxMjRiZGZjYTdjZDhmODBiNWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUdpBg2YUL5DfMq2wtUWVQaldFqg
wmBsRxvDtPr4xIeMSrMCfBlbuO7U1j6VDY3RznrO7KQqKbG5KlbaM7EwpQApCJ1D
BwP+JwHUA3cetb2RWW4CVLqAnCMNEn/cSGZSTjvH+vPdcNlRaEqA2wSRrbP6smva
GbLC2MYUW40nXydsXywsgv7LTm/gAElIVFR94xdaeLxPZ2f2DR4qVoR9R+ya7bVa
PNv8SOxAGNgD1s7cFtwQFpO8btsgNUG7S12Wz9wnD1Ph0l+0K8HAFOu7uHEUW5xp
gl6BVOkGq6YiwXy5QtEPr+kiJlPYy4noSHtRCsda0LcrVlFQmzGDJMAccwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoMLt5LCbbwAN2RJL38p82PgLW+MB8GA1UdIwQY
MBaAFCG+NAtqMgmJGXiDNvzh5okgP8S+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWI0MEMyb3lDWWtaZUlNMl9PSG1pU0FfeEw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zYWFiMDctMTA4NS00MGMzLWI2N2Ut
ODFmZWQzYTdlNWYxLzEvSWI0MEMyb3lDWWtaZUlNMl9PSG1pU0FfeEw0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zYWFiMDctMTA4NS00MGMzLWI2N2UtODFmZWQzYTdlNWYx
LzEvSWI0MEMyb3lDWWtaZUlNMl9PSG1pU0FfeEw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMm1Udus4
Yv5BdyRBntSDA/Bh0AlQcxCNAIUZ6dHdroqzlOk9bduLNt2d3iGvR468Yr/L4KyX
rRjQUSr38+q5RYII0ZLiUTehKM0Ku0vRgz+dkVaB2CB4g/biVGTaGo2HsJCR39oy
qy6emZwb9p6ahv+gwbdXAvaw5bWUxPOYU5gml+YugqvCXWjpjpF4O5ID/T3AGuDn
tM4uzIt6iHOXPiEwzbC6PDmgZ/oCfdRcZVJtU8Y1jNJYgfpug9FBM/dnDKdWbd6O
vRqeVzYLYpejac6O7OY4lC/H1Q5Q3XcCI3VaaqyeIUfg5nC01cufmvptePxJsXft
c6ZUURWfcOjcbg==
-----END CERTIFICATE-----