Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
File:                     FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft (raw, json)
Hash identifier:          1ZbUjMq8LtYJWr/aR/modZUHwPrTLlLCZ5pVLDOS5BM=
Subject key identifier:   8E:B2:89:7D:6F:04:66:8E:02:76:9C:A2:4E:1C:88:3A:28:BA:D1:CB
Authority key identifier: 16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE
Certificate issuer:       /CN=1617d0afeabbf339b06db283c4b8e027a04abcae
Certificate serial:       019357644872C2C6FBBF12ACA60DADFF16C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
Manifest number:          0120
Signing time:             Sat 23 Nov 2024 05:00:09 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:09 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:09 +0000
Files and hashes:         1: FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl (hash: gNZWzl++ZVvpauvKicV0bsqieBccrNHpiL6RrT/gvlc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:48:72:c2:c6:fb:bf:12:ac:a6:0d:ad:ff:16:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1617d0afeabbf339b06db283c4b8e027a04abcae
        Validity
            Not Before: Nov 23 05:00:09 2024 GMT
            Not After : Nov 24 05:00:09 2024 GMT
        Subject: CN=8eb2897d6f04668e02769ca24e1c883a28bad1cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:cf:c2:8b:74:45:77:18:6c:b4:85:e4:1e:be:
                    99:50:34:a6:b3:f7:76:c8:86:be:4f:8d:fa:bc:92:
                    79:fd:80:db:64:10:b6:7f:b1:93:67:94:14:71:4b:
                    96:d6:15:a4:a1:14:72:e6:46:1f:47:0f:7e:d5:a1:
                    46:51:87:11:04:58:3f:52:f3:59:6a:ec:76:da:d2:
                    8b:97:89:b3:82:7e:18:79:76:c4:27:49:e7:bd:eb:
                    4a:61:b1:95:db:b0:0d:ec:7d:9e:3e:0f:cd:16:1b:
                    70:bd:6f:ce:e9:e9:26:c4:3b:58:f3:2c:fb:6a:6e:
                    64:9f:ee:1e:7a:6c:7e:71:e2:2b:f4:52:86:4a:5a:
                    38:44:d1:42:dc:6a:8e:02:95:19:2e:ed:21:87:ce:
                    8e:77:05:c4:cc:80:b3:30:05:f8:8e:dd:86:fa:01:
                    ee:e4:3b:05:93:91:19:18:0f:20:5d:57:c7:19:d4:
                    6d:19:85:23:f4:4c:d1:e3:5d:ea:e8:8c:59:c9:6a:
                    4b:dd:d0:f8:44:c3:44:7d:87:12:e3:85:57:06:3b:
                    24:8f:e6:e6:5f:58:fb:40:89:b9:70:b5:46:2d:1f:
                    c0:32:2b:81:a8:51:ab:ed:1f:87:07:5f:40:d4:1d:
                    b3:86:77:19:94:4f:25:f1:e5:80:b9:10:63:c8:7d:
                    32:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:B2:89:7D:6F:04:66:8E:02:76:9C:A2:4E:1C:88:3A:28:BA:D1:CB
            X509v3 Authority Key Identifier:
                keyid:16:17:D0:AF:EA:BB:F3:39:B0:6D:B2:83:C4:B8:E0:27:A0:4A:BC:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FhfQr-q78zmwbbKDxLjgJ6BKvK4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/a4a2cd-5dbf-4029-a8a1-d7f21fc1350e/1/FhfQr-q78zmwbbKDxLjgJ6BKvK4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:2a:c8:05:ed:34:3a:74:85:24:1f:e5:c4:ef:3f:36:1e:9f:
         f7:7a:2d:c8:65:4c:67:ec:e4:41:a0:25:2d:b6:db:7b:0c:6b:
         d2:68:0f:7b:2b:49:2b:f9:01:ad:93:c4:94:c5:ff:5b:30:9c:
         ff:a1:29:f9:9a:65:83:10:a3:88:49:95:2c:52:eb:13:70:cd:
         09:df:1a:58:0a:8b:ca:a8:d6:85:0d:68:ae:e9:9c:9b:4f:eb:
         b7:c1:a9:89:c1:3a:f3:e8:ee:92:5d:bb:3c:c5:d4:4c:4e:5b:
         ef:4e:8f:6e:95:b6:b3:f8:f5:0b:a3:01:68:2b:47:1e:92:51:
         f3:27:6f:da:a9:9f:36:8b:f6:9b:bc:1a:2c:74:a6:81:e5:45:
         26:e0:93:54:e0:c8:e7:8f:96:e8:c0:9a:de:eb:6f:60:06:15:
         87:ae:7f:d1:72:32:3c:da:02:2c:13:99:2a:36:3e:7b:54:d4:
         20:7a:da:d1:27:d0:25:b1:60:5a:be:8f:a1:93:0d:48:d2:ff:
         db:88:f9:da:0b:35:21:b5:f5:38:a6:8b:8a:ca:70:47:a5:44:
         a9:08:29:6e:8e:94:fe:9e:99:d0:9f:85:ce:94:d6:1e:c6:38:
         cd:8b:60:6e:37:3f:85:02:54:8e:69:cd:2d:e0:23:10:22:87:
         da:1a:c3:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZEhywsb7vxKspg2t/xbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MTdkMGFmZWFiYmYzMzliMDZkYjI4M2M0YjhlMDI3YTA0
YWJjYWUwHhcNMjQxMTIzMDUwMDA5WhcNMjQxMTI0MDUwMDA5WjAzMTEwLwYDVQQD
Eyg4ZWIyODk3ZDZmMDQ2NjhlMDI3NjljYTI0ZTFjODgzYTI4YmFkMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc/Ci3RFdxhstIXkHr6ZUDSms/d2
yIa+T436vJJ5/YDbZBC2f7GTZ5QUcUuW1hWkoRRy5kYfRw9+1aFGUYcRBFg/UvNZ
aux22tKLl4mzgn4YeXbEJ0nnvetKYbGV27AN7H2ePg/NFhtwvW/O6ekmxDtY8yz7
am5kn+4eemx+ceIr9FKGSlo4RNFC3GqOApUZLu0hh86OdwXEzICzMAX4jt2G+gHu
5DsFk5EZGA8gXVfHGdRtGYUj9EzR413q6IxZyWpL3dD4RMNEfYcS44VXBjskj+bm
X1j7QIm5cLVGLR/AMiuBqFGr7R+HB19A1B2zhncZlE8l8eWAuRBjyH0yjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI6yiX1vBGaOAnacok4ciDooutHLMB8GA1UdIwQY
MBaAFBYX0K/qu/M5sG2yg8S44CegSryuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEt
ZDdmMjFmYzEzNTBlLzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hNGEyY2QtNWRiZi00MDI5LWE4YTEtZDdmMjFmYzEzNTBl
LzEvRmhmUXItcTc4em13YmJLRHhMamdKNkJLdks0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZyrIBe00
OnSFJB/lxO8/Nh6f93otyGVMZ+zkQaAlLbbbewxr0mgPeytJK/kBrZPElMX/WzCc
/6Ep+ZplgxCjiEmVLFLrE3DNCd8aWAqLyqjWhQ1orumcm0/rt8GpicE68+jukl27
PMXUTE5b706PbpW2s/j1C6MBaCtHHpJR8ydv2qmfNov2m7waLHSmgeVFJuCTVODI
54+W6MCa3utvYAYVh65/0XIyPNoCLBOZKjY+e1TUIHra0SfQJbFgWr6PoZMNSNL/
24j52gs1IbX1OKaLispwR6VEqQgpbo6U/p6Z0J+FzpTWHsY4zYtgbjc/hQJUjmnN
LeAjECKH2hrDWA==
-----END CERTIFICATE-----