Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.mft
File:                     35U8EJpyGMtop-GCaQOJHV5DGl0.mft (raw, json)
Hash identifier:          7WXD6asiyyxdceUzNU4YUEW45LL28wWR8jtY98kh6c4=
Subject key identifier:   6D:DB:CB:08:54:F7:14:2B:C2:01:3A:93:D2:B6:04:15:00:78:E0:11
Authority key identifier: DF:95:3C:10:9A:72:18:CB:68:A7:E1:82:69:03:89:1D:5E:43:1A:5D
Certificate issuer:       /CN=df953c109a7218cb68a7e1826903891d5e431a5d
Certificate serial:       01935877F1DF6C18E04B4BB0665FC9B20C14
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/35U8EJpyGMtop-GCaQOJHV5DGl0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.mft
Manifest number:          06A4
Signing time:             Sat 23 Nov 2024 10:01:15 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:15 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:15 +0000
Files and hashes:         1: 35U8EJpyGMtop-GCaQOJHV5DGl0.crl (hash: 4naL4Li/7PxntwtMf5OaX9fkRz3HQgMRDVC3LC+usgI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/35U8EJpyGMtop-GCaQOJHV5DGl0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:77:f1:df:6c:18:e0:4b:4b:b0:66:5f:c9:b2:0c:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df953c109a7218cb68a7e1826903891d5e431a5d
        Validity
            Not Before: Nov 23 10:01:15 2024 GMT
            Not After : Nov 24 10:01:15 2024 GMT
        Subject: CN=6ddbcb0854f7142bc2013a93d2b604150078e011
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:99:bc:08:82:1a:75:f2:af:2e:42:fd:45:42:
                    bd:d5:fc:41:6b:95:6c:23:3b:76:84:7f:39:38:35:
                    ee:c1:af:be:e8:20:58:8a:4e:f6:0c:71:06:69:81:
                    bc:cc:fb:5a:35:c1:f6:f5:ad:23:87:e1:28:8c:77:
                    c5:0c:d4:b6:32:ef:56:11:ed:95:c9:62:8b:15:50:
                    96:87:0c:3f:76:7f:e8:90:c2:99:da:a7:ca:28:cc:
                    49:0b:f2:28:2d:b5:71:e2:34:8c:e8:fa:bf:0b:60:
                    ca:89:ea:1b:b3:f9:45:78:fb:b1:be:90:9d:54:d9:
                    1d:10:fe:4b:8d:ff:27:30:81:80:64:cb:a6:b4:a2:
                    54:6f:93:1a:05:21:da:28:99:30:94:bb:9e:49:69:
                    f5:37:f3:d2:26:8c:50:96:7a:fd:bd:ea:a6:04:9b:
                    e5:41:fb:84:99:6e:db:e4:a8:59:45:f4:dc:85:0b:
                    f1:48:6d:36:c5:d9:36:bc:e7:59:76:9c:38:46:c0:
                    c4:07:b7:17:1d:ee:fb:b3:c9:9d:dd:a2:20:b0:58:
                    e2:47:f9:df:e8:b1:0d:ce:39:1f:f5:3a:df:ca:a4:
                    53:ee:cf:e9:cb:22:38:6a:90:42:53:48:6e:14:9a:
                    44:bf:55:84:b0:d5:eb:6d:2e:9d:89:9d:55:6a:72:
                    25:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:DB:CB:08:54:F7:14:2B:C2:01:3A:93:D2:B6:04:15:00:78:E0:11
            X509v3 Authority Key Identifier:
                keyid:DF:95:3C:10:9A:72:18:CB:68:A7:E1:82:69:03:89:1D:5E:43:1A:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35U8EJpyGMtop-GCaQOJHV5DGl0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5c7a03-a083-4a22-8f7e-6ac71f5e5f44/1/35U8EJpyGMtop-GCaQOJHV5DGl0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:5a:6f:ea:a6:4d:77:a3:b0:db:82:96:81:aa:72:f4:38:b6:
         cd:8c:97:c1:fb:e4:ea:2d:f1:7f:77:97:46:0e:05:7d:60:10:
         26:c4:df:e9:6f:e5:e7:18:28:43:80:c7:54:b8:89:5d:b5:37:
         ca:68:40:b5:ef:21:13:28:58:93:6a:eb:d8:e0:16:63:8b:1b:
         06:bd:2e:50:ab:90:db:de:b3:5f:db:c4:3b:14:dd:16:3d:f0:
         89:92:4b:b7:40:fe:aa:af:77:49:d3:5e:d4:1f:44:5a:a0:02:
         b9:7e:0e:92:90:0b:6e:18:9c:09:36:29:44:b5:c9:2d:63:ac:
         bd:71:41:9e:73:7f:a1:18:3a:25:b3:66:00:ab:f1:a6:1d:95:
         52:a3:d6:07:ae:8e:5b:9f:8c:0e:ee:cf:52:9f:5e:ba:9e:66:
         3d:04:66:b4:22:9d:ac:78:8c:3c:8b:34:9f:ea:7c:d8:ed:2d:
         d7:db:b7:84:77:b4:5d:c0:3f:93:63:b5:ff:9c:86:c1:12:e2:
         d7:df:68:da:b1:9e:97:11:cc:d5:0c:31:ab:81:d1:e3:d2:d7:
         70:25:b3:e5:4f:88:9a:67:29:84:97:cd:79:c4:44:a7:f7:ae:
         2a:d0:31:e9:bc:a3:ac:c6:a5:b1:47:fb:5d:af:17:fc:0a:d7:
         ca:21:99:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYd/HfbBjgS0uwZl/JsgwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTUzYzEwOWE3MjE4Y2I2OGE3ZTE4MjY5MDM4OTFkNWU0
MzFhNWQwHhcNMjQxMTIzMTAwMTE1WhcNMjQxMTI0MTAwMTE1WjAzMTEwLwYDVQQD
Eyg2ZGRiY2IwODU0ZjcxNDJiYzIwMTNhOTNkMmI2MDQxNTAwNzhlMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZm8CIIadfKvLkL9RUK91fxBa5Vs
Izt2hH85ODXuwa++6CBYik72DHEGaYG8zPtaNcH29a0jh+EojHfFDNS2Mu9WEe2V
yWKLFVCWhww/dn/okMKZ2qfKKMxJC/IoLbVx4jSM6Pq/C2DKieobs/lFePuxvpCd
VNkdEP5Ljf8nMIGAZMumtKJUb5MaBSHaKJkwlLueSWn1N/PSJoxQlnr9veqmBJvl
QfuEmW7b5KhZRfTchQvxSG02xdk2vOdZdpw4RsDEB7cXHe77s8md3aIgsFjiR/nf
6LENzjkf9TrfyqRT7s/pyyI4apBCU0huFJpEv1WEsNXrbS6diZ1VanIlZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3bywhU9xQrwgE6k9K2BBUAeOARMB8GA1UdIwQY
MBaAFN+VPBCachjLaKfhgmkDiR1eQxpdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVVOEVKcHlHTXRvcC1HQ2FRT0pIVjVER2wwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81YzdhMDMtYTA4My00YTIyLThmN2Ut
NmFjNzFmNWU1ZjQ0LzEvMzVVOEVKcHlHTXRvcC1HQ2FRT0pIVjVER2wwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81YzdhMDMtYTA4My00YTIyLThmN2UtNmFjNzFmNWU1ZjQ0
LzEvMzVVOEVKcHlHTXRvcC1HQ2FRT0pIVjVER2wwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuFpv6qZN
d6Ow24KWgapy9Di2zYyXwfvk6i3xf3eXRg4FfWAQJsTf6W/l5xgoQ4DHVLiJXbU3
ymhAte8hEyhYk2rr2OAWY4sbBr0uUKuQ296zX9vEOxTdFj3wiZJLt0D+qq93SdNe
1B9EWqACuX4OkpALbhicCTYpRLXJLWOsvXFBnnN/oRg6JbNmAKvxph2VUqPWB66O
W5+MDu7PUp9eup5mPQRmtCKdrHiMPIs0n+p82O0t19u3hHe0XcA/k2O1/5yGwRLi
199o2rGelxHM1Qwxq4HR49LXcCWz5U+ImmcphJfNecREp/euKtAx6byjrMalsUf7
Xa8X/ArXyiGZpA==
-----END CERTIFICATE-----