Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          VYZHxxVKZMevreEtsmFpyaB4wNSRJEDxQxbcEJKAFWU=
Subject key identifier:   0B:56:8A:DB:05:74:4B:09:43:9D:0E:3D:E5:C0:5D:A4:F1:01:9D:3A
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       01936A46F2598A23EB346CB7B014A1D3D3B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          1334
Signing time:             Tue 26 Nov 2024 21:00:54 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:54 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:54 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: ZJNjOtafr4nbUIvVBmUEV97TvlJpf6y+qu3d1HDPOtA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:f2:59:8a:23:eb:34:6c:b7:b0:14:a1:d3:d3:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: Nov 26 21:00:54 2024 GMT
            Not After : Nov 27 21:00:54 2024 GMT
        Subject: CN=0b568adb05744b09439d0e3de5c05da4f1019d3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:00:e3:44:7d:ba:0e:4c:b5:5b:6c:ac:ac:43:
                    17:20:eb:b3:a5:8b:de:36:a5:8c:ac:81:6c:aa:84:
                    3f:d0:7a:8f:a4:6b:70:33:a4:4a:31:af:d5:f1:b7:
                    2b:79:3c:f6:b5:b3:2b:22:35:21:98:d5:20:d9:58:
                    e4:36:48:5d:41:8c:ba:ae:b8:64:e1:f1:6a:e5:db:
                    ef:e0:e6:25:6f:99:fe:88:dd:2a:4d:a5:54:ba:27:
                    33:60:4a:d2:7b:73:51:d1:9b:b9:d2:16:fb:a3:25:
                    c7:e6:df:7e:7a:6d:d3:4a:86:5b:23:09:b5:b7:d6:
                    ab:61:39:16:ab:76:97:73:65:d5:3e:79:3c:41:93:
                    c7:b3:5c:67:b1:90:70:15:d3:17:03:50:d1:6f:b1:
                    7f:64:36:6d:2b:39:7c:62:9f:60:e2:16:8b:87:9d:
                    43:d0:77:fb:8c:4f:53:a1:96:84:64:43:a9:d2:bd:
                    19:9f:ee:12:a3:85:41:ed:b6:9d:e9:e0:06:58:bc:
                    58:ac:cb:83:1b:fc:99:b8:62:82:f2:ab:b9:51:24:
                    1d:46:3f:92:6b:46:d6:4b:d9:c5:bd:df:4f:3e:3c:
                    44:4a:b2:af:f0:92:73:0c:a3:38:26:9d:63:52:52:
                    13:80:22:09:38:b1:70:00:b9:ed:72:fc:1e:06:6d:
                    25:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:56:8A:DB:05:74:4B:09:43:9D:0E:3D:E5:C0:5D:A4:F1:01:9D:3A
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:b4:e6:63:fa:ef:dd:df:7d:e3:f6:19:0f:57:2c:b0:1e:74:
         9f:45:31:21:f9:92:41:fc:31:61:c4:13:e3:16:11:49:4e:54:
         91:b4:4b:40:39:47:94:02:b4:c9:f0:20:f2:ea:e2:76:94:80:
         4d:f1:8b:5a:be:43:09:4f:91:84:f8:fe:5e:94:f3:cc:d9:02:
         68:0a:ae:77:31:bc:66:6d:07:05:72:fb:d2:4e:97:de:49:38:
         46:1f:1a:e1:af:92:87:70:ff:3c:80:6c:06:32:59:70:e0:b1:
         4d:d1:f0:fb:b4:e0:73:ea:35:fe:ba:f3:07:3d:8e:67:59:1f:
         9b:87:b6:29:46:b7:e7:71:d9:17:12:6b:95:5c:2c:a7:20:0b:
         f1:69:9e:bd:55:92:8b:b4:37:a9:43:bd:ef:80:d9:3b:03:3f:
         e7:b7:15:d9:a0:ab:5a:82:f4:b4:0c:29:03:3a:a8:22:d1:7b:
         04:23:95:08:7f:aa:af:d6:8a:42:62:4d:db:82:a1:4e:17:b6:
         33:45:35:00:ea:1e:21:93:5f:9c:34:66:ac:84:03:a8:b9:be:
         03:bc:10:84:49:37:83:47:e2:a9:1e:16:08:34:88:06:64:6c:
         86:da:90:b4:12:08:e2:92:93:d9:3b:f8:88:52:82:be:9e:eb:
         67:bc:db:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRvJZiiPrNGy3sBSh09OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjQxMTI2MjEwMDU0WhcNMjQxMTI3MjEwMDU0WjAzMTEwLwYDVQQD
EygwYjU2OGFkYjA1NzQ0YjA5NDM5ZDBlM2RlNWMwNWRhNGYxMDE5ZDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgDjRH26Dky1W2ysrEMXIOuzpYve
NqWMrIFsqoQ/0HqPpGtwM6RKMa/V8bcreTz2tbMrIjUhmNUg2VjkNkhdQYy6rrhk
4fFq5dvv4OYlb5n+iN0qTaVUuiczYErSe3NR0Zu50hb7oyXH5t9+em3TSoZbIwm1
t9arYTkWq3aXc2XVPnk8QZPHs1xnsZBwFdMXA1DRb7F/ZDZtKzl8Yp9g4haLh51D
0Hf7jE9ToZaEZEOp0r0Zn+4So4VB7bad6eAGWLxYrMuDG/yZuGKC8qu5USQdRj+S
a0bWS9nFvd9PPjxESrKv8JJzDKM4Jp1jUlITgCIJOLFwALntcvweBm0lRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAtWitsFdEsJQ50OPeXAXaTxAZ06MB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu7TmY/rv
3d994/YZD1cssB50n0UxIfmSQfwxYcQT4xYRSU5UkbRLQDlHlAK0yfAg8uridpSA
TfGLWr5DCU+RhPj+XpTzzNkCaAqudzG8Zm0HBXL70k6X3kk4Rh8a4a+Sh3D/PIBs
BjJZcOCxTdHw+7Tgc+o1/rrzBz2OZ1kfm4e2KUa353HZFxJrlVwspyAL8WmevVWS
i7Q3qUO974DZOwM/57cV2aCrWoL0tAwpAzqoItF7BCOVCH+qr9aKQmJN24KhThe2
M0U1AOoeIZNfnDRmrIQDqLm+A7wQhEk3g0fiqR4WCDSIBmRshtqQtBII4pKT2Tv4
iFKCvp7rZ7zbpg==
-----END CERTIFICATE-----