Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
File:                     e9g2worwknoDVYYlrt9v14ekkFw.mft (raw, json)
Hash identifier:          VKgxmdrmZLIaFTFg95Da6xoAfVD2gQQct4qC6EMwI8k=
Subject key identifier:   97:54:F4:3F:05:04:F8:92:AF:2D:7F:87:81:7E:AD:8D:1C:1A:BC:D7
Authority key identifier: 7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C
Certificate issuer:       /CN=7bd836c28af0927a03558625aedf6fd787a4905c
Certificate serial:       0193568A5BF0BBCD6EF4AC20CCCFC55A14E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
Manifest number:          12AB
Signing time:             Sat 23 Nov 2024 01:02:08 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:08 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:08 +0000
Files and hashes:         1: e9g2worwknoDVYYlrt9v14ekkFw.crl (hash: CGy+xHCNeAeKodfC5FthIJ8vLUUcJfvy/ctzjUvUjFA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:5b:f0:bb:cd:6e:f4:ac:20:cc:cf:c5:5a:14:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bd836c28af0927a03558625aedf6fd787a4905c
        Validity
            Not Before: Nov 23 01:02:08 2024 GMT
            Not After : Nov 24 01:02:08 2024 GMT
        Subject: CN=9754f43f0504f892af2d7f87817ead8d1c1abcd7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:1b:82:85:a1:dd:79:e0:dc:68:ff:96:29:f9:
                    9e:94:73:cf:cd:9a:28:16:09:f7:03:e9:14:36:11:
                    d1:94:c7:8e:24:0b:28:d1:3f:a4:37:2a:3a:a6:33:
                    fe:d9:53:43:95:6e:94:e2:44:01:eb:ee:2f:fd:23:
                    35:b3:bf:a6:7a:d3:30:49:b9:42:28:04:ee:d0:d4:
                    1a:78:93:7a:fc:0f:e4:c9:ba:b6:c1:47:39:82:df:
                    fb:62:7e:41:ad:06:c6:cc:eb:9f:13:ce:ea:65:2f:
                    6d:b6:57:31:b4:2c:00:1d:78:bd:b3:e6:48:be:80:
                    a6:42:39:90:bd:fd:75:85:24:a1:ca:79:7b:f2:44:
                    d0:2d:9b:f8:28:f4:ea:db:91:bf:f3:41:04:6a:ee:
                    d8:fb:0d:05:52:76:b3:77:d4:bb:26:2e:00:e3:15:
                    df:c1:de:ea:31:60:05:c4:07:4c:49:72:cd:29:1f:
                    e7:0f:63:d6:27:97:9b:8b:b6:7f:09:9d:90:95:0c:
                    01:86:cf:20:a5:9e:88:5c:91:93:23:11:7c:a3:81:
                    33:b3:23:16:eb:07:5f:43:e1:ed:5c:f1:2b:33:47:
                    4c:86:05:23:96:5d:f7:87:15:54:fe:9f:a1:1b:0b:
                    98:89:c8:64:b6:88:22:7b:fc:5e:60:7d:1d:ad:4f:
                    27:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:54:F4:3F:05:04:F8:92:AF:2D:7F:87:81:7E:AD:8D:1C:1A:BC:D7
            X509v3 Authority Key Identifier:
                keyid:7B:D8:36:C2:8A:F0:92:7A:03:55:86:25:AE:DF:6F:D7:87:A4:90:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9g2worwknoDVYYlrt9v14ekkFw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/df715b-79a6-44a9-ac97-adb314a5753c/1/e9g2worwknoDVYYlrt9v14ekkFw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:ce:4b:6f:aa:b1:b5:8e:82:db:2c:ae:e0:3e:75:e0:3d:51:
         95:86:9a:d3:c3:e4:0b:db:11:1a:0e:2d:1d:1d:b4:0a:89:d8:
         ae:7a:49:5f:0c:cd:86:98:b1:02:0f:51:81:4a:c7:b2:2c:3c:
         8a:55:75:9f:ad:59:be:95:65:83:88:66:df:0a:66:f2:ae:07:
         da:f3:80:fd:ab:fc:84:0d:1d:82:7b:e9:5c:6e:ee:bb:9c:30:
         17:13:24:67:bb:9c:56:66:e2:5d:04:23:50:9a:41:71:56:b0:
         02:61:5b:4f:85:6b:48:8b:a2:4d:fd:18:15:72:cb:25:05:78:
         e6:8c:6b:14:9b:29:78:c3:75:cf:29:ca:e2:6e:ad:bd:55:4c:
         55:e3:9c:38:60:3e:64:22:9c:dc:8d:d5:69:3e:dc:68:41:67:
         39:16:f7:c3:0b:c7:30:a7:ca:da:e8:7f:b7:c9:49:3b:61:79:
         c0:e5:9e:89:7f:8c:b0:05:b6:5a:b5:3d:ce:8b:8d:e2:eb:dd:
         d3:1a:85:dc:b4:d5:06:70:64:20:0c:e4:41:6a:89:5c:75:9b:
         c9:b6:58:22:28:d8:d4:c2:6a:85:8b:9b:67:58:7f:cb:b7:63:
         dc:9c:97:a1:8a:99:7e:a5:07:13:a9:f1:e2:49:9e:78:f7:fd:
         7e:66:0c:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWilvwu81u9KwgzM/FWhTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiZDgzNmMyOGFmMDkyN2EwMzU1ODYyNWFlZGY2ZmQ3ODdh
NDkwNWMwHhcNMjQxMTIzMDEwMjA4WhcNMjQxMTI0MDEwMjA4WjAzMTEwLwYDVQQD
Eyg5NzU0ZjQzZjA1MDRmODkyYWYyZDdmODc4MTdlYWQ4ZDFjMWFiY2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhuChaHdeeDcaP+WKfmelHPPzZoo
Fgn3A+kUNhHRlMeOJAso0T+kNyo6pjP+2VNDlW6U4kQB6+4v/SM1s7+metMwSblC
KATu0NQaeJN6/A/kybq2wUc5gt/7Yn5BrQbGzOufE87qZS9ttlcxtCwAHXi9s+ZI
voCmQjmQvf11hSShynl78kTQLZv4KPTq25G/80EEau7Y+w0FUnazd9S7Ji4A4xXf
wd7qMWAFxAdMSXLNKR/nD2PWJ5ebi7Z/CZ2QlQwBhs8gpZ6IXJGTIxF8o4EzsyMW
6wdfQ+HtXPErM0dMhgUjll33hxVU/p+hGwuYichktogie/xeYH0drU8n6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdU9D8FBPiSry1/h4F+rY0cGrzXMB8GA1UdIwQY
MBaAFHvYNsKK8JJ6A1WGJa7fb9eHpJBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTct
YWRiMzE0YTU3NTNjLzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kZjcxNWItNzlhNi00NGE5LWFjOTctYWRiMzE0YTU3NTNj
LzEvZTlnMndvcndrbm9EVllZbHJ0OXYxNGVra0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhs5Lb6qx
tY6C2yyu4D514D1RlYaa08PkC9sRGg4tHR20ConYrnpJXwzNhpixAg9RgUrHsiw8
ilV1n61ZvpVlg4hm3wpm8q4H2vOA/av8hA0dgnvpXG7uu5wwFxMkZ7ucVmbiXQQj
UJpBcVawAmFbT4VrSIuiTf0YFXLLJQV45oxrFJspeMN1zynK4m6tvVVMVeOcOGA+
ZCKc3I3VaT7caEFnORb3wwvHMKfK2uh/t8lJO2F5wOWeiX+MsAW2WrU9zouN4uvd
0xqF3LTVBnBkIAzkQWqJXHWbybZYIijY1MJqhYubZ1h/y7dj3JyXoYqZfqUHE6nx
4kmeePf9fmYMvA==
-----END CERTIFICATE-----