Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
File:                     jhTxdhHOtBMYStycGa71CKhJubI.mft (raw, json)
Hash identifier:          xJJKQdTp+0n/8CDa1aXGHjjcMGgmw9Bplv5ExDgzgH4=
Subject key identifier:   EB:46:70:F1:BB:AF:32:AC:89:0C:B4:7C:3A:F8:6C:5B:8B:6D:09:17
Authority key identifier: 8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2
Certificate issuer:       /CN=8e14f17611ceb413184adc9c19aef508a849b9b2
Certificate serial:       0193587802DFCF876FC9CD13F2DE4C717C95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 10:01:20 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:20 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:20 +0000
Files and hashes:         1: jhTxdhHOtBMYStycGa71CKhJubI.crl (hash: M+kcPnw1/aXN8FLmMgqhyRqP+oazELJPUCuXcV1iyGk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:02:df:cf:87:6f:c9:cd:13:f2:de:4c:71:7c:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8e14f17611ceb413184adc9c19aef508a849b9b2
        Validity
            Not Before: Nov 23 10:01:20 2024 GMT
            Not After : Nov 24 10:01:20 2024 GMT
        Subject: CN=eb4670f1bbaf32ac890cb47c3af86c5b8b6d0917
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:82:a1:63:00:d2:c8:46:7e:cb:b3:14:67:56:
                    53:a2:21:bd:33:13:be:14:a5:4f:20:71:76:d3:57:
                    44:86:eb:e6:af:bb:b3:64:10:e3:ce:43:96:fb:38:
                    18:e0:9c:82:bc:20:50:69:7a:87:f9:85:97:37:60:
                    67:0f:c2:a2:b0:32:67:6d:fa:35:6b:03:a5:2e:7d:
                    d7:fa:43:8b:29:09:a3:af:df:8b:89:ac:bf:93:54:
                    3f:01:09:7a:69:00:b2:97:08:34:52:e1:44:67:4e:
                    20:4a:08:73:a9:06:21:d3:03:f5:0a:c0:23:c9:bf:
                    67:d6:9a:fc:f6:5f:31:e4:82:59:c6:dd:55:a2:4e:
                    71:38:03:33:17:16:23:7a:1f:13:85:86:31:ea:3e:
                    22:74:69:3d:e3:14:88:e9:7f:f1:92:f1:db:9a:fb:
                    ba:a0:b6:90:29:32:84:f2:da:96:18:1d:01:3c:13:
                    5b:c8:6a:8f:20:7f:04:c2:0c:62:b4:f5:36:67:30:
                    dc:72:3a:dd:69:7a:2a:30:f9:b2:4e:aa:e2:02:3c:
                    1f:7d:6e:24:3d:1b:c2:8e:7c:ea:68:68:ba:1f:4d:
                    95:af:86:62:9f:0f:28:de:2f:f6:21:71:ec:83:ef:
                    e4:e0:aa:b4:49:da:13:99:ea:5c:40:bc:ce:e7:7d:
                    93:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:46:70:F1:BB:AF:32:AC:89:0C:B4:7C:3A:F8:6C:5B:8B:6D:09:17
            X509v3 Authority Key Identifier:
                keyid:8E:14:F1:76:11:CE:B4:13:18:4A:DC:9C:19:AE:F5:08:A8:49:B9:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhTxdhHOtBMYStycGa71CKhJubI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/81d56d-1f52-4a9b-9591-720fd3a1eef3/1/jhTxdhHOtBMYStycGa71CKhJubI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:1a:d7:68:df:c9:75:20:f9:46:af:20:1b:ea:51:d1:f3:5b:
         29:ea:e6:f4:06:d4:0f:21:72:58:b8:1d:b0:72:a1:6b:bd:54:
         3a:35:ee:2f:28:91:00:22:42:e3:6a:57:a2:54:d5:ac:21:69:
         99:af:e4:47:05:95:fa:d7:d4:f8:1f:e0:ee:26:40:48:0a:34:
         b1:ea:8d:9f:4a:f3:e1:f0:32:3e:f9:e5:40:ec:21:73:aa:7c:
         7c:0a:ba:74:63:8e:25:a5:36:32:df:0c:91:dc:24:fc:2b:91:
         d6:75:62:e1:cc:dc:c8:4e:b9:39:4f:9b:1c:b5:ba:c1:0a:e8:
         b0:23:1d:4b:11:eb:ca:14:08:0c:fb:58:93:6d:db:b7:4a:69:
         d0:a2:ab:98:55:c0:6f:07:f1:fe:86:f8:ad:c4:9b:44:69:0a:
         b4:8f:5e:2d:74:e7:f2:e9:cf:d0:7c:c9:c4:7d:c5:f9:75:cf:
         f2:f3:fb:df:73:d0:ac:47:99:da:57:76:95:6e:38:1f:ac:6e:
         0f:9c:0a:15:24:a9:08:54:f6:5e:48:64:69:25:d6:29:63:69:
         46:33:0e:7e:95:d9:4b:24:1a:5c:c8:26:03:0c:cc:19:a7:fd:
         04:63:6c:8d:0e:4b:b1:e6:90:6d:d2:d4:39:88:12:5d:c1:b9:
         56:cb:f4:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeALfz4dvyc0T8t5McXyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTRmMTc2MTFjZWI0MTMxODRhZGM5YzE5YWVmNTA4YTg0
OWI5YjIwHhcNMjQxMTIzMTAwMTIwWhcNMjQxMTI0MTAwMTIwWjAzMTEwLwYDVQQD
EyhlYjQ2NzBmMWJiYWYzMmFjODkwY2I0N2MzYWY4NmM1YjhiNmQwOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYKhYwDSyEZ+y7MUZ1ZToiG9MxO+
FKVPIHF201dEhuvmr7uzZBDjzkOW+zgY4JyCvCBQaXqH+YWXN2BnD8KisDJnbfo1
awOlLn3X+kOLKQmjr9+Liay/k1Q/AQl6aQCylwg0UuFEZ04gSghzqQYh0wP1CsAj
yb9n1pr89l8x5IJZxt1Vok5xOAMzFxYjeh8ThYYx6j4idGk94xSI6X/xkvHbmvu6
oLaQKTKE8tqWGB0BPBNbyGqPIH8EwgxitPU2ZzDccjrdaXoqMPmyTqriAjwffW4k
PRvCjnzqaGi6H02Vr4Zinw8o3i/2IXHsg+/k4Kq0SdoTmepcQLzO532TxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtGcPG7rzKsiQy0fDr4bFuLbQkXMB8GA1UdIwQY
MBaAFI4U8XYRzrQTGErcnBmu9QioSbmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEt
NzIwZmQzYTFlZWYzLzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS84MWQ1NmQtMWY1Mi00YTliLTk1OTEtNzIwZmQzYTFlZWYz
LzEvamhUeGRoSE90Qk1ZU3R5Y0dhNzFDS2hKdWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhhrXaN/J
dSD5Rq8gG+pR0fNbKerm9AbUDyFyWLgdsHKha71UOjXuLyiRACJC42pXolTVrCFp
ma/kRwWV+tfU+B/g7iZASAo0seqNn0rz4fAyPvnlQOwhc6p8fAq6dGOOJaU2Mt8M
kdwk/CuR1nVi4czcyE65OU+bHLW6wQrosCMdSxHryhQIDPtYk23bt0pp0KKrmFXA
bwfx/ob4rcSbRGkKtI9eLXTn8unP0HzJxH3F+XXP8vP733PQrEeZ2ld2lW44H6xu
D5wKFSSpCFT2XkhkaSXWKWNpRjMOfpXZSyQaXMgmAwzMGaf9BGNsjQ5LseaQbdLU
OYgSXcG5Vsv0fw==
-----END CERTIFICATE-----