Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
File:                     jNspNdndDVhbZVEYdkwBxtdvdMI.mft (raw, json)
Hash identifier:          VphEpyqNElBTMGCm4KlZIoI4/Pv2/BJQGl0HR61mYdw=
Subject key identifier:   4F:FC:D5:21:BE:CE:D1:47:08:80:7C:AF:9B:6D:A2:B5:B0:44:0B:4F
Authority key identifier: 8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2
Certificate issuer:       /CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
Certificate serial:       0193579B89AF1386777D6ACECED5BD4B8EEA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
Manifest number:          0479
Signing time:             Sat 23 Nov 2024 06:00:31 +0000
Manifest this update:     Sat 23 Nov 2024 06:00:31 +0000
Manifest next update:     Sun 24 Nov 2024 06:00:31 +0000
Files and hashes:         1: jNspNdndDVhbZVEYdkwBxtdvdMI.crl (hash: vgDLZ01dq2CMnnfKB3ka+JxT6gyRBZHYlHPOgBm8XHc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:9b:89:af:13:86:77:7d:6a:ce:ce:d5:bd:4b:8e:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8cdb2935d9dd0d585b655118764c01c6d76f74c2
        Validity
            Not Before: Nov 23 06:00:31 2024 GMT
            Not After : Nov 24 06:00:31 2024 GMT
        Subject: CN=4ffcd521beced14708807caf9b6da2b5b0440b4f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:2f:be:1c:35:34:6a:bc:53:37:5e:b0:18:f5:
                    a8:b3:eb:73:d6:37:6e:e7:26:0a:a4:e6:77:31:55:
                    b9:c5:2a:c0:56:8a:b2:99:5f:39:40:0f:6d:d6:3f:
                    e9:4f:07:bb:ec:ae:a5:04:3f:8b:8d:3c:9b:c5:9d:
                    8d:be:aa:23:5a:e6:2a:fb:a5:bf:26:fa:30:78:83:
                    3d:ab:4e:c1:7e:56:5b:45:e4:fe:df:fa:f8:66:0a:
                    be:7e:a0:f2:c3:35:01:5b:df:1a:0a:dd:9c:df:f0:
                    56:84:ec:df:8c:13:1d:6e:b2:03:77:17:3f:8a:4b:
                    92:f3:c1:65:98:fa:14:cc:58:8b:c3:00:12:57:8c:
                    df:86:50:db:bf:c8:bf:92:4e:3e:03:ce:3f:bf:67:
                    b1:e6:2c:d4:15:67:b1:df:56:8a:66:7c:86:d9:d6:
                    02:f5:84:06:13:81:7f:d0:5b:d8:f7:a2:60:c6:95:
                    50:46:b7:64:1a:bc:32:71:be:96:ec:22:4e:eb:de:
                    91:84:97:00:f8:6c:4f:56:c7:82:f4:fe:03:a5:4d:
                    f7:d8:7c:7e:93:46:9d:5f:aa:6a:42:a8:52:6f:f9:
                    f2:50:16:2c:ec:90:b7:fd:6f:f9:28:05:6a:fa:67:
                    36:d2:55:60:f5:03:3b:4b:8e:34:82:a9:f8:28:f4:
                    5a:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:FC:D5:21:BE:CE:D1:47:08:80:7C:AF:9B:6D:A2:B5:B0:44:0B:4F
            X509v3 Authority Key Identifier:
                keyid:8C:DB:29:35:D9:DD:0D:58:5B:65:51:18:76:4C:01:C6:D7:6F:74:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNspNdndDVhbZVEYdkwBxtdvdMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e5fe85-c5c0-4271-99c1-5456e15d4671/1/jNspNdndDVhbZVEYdkwBxtdvdMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:90:8c:5b:b4:b6:4b:17:83:9f:c9:e5:66:a0:00:dc:f9:a6:
         42:fc:a6:44:9c:b1:79:c8:1a:5e:86:a9:dd:5e:49:20:74:75:
         dc:35:8c:55:12:14:7b:6f:51:1f:be:42:c4:47:97:6d:a7:36:
         d9:04:c4:55:5c:33:ae:68:b0:92:49:bf:0d:ce:44:03:4f:9a:
         1d:a4:13:81:47:c2:57:d2:f5:a6:2e:0c:e9:a7:81:fd:90:c3:
         67:d5:79:f8:2a:a5:b5:e0:9d:e8:63:76:f7:f3:ef:e5:9f:0c:
         f8:e5:64:83:af:0e:c5:1c:76:b1:54:b3:94:f4:5c:bf:48:55:
         ca:00:bb:db:02:c4:73:d1:64:97:56:21:cc:32:49:55:fe:14:
         37:27:1f:62:9a:52:ba:c3:f6:dc:dc:15:e9:4a:1e:77:d7:95:
         04:ab:29:22:1e:b0:7f:b3:73:5c:e3:a4:86:75:58:18:5a:4b:
         7c:7a:73:0a:ff:e6:f4:4b:7c:35:f7:ed:4b:b3:f8:40:10:0a:
         5d:b2:11:4a:4f:4e:fa:c3:3e:a7:ed:e6:c5:5d:80:96:be:36:
         07:eb:4a:fc:e0:cd:b6:2a:c5:50:16:b2:0c:8f:7e:64:3a:ca:
         0f:65:96:07:ae:8b:52:a3:ad:bb:ef:4c:98:a1:54:28:16:bd:
         71:97:db:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXm4mvE4Z3fWrOztW9S47qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGIyOTM1ZDlkZDBkNTg1YjY1NTExODc2NGMwMWM2ZDc2
Zjc0YzIwHhcNMjQxMTIzMDYwMDMxWhcNMjQxMTI0MDYwMDMxWjAzMTEwLwYDVQQD
Eyg0ZmZjZDUyMWJlY2VkMTQ3MDg4MDdjYWY5YjZkYTJiNWIwNDQwYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS++HDU0arxTN16wGPWos+tz1jdu
5yYKpOZ3MVW5xSrAVoqymV85QA9t1j/pTwe77K6lBD+LjTybxZ2NvqojWuYq+6W/
JvoweIM9q07BflZbReT+3/r4Zgq+fqDywzUBW98aCt2c3/BWhOzfjBMdbrIDdxc/
ikuS88FlmPoUzFiLwwASV4zfhlDbv8i/kk4+A84/v2ex5izUFWex31aKZnyG2dYC
9YQGE4F/0FvY96JgxpVQRrdkGrwycb6W7CJO696RhJcA+GxPVseC9P4DpU332Hx+
k0adX6pqQqhSb/nyUBYs7JC3/W/5KAVq+mc20lVg9QM7S440gqn4KPRaHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/81SG+ztFHCIB8r5ttorWwRAtPMB8GA1UdIwQY
MBaAFIzbKTXZ3Q1YW2VRGHZMAcbXb3TCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEt
NTQ1NmUxNWQ0NjcxLzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNWZlODUtYzVjMC00MjcxLTk5YzEtNTQ1NmUxNWQ0Njcx
LzEvak5zcE5kbmREVmhiWlZFWWRrd0J4dGR2ZE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh5CMW7S2
SxeDn8nlZqAA3PmmQvymRJyxecgaXoap3V5JIHR13DWMVRIUe29RH75CxEeXbac2
2QTEVVwzrmiwkkm/Dc5EA0+aHaQTgUfCV9L1pi4M6aeB/ZDDZ9V5+CqlteCd6GN2
9/Pv5Z8M+OVkg68OxRx2sVSzlPRcv0hVygC72wLEc9Fkl1YhzDJJVf4UNycfYppS
usP23NwV6Uoed9eVBKspIh6wf7NzXOOkhnVYGFpLfHpzCv/m9Et8NfftS7P4QBAK
XbIRSk9O+sM+p+3mxV2Alr42B+tK/ODNtirFUBayDI9+ZDrKD2WWB66LUqOtu+9M
mKFUKBa9cZfb8g==
-----END CERTIFICATE-----