Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
File:                     IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft (raw, json)
Hash identifier:          LNoO+44A4xviLpaz9k+CpzpFRIxmQDXQKEHrF6nTK8c=
Subject key identifier:   D9:B5:C3:21:9F:1C:BD:B6:E7:9C:FB:0F:1A:77:CB:45:CC:0C:C9:7E
Authority key identifier: 22:E2:F3:53:47:57:D9:39:08:DA:41:79:9D:C2:61:35:06:14:AE:46
Certificate issuer:       /CN=22e2f3534757d93908da41799dc261350614ae46
Certificate serial:       01936220029AE72A18C88A6747EC3A381F99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
Manifest number:          040C
Signing time:             Mon 25 Nov 2024 07:01:25 +0000
Manifest this update:     Mon 25 Nov 2024 07:01:25 +0000
Manifest next update:     Tue 26 Nov 2024 07:01:25 +0000
Files and hashes:         1: IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl (hash: VsX+0rZnVReaskUXSDfcsr8bqjL9W3UmCsPWkbCNxVY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:62:20:02:9a:e7:2a:18:c8:8a:67:47:ec:3a:38:1f:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e2f3534757d93908da41799dc261350614ae46
        Validity
            Not Before: Nov 25 07:01:25 2024 GMT
            Not After : Nov 26 07:01:25 2024 GMT
        Subject: CN=d9b5c3219f1cbdb6e79cfb0f1a77cb45cc0cc97e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:11:2d:0b:45:58:11:88:15:66:eb:9d:69:e6:
                    9e:53:a7:66:b0:64:7d:27:56:9f:81:03:ef:be:d4:
                    e2:87:cf:55:37:75:06:79:64:87:c1:b4:6c:1e:f5:
                    51:46:8d:08:16:b4:70:a1:66:92:37:b1:d2:84:bb:
                    d0:ef:57:58:d7:02:85:75:19:cf:4e:dd:34:37:84:
                    1c:f5:64:52:38:37:25:cf:e2:65:00:48:0e:f2:b3:
                    61:d8:f5:23:5c:48:f8:9b:ba:8c:f1:20:85:5e:d9:
                    cd:4b:6c:cf:de:87:11:38:31:15:84:40:5e:92:e2:
                    5a:4a:e8:fe:c3:3a:55:13:49:18:d2:d1:cf:a0:3a:
                    98:e8:ac:d0:cf:08:24:71:f1:07:2f:9a:99:ba:68:
                    66:37:7f:bc:f3:7b:38:55:d7:9f:23:01:b8:6e:20:
                    77:60:4e:42:0c:2d:04:8a:3a:66:df:7e:f7:4f:82:
                    a7:d4:69:0c:d9:38:f8:c2:77:41:44:38:38:dd:25:
                    15:31:89:dc:af:8a:3f:47:91:02:99:5a:f9:b1:f1:
                    c8:4a:6d:76:1f:3b:16:32:a8:c7:d8:44:d5:61:fd:
                    d5:48:91:e3:eb:56:0b:58:b9:29:b1:97:f1:68:57:
                    6b:82:d5:03:3e:07:a2:dc:a0:df:03:10:82:26:13:
                    24:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:B5:C3:21:9F:1C:BD:B6:E7:9C:FB:0F:1A:77:CB:45:CC:0C:C9:7E
            X509v3 Authority Key Identifier:
                keyid:22:E2:F3:53:47:57:D9:39:08:DA:41:79:9D:C2:61:35:06:14:AE:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:c8:26:69:c0:2d:d7:c9:c4:08:f0:29:71:92:fc:dd:99:af:
         65:a3:dd:ce:ce:9a:7a:f8:68:81:cb:0b:0c:3b:c1:b7:ef:07:
         b8:8d:6f:4b:f2:ca:24:f7:b5:40:6e:ca:e9:cd:56:4d:32:9f:
         3e:21:15:57:8e:75:ae:00:b1:de:8b:1b:0c:37:18:b9:5c:4a:
         ef:1d:84:f2:9f:2d:a8:14:3e:1b:63:de:22:a9:68:b3:ac:23:
         d1:e2:e7:30:68:95:fc:d9:2d:89:41:ea:24:68:3a:30:c8:07:
         8c:f2:f1:14:d5:94:eb:b4:ba:ea:d4:7c:cd:74:de:6d:76:01:
         6e:e0:fc:14:9f:ee:57:46:25:fb:9c:45:60:72:4b:bd:2d:e9:
         fb:61:e5:da:ba:d6:36:df:4c:50:19:c4:16:e5:72:df:bd:e2:
         ae:88:20:ad:bc:57:6a:89:66:f6:70:88:c9:40:4d:04:8d:b2:
         18:24:26:53:2b:d5:0c:2b:37:8f:ff:67:3a:fc:f7:29:da:cd:
         5d:b7:4e:d0:83:26:d0:9f:67:bc:34:08:ea:d9:21:03:62:36:
         3d:76:54:11:05:93:c0:6e:61:ba:ca:62:23:42:7c:27:b3:ab:
         c0:ec:f2:ec:fe:59:3e:c4:6c:c1:51:d4:77:f0:69:96:b2:ea:
         ac:f0:cf:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNiIAKa5yoYyIpnR+w6OB+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTJmMzUzNDc1N2Q5MzkwOGRhNDE3OTlkYzI2MTM1MDYx
NGFlNDYwHhcNMjQxMTI1MDcwMTI1WhcNMjQxMTI2MDcwMTI1WjAzMTEwLwYDVQQD
EyhkOWI1YzMyMTlmMWNiZGI2ZTc5Y2ZiMGYxYTc3Y2I0NWNjMGNjOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhEtC0VYEYgVZuudaeaeU6dmsGR9
J1afgQPvvtTih89VN3UGeWSHwbRsHvVRRo0IFrRwoWaSN7HShLvQ71dY1wKFdRnP
Tt00N4Qc9WRSODclz+JlAEgO8rNh2PUjXEj4m7qM8SCFXtnNS2zP3ocRODEVhEBe
kuJaSuj+wzpVE0kY0tHPoDqY6KzQzwgkcfEHL5qZumhmN3+883s4VdefIwG4biB3
YE5CDC0Eijpm3373T4Kn1GkM2Tj4wndBRDg43SUVMYncr4o/R5ECmVr5sfHISm12
HzsWMqjH2ETVYf3VSJHj61YLWLkpsZfxaFdrgtUDPgei3KDfAxCCJhMk0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNm1wyGfHL2255z7Dxp3y0XMDMl+MB8GA1UdIwQY
MBaAFCLi81NHV9k5CNpBeZ3CYTUGFK5GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYjI0NTUtZmZmMy00YmRhLTk4Nzgt
MjljZWMyNzk1Y2IzLzEvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYjI0NTUtZmZmMy00YmRhLTk4NzgtMjljZWMyNzk1Y2Iz
LzEvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMgmacAt
18nECPApcZL83ZmvZaPdzs6aevhogcsLDDvBt+8HuI1vS/LKJPe1QG7K6c1WTTKf
PiEVV451rgCx3osbDDcYuVxK7x2E8p8tqBQ+G2PeIqlos6wj0eLnMGiV/NktiUHq
JGg6MMgHjPLxFNWU67S66tR8zXTebXYBbuD8FJ/uV0Yl+5xFYHJLvS3p+2Hl2rrW
Nt9MUBnEFuVy373iroggrbxXaolm9nCIyUBNBI2yGCQmUyvVDCs3j/9nOvz3KdrN
XbdO0IMm0J9nvDQI6tkhA2I2PXZUEQWTwG5huspiI0J8J7OrwOzy7P5ZPsRswVHU
d/BplrLqrPDPYg==
-----END CERTIFICATE-----