Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
File:                     7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft (raw, json)
Hash identifier:          f27NWdCkjCInS76sNAc4Gt9DutcAwYVy4TCOrTuXFz4=
Subject key identifier:   71:1E:AF:D1:C6:6A:76:AC:AE:F0:97:4B:8C:33:BF:7E:0B:BE:AA:55
Authority key identifier: EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48
Certificate issuer:       /CN=ecf5d512f91044b786a15589a624a8d8cb929e48
Certificate serial:       0193603250D37457D4911F739DEEDF8070C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
Manifest number:          1028
Signing time:             Sun 24 Nov 2024 22:02:10 +0000
Manifest this update:     Sun 24 Nov 2024 22:02:10 +0000
Manifest next update:     Mon 25 Nov 2024 22:02:10 +0000
Files and hashes:         1: 7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl (hash: iE6Khpf9NEVMbm3IodPkmXz5rqCLN3LDezOcGU+EYzw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 25 Nov 2024 22:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:60:32:50:d3:74:57:d4:91:1f:73:9d:ee:df:80:70:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecf5d512f91044b786a15589a624a8d8cb929e48
        Validity
            Not Before: Nov 24 22:02:10 2024 GMT
            Not After : Nov 25 22:02:10 2024 GMT
        Subject: CN=711eafd1c66a76acaef0974b8c33bf7e0bbeaa55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:26:fa:b1:1a:f3:ad:52:ec:f8:98:a3:0b:05:
                    d5:c3:e2:a5:6b:99:52:39:ac:1a:9b:48:22:58:89:
                    3d:c2:ee:5a:50:57:b2:54:98:6d:94:ae:08:e9:44:
                    49:18:3a:4b:02:83:a7:d8:a8:bb:39:0c:17:34:10:
                    98:53:56:80:70:7e:b0:0e:c9:80:5e:a2:37:3d:09:
                    42:fd:ef:6b:44:1d:13:9a:72:f5:49:71:0b:4d:4f:
                    fe:ca:22:9b:b0:dc:41:8c:de:11:26:96:fc:b5:46:
                    e8:62:02:c1:0d:e2:de:7c:75:40:09:9d:24:c1:e3:
                    ab:3d:e2:e7:d6:22:5b:f4:05:70:a2:1b:72:12:b3:
                    30:fe:43:fa:88:f8:6a:0a:12:80:e7:ab:61:94:00:
                    f8:3c:90:c9:ab:fd:9d:8e:39:f5:55:6d:f1:2c:f1:
                    ff:60:8e:01:92:d6:e9:b3:3b:db:34:ab:b1:3b:ab:
                    6c:ba:c9:bd:91:d7:0c:3b:03:e4:ca:51:5d:2b:29:
                    c7:2e:66:f5:8d:fe:fe:eb:fb:9c:39:70:5d:81:62:
                    82:38:46:71:35:1e:22:92:66:bc:08:9d:f6:16:d6:
                    ef:11:91:f1:fe:3e:45:d4:82:1f:06:a3:37:c3:40:
                    27:0c:22:4a:0e:cc:f9:db:03:78:64:75:59:29:a0:
                    75:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:1E:AF:D1:C6:6A:76:AC:AE:F0:97:4B:8C:33:BF:7E:0B:BE:AA:55
            X509v3 Authority Key Identifier:
                keyid:EC:F5:D5:12:F9:10:44:B7:86:A1:55:89:A6:24:A8:D8:CB:92:9E:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PXVEvkQRLeGoVWJpiSo2MuSnkg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3d4dfa-fe4a-4563-8cbe-c1481df7da41/1/7PXVEvkQRLeGoVWJpiSo2MuSnkg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:58:bb:d8:d3:ea:db:61:9c:43:d4:81:5f:4b:3f:e1:58:67:
         a1:9a:26:71:a3:4a:b5:eb:5b:5b:01:c7:46:a8:d1:5e:82:19:
         eb:b5:8b:fe:81:e9:59:5d:69:e2:6b:cb:bf:cf:53:4c:80:4f:
         ff:6e:5c:91:22:6b:b9:23:42:22:69:0c:9d:49:93:87:0f:f0:
         1a:d7:af:ad:db:fe:50:92:cd:a9:33:5d:50:e7:c7:26:e1:6f:
         d0:90:36:4a:87:44:1c:25:6a:f4:f9:c3:e2:89:9f:0b:35:94:
         50:1e:2f:06:e4:47:08:82:1a:15:0c:ea:fa:ff:2b:f7:c4:73:
         eb:ba:fc:04:4e:4c:3f:6c:27:0d:3f:ed:22:26:e5:50:22:34:
         5d:d6:16:b0:eb:38:02:8b:ce:d8:90:b1:a6:e5:4d:85:e3:8f:
         fc:d4:21:f2:46:05:b3:d9:8c:4f:8b:8f:11:41:c2:1b:c1:a2:
         58:51:45:90:3d:27:58:4d:cc:50:69:72:f4:70:2b:3d:a3:e1:
         b0:4d:b8:fc:06:29:c1:52:00:4c:2f:3a:9c:6a:d1:28:c3:96:
         05:a4:b0:bb:9d:d8:4c:3f:3d:ed:7d:f6:ea:51:2a:97:3e:85:
         8a:a7:5c:35:d3:d4:17:ab:f4:ae:65:47:28:c8:06:ff:5c:19:
         f4:ba:a8:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNgMlDTdFfUkR9zne7fgHDJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjVkNTEyZjkxMDQ0Yjc4NmExNTU4OWE2MjRhOGQ4Y2I5
MjllNDgwHhcNMjQxMTI0MjIwMjEwWhcNMjQxMTI1MjIwMjEwWjAzMTEwLwYDVQQD
Eyg3MTFlYWZkMWM2NmE3NmFjYWVmMDk3NGI4YzMzYmY3ZTBiYmVhYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSb6sRrzrVLs+JijCwXVw+Kla5lS
Oawam0giWIk9wu5aUFeyVJhtlK4I6URJGDpLAoOn2Ki7OQwXNBCYU1aAcH6wDsmA
XqI3PQlC/e9rRB0TmnL1SXELTU/+yiKbsNxBjN4RJpb8tUboYgLBDeLefHVACZ0k
weOrPeLn1iJb9AVwohtyErMw/kP6iPhqChKA56thlAD4PJDJq/2djjn1VW3xLPH/
YI4BktbpszvbNKuxO6tsusm9kdcMOwPkylFdKynHLmb1jf7+6/ucOXBdgWKCOEZx
NR4ikma8CJ32FtbvEZHx/j5F1IIfBqM3w0AnDCJKDsz52wN4ZHVZKaB1bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEer9HGanasrvCXS4wzv34LvqpVMB8GA1UdIwQY
MBaAFOz11RL5EES3hqFViaYkqNjLkp5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUt
YzE0ODFkZjdkYTQxLzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zZDRkZmEtZmU0YS00NTYzLThjYmUtYzE0ODFkZjdkYTQx
LzEvN1BYVkV2a1FSTGVHb1ZXSnBpU28yTXVTbmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcli72NPq
22GcQ9SBX0s/4VhnoZomcaNKtetbWwHHRqjRXoIZ67WL/oHpWV1p4mvLv89TTIBP
/25ckSJruSNCImkMnUmThw/wGtevrdv+UJLNqTNdUOfHJuFv0JA2SodEHCVq9PnD
4omfCzWUUB4vBuRHCIIaFQzq+v8r98Rz67r8BE5MP2wnDT/tIiblUCI0XdYWsOs4
AovO2JCxpuVNheOP/NQh8kYFs9mMT4uPEUHCG8GiWFFFkD0nWE3MUGly9HArPaPh
sE24/AYpwVIATC86nGrRKMOWBaSwu53YTD897X326lEqlz6FiqdcNdPUF6v0rmVH
KMgG/1wZ9Lqo3A==
-----END CERTIFICATE-----