Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.mft
File:                     5qi5LUxZf2wET3clKFSPnJEpoNM.mft (raw, json)
Hash identifier:          BH3ZrLOst2E2e3GuaEUL6Dp8GNW2QEFfX7c8oVLx9jY=
Subject key identifier:   2C:3F:88:9A:3E:C1:FC:C9:F8:67:E4:29:47:4E:B2:2A:E5:56:7A:68
Authority key identifier: E6:A8:B9:2D:4C:59:7F:6C:04:4F:77:25:28:54:8F:9C:91:29:A0:D3
Certificate issuer:       /CN=e6a8b92d4c597f6c044f772528548f9c9129a0d3
Certificate serial:       01936A46BDA6A08FA9A217D4B020F8C1BCD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5qi5LUxZf2wET3clKFSPnJEpoNM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.mft
Manifest number:          1059
Signing time:             Tue 26 Nov 2024 21:00:41 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:41 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:41 +0000
Files and hashes:         1: 5qi5LUxZf2wET3clKFSPnJEpoNM.crl (hash: YXn1I+xR/DGiOdNaJjf7sfy5vfGE3L5H3JXtjDSn3oM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5qi5LUxZf2wET3clKFSPnJEpoNM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:bd:a6:a0:8f:a9:a2:17:d4:b0:20:f8:c1:bc:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e6a8b92d4c597f6c044f772528548f9c9129a0d3
        Validity
            Not Before: Nov 26 21:00:41 2024 GMT
            Not After : Nov 27 21:00:41 2024 GMT
        Subject: CN=2c3f889a3ec1fcc9f867e429474eb22ae5567a68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:94:34:71:91:57:c5:63:7a:74:50:40:69:4a:
                    bc:7e:c1:81:9e:af:b2:8d:83:13:c8:44:b3:e4:12:
                    c4:95:0e:ca:c0:69:98:cd:1a:ef:aa:cf:fe:8b:f5:
                    8c:6e:47:63:7e:c0:0c:bc:4c:5e:b2:a9:ee:c0:ae:
                    7f:06:4f:fe:73:6d:71:3c:5a:8d:38:9d:fd:38:46:
                    6c:57:bc:a6:da:65:82:68:df:1a:6e:64:58:14:25:
                    c0:20:bf:7f:c0:67:ff:9e:c5:0d:7b:76:6f:54:af:
                    4f:47:4d:24:69:63:5b:11:2e:05:e4:80:12:bf:eb:
                    bf:33:8d:95:9a:f5:3c:ab:a6:67:5d:1f:7e:05:08:
                    0b:fa:24:e4:46:7b:95:32:f5:72:c0:e5:ea:1d:a3:
                    e2:d4:fe:69:75:1b:5f:d1:7a:e8:84:63:11:74:13:
                    a2:0f:c4:b4:28:d2:2e:dd:69:11:1c:12:ae:0b:3b:
                    fa:00:f0:f2:bc:23:ef:05:46:c9:4f:7b:b1:df:37:
                    94:f2:ca:68:18:12:90:9e:97:23:90:6c:8a:43:e6:
                    f7:96:6b:2d:2a:ad:b6:d5:9e:e8:09:ab:dc:c3:0e:
                    6e:fa:88:b5:cb:74:d6:fd:e9:61:0f:42:70:dc:77:
                    79:ec:ef:d4:35:11:9b:72:c5:9b:98:03:ce:7b:e2:
                    88:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:3F:88:9A:3E:C1:FC:C9:F8:67:E4:29:47:4E:B2:2A:E5:56:7A:68
            X509v3 Authority Key Identifier:
                keyid:E6:A8:B9:2D:4C:59:7F:6C:04:4F:77:25:28:54:8F:9C:91:29:A0:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5qi5LUxZf2wET3clKFSPnJEpoNM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/f9afc2-9169-4a8c-8816-deb7ff1b5e6d/1/5qi5LUxZf2wET3clKFSPnJEpoNM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         39:6d:dd:cf:34:0a:fa:8f:43:06:8d:b1:f8:0e:cb:19:d7:49:
         42:16:c5:8b:ff:24:a9:5b:08:3c:b6:90:6f:8d:aa:fe:34:cc:
         ba:78:5f:aa:15:82:89:1a:77:87:90:82:24:b8:06:18:21:b3:
         f0:7f:3b:ee:dc:0e:0b:3d:3f:dc:aa:55:01:cf:f1:e5:99:c7:
         30:0a:ee:bb:ac:ab:2a:8e:52:c2:9b:9c:49:c6:0f:f8:d5:e8:
         65:b9:67:58:86:cb:db:3b:38:75:55:3c:75:73:ff:f5:00:d0:
         f9:a7:d2:9b:70:bb:c8:f0:51:e8:f0:24:e2:c1:72:1b:7d:a5:
         fd:6f:17:d8:d6:27:70:c4:4d:52:58:06:01:93:27:15:03:f8:
         72:61:47:91:cb:36:e2:44:74:9d:34:30:ed:4a:d9:38:6c:f0:
         83:e3:f6:e5:77:48:1d:07:7b:3d:46:2e:47:ec:d6:6a:cf:45:
         3c:9a:e1:fb:25:b4:86:c1:ea:53:ed:0a:37:f8:99:1a:dc:79:
         5f:d3:1d:39:57:75:19:eb:64:75:9c:f0:ff:1e:57:3a:bd:77:
         25:d2:c9:3a:b1:52:ab:4a:5b:bb:cd:cb:86:45:92:54:ad:2f:
         b7:88:f1:15:94:de:02:25:e9:e1:d1:33:b2:7c:79:c9:82:8c:
         a7:6f:1d:1a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRr2moI+pohfUsCD4wbzVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YThiOTJkNGM1OTdmNmMwNDRmNzcyNTI4NTQ4ZjljOTEy
OWEwZDMwHhcNMjQxMTI2MjEwMDQxWhcNMjQxMTI3MjEwMDQxWjAzMTEwLwYDVQQD
EygyYzNmODg5YTNlYzFmY2M5Zjg2N2U0Mjk0NzRlYjIyYWU1NTY3YTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZQ0cZFXxWN6dFBAaUq8fsGBnq+y
jYMTyESz5BLElQ7KwGmYzRrvqs/+i/WMbkdjfsAMvExesqnuwK5/Bk/+c21xPFqN
OJ39OEZsV7ym2mWCaN8abmRYFCXAIL9/wGf/nsUNe3ZvVK9PR00kaWNbES4F5IAS
v+u/M42VmvU8q6ZnXR9+BQgL+iTkRnuVMvVywOXqHaPi1P5pdRtf0XrohGMRdBOi
D8S0KNIu3WkRHBKuCzv6APDyvCPvBUbJT3ux3zeU8spoGBKQnpcjkGyKQ+b3lmst
Kq221Z7oCavcww5u+oi1y3TW/elhD0Jw3Hd57O/UNRGbcsWbmAPOe+KI9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCw/iJo+wfzJ+GfkKUdOsirlVnpoMB8GA1UdIwQY
MBaAFOaouS1MWX9sBE93JShUj5yRKaDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXFpNUxVeFpmMndFVDNjbEtGU1BuSkVwb05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9mOWFmYzItOTE2OS00YThjLTg4MTYt
ZGViN2ZmMWI1ZTZkLzEvNXFpNUxVeFpmMndFVDNjbEtGU1BuSkVwb05NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9mOWFmYzItOTE2OS00YThjLTg4MTYtZGViN2ZmMWI1ZTZk
LzEvNXFpNUxVeFpmMndFVDNjbEtGU1BuSkVwb05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOW3dzzQK
+o9DBo2x+A7LGddJQhbFi/8kqVsIPLaQb42q/jTMunhfqhWCiRp3h5CCJLgGGCGz
8H877twOCz0/3KpVAc/x5ZnHMAruu6yrKo5SwpucScYP+NXoZblnWIbL2zs4dVU8
dXP/9QDQ+afSm3C7yPBR6PAk4sFyG32l/W8X2NYncMRNUlgGAZMnFQP4cmFHkcs2
4kR0nTQw7UrZOGzwg+P25XdIHQd7PUYuR+zWas9FPJrh+yW0hsHqU+0KN/iZGtx5
X9MdOVd1GetkdZzw/x5XOr13JdLJOrFSq0pbu83LhkWSVK0vt4jxFZTeAiXp4dEz
snx5yYKMp28dGg==
-----END CERTIFICATE-----