Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
File:                     Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft (raw, json)
Hash identifier:          mg6QWZKveUV5bheeHvyEqL8rykm2v0eK7xQEbZ2/PiI=
Subject key identifier:   A9:43:A9:32:2D:2D:85:98:E7:5C:3B:7C:DA:4C:FE:23:2A:B3:AF:23
Authority key identifier: 49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34
Certificate issuer:       /CN=49f9b880f259b88190702c22bf832171b7597434
Certificate serial:       01936BC718E71741EE09D85239393592A366
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
Manifest number:          0FCF
Signing time:             Wed 27 Nov 2024 04:00:30 +0000
Manifest this update:     Wed 27 Nov 2024 04:00:30 +0000
Manifest next update:     Thu 28 Nov 2024 04:00:30 +0000
Files and hashes:         1: Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl (hash: kSJ4bsXfa4vsR3B6aw72n17mnnEltG71qfDZacOCJJA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Nov 2024 04:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:c7:18:e7:17:41:ee:09:d8:52:39:39:35:92:a3:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49f9b880f259b88190702c22bf832171b7597434
        Validity
            Not Before: Nov 27 04:00:30 2024 GMT
            Not After : Nov 28 04:00:30 2024 GMT
        Subject: CN=a943a9322d2d8598e75c3b7cda4cfe232ab3af23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:29:36:ca:c5:94:04:02:a2:12:4b:d9:de:cb:
                    3d:d1:7b:c7:77:06:41:43:f1:93:7a:2c:d2:e5:29:
                    4c:62:dd:52:92:fe:f4:ad:31:41:ec:e5:11:7f:2f:
                    c5:12:4f:05:82:45:2d:a6:ab:54:17:d4:99:df:be:
                    7c:08:c6:14:ca:c0:0c:5e:da:1b:33:ce:2e:e0:f2:
                    53:f2:56:e6:66:6b:0a:33:4d:72:35:4a:ac:6e:ad:
                    52:af:b2:70:b5:22:80:26:7b:cb:7b:79:9f:22:60:
                    bf:c3:f3:e1:76:d9:42:3a:82:5a:85:e3:bd:df:5c:
                    84:4a:40:81:3a:05:7e:5e:ec:7f:94:79:bb:20:99:
                    20:e4:b5:56:79:a7:9e:a9:f8:95:23:d4:5f:25:8f:
                    2a:21:51:56:13:90:10:23:d8:ef:d6:25:a9:9f:84:
                    c2:04:ae:cd:7b:e5:2f:7c:d8:3f:39:31:00:1b:3c:
                    20:12:50:4f:47:d1:9c:37:8b:63:9f:7c:ba:c7:44:
                    7c:c7:3f:4d:81:85:06:19:cf:ad:bc:b3:1b:9f:c6:
                    f0:77:30:bc:75:7f:ee:3e:d7:fe:70:a1:db:14:d7:
                    47:31:f1:18:e5:a5:13:5b:a0:6b:5b:05:84:67:ce:
                    05:9c:45:c0:17:58:2f:fa:ff:e6:aa:cc:1a:46:81:
                    eb:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:43:A9:32:2D:2D:85:98:E7:5C:3B:7C:DA:4C:FE:23:2A:B3:AF:23
            X509v3 Authority Key Identifier:
                keyid:49:F9:B8:80:F2:59:B8:81:90:70:2C:22:BF:83:21:71:B7:59:74:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a998bb-3bc3-4597-8dcc-c4f22536ab05/1/Sfm4gPJZuIGQcCwiv4MhcbdZdDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         07:e7:87:2d:9a:31:90:51:ab:cf:ee:1d:aa:2a:b6:4b:96:eb:
         db:1b:7a:85:df:d9:d4:9d:73:30:28:c0:e2:58:d2:1f:8f:d6:
         59:30:f5:60:b0:f6:01:b9:ce:fe:a0:8d:7c:bf:02:76:74:bd:
         0a:df:8e:27:ec:41:07:b1:d8:9e:0a:93:d9:2c:84:6e:0f:83:
         bb:76:26:eb:e5:86:c7:8d:1d:27:17:8f:b4:5b:a6:27:6c:04:
         92:e6:60:98:87:68:e2:7a:9c:92:1c:b6:59:bd:2b:c2:37:7d:
         12:95:21:9c:2c:24:48:b5:ed:81:34:60:a1:46:ea:a5:49:bb:
         f1:2d:49:da:09:4e:19:88:fd:e7:55:df:41:fc:f9:55:a0:0d:
         da:94:65:72:aa:0d:04:07:70:90:2f:58:8c:fd:60:13:8a:09:
         2e:06:cb:8e:7f:e3:7c:76:70:04:4c:8b:d8:8c:55:43:e2:b6:
         50:bf:38:9d:59:e4:69:ce:17:5c:84:86:2d:82:31:85:a8:22:
         ab:9f:f1:90:48:bc:c0:4e:52:ed:b1:69:33:3a:de:46:30:da:
         fe:0b:8a:ea:aa:29:c3:2f:62:ae:02:80:55:ca:2f:8b:11:e3:
         0e:92:a0:a3:5b:4e:51:70:74:4c:1f:22:4d:6e:95:1e:e2:6e:
         93:52:67:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrxxjnF0HuCdhSOTk1kqNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjliODgwZjI1OWI4ODE5MDcwMmMyMmJmODMyMTcxYjc1
OTc0MzQwHhcNMjQxMTI3MDQwMDMwWhcNMjQxMTI4MDQwMDMwWjAzMTEwLwYDVQQD
EyhhOTQzYTkzMjJkMmQ4NTk4ZTc1YzNiN2NkYTRjZmUyMzJhYjNhZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsik2ysWUBAKiEkvZ3ss90XvHdwZB
Q/GTeizS5SlMYt1Skv70rTFB7OURfy/FEk8FgkUtpqtUF9SZ3758CMYUysAMXtob
M84u4PJT8lbmZmsKM01yNUqsbq1Sr7JwtSKAJnvLe3mfImC/w/PhdtlCOoJaheO9
31yESkCBOgV+Xux/lHm7IJkg5LVWeaeeqfiVI9RfJY8qIVFWE5AQI9jv1iWpn4TC
BK7Ne+UvfNg/OTEAGzwgElBPR9GcN4tjn3y6x0R8xz9NgYUGGc+tvLMbn8bwdzC8
dX/uPtf+cKHbFNdHMfEY5aUTW6BrWwWEZ84FnEXAF1gv+v/mqswaRoHrZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKlDqTItLYWY51w7fNpM/iMqs68jMB8GA1UdIwQY
MBaAFEn5uIDyWbiBkHAsIr+DIXG3WXQ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2Mt
YzRmMjI1MzZhYjA1LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hOTk4YmItM2JjMy00NTk3LThkY2MtYzRmMjI1MzZhYjA1
LzEvU2ZtNGdQSlp1SUdRY0N3aXY0TWhjYmRaZERRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB+eHLZox
kFGrz+4dqiq2S5br2xt6hd/Z1J1zMCjA4ljSH4/WWTD1YLD2AbnO/qCNfL8CdnS9
Ct+OJ+xBB7HYngqT2SyEbg+Du3Ym6+WGx40dJxePtFumJ2wEkuZgmIdo4nqckhy2
Wb0rwjd9EpUhnCwkSLXtgTRgoUbqpUm78S1J2glOGYj951XfQfz5VaAN2pRlcqoN
BAdwkC9YjP1gE4oJLgbLjn/jfHZwBEyL2IxVQ+K2UL84nVnkac4XXISGLYIxhagi
q5/xkEi8wE5S7bFpMzreRjDa/guK6qopwy9irgKAVcovixHjDpKgo1tOUXB0TB8i
TW6VHuJuk1Jn7w==
-----END CERTIFICATE-----