Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
File:                     wtVzsWdwcfL9bUS4QBthISBZjM8.mft (raw, json)
Hash identifier:          UOKg3Kcj1kVKwVgwyFlRVWo7koZ15aORSweSRc4JYYQ=
Subject key identifier:   35:F9:D6:CD:05:3F:C6:4E:75:5D:79:5C:B8:74:A4:99:BF:FC:EC:B9
Authority key identifier: C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF
Certificate issuer:       /CN=c2d573b1677071f2fd6d44b8401b612120598ccf
Certificate serial:       01936BC8E56E2F062125549546503A0774E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
Manifest number:          1378
Signing time:             Wed 27 Nov 2024 04:02:28 +0000
Manifest this update:     Wed 27 Nov 2024 04:02:28 +0000
Manifest next update:     Thu 28 Nov 2024 04:02:28 +0000
Files and hashes:         1: wtVzsWdwcfL9bUS4QBthISBZjM8.crl (hash: /RwsdQErND9wgt2cUz6PDmVZQZb9Io6wBK9HU74e5no=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 23:02:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:c8:e5:6e:2f:06:21:25:54:95:46:50:3a:07:74:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2d573b1677071f2fd6d44b8401b612120598ccf
        Validity
            Not Before: Nov 27 04:02:28 2024 GMT
            Not After : Nov 28 04:02:28 2024 GMT
        Subject: CN=35f9d6cd053fc64e755d795cb874a499bffcecb9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:85:7e:0a:60:27:8b:8a:e0:24:8b:fc:e7:7d:
                    ac:c3:82:be:22:cd:f0:7c:41:07:8a:61:5b:e6:f7:
                    3f:0e:7c:88:7e:96:44:98:2d:26:78:78:38:76:d7:
                    78:33:1e:e3:b8:da:84:9e:1a:36:eb:8b:a6:d8:1b:
                    09:67:40:45:63:f4:06:f8:19:8b:82:41:fe:f8:f1:
                    d2:70:fc:4e:ae:00:81:cd:44:3f:55:f6:01:fd:3c:
                    fa:33:45:22:10:5c:63:d8:f0:8c:d2:9b:f4:de:72:
                    60:47:a0:28:94:19:29:2a:81:ee:0b:06:35:50:3f:
                    e5:6c:23:8a:18:93:0f:8a:dc:a3:18:df:28:b3:b3:
                    89:dd:82:97:cc:64:8e:4e:63:46:83:97:57:08:50:
                    b8:38:1b:25:50:25:01:0f:33:52:d8:4d:4d:9e:54:
                    68:9a:da:ca:73:a8:91:9d:a6:b0:46:d9:b6:32:37:
                    66:5c:64:55:94:33:b1:87:54:07:9d:bb:b4:37:b2:
                    64:d3:6a:26:a4:fa:14:7f:94:3d:af:5e:67:a0:94:
                    d4:3e:e2:e5:ce:6f:9c:e3:74:95:fc:a4:72:99:a3:
                    77:31:8e:75:3f:06:b6:60:74:e9:29:f2:ec:c7:ad:
                    af:ca:bf:5e:12:65:a3:44:1c:61:b8:fc:75:a9:8a:
                    4e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F9:D6:CD:05:3F:C6:4E:75:5D:79:5C:B8:74:A4:99:BF:FC:EC:B9
            X509v3 Authority Key Identifier:
                keyid:C2:D5:73:B1:67:70:71:F2:FD:6D:44:B8:40:1B:61:21:20:59:8C:CF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtVzsWdwcfL9bUS4QBthISBZjM8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/b5f591-d5ea-47e2-9e69-04d12f2d070a/1/wtVzsWdwcfL9bUS4QBthISBZjM8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:d8:e8:d9:39:bf:fb:c0:ef:65:58:d3:72:0b:e8:0c:9b:de:
         3a:16:fc:e4:52:85:fc:ca:5b:ca:fe:36:da:d2:c5:25:06:43:
         8a:e4:14:ca:0a:ac:f8:d7:3d:d5:12:62:ad:15:fb:a8:30:d0:
         f7:c9:dc:9b:a7:57:0a:cf:fb:1c:0a:41:e7:23:43:71:e5:4b:
         4c:ff:77:9f:b1:8d:c9:fa:c2:93:ee:57:e0:4b:ed:74:6a:c7:
         a6:67:78:f7:33:81:0b:ec:32:da:f6:3e:4c:cd:dd:68:e9:f2:
         ad:bf:27:47:ae:26:63:c4:85:03:82:89:a9:e0:8b:63:0f:e4:
         22:a2:27:e1:33:f4:45:d1:b4:ff:78:2b:2a:c4:94:1f:b4:53:
         f0:d4:11:48:3f:42:d9:7b:9e:6b:b2:86:b9:a0:6e:89:a9:e7:
         c0:34:02:26:85:f1:93:4f:95:7b:52:89:7f:a4:b3:3a:54:8c:
         5b:34:23:5d:70:c7:13:0a:b6:8d:89:f1:cf:2c:3b:7e:4e:bc:
         88:d5:b0:18:38:67:0c:27:d8:bd:c7:8b:bf:a7:23:62:a4:9b:
         03:3a:cd:77:e0:34:1e:73:23:0a:92:af:7f:36:e9:af:69:49:
         13:47:f5:c6:e9:59:52:c8:46:76:0e:2f:9a:d6:37:fb:8b:3b:
         61:83:e7:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNryOVuLwYhJVSVRlA6B3TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZDU3M2IxNjc3MDcxZjJmZDZkNDRiODQwMWI2MTIxMjA1
OThjY2YwHhcNMjQxMTI3MDQwMjI4WhcNMjQxMTI4MDQwMjI4WjAzMTEwLwYDVQQD
EygzNWY5ZDZjZDA1M2ZjNjRlNzU1ZDc5NWNiODc0YTQ5OWJmZmNlY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IV+CmAni4rgJIv8532sw4K+Is3w
fEEHimFb5vc/DnyIfpZEmC0meHg4dtd4Mx7juNqEnho264um2BsJZ0BFY/QG+BmL
gkH++PHScPxOrgCBzUQ/VfYB/Tz6M0UiEFxj2PCM0pv03nJgR6AolBkpKoHuCwY1
UD/lbCOKGJMPityjGN8os7OJ3YKXzGSOTmNGg5dXCFC4OBslUCUBDzNS2E1NnlRo
mtrKc6iRnaawRtm2MjdmXGRVlDOxh1QHnbu0N7Jk02ompPoUf5Q9r15noJTUPuLl
zm+c43SV/KRymaN3MY51Pwa2YHTpKfLsx62vyr9eEmWjRBxhuPx1qYpOYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDX51s0FP8ZOdV15XLh0pJm//Oy5MB8GA1UdIwQY
MBaAFMLVc7FncHHy/W1EuEAbYSEgWYzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjkt
MDRkMTJmMmQwNzBhLzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iNWY1OTEtZDVlYS00N2UyLTllNjktMDRkMTJmMmQwNzBh
LzEvd3RWenNXZHdjZkw5YlVTNFFCdGhJU0Jaak04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtjo2Tm/
+8DvZVjTcgvoDJveOhb85FKF/Mpbyv422tLFJQZDiuQUygqs+Nc91RJirRX7qDDQ
98ncm6dXCs/7HApB5yNDceVLTP93n7GNyfrCk+5X4EvtdGrHpmd49zOBC+wy2vY+
TM3daOnyrb8nR64mY8SFA4KJqeCLYw/kIqIn4TP0RdG0/3grKsSUH7RT8NQRSD9C
2Xuea7KGuaBuiannwDQCJoXxk0+Ve1KJf6SzOlSMWzQjXXDHEwq2jYnxzyw7fk68
iNWwGDhnDCfYvceLv6cjYqSbAzrNd+A0HnMjCpKvfzbpr2lJE0f1xulZUshGdg4v
mtY3+4s7YYPn3g==
-----END CERTIFICATE-----