Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
File:                     QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft (raw, json)
Hash identifier:          GNxhacwMwVJJTZ4GJzpy30OYkRAizN6LZ7+iBawX4G8=
Subject key identifier:   CD:3A:54:FA:D7:4A:52:46:E4:8C:91:36:DF:9F:AE:8D:63:A4:FF:6F
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Certificate issuer:       /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial:       019358403702E419317E5CFC4271B61F315D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
Manifest number:          1E
Signing time:             Sat 23 Nov 2024 09:00:23 +0000
Manifest this update:     Sat 23 Nov 2024 09:00:23 +0000
Manifest next update:     Sun 24 Nov 2024 09:00:23 +0000
Files and hashes:         1: QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl (hash: MT8N5JYS8dvHRylanMwuRpNGQeo6bv0QvLVRUg1zkVA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:40:37:02:e4:19:31:7e:5c:fc:42:71:b6:1f:31:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
        Validity
            Not Before: Nov 23 09:00:23 2024 GMT
            Not After : Nov 24 09:00:23 2024 GMT
        Subject: CN=cd3a54fad74a5246e48c9136df9fae8d63a4ff6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:88:85:9d:22:38:b3:29:63:69:7d:67:8e:6c:
                    b9:28:26:03:24:99:00:da:c1:1a:0d:94:3e:02:77:
                    4f:5a:55:d8:2d:20:eb:6c:a5:c0:16:f6:f2:9f:11:
                    3c:c6:9a:c7:22:0b:55:9b:7d:5b:dc:a2:12:a6:90:
                    91:12:37:57:d5:e4:b1:54:59:f8:9c:1a:03:47:a1:
                    9b:63:9b:d0:9b:51:1b:bf:51:02:2b:d3:e0:44:8b:
                    ce:b8:61:40:cc:bf:f0:2c:7d:22:8e:95:35:63:18:
                    03:85:b4:fe:d2:b4:12:60:7c:dc:dc:b7:86:a8:be:
                    21:24:41:6a:be:52:56:86:e5:f9:c6:c4:61:86:d5:
                    6a:0d:6f:2a:c2:6e:37:93:0d:95:91:0e:fc:54:60:
                    81:2c:98:39:d3:70:f3:e0:da:bc:e4:3f:61:e6:92:
                    ab:50:f0:24:4d:8a:9e:13:4f:08:c7:41:a7:f5:87:
                    d3:84:2f:fa:f3:ae:97:3e:4a:0d:71:21:98:1d:b1:
                    b4:13:8b:75:38:bb:fc:eb:83:53:ea:41:fa:36:e4:
                    3d:18:c8:13:e2:46:c5:53:2d:5c:38:0a:ca:56:2c:
                    e6:a8:6c:bb:9b:62:69:a0:7d:c5:a4:c8:ca:d1:07:
                    77:69:de:6c:99:50:90:50:b7:3e:23:ea:1f:36:20:
                    1e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:3A:54:FA:D7:4A:52:46:E4:8C:91:36:DF:9F:AE:8D:63:A4:FF:6F
            X509v3 Authority Key Identifier:
                keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:57:03:19:1a:4c:54:49:9f:7b:f1:b0:ee:b5:6f:75:3e:ee:
         4b:e3:cc:a1:f9:b8:87:81:e2:1e:36:18:fc:fb:48:2b:84:3b:
         a0:3e:a0:4d:e1:ec:88:59:92:2e:d0:d6:16:79:42:63:56:b3:
         48:1c:b9:9c:57:1a:df:ea:a7:8c:83:64:0d:73:52:df:e2:9a:
         11:95:b9:e4:cb:b1:6b:a3:59:2a:60:03:ab:1f:6e:6b:1b:9c:
         b4:1b:63:89:84:c9:2b:1f:2a:54:c4:ca:df:80:6e:7f:9a:7f:
         36:3e:da:21:50:1e:96:a7:4d:54:7e:e9:c1:4a:f1:4e:f4:41:
         e5:87:b4:96:5d:c1:17:74:bf:de:54:1e:21:1f:e6:7a:a5:cc:
         75:24:41:6c:18:5a:55:c9:bb:fc:01:09:66:01:b1:f8:02:3f:
         43:b1:f2:34:68:05:6a:66:09:af:9f:ec:ad:74:a2:e5:82:3d:
         f0:42:90:70:dd:9e:b6:b2:09:ee:b8:ab:36:36:3f:f1:7c:55:
         15:e2:23:00:3c:ac:7b:66:97:7b:99:2b:ef:d3:46:83:4f:03:
         5e:0a:d7:0c:aa:05:d8:bd:e1:a4:88:0c:67:3a:b7:e1:8c:03:
         52:73:17:90:97:2e:10:4e:f4:8b:0e:1d:ea:a2:40:83:d0:42:
         96:88:8a:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYQDcC5Bkxflz8QnG2HzFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjQxMTIzMDkwMDIzWhcNMjQxMTI0MDkwMDIzWjAzMTEwLwYDVQQD
EyhjZDNhNTRmYWQ3NGE1MjQ2ZTQ4YzkxMzZkZjlmYWU4ZDYzYTRmZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4iFnSI4syljaX1njmy5KCYDJJkA
2sEaDZQ+AndPWlXYLSDrbKXAFvbynxE8xprHIgtVm31b3KISppCREjdX1eSxVFn4
nBoDR6GbY5vQm1Ebv1ECK9PgRIvOuGFAzL/wLH0ijpU1YxgDhbT+0rQSYHzc3LeG
qL4hJEFqvlJWhuX5xsRhhtVqDW8qwm43kw2VkQ78VGCBLJg503Dz4Nq85D9h5pKr
UPAkTYqeE08Ix0Gn9YfThC/6866XPkoNcSGYHbG0E4t1OLv864NT6kH6NuQ9GMgT
4kbFUy1cOArKVizmqGy7m2JpoH3FpMjK0Qd3ad5smVCQULc+I+ofNiAepwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM06VPrXSlJG5IyRNt+fro1jpP9vMB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo1cDGRpM
VEmfe/Gw7rVvdT7uS+PMofm4h4HiHjYY/PtIK4Q7oD6gTeHsiFmSLtDWFnlCY1az
SBy5nFca3+qnjINkDXNS3+KaEZW55Muxa6NZKmADqx9uaxuctBtjiYTJKx8qVMTK
34Buf5p/Nj7aIVAelqdNVH7pwUrxTvRB5Ye0ll3BF3S/3lQeIR/meqXMdSRBbBha
Vcm7/AEJZgGx+AI/Q7HyNGgFamYJr5/srXSi5YI98EKQcN2etrIJ7rirNjY/8XxV
FeIjADyse2aXe5kr79NGg08DXgrXDKoF2L3hpIgMZzq34YwDUnMXkJcuEE70iw4d
6qJAg9BCloiKkA==
-----END CERTIFICATE-----