Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          JLku57krmghu1c3sLhnyvHfZtx9OfrBcWkzKzqS0Tzw=
Subject key identifier:   D5:70:55:8F:5F:CD:A0:3D:2B:CF:F5:21:89:3E:E9:53:35:C0:79:AC
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       01935878C63C3F5750272FA0D3164BDE7BF5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          06F4
Signing time:             Sat 23 Nov 2024 10:02:10 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:10 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:10 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: 71coYHTUqmih5DqZeXjEHR/5K2cg6t7pQKiM6GL7Pqs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:c6:3c:3f:57:50:27:2f:a0:d3:16:4b:de:7b:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: Nov 23 10:02:10 2024 GMT
            Not After : Nov 24 10:02:10 2024 GMT
        Subject: CN=d570558f5fcda03d2bcff521893ee95335c079ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:dc:c9:7b:9b:e1:08:3b:66:29:c9:33:e8:a7:
                    9c:bd:5f:40:66:f4:cf:97:4a:63:18:92:f4:1b:d9:
                    06:ee:20:a7:63:5f:d3:cd:2f:f5:b2:52:9e:fa:7e:
                    0c:19:58:a5:44:f7:29:f1:d8:df:ab:b3:84:56:91:
                    2b:f2:4e:4e:1f:0e:02:b0:e1:3c:f2:bb:61:af:50:
                    bf:e4:10:97:89:f3:0e:ff:96:1e:5d:e3:b8:e0:9a:
                    13:9d:d5:8c:7e:08:da:5c:2f:d9:b5:0d:1c:b5:be:
                    94:8c:e8:09:f3:05:28:6e:1e:60:c1:9a:52:22:67:
                    bb:70:ab:66:fc:14:71:82:50:4a:45:1a:e0:71:98:
                    db:c8:c5:01:b1:b3:b1:80:f2:06:c1:8f:a8:17:86:
                    27:f0:06:dd:ef:0b:89:71:6d:f5:46:35:90:8f:74:
                    5a:f7:5a:b5:1d:0c:b9:63:68:5c:53:af:5e:17:b6:
                    01:83:be:37:64:99:bb:0e:f5:ee:ac:11:f1:be:aa:
                    c7:de:73:52:59:9e:3c:ea:d7:87:7a:ac:ba:df:6a:
                    6c:f4:98:d8:fd:25:95:06:e2:26:6e:5d:71:0c:c9:
                    77:8a:e2:30:84:29:4c:86:2a:53:52:69:6d:72:8b:
                    be:34:26:f4:04:a9:76:e1:e4:97:56:6d:de:f0:f5:
                    a0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:70:55:8F:5F:CD:A0:3D:2B:CF:F5:21:89:3E:E9:53:35:C0:79:AC
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:db:2b:61:70:98:3a:30:d2:62:fd:2c:18:b3:2e:3f:16:1c:
         6f:58:a5:67:77:8b:7e:a7:f1:67:9e:fc:0f:c8:87:9e:d6:61:
         ef:06:2e:2e:e1:b5:78:32:01:45:21:4c:96:d6:93:66:c0:fd:
         2d:9c:33:e8:8d:a7:7b:75:17:a5:dd:08:6e:8e:28:b1:43:6b:
         cb:db:a0:63:fe:e3:a6:e0:61:b2:db:9d:61:8e:a8:d1:75:b8:
         15:b5:1a:84:fa:87:08:db:28:57:68:ae:cd:15:27:4b:84:98:
         97:19:8e:ce:dd:a4:d3:a2:de:04:82:bb:8b:30:0f:63:3a:cd:
         80:8f:f8:8f:ee:8a:9d:c1:45:cd:e8:23:65:77:ce:a7:8d:39:
         be:d6:b5:b4:40:51:49:88:00:e1:50:72:27:6a:3b:4f:54:58:
         27:27:67:df:8d:2f:dc:07:ce:fe:f9:14:e5:00:1d:44:fd:cf:
         8a:f6:6c:71:a5:ef:a7:a5:86:7d:82:66:13:5d:53:98:68:a0:
         27:5e:14:d9:31:a4:ec:07:31:c4:36:68:5c:ad:46:7a:d9:ce:
         57:19:63:06:5a:3d:de:ed:e2:d6:d8:8a:6c:94:9d:0e:3b:aa:
         63:62:26:95:22:0c:0a:30:ee:b7:02:a8:76:cf:02:a9:7c:71:
         fc:ee:d2:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeMY8P1dQJy+g0xZL3nv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjQxMTIzMTAwMjEwWhcNMjQxMTI0MTAwMjEwWjAzMTEwLwYDVQQD
EyhkNTcwNTU4ZjVmY2RhMDNkMmJjZmY1MjE4OTNlZTk1MzM1YzA3OWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdzJe5vhCDtmKckz6KecvV9AZvTP
l0pjGJL0G9kG7iCnY1/TzS/1slKe+n4MGVilRPcp8djfq7OEVpEr8k5OHw4CsOE8
8rthr1C/5BCXifMO/5YeXeO44JoTndWMfgjaXC/ZtQ0ctb6UjOgJ8wUobh5gwZpS
Ime7cKtm/BRxglBKRRrgcZjbyMUBsbOxgPIGwY+oF4Yn8Abd7wuJcW31RjWQj3Ra
91q1HQy5Y2hcU69eF7YBg743ZJm7DvXurBHxvqrH3nNSWZ486teHeqy632ps9JjY
/SWVBuImbl1xDMl3iuIwhClMhipTUmltcou+NCb0BKl24eSXVm3e8PWgUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNVwVY9fzaA9K8/1IYk+6VM1wHmsMB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdsrYXCY
OjDSYv0sGLMuPxYcb1ilZ3eLfqfxZ578D8iHntZh7wYuLuG1eDIBRSFMltaTZsD9
LZwz6I2ne3UXpd0Ibo4osUNry9ugY/7jpuBhstudYY6o0XW4FbUahPqHCNsoV2iu
zRUnS4SYlxmOzt2k06LeBIK7izAPYzrNgI/4j+6KncFFzegjZXfOp405vta1tEBR
SYgA4VByJ2o7T1RYJydn340v3AfO/vkU5QAdRP3PivZscaXvp6WGfYJmE11TmGig
J14U2TGk7AcxxDZoXK1GetnOVxljBlo93u3i1tiKbJSdDjuqY2ImlSIMCjDutwKo
ds8CqXxx/O7SUA==
-----END CERTIFICATE-----