Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
File:                     4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft (raw, json)
Hash identifier:          VBKCBTpu1Rue8MEiD07etBV5PNqRXsURBiN4/CGdGw8=
Subject key identifier:   F9:53:C2:39:DD:1C:D4:D1:73:DD:2B:CD:69:F4:09:DF:61:09:58:98
Authority key identifier: E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4
Certificate issuer:       /CN=e0b867131100c15de890110063e638a5f02367c4
Certificate serial:       01936AB48D39EFBF1FD725D083CC86A3A0DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
Manifest number:          137A
Signing time:             Tue 26 Nov 2024 23:00:37 +0000
Manifest this update:     Tue 26 Nov 2024 23:00:37 +0000
Manifest next update:     Wed 27 Nov 2024 23:00:37 +0000
Files and hashes:         1: 4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl (hash: NxKyppKk7GD+N8Ro8e+h6tSNNYyjEK01ec/MiYA9DF0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:b4:8d:39:ef:bf:1f:d7:25:d0:83:cc:86:a3:a0:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0b867131100c15de890110063e638a5f02367c4
        Validity
            Not Before: Nov 26 23:00:37 2024 GMT
            Not After : Nov 27 23:00:37 2024 GMT
        Subject: CN=f953c239dd1cd4d173dd2bcd69f409df61095898
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:ff:de:28:d9:f0:73:ba:c3:87:0a:e2:7d:b6:
                    6e:21:14:9d:7f:45:c9:4c:b5:98:a8:8f:be:81:18:
                    f7:cf:62:02:82:4b:9c:f5:af:c6:c6:6c:4a:5b:36:
                    29:50:0c:94:de:16:c4:5c:41:ff:12:78:40:77:1f:
                    2e:0f:b1:22:f1:62:9f:0e:4f:97:8f:96:08:d5:d7:
                    d1:95:30:7b:7e:cb:8d:bf:64:25:69:91:51:a8:5d:
                    af:35:b2:9c:0c:6f:63:b1:8c:66:8b:c6:2a:69:dc:
                    8a:e4:1c:cf:eb:d9:09:f1:55:fe:3b:ab:67:0c:34:
                    9f:1c:0a:bb:94:fe:20:87:c2:d5:6e:f7:b4:ab:83:
                    f2:e6:ad:63:11:cc:4f:23:74:10:5a:59:14:e1:d7:
                    8d:a0:3a:97:c0:07:8a:56:45:cc:09:8d:3f:df:58:
                    2d:d9:ef:9f:f6:e3:41:3c:8c:dc:3e:9d:84:30:31:
                    a1:a7:33:fe:b4:11:4e:f2:ca:89:31:7f:36:a4:16:
                    ac:da:db:86:6b:fc:ee:e8:2a:36:61:af:14:ff:c1:
                    45:49:57:15:e7:d4:c2:15:54:ae:aa:4b:a3:d9:16:
                    29:4c:ec:8f:08:be:e7:81:5e:8b:0b:bc:14:b2:e6:
                    92:11:88:ae:24:a6:16:b5:01:95:e5:ef:3c:2c:bf:
                    04:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:53:C2:39:DD:1C:D4:D1:73:DD:2B:CD:69:F4:09:DF:61:09:58:98
            X509v3 Authority Key Identifier:
                keyid:E0:B8:67:13:11:00:C1:5D:E8:90:11:00:63:E6:38:A5:F0:23:67:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/eee521-25fa-4006-9531-1e044814518f/1/4LhnExEAwV3okBEAY-Y4pfAjZ8Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:72:8d:01:7f:da:88:77:4d:a9:85:ab:04:59:e6:84:ab:2a:
         f0:14:c1:b1:43:ad:11:ba:8c:43:eb:55:cd:d6:eb:1f:ee:e3:
         95:a6:d4:9b:72:7e:42:12:15:83:7d:54:5e:b1:7a:46:2c:45:
         ed:2f:b8:8c:78:1d:54:3e:e7:a6:ce:f0:7c:ec:84:36:7d:6b:
         fe:fd:59:08:24:db:68:0b:c0:72:65:5c:bc:15:11:2c:73:df:
         d6:bf:e8:bc:ac:54:b8:a2:bf:88:8a:99:70:ce:b6:bb:e2:1a:
         6b:f1:21:cd:d0:ea:fb:a5:97:d0:40:c3:70:f6:e8:01:11:2b:
         f0:01:d5:a2:a9:27:49:6b:d8:8f:07:49:86:71:18:39:64:29:
         ec:48:c4:ee:8c:97:f4:bb:ab:13:c0:0b:46:c0:5e:f9:b5:eb:
         dc:2f:8a:97:e0:ba:73:61:6c:62:72:d1:ac:6e:67:1e:56:37:
         d3:9d:9a:55:67:bb:6a:02:b0:e4:b0:d7:23:05:2c:87:a7:22:
         7d:86:bb:16:d8:f6:57:5b:e4:ad:56:0b:ad:69:a4:eb:2e:02:
         56:56:bf:32:78:f2:6d:e3:f8:98:f6:b6:f6:0a:29:e7:eb:1a:
         8f:74:56:75:cc:87:7b:97:8d:ef:8a:d1:50:8c:82:dc:da:c3:
         f1:3a:ea:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqtI05778f1yXQg8yGo6DdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYjg2NzEzMTEwMGMxNWRlODkwMTEwMDYzZTYzOGE1ZjAy
MzY3YzQwHhcNMjQxMTI2MjMwMDM3WhcNMjQxMTI3MjMwMDM3WjAzMTEwLwYDVQQD
EyhmOTUzYzIzOWRkMWNkNGQxNzNkZDJiY2Q2OWY0MDlkZjYxMDk1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v/eKNnwc7rDhwrifbZuIRSdf0XJ
TLWYqI++gRj3z2ICgkuc9a/GxmxKWzYpUAyU3hbEXEH/EnhAdx8uD7Ei8WKfDk+X
j5YI1dfRlTB7fsuNv2QlaZFRqF2vNbKcDG9jsYxmi8YqadyK5BzP69kJ8VX+O6tn
DDSfHAq7lP4gh8LVbve0q4Py5q1jEcxPI3QQWlkU4deNoDqXwAeKVkXMCY0/31gt
2e+f9uNBPIzcPp2EMDGhpzP+tBFO8sqJMX82pBas2tuGa/zu6Co2Ya8U/8FFSVcV
59TCFVSuqkuj2RYpTOyPCL7ngV6LC7wUsuaSEYiuJKYWtQGV5e88LL8EgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPlTwjndHNTRc90rzWn0Cd9hCViYMB8GA1UdIwQY
MBaAFOC4ZxMRAMFd6JARAGPmOKXwI2fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEt
MWUwNDQ4MTQ1MThmLzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lZWU1MjEtMjVmYS00MDA2LTk1MzEtMWUwNDQ4MTQ1MThm
LzEvNExobkV4RUF3VjNva0JFQVktWTRwZkFqWjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHKNAX/a
iHdNqYWrBFnmhKsq8BTBsUOtEbqMQ+tVzdbrH+7jlabUm3J+QhIVg31UXrF6RixF
7S+4jHgdVD7nps7wfOyENn1r/v1ZCCTbaAvAcmVcvBURLHPf1r/ovKxUuKK/iIqZ
cM62u+Iaa/EhzdDq+6WX0EDDcPboAREr8AHVoqknSWvYjwdJhnEYOWQp7EjE7oyX
9LurE8ALRsBe+bXr3C+Kl+C6c2FsYnLRrG5nHlY3052aVWe7agKw5LDXIwUsh6ci
fYa7Ftj2V1vkrVYLrWmk6y4CVla/MnjybeP4mPa29gop5+saj3RWdcyHe5eN74rR
UIyC3NrD8TrqFA==
-----END CERTIFICATE-----