Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
File:                     29B3gCIiIDwWzo6v1Z8LCsHb58M.mft (raw, json)
Hash identifier:          +XHeES9BWya/aeOopbVmyamfYPbRVAdCPeXmtVjhYEk=
Subject key identifier:   C4:0F:CC:10:18:16:49:8E:2E:FA:9A:DF:87:8B:F4:50:67:9E:08:63
Authority key identifier: DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3
Certificate issuer:       /CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
Certificate serial:       01935878082BEDFC5B6A206FD0DEA27B5351
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
Manifest number:          0C27
Signing time:             Sat 23 Nov 2024 10:01:21 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:21 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:21 +0000
Files and hashes:         1: 29B3gCIiIDwWzo6v1Z8LCsHb58M.crl (hash: Yq4VHpfmZUxupzVbYS4mIytkV57rkTLPgQAkDstdDLM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:08:2b:ed:fc:5b:6a:20:6f:d0:de:a2:7b:53:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbd077802222203c16ce8eafd59f0b0ac1dbe7c3
        Validity
            Not Before: Nov 23 10:01:21 2024 GMT
            Not After : Nov 24 10:01:21 2024 GMT
        Subject: CN=c40fcc101816498e2efa9adf878bf450679e0863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:02:b6:49:33:fc:8c:31:d9:1b:3f:f2:0c:77:
                    cb:1f:8a:3d:5a:3d:e2:ee:44:35:99:de:da:6b:9e:
                    70:2f:1c:20:f0:c9:d0:34:f1:75:54:e9:91:9d:b9:
                    5e:d5:a7:a8:7f:41:62:71:d2:d7:46:9c:7b:52:99:
                    c6:7c:30:e0:dc:4f:0c:65:5d:09:e6:31:ea:f1:34:
                    a5:e5:0f:97:cb:04:70:44:8b:d9:48:b7:b9:a4:6c:
                    e4:80:54:9e:f1:62:e6:b8:0f:b7:8f:6a:d0:4e:9d:
                    23:6b:b7:08:7d:5f:c7:de:ca:4f:80:8f:b0:fd:39:
                    40:2f:c3:c3:24:9e:4f:ed:1b:70:e2:2f:22:30:22:
                    6b:3e:68:ca:2a:56:48:a0:5c:e5:f9:09:48:36:5d:
                    5e:b0:a4:ad:b2:e1:40:a3:1b:75:db:9f:98:06:b4:
                    28:e1:96:5e:5d:f6:2b:b6:d2:82:06:ca:ab:9a:87:
                    db:c9:f1:e6:3e:e3:f5:b8:4b:fb:90:37:c9:e0:bc:
                    81:01:e5:49:ef:14:73:82:e7:bb:ec:cd:76:21:77:
                    f0:e6:b2:1c:1a:77:ea:ee:bb:de:aa:8a:87:fb:28:
                    89:78:33:a2:f0:a0:d9:7b:92:a5:1d:db:88:3d:c5:
                    ef:81:e4:46:c6:58:83:a4:30:0c:84:21:0f:5b:d5:
                    8c:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:0F:CC:10:18:16:49:8E:2E:FA:9A:DF:87:8B:F4:50:67:9E:08:63
            X509v3 Authority Key Identifier:
                keyid:DB:D0:77:80:22:22:20:3C:16:CE:8E:AF:D5:9F:0B:0A:C1:DB:E7:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/29B3gCIiIDwWzo6v1Z8LCsHb58M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa094-efa5-4cf7-86b0-5dd94529eeea/1/29B3gCIiIDwWzo6v1Z8LCsHb58M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0f:49:de:67:2b:73:56:c5:30:c7:0a:13:66:09:9c:5f:39:06:
         72:ba:57:82:1e:56:c9:40:02:e0:de:19:60:dd:db:15:6d:4e:
         99:1f:b0:42:b1:40:c7:f3:a7:5f:44:ec:ff:c9:d6:b6:b5:ab:
         f8:a2:5c:cb:2e:f0:10:20:b6:11:9a:28:e8:98:9f:57:9b:15:
         d3:0f:84:6b:cf:98:38:92:a7:d7:bd:6c:6f:32:ca:d9:f8:3e:
         e7:ef:45:0f:6b:01:26:03:a4:1f:c1:b5:a7:ed:e0:d1:a5:1b:
         61:a4:cc:b8:b3:24:17:b7:3a:70:66:7a:d9:3b:fc:63:44:e8:
         3d:1c:5b:40:42:c1:77:b5:90:e2:1b:28:1a:9f:37:8d:8f:cb:
         a1:41:ea:82:5c:3f:b3:52:92:3a:15:90:b3:26:f7:43:8a:f9:
         32:b5:22:58:e9:e4:30:93:21:59:ea:6b:37:0d:ac:de:1d:33:
         0d:dc:f8:9f:c1:de:58:69:57:9c:f0:27:ab:c5:fe:86:99:63:
         d4:b3:c0:0e:48:89:1e:34:20:b2:84:36:75:47:40:f6:a5:44:
         83:1f:72:8b:e9:d4:7a:36:f7:55:e2:05:e6:3e:14:3a:95:18:
         2f:b8:c2:73:a3:22:87:c1:1e:a7:ce:db:cd:0e:49:ad:71:33:
         50:b1:6d:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeAgr7fxbaiBv0N6ie1NRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZDA3NzgwMjIyMjIwM2MxNmNlOGVhZmQ1OWYwYjBhYzFk
YmU3YzMwHhcNMjQxMTIzMTAwMTIxWhcNMjQxMTI0MTAwMTIxWjAzMTEwLwYDVQQD
EyhjNDBmY2MxMDE4MTY0OThlMmVmYTlhZGY4NzhiZjQ1MDY3OWUwODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQK2STP8jDHZGz/yDHfLH4o9Wj3i
7kQ1md7aa55wLxwg8MnQNPF1VOmRnble1aeof0FicdLXRpx7UpnGfDDg3E8MZV0J
5jHq8TSl5Q+XywRwRIvZSLe5pGzkgFSe8WLmuA+3j2rQTp0ja7cIfV/H3spPgI+w
/TlAL8PDJJ5P7Rtw4i8iMCJrPmjKKlZIoFzl+QlINl1esKStsuFAoxt125+YBrQo
4ZZeXfYrttKCBsqrmofbyfHmPuP1uEv7kDfJ4LyBAeVJ7xRzgue77M12IXfw5rIc
Gnfq7rveqoqH+yiJeDOi8KDZe5KlHduIPcXvgeRGxliDpDAMhCEPW9WMLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMQPzBAYFkmOLvqa34eL9FBnnghjMB8GA1UdIwQY
MBaAFNvQd4AiIiA8Fs6Or9WfCwrB2+fDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAt
NWRkOTQ1MjllZWVhLzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmEwOTQtZWZhNS00Y2Y3LTg2YjAtNWRkOTQ1MjllZWVh
LzEvMjlCM2dDSWlJRHdXem82djFaOExDc0hiNThNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0neZytz
VsUwxwoTZgmcXzkGcrpXgh5WyUAC4N4ZYN3bFW1OmR+wQrFAx/OnX0Ts/8nWtrWr
+KJcyy7wECC2EZoo6JifV5sV0w+Ea8+YOJKn171sbzLK2fg+5+9FD2sBJgOkH8G1
p+3g0aUbYaTMuLMkF7c6cGZ62Tv8Y0ToPRxbQELBd7WQ4hsoGp83jY/LoUHqglw/
s1KSOhWQsyb3Q4r5MrUiWOnkMJMhWeprNw2s3h0zDdz4n8HeWGlXnPAnq8X+hplj
1LPADkiJHjQgsoQ2dUdA9qVEgx9yi+nUejb3VeIF5j4UOpUYL7jCc6Mih8Eep87b
zQ5JrXEzULFtzg==
-----END CERTIFICATE-----