Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
File:                     afY2pbazoordg_l0Rtewg7lMPa4.mft (raw, json)
Hash identifier:          hi/oKoLyYNw7dZ3vLawRPSdFjSm19MmY3OIM777W0e0=
Subject key identifier:   4E:68:1D:C6:E3:04:A5:BB:90:C5:83:22:17:23:2D:13:89:5A:4D:35
Authority key identifier: 69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE
Certificate issuer:       /CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
Certificate serial:       019356F692E484DD1036F6EDF89C55EFB09B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
Manifest number:          033F
Signing time:             Sat 23 Nov 2024 03:00:20 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:20 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:20 +0000
Files and hashes:         1: afY2pbazoordg_l0Rtewg7lMPa4.crl (hash: uKNdArSRFVXvPLs9SMASaAqe+BjoVrZqeXTlhVgAlHk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:92:e4:84:dd:10:36:f6:ed:f8:9c:55:ef:b0:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
        Validity
            Not Before: Nov 23 03:00:20 2024 GMT
            Not After : Nov 24 03:00:20 2024 GMT
        Subject: CN=4e681dc6e304a5bb90c5832217232d13895a4d35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:9b:0d:a6:29:c9:a7:ca:14:6c:45:2e:62:64:
                    de:78:70:d1:af:e7:51:aa:bd:e6:e9:c9:38:77:ef:
                    b6:f5:39:c3:29:fb:ab:81:90:f9:e6:91:a0:ff:1f:
                    25:13:82:02:5e:38:76:4e:c2:e8:11:53:98:6c:21:
                    3a:49:8b:2e:c9:6a:c6:bb:63:bb:d4:70:30:d4:6f:
                    aa:6d:5b:33:68:2b:3c:c1:b5:8f:f6:51:06:2a:a3:
                    e8:38:99:4a:b9:f5:3d:e0:2c:89:f8:52:61:6f:1b:
                    30:05:49:8d:10:07:36:7b:a5:f4:70:31:ed:88:80:
                    f2:f6:af:a4:eb:1d:9e:ee:b1:13:d5:bc:58:6f:b9:
                    82:69:f3:53:61:c6:1a:a2:c4:79:31:8c:a4:fb:23:
                    e1:b2:30:bc:78:03:a2:9b:77:fc:82:c6:eb:36:d3:
                    3c:e9:e0:19:25:98:ce:15:4d:92:e0:54:76:ff:3b:
                    2c:98:f0:e8:ff:3b:52:30:0a:b9:d1:f5:1f:92:84:
                    46:2d:0b:da:36:3a:f9:63:0e:4b:f2:93:dd:37:f9:
                    62:4b:5c:5d:7d:03:a9:40:ea:fa:15:fe:56:33:f5:
                    f5:a1:69:57:a4:98:8c:6f:cf:78:f7:5a:4e:ca:18:
                    32:fa:44:55:95:b5:73:1a:c6:39:94:5b:02:e2:cc:
                    64:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:68:1D:C6:E3:04:A5:BB:90:C5:83:22:17:23:2D:13:89:5A:4D:35
            X509v3 Authority Key Identifier:
                keyid:69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:eb:8d:e5:5b:43:5b:04:ed:0c:0b:bd:a6:99:eb:06:45:7e:
         89:a7:af:88:a3:6f:0e:ce:f3:b0:24:85:48:a1:c0:ae:dc:45:
         bb:eb:d4:62:3b:d2:cb:35:80:26:9d:d1:d7:78:03:5d:c9:79:
         05:de:f5:61:63:16:7e:08:20:90:06:b8:9f:e0:85:8e:a7:9c:
         80:50:e8:cb:5b:d9:02:63:b7:b9:83:62:bd:3c:ad:22:db:11:
         66:6e:0c:02:6c:79:23:37:20:01:b1:c7:a9:f6:84:f2:d8:bb:
         17:90:b8:90:f5:b0:eb:a8:72:c6:80:73:b1:a5:94:da:5c:18:
         00:5a:2a:61:21:63:2a:47:97:87:58:7c:e7:c6:36:35:8a:95:
         69:75:81:ef:21:e9:2b:1a:17:87:91:81:57:44:88:2d:b7:ab:
         3c:65:47:36:15:fb:cc:be:5b:17:6e:a3:8e:e5:70:15:d6:a6:
         64:fd:5e:bc:1a:97:d5:54:d0:bb:4d:31:cb:6a:a1:39:c6:51:
         22:bd:5f:8b:36:00:42:22:89:08:ba:7b:66:9b:19:cb:9c:09:
         50:73:76:22:9b:dc:32:ff:4c:d6:76:e3:d5:cd:ed:18:57:5c:
         36:56:35:15:1d:d9:5e:9b:6e:d6:2f:54:e4:cf:87:35:20:e3:
         f3:43:ed:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9pLkhN0QNvbt+JxV77CbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjYzNmE1YjZiM2EyOGFkZDgzZjk3NDQ2ZDdiMDgzYjk0
YzNkYWUwHhcNMjQxMTIzMDMwMDIwWhcNMjQxMTI0MDMwMDIwWjAzMTEwLwYDVQQD
Eyg0ZTY4MWRjNmUzMDRhNWJiOTBjNTgzMjIxNzIzMmQxMzg5NWE0ZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3psNpinJp8oUbEUuYmTeeHDRr+dR
qr3m6ck4d++29TnDKfurgZD55pGg/x8lE4ICXjh2TsLoEVOYbCE6SYsuyWrGu2O7
1HAw1G+qbVszaCs8wbWP9lEGKqPoOJlKufU94CyJ+FJhbxswBUmNEAc2e6X0cDHt
iIDy9q+k6x2e7rET1bxYb7mCafNTYcYaosR5MYyk+yPhsjC8eAOim3f8gsbrNtM8
6eAZJZjOFU2S4FR2/zssmPDo/ztSMAq50fUfkoRGLQvaNjr5Yw5L8pPdN/liS1xd
fQOpQOr6Ff5WM/X1oWlXpJiMb89491pOyhgy+kRVlbVzGsY5lFsC4sxkYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE5oHcbjBKW7kMWDIhcjLROJWk01MB8GA1UdIwQY
MBaAFGn2NqW2s6KK3YP5dEbXsIO5TD2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEt
OGFlZTJiZjg5YjkxLzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEtOGFlZTJiZjg5Yjkx
LzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHuuN5VtD
WwTtDAu9ppnrBkV+iaeviKNvDs7zsCSFSKHArtxFu+vUYjvSyzWAJp3R13gDXcl5
Bd71YWMWfgggkAa4n+CFjqecgFDoy1vZAmO3uYNivTytItsRZm4MAmx5IzcgAbHH
qfaE8ti7F5C4kPWw66hyxoBzsaWU2lwYAFoqYSFjKkeXh1h858Y2NYqVaXWB7yHp
KxoXh5GBV0SILberPGVHNhX7zL5bF26jjuVwFdamZP1evBqX1VTQu00xy2qhOcZR
Ir1fizYAQiKJCLp7ZpsZy5wJUHN2IpvcMv9M1nbj1c3tGFdcNlY1FR3ZXptu1i9U
5M+HNSDj80Pt0A==
-----END CERTIFICATE-----