Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
File:                     Q9JznRqU2rlXbiF80N-FdyBLIwA.mft (raw, json)
Hash identifier:          ph+9csKcUvdJXupmMBri9XHAfK2aPGryAmt3Ut4h6xk=
Subject key identifier:   10:B7:67:35:6A:AE:18:9B:E5:ED:D8:B8:57:58:D9:64:E6:A5:37:DD
Authority key identifier: 43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00
Certificate issuer:       /CN=43d2739d1a94dab9576e217cd0df8577204b2300
Certificate serial:       019369A192450745E69EE36769AF802817F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
Manifest number:          D2
Signing time:             Tue 26 Nov 2024 18:00:16 +0000
Manifest this update:     Tue 26 Nov 2024 18:00:16 +0000
Manifest next update:     Wed 27 Nov 2024 18:00:16 +0000
Files and hashes:         1: Q9JznRqU2rlXbiF80N-FdyBLIwA.crl (hash: B6rdhRTgQPYSSSSWZp1Fk5UQtBAoYb8KkuHVCpNm08Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:a1:92:45:07:45:e6:9e:e3:67:69:af:80:28:17:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43d2739d1a94dab9576e217cd0df8577204b2300
        Validity
            Not Before: Nov 26 18:00:16 2024 GMT
            Not After : Nov 27 18:00:16 2024 GMT
        Subject: CN=10b767356aae189be5edd8b85758d964e6a537dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b3:60:1c:5b:34:00:ea:00:b9:ac:73:a0:a5:
                    58:76:31:79:02:0b:5c:c4:ac:3a:83:a1:50:a8:ee:
                    fc:93:82:df:95:48:97:2b:2e:82:3e:5b:d4:5c:8e:
                    04:1e:d6:50:f2:0d:73:45:9b:67:2e:23:ff:6e:11:
                    45:d7:a7:5c:68:ce:4a:4b:96:ea:5c:19:fe:d1:20:
                    d3:f4:2d:af:4e:44:8f:03:24:53:a9:d0:53:b7:4a:
                    cc:a9:b3:c9:11:71:0c:26:53:f1:3a:90:b0:04:d4:
                    a5:66:a1:cd:9a:fd:a3:98:6d:a4:32:25:76:7d:74:
                    59:71:c6:a8:45:1c:27:ec:5d:a8:4f:a7:dc:cd:98:
                    f5:63:f3:2e:10:42:5f:a6:56:ba:2b:89:8b:1c:71:
                    8e:19:ca:e6:45:08:a0:d4:89:6a:73:6a:95:03:31:
                    6e:ee:fe:02:b2:a8:de:f1:a7:85:d1:9c:e3:a9:06:
                    d5:3c:5e:00:18:47:8a:7d:aa:33:9e:c5:74:a7:71:
                    94:d0:92:ec:7a:1b:66:e4:c6:17:25:87:db:b8:38:
                    08:28:56:76:76:42:66:60:d3:ee:a4:ee:ff:fd:b5:
                    1d:6f:bd:18:62:a2:3b:83:37:45:0e:ae:d0:95:a7:
                    ff:e4:e8:c7:e9:9a:27:a0:73:79:35:67:d2:66:7b:
                    b2:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:B7:67:35:6A:AE:18:9B:E5:ED:D8:B8:57:58:D9:64:E6:A5:37:DD
            X509v3 Authority Key Identifier:
                keyid:43:D2:73:9D:1A:94:DA:B9:57:6E:21:7C:D0:DF:85:77:20:4B:23:00

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9JznRqU2rlXbiF80N-FdyBLIwA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7fe5c5-9ba2-4e66-ba2e-a44326a39f97/1/Q9JznRqU2rlXbiF80N-FdyBLIwA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:2d:db:4b:75:a3:d6:4f:7b:95:81:91:30:90:96:ad:d2:ed:
         32:99:d1:c1:f9:f4:bd:63:40:8c:90:34:bd:53:47:3d:9b:04:
         7a:89:13:b8:af:e6:9f:3e:d5:67:7b:1f:50:3e:5b:92:f6:cc:
         c5:cc:7a:83:e6:04:1b:36:cd:7f:3c:4b:50:54:37:16:0e:30:
         3e:4e:23:5c:5e:8c:0f:58:f9:3b:12:c0:d3:e3:26:51:cf:2b:
         6a:d5:3a:77:7a:11:2e:1f:07:df:ca:9f:f8:32:82:91:68:34:
         6a:88:c2:c3:46:2d:f1:23:07:e6:d0:d7:c6:37:d8:62:e9:74:
         e5:ac:43:ca:ab:54:bd:f8:43:c9:b1:36:fc:93:3f:06:9e:55:
         37:e2:52:91:c7:9c:6b:77:7d:4a:83:20:31:8e:b5:3b:3c:c2:
         fc:f5:d4:ea:ad:48:9d:89:81:bc:76:10:f5:08:e4:0d:10:7d:
         8c:e6:4a:2d:b7:a7:84:37:dc:41:a7:d0:8b:17:ea:d2:83:02:
         d2:7d:d5:3f:cf:8f:62:9e:1e:51:b4:3d:f3:99:28:dc:9c:31:
         fd:b2:8b:8b:61:1a:81:bc:a8:6b:90:d1:91:37:bb:80:ba:20:
         a8:c0:22:23:49:e0:08:c9:5b:6a:ff:9b:09:d0:a1:c0:ac:d4:
         36:58:23:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpoZJFB0XmnuNnaa+AKBfxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDI3MzlkMWE5NGRhYjk1NzZlMjE3Y2QwZGY4NTc3MjA0
YjIzMDAwHhcNMjQxMTI2MTgwMDE2WhcNMjQxMTI3MTgwMDE2WjAzMTEwLwYDVQQD
EygxMGI3NjczNTZhYWUxODliZTVlZGQ4Yjg1NzU4ZDk2NGU2YTUzN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrNgHFs0AOoAuaxzoKVYdjF5Agtc
xKw6g6FQqO78k4LflUiXKy6CPlvUXI4EHtZQ8g1zRZtnLiP/bhFF16dcaM5KS5bq
XBn+0SDT9C2vTkSPAyRTqdBTt0rMqbPJEXEMJlPxOpCwBNSlZqHNmv2jmG2kMiV2
fXRZccaoRRwn7F2oT6fczZj1Y/MuEEJfpla6K4mLHHGOGcrmRQig1Ilqc2qVAzFu
7v4Csqje8aeF0ZzjqQbVPF4AGEeKfaoznsV0p3GU0JLsehtm5MYXJYfbuDgIKFZ2
dkJmYNPupO7//bUdb70YYqI7gzdFDq7Qlaf/5OjH6ZonoHN5NWfSZnuyIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC3ZzVqrhib5e3YuFdY2WTmpTfdMB8GA1UdIwQY
MBaAFEPSc50alNq5V24hfNDfhXcgSyMAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUt
YTQ0MzI2YTM5Zjk3LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ZmU1YzUtOWJhMi00ZTY2LWJhMmUtYTQ0MzI2YTM5Zjk3
LzEvUTlKem5ScVUycmxYYmlGODBOLUZkeUJMSXdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQS3bS3Wj
1k97lYGRMJCWrdLtMpnRwfn0vWNAjJA0vVNHPZsEeokTuK/mnz7VZ3sfUD5bkvbM
xcx6g+YEGzbNfzxLUFQ3Fg4wPk4jXF6MD1j5OxLA0+MmUc8ratU6d3oRLh8H38qf
+DKCkWg0aojCw0Yt8SMH5tDXxjfYYul05axDyqtUvfhDybE2/JM/Bp5VN+JSkcec
a3d9SoMgMY61OzzC/PXU6q1InYmBvHYQ9QjkDRB9jOZKLbenhDfcQafQixfq0oMC
0n3VP8+PYp4eUbQ985ko3Jwx/bKLi2Eagbyoa5DRkTe7gLogqMAiI0ngCMlbav+b
CdChwKzUNlgj7g==
-----END CERTIFICATE-----