Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
File:                     02jCohY2GiT97Jfx838uHRIHEIc.mft (raw, json)
Hash identifier:          VMPTeFRx0z8KCAxE9AJE8JzjpSk7m1uC7Uvu9022odI=
Subject key identifier:   93:C9:69:62:C6:A2:1A:B6:3A:A2:7B:67:D3:99:8A:A7:8C:CA:9F:7C
Authority key identifier: D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87
Certificate issuer:       /CN=d368c2a216361a24fdec97f1f37f2e1d12071087
Certificate serial:       019369339EFE12E02B53ACE11154346C15DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 16:00:10 +0000
Manifest this update:     Tue 26 Nov 2024 16:00:10 +0000
Manifest next update:     Wed 27 Nov 2024 16:00:10 +0000
Files and hashes:         1: 02jCohY2GiT97Jfx838uHRIHEIc.crl (hash: pTbjLVfBNYjKiCapw2/xxJsGyeBnjHsxG5IF25CNS1o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 16:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:33:9e:fe:12:e0:2b:53:ac:e1:11:54:34:6c:15:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d368c2a216361a24fdec97f1f37f2e1d12071087
        Validity
            Not Before: Nov 26 16:00:10 2024 GMT
            Not After : Nov 27 16:00:10 2024 GMT
        Subject: CN=93c96962c6a21ab63aa27b67d3998aa78cca9f7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:1a:00:78:0a:f1:69:21:39:dd:e3:50:b6:a5:
                    fe:73:dc:42:a0:49:50:73:28:61:10:17:5c:8c:7c:
                    09:0d:4e:76:ab:a2:1a:67:e9:2b:a9:5e:f8:81:47:
                    f2:bc:2a:25:60:66:a3:c6:fa:bf:43:f5:ac:f6:ef:
                    7e:12:d8:80:65:4a:fd:8d:f9:f2:d9:b8:a8:90:53:
                    af:a6:30:11:11:24:70:c1:a7:4e:6f:6f:67:80:a1:
                    fe:04:0f:98:fc:ac:34:8a:5a:2a:87:ae:a6:27:ec:
                    f1:f8:7d:91:61:cf:8c:94:a9:6c:69:c9:54:65:3c:
                    83:a5:5b:d7:0e:0d:ca:e6:67:9b:9e:69:b5:48:5d:
                    92:f3:45:c6:0f:cd:ba:91:30:9e:11:39:19:1e:d1:
                    b2:72:4f:ec:52:4a:bd:dd:ba:1d:35:94:51:33:39:
                    55:da:48:6f:49:4d:c8:7f:5b:15:07:13:3a:e6:66:
                    e8:76:48:09:f1:98:96:e5:c5:cf:e8:df:b1:f4:5d:
                    52:bc:61:be:dc:81:4e:0a:db:98:35:11:aa:14:a2:
                    3d:4e:b8:68:03:d8:56:77:53:35:8f:bb:a2:0d:1f:
                    25:39:0b:4d:0a:c7:be:08:4b:60:9b:bf:cd:3b:2d:
                    e6:8c:7e:09:b2:08:df:2f:d8:fb:c7:bb:0e:90:75:
                    ff:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:C9:69:62:C6:A2:1A:B6:3A:A2:7B:67:D3:99:8A:A7:8C:CA:9F:7C
            X509v3 Authority Key Identifier:
                keyid:D3:68:C2:A2:16:36:1A:24:FD:EC:97:F1:F3:7F:2E:1D:12:07:10:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02jCohY2GiT97Jfx838uHRIHEIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d22edf-fb49-4e01-8fd4-90208e1f3de6/1/02jCohY2GiT97Jfx838uHRIHEIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ca:ef:e2:18:5c:e3:14:b4:48:23:a5:dc:fc:66:3e:a2:09:db:
         c6:bb:51:0f:cc:5d:2c:33:f2:0e:9f:25:5f:a6:15:21:27:54:
         5d:d4:d5:1c:a6:db:8d:db:50:e7:9c:e5:cd:79:4f:67:e9:e6:
         d2:90:e4:a9:51:c7:40:4a:0b:26:32:f7:3d:37:75:d5:e5:c1:
         b2:32:5d:65:9c:a2:78:73:3b:10:0e:c5:c4:9b:30:a1:42:09:
         c4:6a:a7:c1:81:76:68:3d:9c:6e:f0:e7:89:51:06:37:e7:a8:
         28:9c:95:50:65:e2:0a:88:9f:0a:fe:cf:41:20:6e:8c:30:46:
         8a:ba:77:e7:46:38:fd:46:fc:e8:9e:9d:c5:46:99:c6:6e:68:
         18:f3:3a:91:dd:f5:42:b8:34:bc:71:61:cd:92:ca:6e:6a:52:
         ac:c2:d9:5c:ea:0f:4a:ea:18:bc:1e:be:1c:92:ef:6e:c0:9a:
         4a:19:c5:1d:bd:7a:ef:a7:bc:92:76:a5:3c:e4:be:05:ea:4a:
         81:8a:bd:29:05:8c:39:45:89:79:06:b0:7f:aa:1c:87:1e:3b:
         dc:c0:fc:50:c3:29:86:97:04:a4:c2:49:a3:11:f2:99:dc:80:
         33:21:5f:21:16:28:82:74:d6:a2:02:cf:04:05:5e:b1:21:2a:
         30:f5:71:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpM57+EuArU6zhEVQ0bBXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjhjMmEyMTYzNjFhMjRmZGVjOTdmMWYzN2YyZTFkMTIw
NzEwODcwHhcNMjQxMTI2MTYwMDEwWhcNMjQxMTI3MTYwMDEwWjAzMTEwLwYDVQQD
Eyg5M2M5Njk2MmM2YTIxYWI2M2FhMjdiNjdkMzk5OGFhNzhjY2E5ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRoAeArxaSE53eNQtqX+c9xCoElQ
cyhhEBdcjHwJDU52q6IaZ+krqV74gUfyvColYGajxvq/Q/Ws9u9+EtiAZUr9jfny
2biokFOvpjARESRwwadOb29ngKH+BA+Y/Kw0iloqh66mJ+zx+H2RYc+MlKlsaclU
ZTyDpVvXDg3K5mebnmm1SF2S80XGD826kTCeETkZHtGyck/sUkq93bodNZRRMzlV
2khvSU3If1sVBxM65mbodkgJ8ZiW5cXP6N+x9F1SvGG+3IFOCtuYNRGqFKI9Trho
A9hWd1M1j7uiDR8lOQtNCse+CEtgm7/NOy3mjH4JsgjfL9j7x7sOkHX/MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJPJaWLGohq2OqJ7Z9OZiqeMyp98MB8GA1UdIwQY
MBaAFNNowqIWNhok/eyX8fN/Lh0SBxCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQt
OTAyMDhlMWYzZGU2LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMjJlZGYtZmI0OS00ZTAxLThmZDQtOTAyMDhlMWYzZGU2
LzEvMDJqQ29oWTJHaVQ5N0pmeDgzOHVIUklIRUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyu/iGFzj
FLRII6Xc/GY+ognbxrtRD8xdLDPyDp8lX6YVISdUXdTVHKbbjdtQ55zlzXlPZ+nm
0pDkqVHHQEoLJjL3PTd11eXBsjJdZZyieHM7EA7FxJswoUIJxGqnwYF2aD2cbvDn
iVEGN+eoKJyVUGXiCoifCv7PQSBujDBGirp350Y4/Ub86J6dxUaZxm5oGPM6kd31
Qrg0vHFhzZLKbmpSrMLZXOoPSuoYvB6+HJLvbsCaShnFHb1676e8knalPOS+BepK
gYq9KQWMOUWJeQawf6ochx473MD8UMMphpcEpMJJoxHymdyAMyFfIRYognTWogLP
BAVesSEqMPVx5w==
-----END CERTIFICATE-----