Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
File:                     TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json)
Hash identifier:          zmH5YvT2qdhAFR6ojflXN633EAKF5Hn5NTBtpfuaBys=
Subject key identifier:   A7:3E:B6:9F:4E:AB:01:D2:0E:79:92:98:5D:6A:11:58:63:87:B6:FC
Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB
Certificate issuer:       /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
Certificate serial:       01936A4706DBE2E8B31136510E3BC87D8252
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
Manifest number:          11B4
Signing time:             Tue 26 Nov 2024 21:00:59 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:59 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:59 +0000
Files and hashes:         1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: iUvHYt5Hgi4NAD1n8wb/0FSxtv1wKlcdbM58DCzEdBY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:47:06:db:e2:e8:b3:11:36:51:0e:3b:c8:7d:82:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db
        Validity
            Not Before: Nov 26 21:00:59 2024 GMT
            Not After : Nov 27 21:00:59 2024 GMT
        Subject: CN=a73eb69f4eab01d20e7992985d6a11586387b6fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0f:71:a4:92:b2:a3:71:4c:85:99:f9:51:0c:
                    a1:fb:ec:13:6f:91:f6:af:b0:60:2a:c8:6d:9b:80:
                    2e:e2:62:0e:10:6f:f6:45:1d:44:77:88:f9:37:4e:
                    6b:a6:61:4b:ec:3f:33:25:ca:c0:0c:8c:b7:ab:3c:
                    eb:82:77:44:24:d9:65:64:d0:d8:dc:0b:0d:da:a1:
                    06:71:cf:5a:ed:ea:a0:38:dc:45:7c:bc:a9:3d:db:
                    0d:c0:d9:bf:a0:60:9e:3c:b8:16:1e:6c:1e:d8:3a:
                    c5:f1:cc:57:e1:13:88:dd:5a:c2:a3:0e:81:b8:8a:
                    81:e4:58:f4:8f:2c:64:c4:8a:21:d7:e3:2c:34:0d:
                    8e:50:bd:95:a2:35:6f:4b:d5:f0:9a:d8:2f:c8:62:
                    ea:43:26:8e:03:f1:f4:eb:0e:5c:5d:c1:d9:65:a1:
                    0f:89:d5:fe:6a:df:3b:da:57:ed:e9:eb:86:fb:06:
                    a1:a8:99:e2:9d:89:88:35:cf:41:99:48:ea:e6:9c:
                    d7:18:e6:ee:1d:51:70:1e:cd:19:05:76:96:5d:d3:
                    92:05:81:3d:d1:e9:e8:46:c2:22:b3:fb:7f:57:1d:
                    ad:64:2f:2c:14:e3:d1:a2:a7:15:33:b8:eb:16:77:
                    c6:22:76:11:c5:cf:13:28:0f:30:d3:83:61:99:db:
                    86:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3E:B6:9F:4E:AB:01:D2:0E:79:92:98:5D:6A:11:58:63:87:B6:FC
            X509v3 Authority Key Identifier:
                keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:72:52:80:26:b5:25:ba:93:61:e0:b5:ca:87:1e:a5:ca:a4:
         cf:08:c6:e8:4a:2a:47:c7:eb:cd:77:06:40:f6:94:b6:d2:d9:
         49:28:f1:a8:d0:db:9a:d4:62:10:c5:05:97:8e:20:9c:14:de:
         c3:34:10:83:1d:82:7b:e5:e4:a9:d0:7c:12:69:60:7a:5c:9b:
         41:71:eb:cc:c1:c8:17:d9:2f:b7:35:1d:fd:6a:da:9a:52:96:
         50:a7:fa:64:ea:f6:01:e7:3b:a8:99:6b:37:1e:ef:53:17:fa:
         8e:49:dd:b5:b1:2e:63:15:0c:f5:d7:91:bd:e6:70:e6:d2:70:
         39:88:f8:56:47:65:82:34:17:f2:ec:25:be:34:30:cf:19:52:
         f5:ae:fe:19:9a:e2:44:fe:2a:e1:6d:bb:23:0f:89:1b:d0:d8:
         a6:06:9e:dc:9f:d3:54:ec:c7:92:c7:ef:9f:27:0e:e8:68:d0:
         c6:9a:d6:9e:28:09:99:6a:29:a8:7a:e2:78:bd:63:d1:19:d7:
         5c:91:57:b4:88:0f:7a:73:9e:f4:70:32:b7:ff:f6:ed:c5:8e:
         77:a1:9f:ce:a6:69:d7:9f:70:0a:23:c7:e2:b6:85:a0:3e:73:
         5f:d2:16:bc:50:cc:38:a8:af:15:08:d2:0e:06:82:c3:11:6a:
         bf:3b:35:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRwbb4uizETZRDjvIfYJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5
MDU4ZGIwHhcNMjQxMTI2MjEwMDU5WhcNMjQxMTI3MjEwMDU5WjAzMTEwLwYDVQQD
EyhhNzNlYjY5ZjRlYWIwMWQyMGU3OTkyOTg1ZDZhMTE1ODYzODdiNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw9xpJKyo3FMhZn5UQyh++wTb5H2
r7BgKshtm4Au4mIOEG/2RR1Ed4j5N05rpmFL7D8zJcrADIy3qzzrgndEJNllZNDY
3AsN2qEGcc9a7eqgONxFfLypPdsNwNm/oGCePLgWHmwe2DrF8cxX4ROI3VrCow6B
uIqB5Fj0jyxkxIoh1+MsNA2OUL2VojVvS9XwmtgvyGLqQyaOA/H06w5cXcHZZaEP
idX+at872lft6euG+wahqJninYmINc9BmUjq5pzXGObuHVFwHs0ZBXaWXdOSBYE9
0enoRsIis/t/Vx2tZC8sFOPRoqcVM7jrFnfGInYRxc8TKA8w04NhmduGTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKc+tp9OqwHSDnmSmF1qEVhjh7b8MB8GA1UdIwQY
MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt
ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4
LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXJSgCa1
JbqTYeC1yocepcqkzwjG6EoqR8frzXcGQPaUttLZSSjxqNDbmtRiEMUFl44gnBTe
wzQQgx2Ce+XkqdB8EmlgelybQXHrzMHIF9kvtzUd/WramlKWUKf6ZOr2Aec7qJlr
Nx7vUxf6jkndtbEuYxUM9deRveZw5tJwOYj4VkdlgjQX8uwlvjQwzxlS9a7+GZri
RP4q4W27Iw+JG9DYpgae3J/TVOzHksfvnycO6GjQxprWnigJmWopqHrieL1j0RnX
XJFXtIgPenOe9HAyt//27cWOd6GfzqZp159wCiPH4raFoD5zX9IWvFDMOKivFQjS
DgaCwxFqvzs1CQ==
-----END CERTIFICATE-----