Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
File:                     0sAfMj0dJYn5qbRi_nDzawn6xjI.mft (raw, json)
Hash identifier:          u72nFMoG2VOragCqCw037aHEKD+3ZOA3EAgVXsZa5I8=
Subject key identifier:   39:80:37:DE:61:62:EB:49:CD:48:83:F1:A1:DD:63:6A:EE:3F:C9:69
Authority key identifier: D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32
Certificate issuer:       /CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
Certificate serial:       01936B222A655FF27AC9513D77EE9A81A456
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
Manifest number:          03A8
Signing time:             Wed 27 Nov 2024 01:00:21 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:21 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:21 +0000
Files and hashes:         1: 0sAfMj0dJYn5qbRi_nDzawn6xjI.crl (hash: +GGghRMoLR52K6IoPuSqOvXVV+UXodVviZkd0vaBczk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:2a:65:5f:f2:7a:c9:51:3d:77:ee:9a:81:a4:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2c01f323d1d2589f9a9b462fe70f36b09fac632
        Validity
            Not Before: Nov 27 01:00:21 2024 GMT
            Not After : Nov 28 01:00:21 2024 GMT
        Subject: CN=398037de6162eb49cd4883f1a1dd636aee3fc969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cd:1a:af:ce:8e:08:07:34:a5:a4:6a:e1:74:
                    71:16:ec:e2:ee:09:20:73:6f:9f:45:59:d6:c5:6c:
                    ed:f6:11:20:14:00:85:e8:7b:16:38:06:7f:44:3c:
                    b1:4d:47:ca:d8:78:7e:fb:55:fc:75:d7:33:e1:3b:
                    24:23:b9:6c:87:0b:34:e3:6f:1e:66:22:14:31:fc:
                    ff:e0:4a:ca:20:0c:b8:5b:31:0e:a2:f0:95:8b:93:
                    33:93:c4:4b:3d:02:79:30:a9:ed:4f:e9:2f:e4:c9:
                    1d:93:80:c9:b1:9e:63:fe:43:6c:30:20:a3:fa:d2:
                    b7:f8:34:b6:26:4f:d9:25:ec:4d:90:3a:f8:43:c6:
                    70:3b:36:7e:87:e9:33:54:34:dd:af:f3:73:26:f5:
                    13:b5:c9:e8:d0:31:61:25:c0:bb:0f:3b:6f:63:94:
                    70:7f:e7:43:a6:a4:f9:fe:88:40:20:05:09:ad:36:
                    aa:47:d4:f6:b6:5e:a8:98:52:64:c3:99:40:40:56:
                    69:b8:dd:04:32:da:bf:ef:39:4f:ab:16:04:44:89:
                    ca:d4:9d:01:a9:8d:39:a7:f0:07:c8:2e:8f:6a:eb:
                    c9:6c:cc:67:2a:58:ac:46:5e:33:d8:d9:bb:3f:55:
                    3d:14:81:96:8b:b9:46:a3:66:34:fa:e5:14:00:66:
                    18:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:80:37:DE:61:62:EB:49:CD:48:83:F1:A1:DD:63:6A:EE:3F:C9:69
            X509v3 Authority Key Identifier:
                keyid:D2:C0:1F:32:3D:1D:25:89:F9:A9:B4:62:FE:70:F3:6B:09:FA:C6:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sAfMj0dJYn5qbRi_nDzawn6xjI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/4c84cd-0bf1-43a3-b442-65bd4224cdb9/1/0sAfMj0dJYn5qbRi_nDzawn6xjI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:6a:c2:37:ba:a3:b3:b1:b2:aa:e1:cd:35:db:72:bf:2c:0f:
         a8:a0:6c:60:e2:45:54:2d:2a:08:a3:bc:3f:03:14:01:31:f9:
         ef:83:f6:85:12:c3:59:2e:09:0e:ae:c9:e6:58:df:31:9c:18:
         37:8d:0f:57:12:2a:50:08:a9:b2:50:d1:d8:ef:08:b9:f7:98:
         ba:be:ff:5d:de:dc:31:7e:9e:49:ec:da:46:b9:94:dd:92:e7:
         e1:e5:25:1d:28:a5:ad:97:18:18:1e:79:d0:37:56:93:b3:7f:
         52:22:fc:3a:d3:3d:29:f2:c9:55:e6:c9:2b:bb:1b:ad:a9:64:
         bf:fd:a5:22:90:11:c3:24:d2:b3:b6:bd:12:8e:24:65:7b:17:
         c0:57:4a:f8:ac:96:d1:8f:73:9d:76:15:e8:bd:62:f8:f4:73:
         1c:e4:bc:e1:74:9f:a2:92:eb:3f:1e:b4:31:c4:56:be:93:69:
         39:51:e6:69:15:00:40:d8:00:4b:bc:86:25:1a:cf:9a:80:1d:
         3c:57:13:d5:e9:1f:aa:6c:ad:2e:f8:61:93:09:16:31:a0:a1:
         ff:83:aa:ef:5e:44:37:72:33:7d:9f:75:2f:67:c2:11:55:ef:
         04:50:11:a1:75:79:18:dc:e8:d0:f1:af:eb:05:d1:75:e6:48:
         09:14:fb:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIiplX/J6yVE9d+6agaRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzAxZjMyM2QxZDI1ODlmOWE5YjQ2MmZlNzBmMzZiMDlm
YWM2MzIwHhcNMjQxMTI3MDEwMDIxWhcNMjQxMTI4MDEwMDIxWjAzMTEwLwYDVQQD
EygzOTgwMzdkZTYxNjJlYjQ5Y2Q0ODgzZjFhMWRkNjM2YWVlM2ZjOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy80ar86OCAc0paRq4XRxFuzi7gkg
c2+fRVnWxWzt9hEgFACF6HsWOAZ/RDyxTUfK2Hh++1X8ddcz4TskI7lshws0428e
ZiIUMfz/4ErKIAy4WzEOovCVi5Mzk8RLPQJ5MKntT+kv5Mkdk4DJsZ5j/kNsMCCj
+tK3+DS2Jk/ZJexNkDr4Q8ZwOzZ+h+kzVDTdr/NzJvUTtcno0DFhJcC7DztvY5Rw
f+dDpqT5/ohAIAUJrTaqR9T2tl6omFJkw5lAQFZpuN0EMtq/7zlPqxYERInK1J0B
qY05p/AHyC6PauvJbMxnKlisRl4z2Nm7P1U9FIGWi7lGo2Y0+uUUAGYYeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmAN95hYutJzUiD8aHdY2ruP8lpMB8GA1UdIwQY
MBaAFNLAHzI9HSWJ+am0Yv5w82sJ+sYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDIt
NjViZDQyMjRjZGI5LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS80Yzg0Y2QtMGJmMS00M2EzLWI0NDItNjViZDQyMjRjZGI5
LzEvMHNBZk1qMGRKWW41cWJSaV9uRHphd242eGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmmrCN7qj
s7GyquHNNdtyvywPqKBsYOJFVC0qCKO8PwMUATH574P2hRLDWS4JDq7J5ljfMZwY
N40PVxIqUAipslDR2O8IufeYur7/Xd7cMX6eSezaRrmU3ZLn4eUlHSilrZcYGB55
0DdWk7N/UiL8OtM9KfLJVebJK7sbralkv/2lIpARwyTSs7a9Eo4kZXsXwFdK+KyW
0Y9znXYV6L1i+PRzHOS84XSfopLrPx60McRWvpNpOVHmaRUAQNgAS7yGJRrPmoAd
PFcT1ekfqmytLvhhkwkWMaCh/4Oq715EN3IzfZ91L2fCEVXvBFARoXV5GNzo0PGv
6wXRdeZICRT7Ng==
-----END CERTIFICATE-----