Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
File:                     cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft (raw, json)
Hash identifier:          XaZgtmzLEwI5WuHjifsdW7udZvJiHVimCw4I4MaUzRI=
Subject key identifier:   F1:E1:52:E7:D5:2B:C6:F7:CC:F5:BB:BC:84:79:E1:8C:84:45:36:D2
Authority key identifier: 70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE
Certificate issuer:       /CN=709a8efafa785401012c4590da63440a3456d0ce
Certificate serial:       01935809361B20BE965E7696B5665041BA2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
Manifest number:          012A
Signing time:             Sat 23 Nov 2024 08:00:18 +0000
Manifest this update:     Sat 23 Nov 2024 08:00:18 +0000
Manifest next update:     Sun 24 Nov 2024 08:00:18 +0000
Files and hashes:         1: cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl (hash: 1IBKTIJplI13qP6cLXIOsZxHghDsWRIGOO9wln/zeWE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:09:36:1b:20:be:96:5e:76:96:b5:66:50:41:ba:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=709a8efafa785401012c4590da63440a3456d0ce
        Validity
            Not Before: Nov 23 08:00:18 2024 GMT
            Not After : Nov 24 08:00:18 2024 GMT
        Subject: CN=f1e152e7d52bc6f7ccf5bbbc8479e18c844536d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:92:f8:ff:51:88:a8:69:bb:a2:19:cf:5b:1f:
                    5b:1f:52:ce:11:3c:82:14:bb:6e:a6:7b:02:8e:5a:
                    c4:8c:f9:e5:1b:d9:92:4c:a3:18:5a:32:a1:8d:20:
                    53:d9:4e:26:5d:14:e8:69:8b:e3:26:b9:13:fd:81:
                    d1:31:a0:b6:e2:96:6a:64:83:29:3d:c2:8f:ff:65:
                    0a:63:7a:fa:80:73:9a:e9:05:b7:3d:d3:13:fc:2c:
                    a0:5e:ae:8e:a4:33:48:6b:71:a5:5e:69:16:9b:7e:
                    a0:41:4f:9c:b7:da:61:62:6a:67:3c:b2:e1:22:df:
                    cb:4a:15:43:55:55:ce:04:8a:10:14:54:1c:61:e9:
                    57:e2:43:e3:43:dc:70:83:3f:b3:9b:09:8f:58:cf:
                    d0:9c:c3:ee:f2:00:16:81:4e:91:6f:65:e1:7a:0a:
                    91:67:94:17:3a:d2:f7:36:04:20:ad:df:15:3f:d3:
                    5d:97:34:d6:50:f5:3a:b6:82:b6:51:c2:e5:2c:ac:
                    80:34:ce:af:0a:fa:0a:4b:40:e6:d3:90:3f:10:d7:
                    fa:a1:a4:2b:9c:97:ca:d5:25:b3:4c:2c:89:22:97:
                    7c:25:0c:e2:ad:df:b3:9c:7d:b6:ec:45:5d:27:75:
                    30:cd:b7:e1:fc:6f:14:09:0d:8a:94:76:25:33:6c:
                    1d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:E1:52:E7:D5:2B:C6:F7:CC:F5:BB:BC:84:79:E1:8C:84:45:36:D2
            X509v3 Authority Key Identifier:
                keyid:70:9A:8E:FA:FA:78:54:01:01:2C:45:90:DA:63:44:0A:34:56:D0:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJqO-vp4VAEBLEWQ2mNECjRW0M4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/fb5a4f-198b-4711-9a73-c02945b483ee/1/cJqO-vp4VAEBLEWQ2mNECjRW0M4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cc:7a:35:6a:b8:67:b9:45:28:7a:4c:6f:ab:c7:d4:1a:4c:26:
         58:9d:33:37:46:63:82:05:18:1f:82:ea:c4:b1:f0:9e:b9:99:
         3f:48:d1:c5:07:da:94:36:e4:2a:c5:56:97:ed:46:0b:08:3a:
         3a:c3:e2:c6:19:4a:65:64:51:eb:65:5d:3d:60:60:71:d2:22:
         89:c4:70:38:fd:33:a8:43:8a:10:f3:f2:03:32:1f:24:e3:8c:
         f8:60:66:97:a6:32:e8:0c:da:96:6c:69:e6:87:57:61:1f:da:
         b9:03:78:0c:a3:07:f9:df:91:25:c1:e6:26:58:2c:db:92:6c:
         65:9e:75:3d:ac:60:60:15:98:1e:8e:10:6f:8d:e7:d2:58:43:
         db:de:85:a5:8f:7e:e5:d3:f2:69:97:67:49:c6:07:10:2f:62:
         d7:25:e8:10:40:19:d0:2a:76:c3:84:83:f4:58:3d:f5:bd:86:
         30:b3:5c:b7:c0:ca:32:2a:bb:3f:07:03:bc:ed:78:83:ea:16:
         9f:19:18:7a:6e:b9:50:2c:f5:04:e3:a9:5d:fc:73:7c:5f:5a:
         96:7f:db:4a:ff:f1:27:2e:cc:a2:2f:9e:d2:df:8e:57:f8:aa:
         11:5c:a7:73:cb:01:70:dd:0c:cc:99:6c:35:bf:ac:74:54:9b:
         c1:c4:b9:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYCTYbIL6WXnaWtWZQQbosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWE4ZWZhZmE3ODU0MDEwMTJjNDU5MGRhNjM0NDBhMzQ1
NmQwY2UwHhcNMjQxMTIzMDgwMDE4WhcNMjQxMTI0MDgwMDE4WjAzMTEwLwYDVQQD
EyhmMWUxNTJlN2Q1MmJjNmY3Y2NmNWJiYmM4NDc5ZTE4Yzg0NDUzNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJL4/1GIqGm7ohnPWx9bH1LOETyC
FLtupnsCjlrEjPnlG9mSTKMYWjKhjSBT2U4mXRToaYvjJrkT/YHRMaC24pZqZIMp
PcKP/2UKY3r6gHOa6QW3PdMT/CygXq6OpDNIa3GlXmkWm36gQU+ct9phYmpnPLLh
It/LShVDVVXOBIoQFFQcYelX4kPjQ9xwgz+zmwmPWM/QnMPu8gAWgU6Rb2XhegqR
Z5QXOtL3NgQgrd8VP9NdlzTWUPU6toK2UcLlLKyANM6vCvoKS0Dm05A/ENf6oaQr
nJfK1SWzTCyJIpd8JQzird+znH227EVdJ3Uwzbfh/G8UCQ2KlHYlM2wdpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPHhUufVK8b3zPW7vIR54YyERTbSMB8GA1UdIwQY
MBaAFHCajvr6eFQBASxFkNpjRAo0VtDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMt
YzAyOTQ1YjQ4M2VlLzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mYjVhNGYtMTk4Yi00NzExLTlhNzMtYzAyOTQ1YjQ4M2Vl
LzEvY0pxTy12cDRWQUVCTEVXUTJtTkVDalJXME00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzHo1arhn
uUUoekxvq8fUGkwmWJ0zN0ZjggUYH4LqxLHwnrmZP0jRxQfalDbkKsVWl+1GCwg6
OsPixhlKZWRR62VdPWBgcdIiicRwOP0zqEOKEPPyAzIfJOOM+GBml6Yy6Azalmxp
5odXYR/auQN4DKMH+d+RJcHmJlgs25JsZZ51PaxgYBWYHo4Qb43n0lhD296FpY9+
5dPyaZdnScYHEC9i1yXoEEAZ0Cp2w4SD9Fg99b2GMLNct8DKMiq7PwcDvO14g+oW
nxkYem65UCz1BOOpXfxzfF9aln/bSv/xJy7Moi+e0t+OV/iqEVync8sBcN0MzJls
Nb+sdFSbwcS51Q==
-----END CERTIFICATE-----