Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.mft
File:                     IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.mft (raw, json)
Hash identifier:          Ivmek+rRHUGrbY9ZRtLPXxywrIku6FJkyRBTwFwUXmc=
Subject key identifier:   DB:1A:0D:99:1C:7E:B2:7E:B8:94:02:A1:09:F3:1D:36:F0:22:C1:52
Authority key identifier: 21:8A:F2:6F:9A:36:65:3F:4D:99:67:19:D4:A4:10:FE:84:AF:48:61
Certificate issuer:       /CN=218af26f9a36653f4d996719d4a410fe84af4861
Certificate serial:       019369DA49541C80535BF901618FB95B7D9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.mft
Manifest number:          023F
Signing time:             Tue 26 Nov 2024 19:02:13 +0000
Manifest this update:     Tue 26 Nov 2024 19:02:13 +0000
Manifest next update:     Wed 27 Nov 2024 19:02:13 +0000
Files and hashes:         1: IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.crl (hash: eoIb6/U1JQvIfumD+FfT6LzvXgBYALbZLQhnMCiG/ck=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:da:49:54:1c:80:53:5b:f9:01:61:8f:b9:5b:7d:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218af26f9a36653f4d996719d4a410fe84af4861
        Validity
            Not Before: Nov 26 19:02:13 2024 GMT
            Not After : Nov 27 19:02:13 2024 GMT
        Subject: CN=db1a0d991c7eb27eb89402a109f31d36f022c152
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:48:da:f1:48:0b:78:70:64:a0:ef:48:5b:a6:
                    e0:f0:94:d1:05:12:35:ee:eb:3f:d2:9f:81:ff:f0:
                    2b:24:4c:ce:81:75:da:2f:43:36:aa:f5:08:df:ab:
                    b6:69:bb:46:55:23:d0:86:a9:96:b3:3a:16:72:e4:
                    ab:c1:36:d2:a1:56:de:f8:4e:7b:03:45:5d:9e:bd:
                    ab:06:3e:43:77:f1:8b:27:18:80:f5:7b:7d:35:d1:
                    7d:36:38:63:43:90:ea:83:07:03:81:9e:e3:72:90:
                    36:16:cd:35:00:0f:a8:a3:c1:51:ef:be:b4:cd:07:
                    3b:ff:4b:1f:39:0e:49:c7:d0:6e:e2:30:ce:aa:0d:
                    8d:4a:0f:73:7a:09:21:23:6e:41:90:d3:0a:39:86:
                    bf:4c:f8:95:ff:ae:47:d5:82:e9:38:3e:47:e4:5f:
                    c8:a7:bd:2d:21:18:47:16:dd:19:cf:e6:3b:42:94:
                    67:45:ee:6a:71:aa:bc:38:e9:12:4f:12:08:ab:b8:
                    47:07:05:fa:7a:f7:83:bb:f7:d4:3b:48:e5:e1:45:
                    10:1a:d6:04:8e:0f:e2:6e:22:3e:02:0b:33:12:6b:
                    dd:76:e0:d5:6e:cb:ba:fd:f6:b9:0e:aa:71:4b:b6:
                    6b:d1:b4:67:df:39:25:93:83:15:2f:24:d0:a9:86:
                    5d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:1A:0D:99:1C:7E:B2:7E:B8:94:02:A1:09:F3:1D:36:F0:22:C1:52
            X509v3 Authority Key Identifier:
                keyid:21:8A:F2:6F:9A:36:65:3F:4D:99:67:19:D4:A4:10:FE:84:AF:48:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/3e41d5-c7f1-4637-b930-184586602887/1/IYryb5o2ZT9NmWcZ1KQQ_oSvSGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:fa:0b:3c:76:e3:37:15:5e:04:96:0f:c3:6d:6b:58:cc:b7:
         8f:74:d9:e6:75:1c:c7:b8:40:04:21:84:0e:f9:ee:47:00:ea:
         0e:6e:20:f7:ac:98:c9:31:9f:59:53:f1:b9:c6:c0:5e:b6:d3:
         5e:80:8d:c5:e2:0d:9a:77:13:5e:ec:ce:4e:aa:03:71:42:31:
         6c:35:73:bc:e9:83:81:c8:2a:2b:3c:2b:22:4a:7d:44:e2:ee:
         6c:36:9e:50:44:19:07:96:65:89:00:a8:3a:3d:ef:36:e9:8f:
         05:89:71:67:40:23:c8:af:a4:11:0e:a4:ff:c1:ca:1a:6b:cb:
         3f:29:eb:52:05:e0:37:31:f3:3e:ec:dc:96:2d:d0:6e:8b:de:
         6d:cb:ad:2a:fa:c7:19:b2:84:80:cf:62:0d:af:e6:b3:4e:34:
         42:04:c4:45:00:70:9b:a1:c7:2f:56:70:df:5b:52:76:c3:00:
         f5:8e:26:be:44:aa:60:35:9a:19:ff:de:ac:b7:d5:c7:41:ce:
         b1:37:19:7e:4b:1d:25:78:46:b9:ec:d9:26:b1:1d:89:a7:6a:
         2b:10:97:41:94:b1:3e:be:ea:74:27:31:bf:95:d0:09:c5:bf:
         d2:fe:b1:66:e7:00:4e:98:f6:11:c2:fb:de:ed:52:bf:cf:a2:
         2d:a9:00:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2klUHIBTW/kBYY+5W32fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOGFmMjZmOWEzNjY1M2Y0ZDk5NjcxOWQ0YTQxMGZlODRh
ZjQ4NjEwHhcNMjQxMTI2MTkwMjEzWhcNMjQxMTI3MTkwMjEzWjAzMTEwLwYDVQQD
EyhkYjFhMGQ5OTFjN2ViMjdlYjg5NDAyYTEwOWYzMWQzNmYwMjJjMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskja8UgLeHBkoO9IW6bg8JTRBRI1
7us/0p+B//ArJEzOgXXaL0M2qvUI36u2abtGVSPQhqmWszoWcuSrwTbSoVbe+E57
A0Vdnr2rBj5Dd/GLJxiA9Xt9NdF9NjhjQ5DqgwcDgZ7jcpA2Fs01AA+oo8FR7760
zQc7/0sfOQ5Jx9Bu4jDOqg2NSg9zegkhI25BkNMKOYa/TPiV/65H1YLpOD5H5F/I
p70tIRhHFt0Zz+Y7QpRnRe5qcaq8OOkSTxIIq7hHBwX6eveDu/fUO0jl4UUQGtYE
jg/ibiI+AgszEmvdduDVbsu6/fa5DqpxS7Zr0bRn3zklk4MVLyTQqYZd8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsaDZkcfrJ+uJQCoQnzHTbwIsFSMB8GA1UdIwQY
MBaAFCGK8m+aNmU/TZlnGdSkEP6Er0hhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVlyeWI1bzJaVDlObVdjWjFLUVFfb1N2U0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zZTQxZDUtYzdmMS00NjM3LWI5MzAt
MTg0NTg2NjAyODg3LzEvSVlyeWI1bzJaVDlObVdjWjFLUVFfb1N2U0dFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8zZTQxZDUtYzdmMS00NjM3LWI5MzAtMTg0NTg2NjAyODg3
LzEvSVlyeWI1bzJaVDlObVdjWjFLUVFfb1N2U0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcfoLPHbj
NxVeBJYPw21rWMy3j3TZ5nUcx7hABCGEDvnuRwDqDm4g96yYyTGfWVPxucbAXrbT
XoCNxeINmncTXuzOTqoDcUIxbDVzvOmDgcgqKzwrIkp9ROLubDaeUEQZB5ZliQCo
Oj3vNumPBYlxZ0AjyK+kEQ6k/8HKGmvLPynrUgXgNzHzPuzcli3QbovebcutKvrH
GbKEgM9iDa/ms040QgTERQBwm6HHL1Zw31tSdsMA9Y4mvkSqYDWaGf/erLfVx0HO
sTcZfksdJXhGuezZJrEdiadqKxCXQZSxPr7qdCcxv5XQCcW/0v6xZucATpj2EcL7
3u1Sv8+iLakAqw==
-----END CERTIFICATE-----