Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.mft
File:                     2DZCm5upPLpYJ3661wmzfnYDzdk.mft (raw, json)
Hash identifier:          0SxKnYxk1sAc040u7PavxxSyK4uY1mo24jQQxucioO4=
Subject key identifier:   C7:2C:C6:C3:BB:3C:60:D1:AC:4D:F1:B8:2C:9F:C4:A4:9D:F4:99:1F
Authority key identifier: D8:36:42:9B:9B:A9:3C:BA:58:27:7E:BA:D7:09:B3:7E:76:03:CD:D9
Certificate issuer:       /CN=d836429b9ba93cba58277ebad709b37e7603cdd9
Certificate serial:       019356889EAC2316870E7058CF97B208B406
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DZCm5upPLpYJ3661wmzfnYDzdk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.mft
Manifest number:          0C6C
Signing time:             Sat 23 Nov 2024 01:00:14 +0000
Manifest this update:     Sat 23 Nov 2024 01:00:14 +0000
Manifest next update:     Sun 24 Nov 2024 01:00:14 +0000
Files and hashes:         1: 2DZCm5upPLpYJ3661wmzfnYDzdk.crl (hash: 7YG7RXbpVjNz3/4Dc3slUZCHc8FsIgPj6GArhPu8Dt8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2DZCm5upPLpYJ3661wmzfnYDzdk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:88:9e:ac:23:16:87:0e:70:58:cf:97:b2:08:b4:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d836429b9ba93cba58277ebad709b37e7603cdd9
        Validity
            Not Before: Nov 23 01:00:14 2024 GMT
            Not After : Nov 24 01:00:14 2024 GMT
        Subject: CN=c72cc6c3bb3c60d1ac4df1b82c9fc4a49df4991f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f1:73:17:d5:7a:c2:ea:b2:53:77:9d:be:9e:
                    1f:70:9f:91:c3:0a:bc:d8:d4:26:ad:3c:0d:ea:18:
                    9c:61:cd:55:d2:ac:a5:c1:1b:c3:43:4e:df:74:ff:
                    76:37:4e:51:df:94:f7:ec:57:22:96:f5:2e:b7:f0:
                    e4:1b:9b:0b:66:c4:78:93:f5:38:29:8f:b5:0e:28:
                    4c:c0:21:7a:fc:b7:e3:ab:0c:34:1b:2a:11:5d:fe:
                    87:80:9f:b3:82:99:73:88:6a:ce:74:6e:88:f6:01:
                    e6:75:bb:2a:9b:b3:df:6c:29:5f:3c:3b:75:c4:a1:
                    fd:01:81:78:88:17:94:28:39:06:99:16:01:92:de:
                    b5:a7:0b:bd:87:0a:9f:88:5a:73:ef:c6:b7:c0:f0:
                    ba:57:6e:0a:be:50:10:91:1a:9c:5e:df:8f:7d:31:
                    11:c3:f7:d6:25:a9:05:b4:b2:ab:0f:85:c9:f4:26:
                    53:56:dd:74:c7:8d:42:3b:e9:66:1a:c3:3e:44:54:
                    90:8d:ae:25:40:20:8f:b7:32:f6:9a:c6:18:a3:cc:
                    e2:18:e1:14:3f:32:3a:dc:15:e9:e6:44:2c:51:be:
                    cd:be:b8:79:2f:41:4f:77:7a:7f:d5:77:24:05:4b:
                    9a:eb:a6:a1:4e:4d:37:f2:6d:e6:d8:6b:83:9f:78:
                    c0:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:2C:C6:C3:BB:3C:60:D1:AC:4D:F1:B8:2C:9F:C4:A4:9D:F4:99:1F
            X509v3 Authority Key Identifier:
                keyid:D8:36:42:9B:9B:A9:3C:BA:58:27:7E:BA:D7:09:B3:7E:76:03:CD:D9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DZCm5upPLpYJ3661wmzfnYDzdk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb5ddb-db3d-4b57-9a6f-b53589a5f9aa/1/2DZCm5upPLpYJ3661wmzfnYDzdk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:e7:b3:64:7b:7f:26:fb:f9:19:09:71:25:34:32:41:64:8d:
         69:aa:1b:74:6d:db:27:fc:68:95:6b:79:63:e2:2b:74:e3:52:
         3a:f6:53:cb:c9:d5:90:2f:36:64:ea:e7:d2:a9:d8:04:92:17:
         44:0f:c4:16:f6:2f:d9:cd:2d:fa:2f:06:24:cc:61:a4:e0:3c:
         40:42:c4:06:27:6b:6c:30:07:ab:d6:7b:6b:a5:7a:42:77:63:
         af:76:bc:7c:d5:b2:57:9d:c5:e3:af:a3:58:91:59:8b:8b:25:
         fd:43:5f:89:2c:eb:ec:c3:29:7f:88:af:83:da:d7:64:ca:eb:
         7a:d8:4a:9f:d1:0b:df:89:8f:1b:b6:39:f8:c5:12:13:0b:de:
         ce:f8:42:58:66:d8:da:db:3e:0a:fa:e2:8e:ad:25:74:a7:78:
         6c:3f:ff:19:fe:1e:1b:75:43:6a:1c:5b:6f:2c:a3:b0:2a:99:
         04:49:53:bb:cc:64:95:95:71:e5:d2:0a:29:d3:98:48:dc:e2:
         3a:a8:65:72:3d:f7:c7:ee:22:8a:46:ad:f4:58:2e:85:c4:18:
         86:20:c2:ee:b7:ee:f3:14:eb:35:96:66:7a:e7:39:d4:da:64:
         31:b8:d4:5a:f9:f8:5c:d7:0b:a3:7b:5d:80:b6:19:58:fc:89:
         97:e3:32:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiJ6sIxaHDnBYz5eyCLQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzY0MjliOWJhOTNjYmE1ODI3N2ViYWQ3MDliMzdlNzYw
M2NkZDkwHhcNMjQxMTIzMDEwMDE0WhcNMjQxMTI0MDEwMDE0WjAzMTEwLwYDVQQD
EyhjNzJjYzZjM2JiM2M2MGQxYWM0ZGYxYjgyYzlmYzRhNDlkZjQ5OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufFzF9V6wuqyU3edvp4fcJ+Rwwq8
2NQmrTwN6hicYc1V0qylwRvDQ07fdP92N05R35T37FcilvUut/DkG5sLZsR4k/U4
KY+1DihMwCF6/Lfjqww0GyoRXf6HgJ+zgplziGrOdG6I9gHmdbsqm7PfbClfPDt1
xKH9AYF4iBeUKDkGmRYBkt61pwu9hwqfiFpz78a3wPC6V24KvlAQkRqcXt+PfTER
w/fWJakFtLKrD4XJ9CZTVt10x41CO+lmGsM+RFSQja4lQCCPtzL2msYYo8ziGOEU
PzI63BXp5kQsUb7Nvrh5L0FPd3p/1XckBUua66ahTk038m3m2GuDn3jAZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMcsxsO7PGDRrE3xuCyfxKSd9JkfMB8GA1UdIwQY
MBaAFNg2QpubqTy6WCd+utcJs352A83ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRaQ201dXBQTHBZSjM2NjF3bXpmbllEemRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mYjVkZGItZGIzZC00YjU3LTlhNmYt
YjUzNTg5YTVmOWFhLzEvMkRaQ201dXBQTHBZSjM2NjF3bXpmbllEemRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mYjVkZGItZGIzZC00YjU3LTlhNmYtYjUzNTg5YTVmOWFh
LzEvMkRaQ201dXBQTHBZSjM2NjF3bXpmbllEemRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQuezZHt/
Jvv5GQlxJTQyQWSNaaobdG3bJ/xolWt5Y+IrdONSOvZTy8nVkC82ZOrn0qnYBJIX
RA/EFvYv2c0t+i8GJMxhpOA8QELEBidrbDAHq9Z7a6V6Qndjr3a8fNWyV53F46+j
WJFZi4sl/UNfiSzr7MMpf4ivg9rXZMrrethKn9EL34mPG7Y5+MUSEwvezvhCWGbY
2ts+Cvrijq0ldKd4bD//Gf4eG3VDahxbbyyjsCqZBElTu8xklZVx5dIKKdOYSNzi
Oqhlcj33x+4iikat9FguhcQYhiDC7rfu8xTrNZZmeuc51NpkMbjUWvn4XNcLo3td
gLYZWPyJl+My/w==
-----END CERTIFICATE-----