Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
File:                     435CoUa5C6fNMxrWoT7vHaL7pEA.mft (raw, json)
Hash identifier:          P/K7cDuNspwYXfouCGdYxBqbuvuX0+aKXatt8DmQVXA=
Subject key identifier:   AC:48:05:54:B2:D3:F0:AC:DB:DD:07:2A:19:FB:AF:A5:30:50:29:4C
Authority key identifier: E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40
Certificate issuer:       /CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
Certificate serial:       01936A7D8BD8468B165F1BD71C51ED65397E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
Manifest number:          0588
Signing time:             Tue 26 Nov 2024 22:00:32 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:32 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:32 +0000
Files and hashes:         1: 435CoUa5C6fNMxrWoT7vHaL7pEA.crl (hash: zrJWQhTdPW1k/xaEjIONEHvsVF2LJfsCHEHDqxQHsmk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:8b:d8:46:8b:16:5f:1b:d7:1c:51:ed:65:39:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e37e42a146b90ba7cd331ad6a13eef1da2fba440
        Validity
            Not Before: Nov 26 22:00:32 2024 GMT
            Not After : Nov 27 22:00:32 2024 GMT
        Subject: CN=ac480554b2d3f0acdbdd072a19fbafa53050294c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:64:77:f4:f3:db:00:3c:19:c3:29:30:14:49:
                    d2:f4:76:f5:47:05:eb:6e:1f:45:58:be:0a:1f:5e:
                    29:52:f6:ed:41:da:9c:13:51:5b:06:e0:07:b4:ce:
                    70:fe:a4:9b:80:6a:6d:6a:38:9a:0c:50:e1:66:90:
                    7e:9e:3f:df:b8:ec:7a:ae:9f:a9:ab:0f:ec:ae:6d:
                    a3:a9:56:bd:53:31:c3:62:1d:4d:fd:7d:f2:a5:bd:
                    0f:b0:00:cc:4b:ad:3f:d7:89:af:f3:ee:78:dc:32:
                    d7:09:96:69:01:b1:1f:83:8d:f9:b8:5d:e7:71:43:
                    d1:f8:06:5c:70:e8:4d:c9:20:71:d0:87:55:b3:35:
                    6f:93:c5:2e:f2:43:98:dd:71:7e:f1:b1:f0:21:f6:
                    ab:54:20:54:b2:2e:d2:69:cf:68:15:f4:72:18:b9:
                    ad:c1:93:1d:03:27:f2:13:b8:d1:8c:0b:72:f5:d2:
                    57:bb:e9:e0:05:34:19:b5:e1:73:ed:47:2e:52:52:
                    b1:53:ab:eb:5c:65:c8:fb:40:2c:c0:e6:4a:75:73:
                    3a:2d:63:34:0a:19:3e:e8:90:a2:7d:e4:70:18:8a:
                    99:95:c4:88:3c:28:61:b3:00:a4:1e:74:fb:cd:ce:
                    10:81:f7:2b:25:c8:05:c1:c9:bc:df:a1:70:d6:6d:
                    c2:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:48:05:54:B2:D3:F0:AC:DB:DD:07:2A:19:FB:AF:A5:30:50:29:4C
            X509v3 Authority Key Identifier:
                keyid:E3:7E:42:A1:46:B9:0B:A7:CD:33:1A:D6:A1:3E:EF:1D:A2:FB:A4:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/435CoUa5C6fNMxrWoT7vHaL7pEA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/3ece76-0575-46b1-94bf-06329f6e0475/1/435CoUa5C6fNMxrWoT7vHaL7pEA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:6f:fd:1a:08:06:35:f1:0c:3b:f9:31:b4:37:3c:84:8f:52:
         31:13:b2:9c:e7:78:e4:a6:af:0a:02:72:55:c9:0f:00:77:cd:
         54:36:28:13:8e:47:76:52:aa:80:5a:5c:c8:e1:ca:1c:b9:03:
         79:dc:52:6e:23:65:00:2f:47:9d:fd:d4:a6:b8:a0:d9:92:b6:
         5f:80:9c:40:13:11:07:13:05:ab:5a:c2:78:74:b4:64:42:c8:
         16:c0:9b:e9:08:fa:9b:80:6a:1c:56:02:83:7b:16:da:6a:a5:
         92:92:14:a2:21:19:f0:81:2d:be:3d:63:e8:12:73:a7:6e:34:
         e6:82:67:e7:11:e2:a8:29:95:c1:6e:fb:20:93:82:a7:0b:8e:
         84:f6:48:f3:3e:15:93:27:6c:5f:0e:b6:f5:d3:87:ca:65:c5:
         bc:88:44:68:5f:1a:07:b1:49:09:95:e0:a6:3b:49:1d:bf:fa:
         26:9b:da:39:70:cb:5c:8e:88:fc:b2:61:c7:6c:12:08:9c:68:
         65:e3:c2:5a:d9:82:93:57:30:d9:4a:f2:b6:75:c2:6e:a2:8d:
         c1:ba:c3:ab:c8:1d:af:3f:d6:99:c1:02:bb:80:96:e1:fb:4a:
         7a:fc:61:58:47:ee:c9:b1:81:77:f3:78:ae:09:70:7e:48:25:
         0b:71:13:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfYvYRosWXxvXHFHtZTl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2U0MmExNDZiOTBiYTdjZDMzMWFkNmExM2VlZjFkYTJm
YmE0NDAwHhcNMjQxMTI2MjIwMDMyWhcNMjQxMTI3MjIwMDMyWjAzMTEwLwYDVQQD
EyhhYzQ4MDU1NGIyZDNmMGFjZGJkZDA3MmExOWZiYWZhNTMwNTAyOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmR39PPbADwZwykwFEnS9Hb1RwXr
bh9FWL4KH14pUvbtQdqcE1FbBuAHtM5w/qSbgGptajiaDFDhZpB+nj/fuOx6rp+p
qw/srm2jqVa9UzHDYh1N/X3ypb0PsADMS60/14mv8+543DLXCZZpAbEfg435uF3n
cUPR+AZccOhNySBx0IdVszVvk8Uu8kOY3XF+8bHwIfarVCBUsi7Sac9oFfRyGLmt
wZMdAyfyE7jRjAty9dJXu+ngBTQZteFz7UcuUlKxU6vrXGXI+0AswOZKdXM6LWM0
Chk+6JCifeRwGIqZlcSIPChhswCkHnT7zc4QgfcrJcgFwcm836Fw1m3C0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKxIBVSy0/Cs290HKhn7r6UwUClMMB8GA1UdIwQY
MBaAFON+QqFGuQunzTMa1qE+7x2i+6RAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYt
MDYzMjlmNmUwNDc1LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8zZWNlNzYtMDU3NS00NmIxLTk0YmYtMDYzMjlmNmUwNDc1
LzEvNDM1Q29VYTVDNmZOTXhyV29UN3ZIYUw3cEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACW/9GggG
NfEMO/kxtDc8hI9SMROynOd45KavCgJyVckPAHfNVDYoE45HdlKqgFpcyOHKHLkD
edxSbiNlAC9Hnf3Uprig2ZK2X4CcQBMRBxMFq1rCeHS0ZELIFsCb6Qj6m4BqHFYC
g3sW2mqlkpIUoiEZ8IEtvj1j6BJzp2405oJn5xHiqCmVwW77IJOCpwuOhPZI8z4V
kydsXw629dOHymXFvIhEaF8aB7FJCZXgpjtJHb/6JpvaOXDLXI6I/LJhx2wSCJxo
ZePCWtmCk1cw2UrytnXCbqKNwbrDq8gdrz/WmcECu4CW4ftKevxhWEfuybGBd/N4
rglwfkglC3ETRQ==
-----END CERTIFICATE-----