Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
File:                     Sqk04w2mkOdRcTO30hJjJlWnS4c.mft (raw, json)
Hash identifier:          TIiP1MmYtnwDRjAYelTvST0DflNXv+1WgCY93yiGcbM=
Subject key identifier:   B2:C0:67:1A:42:01:CB:80:B4:88:FF:7D:AA:88:60:CF:AC:CC:B9:EC
Authority key identifier: 4A:A9:34:E3:0D:A6:90:E7:51:71:33:B7:D2:12:63:26:55:A7:4B:87
Certificate issuer:       /CN=4aa934e30da690e7517133b7d212632655a74b87
Certificate serial:       0193568AA7718874FAEA6419B40CB638248E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
Manifest number:          0C6D
Signing time:             Sat 23 Nov 2024 01:02:27 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:27 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:27 +0000
Files and hashes:         1: Sqk04w2mkOdRcTO30hJjJlWnS4c.crl (hash: W+7/tAd4kSXDQP4Uzynpld15CRBKRa/1OZ9PEQb2+kA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:a7:71:88:74:fa:ea:64:19:b4:0c:b6:38:24:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4aa934e30da690e7517133b7d212632655a74b87
        Validity
            Not Before: Nov 23 01:02:27 2024 GMT
            Not After : Nov 24 01:02:27 2024 GMT
        Subject: CN=b2c0671a4201cb80b488ff7daa8860cfacccb9ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fb:94:6e:22:88:7b:1d:e9:0b:ab:c7:d2:c5:4a:
                    f1:11:77:39:56:dd:df:a4:e5:38:06:3f:6e:78:34:
                    bd:68:f7:09:41:18:4a:6e:15:42:dc:e8:e1:93:76:
                    69:7f:6e:20:c4:2f:d9:d2:23:9a:be:fa:17:e6:01:
                    0f:7c:98:4d:37:b7:04:b9:07:94:e1:71:71:31:02:
                    6c:8c:75:35:3e:b3:70:c2:a2:4a:50:9e:69:6c:c4:
                    95:20:0e:0a:0c:ec:09:4d:03:e4:c9:f5:57:4c:89:
                    b2:4b:f0:89:b9:ab:40:2f:a7:c4:e6:78:c2:5b:4a:
                    bc:c3:96:9f:79:96:36:ff:5e:cd:71:dd:e6:95:fa:
                    1c:ba:ba:48:87:c1:a4:e9:4c:18:06:7a:b0:29:e4:
                    8a:91:db:ff:8c:de:82:04:c8:21:f5:b1:f7:1b:0d:
                    4f:4e:d7:53:e9:37:f0:37:f0:0f:07:02:a2:ba:25:
                    5e:5e:7e:44:c3:3e:89:e3:99:bf:d9:bb:59:43:6f:
                    59:f2:26:81:48:10:34:3e:08:85:e7:4f:53:89:a6:
                    33:87:48:37:70:4b:81:4f:39:60:0c:60:d9:9f:cf:
                    0a:56:9d:64:4a:36:a7:b4:14:f8:a6:b2:20:59:25:
                    3f:42:0e:f3:47:b8:5c:80:68:76:49:6e:93:8e:32:
                    c5:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:C0:67:1A:42:01:CB:80:B4:88:FF:7D:AA:88:60:CF:AC:CC:B9:EC
            X509v3 Authority Key Identifier:
                keyid:4A:A9:34:E3:0D:A6:90:E7:51:71:33:B7:D2:12:63:26:55:A7:4B:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sqk04w2mkOdRcTO30hJjJlWnS4c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea47f3-1172-4001-87c8-b99cdf975eb6/1/Sqk04w2mkOdRcTO30hJjJlWnS4c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:3c:87:a2:c8:24:35:b7:05:56:98:15:37:a1:12:f8:0b:c7:
         a6:57:08:ee:73:6e:95:4e:2d:b9:79:28:4a:97:9e:f2:34:4c:
         85:78:d8:dc:a0:d8:79:d8:7a:d9:9c:d1:01:6a:2a:b9:e1:bd:
         3b:8e:23:2f:d2:7e:66:49:a9:8a:04:2d:9c:99:c4:c1:4f:2b:
         4c:64:ce:2a:3f:15:ea:30:be:1c:b4:a9:81:7d:99:20:11:27:
         06:3b:24:25:f7:56:37:26:be:99:fc:a4:e4:df:5e:87:d3:5d:
         a4:5f:07:ba:c1:80:dd:fa:e1:34:dd:46:d2:09:e2:16:42:3c:
         6c:72:b4:97:f8:30:8e:bb:0b:24:c3:b8:1f:28:89:2b:17:df:
         cd:80:0e:60:91:63:cc:1f:1f:32:93:c4:4e:e1:d9:c5:0b:29:
         c0:ae:87:95:bb:0b:7d:32:fa:0a:ae:64:7d:27:32:8b:bb:37:
         20:c3:94:0a:57:ed:ed:e8:ab:cc:2b:90:0b:1c:81:22:34:93:
         fa:34:77:18:a5:1d:b6:ee:87:e0:e9:0b:8a:41:76:24:f3:10:
         6b:66:ef:a6:a6:de:3a:45:35:64:ce:47:a1:04:94:52:da:53:
         33:e3:8f:c8:4f:42:2d:53:c7:7f:bf:4c:be:a2:0f:58:8b:18:
         38:1c:30:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiqdxiHT66mQZtAy2OCSOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYTkzNGUzMGRhNjkwZTc1MTcxMzNiN2QyMTI2MzI2NTVh
NzRiODcwHhcNMjQxMTIzMDEwMjI3WhcNMjQxMTI0MDEwMjI3WjAzMTEwLwYDVQQD
EyhiMmMwNjcxYTQyMDFjYjgwYjQ4OGZmN2RhYTg4NjBjZmFjY2NiOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+5RuIoh7HekLq8fSxUrxEXc5Vt3f
pOU4Bj9ueDS9aPcJQRhKbhVC3Ojhk3Zpf24gxC/Z0iOavvoX5gEPfJhNN7cEuQeU
4XFxMQJsjHU1PrNwwqJKUJ5pbMSVIA4KDOwJTQPkyfVXTImyS/CJuatAL6fE5njC
W0q8w5afeZY2/17Ncd3mlfocurpIh8Gk6UwYBnqwKeSKkdv/jN6CBMgh9bH3Gw1P
TtdT6TfwN/APBwKiuiVeXn5Ewz6J45m/2btZQ29Z8iaBSBA0PgiF509TiaYzh0g3
cEuBTzlgDGDZn88KVp1kSjantBT4prIgWSU/Qg7zR7hcgGh2SW6TjjLF8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLLAZxpCAcuAtIj/faqIYM+szLnsMB8GA1UdIwQY
MBaAFEqpNOMNppDnUXEzt9ISYyZVp0uHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYTQ3ZjMtMTE3Mi00MDAxLTg3Yzgt
Yjk5Y2RmOTc1ZWI2LzEvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYTQ3ZjMtMTE3Mi00MDAxLTg3YzgtYjk5Y2RmOTc1ZWI2
LzEvU3FrMDR3Mm1rT2RSY1RPMzBoSmpKbFduUzRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdjyHosgk
NbcFVpgVN6ES+AvHplcI7nNulU4tuXkoSpee8jRMhXjY3KDYedh62ZzRAWoqueG9
O44jL9J+ZkmpigQtnJnEwU8rTGTOKj8V6jC+HLSpgX2ZIBEnBjskJfdWNya+mfyk
5N9eh9NdpF8HusGA3frhNN1G0gniFkI8bHK0l/gwjrsLJMO4HyiJKxffzYAOYJFj
zB8fMpPETuHZxQspwK6HlbsLfTL6Cq5kfScyi7s3IMOUClft7eirzCuQCxyBIjST
+jR3GKUdtu6H4OkLikF2JPMQa2bvpqbeOkU1ZM5HoQSUUtpTM+OPyE9CLVPHf79M
vqIPWIsYOBwwIA==
-----END CERTIFICATE-----