Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
File:                     miIdT5cAcYIi7es06TinZjQ_JOE.mft (raw, json)
Hash identifier:          ZipUyC5m1mnWcWOHyAgV0xkYTlwpLQ8hZ90Zpqg4FGA=
Subject key identifier:   6C:4C:28:A8:FB:7B:4D:D6:86:89:84:BF:67:2D:36:15:FF:78:57:8A
Authority key identifier: 9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1
Certificate issuer:       /CN=9a221d4f9700718222edeb34e938a766343f24e1
Certificate serial:       0193568A7633B55B485BB53162E90A2F1F51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
Manifest number:          121B
Signing time:             Sat 23 Nov 2024 01:02:14 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:14 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:14 +0000
Files and hashes:         1: miIdT5cAcYIi7es06TinZjQ_JOE.crl (hash: W+SPf6N1F+tORF96BConqBc1oIIwgb23dw5L1hRptIc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:76:33:b5:5b:48:5b:b5:31:62:e9:0a:2f:1f:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a221d4f9700718222edeb34e938a766343f24e1
        Validity
            Not Before: Nov 23 01:02:14 2024 GMT
            Not After : Nov 24 01:02:14 2024 GMT
        Subject: CN=6c4c28a8fb7b4dd6868984bf672d3615ff78578a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:62:b0:89:ff:15:82:40:4b:9c:1c:85:6d:a9:
                    d3:e5:42:3c:0c:f2:12:1d:ef:fd:a4:85:33:c0:8c:
                    5f:16:9e:95:f8:d1:3b:4c:1c:6f:3f:af:c6:95:63:
                    4e:ca:15:12:3a:6e:21:54:6f:50:f2:df:ef:02:8e:
                    e7:5c:52:2a:d6:4b:3e:0b:26:b1:a3:82:2c:90:95:
                    dd:dd:25:2d:29:da:a4:c6:4e:55:ae:67:f9:6f:84:
                    3a:42:c0:02:33:72:32:fe:51:8f:34:c6:d0:38:20:
                    7f:e6:bf:ae:c0:1a:c7:50:36:d4:e9:cf:f7:2a:21:
                    bb:3d:88:8e:12:86:56:2e:72:2a:b3:9c:ba:69:c0:
                    84:b9:c2:6a:c5:a9:a1:f0:18:e7:ec:e9:25:a6:9c:
                    8a:da:8d:05:73:8c:e7:62:fd:bb:f0:d5:ac:6f:06:
                    78:68:4f:da:e3:53:52:ee:a7:ae:96:b2:2f:a2:03:
                    11:0f:0d:dd:60:b1:ba:40:42:12:cf:c9:fe:e6:46:
                    51:ec:ac:be:ac:a8:cc:fe:0f:65:c5:f7:2e:84:f2:
                    3b:ae:cf:96:08:63:2e:59:28:51:b9:e4:f6:95:94:
                    97:2a:fb:c3:7d:ad:79:3f:39:73:4e:80:33:d0:1c:
                    7b:83:eb:56:b1:7a:ad:f7:be:c3:a2:66:67:fe:a4:
                    76:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:4C:28:A8:FB:7B:4D:D6:86:89:84:BF:67:2D:36:15:FF:78:57:8A
            X509v3 Authority Key Identifier:
                keyid:9A:22:1D:4F:97:00:71:82:22:ED:EB:34:E9:38:A7:66:34:3F:24:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miIdT5cAcYIi7es06TinZjQ_JOE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/ac63b6-55c6-46df-8c11-7de7a7c5bf72/1/miIdT5cAcYIi7es06TinZjQ_JOE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:2a:fa:52:3a:92:c5:39:34:f1:49:00:67:f2:a8:45:46:28:
         cf:52:12:ca:a0:25:6c:de:94:72:b7:79:46:35:95:43:ac:f6:
         f6:20:9b:68:94:d7:68:a9:ff:38:b9:f5:9c:e8:10:ab:fe:84:
         71:00:8a:41:31:35:8c:81:c7:46:b9:f1:69:82:1c:7e:32:ef:
         60:7c:3a:3b:d3:83:8c:08:0a:5c:f0:b3:db:0f:7b:75:72:93:
         7b:b5:60:10:22:50:f7:0b:ef:5a:ea:c0:8e:d1:64:06:c6:cf:
         89:66:5e:bb:33:6e:1c:6d:46:0f:35:6c:c4:db:d3:d1:b7:47:
         2d:ab:c0:7b:f8:36:60:97:be:c3:21:d8:c3:d8:09:51:25:ea:
         0b:25:ad:ab:01:e7:71:2b:84:da:83:44:68:fd:60:c8:a3:3a:
         0e:84:5f:6a:d1:66:10:47:93:d7:dc:89:25:58:87:22:b4:95:
         11:98:3a:54:d1:3a:a1:e4:1b:43:02:b2:17:9b:df:d7:91:df:
         28:37:1b:18:47:20:f3:0e:14:8c:0d:6e:a0:c7:bc:ed:16:1d:
         1e:72:4a:2d:f4:26:bc:70:49:30:90:87:6d:51:21:e6:eb:2a:
         fe:6a:31:df:d5:2e:5b:17:a9:cf:6a:15:04:fb:d2:1e:5f:cf:
         e2:81:57:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWinYztVtIW7UxYukKLx9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjIxZDRmOTcwMDcxODIyMmVkZWIzNGU5MzhhNzY2MzQz
ZjI0ZTEwHhcNMjQxMTIzMDEwMjE0WhcNMjQxMTI0MDEwMjE0WjAzMTEwLwYDVQQD
Eyg2YzRjMjhhOGZiN2I0ZGQ2ODY4OTg0YmY2NzJkMzYxNWZmNzg1NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWKwif8VgkBLnByFbanT5UI8DPIS
He/9pIUzwIxfFp6V+NE7TBxvP6/GlWNOyhUSOm4hVG9Q8t/vAo7nXFIq1ks+Cyax
o4IskJXd3SUtKdqkxk5Vrmf5b4Q6QsACM3Iy/lGPNMbQOCB/5r+uwBrHUDbU6c/3
KiG7PYiOEoZWLnIqs5y6acCEucJqxamh8Bjn7OklppyK2o0Fc4znYv278NWsbwZ4
aE/a41NS7qeulrIvogMRDw3dYLG6QEISz8n+5kZR7Ky+rKjM/g9lxfcuhPI7rs+W
CGMuWShRueT2lZSXKvvDfa15PzlzToAz0Bx7g+tWsXqt977DomZn/qR2UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGxMKKj7e03WhomEv2ctNhX/eFeKMB8GA1UdIwQY
MBaAFJoiHU+XAHGCIu3rNOk4p2Y0PyThMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEt
N2RlN2E3YzViZjcyLzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hYzYzYjYtNTVjNi00NmRmLThjMTEtN2RlN2E3YzViZjcy
LzEvbWlJZFQ1Y0FjWUlpN2VzMDZUaW5aalFfSk9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCr6UjqS
xTk08UkAZ/KoRUYoz1ISyqAlbN6Ucrd5RjWVQ6z29iCbaJTXaKn/OLn1nOgQq/6E
cQCKQTE1jIHHRrnxaYIcfjLvYHw6O9ODjAgKXPCz2w97dXKTe7VgECJQ9wvvWurA
jtFkBsbPiWZeuzNuHG1GDzVsxNvT0bdHLavAe/g2YJe+wyHYw9gJUSXqCyWtqwHn
cSuE2oNEaP1gyKM6DoRfatFmEEeT19yJJViHIrSVEZg6VNE6oeQbQwKyF5vf15Hf
KDcbGEcg8w4UjA1uoMe87RYdHnJKLfQmvHBJMJCHbVEh5usq/mox39UuWxepz2oV
BPvSHl/P4oFXkQ==
-----END CERTIFICATE-----