Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
File:                     yYDRnDv8xARxVndvAqNJiY5GuQ0.mft (raw, json)
Hash identifier:          5Q+fzYZ1Fi+DALiwJ3n2stqm93VOYaTtfwe/S6HIGew=
Subject key identifier:   7C:67:49:E9:1E:88:A0:2E:6F:42:BE:AD:A3:44:C1:B6:CA:AA:B6:E9
Authority key identifier: C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D
Certificate issuer:       /CN=c980d19c3bfcc4047156776f02a349898e46b90d
Certificate serial:       019356898D3719600E3F33D743621F47FF2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
Manifest number:          068C
Signing time:             Sat 23 Nov 2024 01:01:15 +0000
Manifest this update:     Sat 23 Nov 2024 01:01:15 +0000
Manifest next update:     Sun 24 Nov 2024 01:01:15 +0000
Files and hashes:         1: yYDRnDv8xARxVndvAqNJiY5GuQ0.crl (hash: Q7z/uLjG1tKQ/r6dsDWH01PS0FPXNI4/QZJu3hR6F9I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:89:8d:37:19:60:0e:3f:33:d7:43:62:1f:47:ff:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c980d19c3bfcc4047156776f02a349898e46b90d
        Validity
            Not Before: Nov 23 01:01:15 2024 GMT
            Not After : Nov 24 01:01:15 2024 GMT
        Subject: CN=7c6749e91e88a02e6f42beada344c1b6caaab6e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:07:af:dd:16:86:d7:20:74:68:da:ce:4a:56:
                    a5:c5:96:86:df:ca:be:30:d3:bc:8c:98:90:ba:95:
                    22:31:d3:0f:1b:d4:f9:bc:94:83:31:67:12:4c:5b:
                    8b:68:e0:3f:83:55:c7:dd:3a:ee:f6:a1:15:b6:77:
                    8b:4f:be:99:ed:21:92:9d:68:4c:2f:7f:52:0b:0d:
                    62:31:8e:26:79:b0:d6:56:a5:45:4e:2c:be:3b:28:
                    cd:fb:53:2f:a0:9d:97:24:cd:b0:c6:79:eb:cc:d7:
                    5c:64:3a:0b:f1:4f:7a:2d:cc:5b:d8:28:69:3c:a6:
                    84:3e:4b:64:2f:f1:0a:4e:4d:ec:88:7f:a2:e1:be:
                    6b:2a:b4:7d:4b:e4:4a:c2:c9:30:ac:bd:ad:c1:9a:
                    92:21:09:93:a7:77:4d:72:7e:7b:4a:62:fd:80:ba:
                    c3:02:3f:99:e1:47:4c:0d:03:b0:13:a7:9d:25:8f:
                    84:80:0b:07:4e:5c:d2:be:9b:47:06:0e:f4:3e:b8:
                    28:2e:10:75:8f:e3:21:27:97:c2:e1:d5:e0:63:ac:
                    d0:3f:51:f0:30:6d:22:1b:cc:28:79:7c:3b:bb:25:
                    cb:bd:71:c1:0e:13:21:1b:58:e1:98:71:90:d6:eb:
                    1f:9e:7c:9f:cb:6b:a4:30:17:c9:30:bf:3c:2e:84:
                    ad:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:67:49:E9:1E:88:A0:2E:6F:42:BE:AD:A3:44:C1:B6:CA:AA:B6:E9
            X509v3 Authority Key Identifier:
                keyid:C9:80:D1:9C:3B:FC:C4:04:71:56:77:6F:02:A3:49:89:8E:46:B9:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYDRnDv8xARxVndvAqNJiY5GuQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/68c063-400a-4ed1-9fbf-b86619752039/1/yYDRnDv8xARxVndvAqNJiY5GuQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:97:98:a7:df:80:c4:4d:9c:11:80:4d:15:91:ef:95:a3:e3:
         25:8c:39:cb:3c:97:e6:23:18:e4:35:0a:57:f7:af:3b:8c:32:
         86:c4:6a:1f:46:c9:4e:a4:33:f4:8a:92:86:9b:1c:42:2a:c8:
         59:e1:d9:11:4b:4a:49:e6:c3:6b:e8:62:f3:4b:03:5c:6e:35:
         cb:e0:81:b7:d8:d7:32:b6:73:c2:50:15:d3:df:ea:37:42:23:
         81:c0:32:e4:a6:68:bf:ce:5e:3c:6e:1a:89:99:98:d7:8f:bc:
         62:36:59:da:03:0c:36:41:a6:5e:86:39:1d:60:2e:0f:14:f0:
         a6:f2:4d:bd:1a:88:17:59:ce:c4:5a:f7:ad:9f:c4:a8:a2:b0:
         58:75:b8:8f:08:f4:c2:94:12:06:8e:d8:a6:e4:8c:e2:a2:2b:
         00:8d:7c:42:a3:86:4b:0c:46:b1:f8:0a:9b:b4:2b:d8:6a:c9:
         9a:26:b4:10:69:9f:ee:d8:3a:92:43:a2:26:e3:c3:36:23:b5:
         14:e8:11:71:64:56:31:07:16:73:ed:c8:f1:80:87:0f:cf:c5:
         97:18:ab:e6:7b:ce:9d:96:85:37:f7:96:3b:c8:61:58:b4:a5:
         9e:7f:f0:06:a4:1c:57:6b:0c:00:65:2d:c4:38:97:d0:08:ea:
         60:28:8d:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWiY03GWAOPzPXQ2IfR/8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ODBkMTljM2JmY2M0MDQ3MTU2Nzc2ZjAyYTM0OTg5OGU0
NmI5MGQwHhcNMjQxMTIzMDEwMTE1WhcNMjQxMTI0MDEwMTE1WjAzMTEwLwYDVQQD
Eyg3YzY3NDllOTFlODhhMDJlNmY0MmJlYWRhMzQ0YzFiNmNhYWFiNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAev3RaG1yB0aNrOSlalxZaG38q+
MNO8jJiQupUiMdMPG9T5vJSDMWcSTFuLaOA/g1XH3Tru9qEVtneLT76Z7SGSnWhM
L39SCw1iMY4mebDWVqVFTiy+OyjN+1MvoJ2XJM2wxnnrzNdcZDoL8U96Lcxb2Chp
PKaEPktkL/EKTk3siH+i4b5rKrR9S+RKwskwrL2twZqSIQmTp3dNcn57SmL9gLrD
Aj+Z4UdMDQOwE6edJY+EgAsHTlzSvptHBg70PrgoLhB1j+MhJ5fC4dXgY6zQP1Hw
MG0iG8woeXw7uyXLvXHBDhMhG1jhmHGQ1usfnnyfy2ukMBfJML88LoStFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHxnSekeiKAub0K+raNEwbbKqrbpMB8GA1UdIwQY
MBaAFMmA0Zw7/MQEcVZ3bwKjSYmORrkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYt
Yjg2NjE5NzUyMDM5LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy82OGMwNjMtNDAwYS00ZWQxLTlmYmYtYjg2NjE5NzUyMDM5
LzEveVlEUm5Edjh4QVJ4Vm5kdkFxTkppWTVHdVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVpeYp9+A
xE2cEYBNFZHvlaPjJYw5yzyX5iMY5DUKV/evO4wyhsRqH0bJTqQz9IqShpscQirI
WeHZEUtKSebDa+hi80sDXG41y+CBt9jXMrZzwlAV09/qN0IjgcAy5KZov85ePG4a
iZmY14+8YjZZ2gMMNkGmXoY5HWAuDxTwpvJNvRqIF1nOxFr3rZ/EqKKwWHW4jwj0
wpQSBo7YpuSM4qIrAI18QqOGSwxGsfgKm7Qr2GrJmia0EGmf7tg6kkOiJuPDNiO1
FOgRcWRWMQcWc+3I8YCHD8/Flxir5nvOnZaFN/eWO8hhWLSlnn/wBqQcV2sMAGUt
xDiX0AjqYCiNyw==
-----END CERTIFICATE-----