Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
File:                     NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft (raw, json)
Hash identifier:          AQP/WrKT32Ch5QybX0yG0M9COLYizAcAveFeAATERMg=
Subject key identifier:   BF:DD:E0:5D:2E:50:B9:D4:E5:2B:7A:C3:EA:9D:4D:88:F4:10:70:62
Authority key identifier: 35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D
Certificate issuer:       /CN=35f49b5d505000b909932c6b4f443e7ef81d780d
Certificate serial:       019356F6A23088D9EE3BB450FF4C868A713F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 03:00:24 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:24 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:24 +0000
Files and hashes:         1: NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl (hash: btC3cw2rVXRoGk9t89MpiFd0roqaDA6ONmkJxpu18rg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:a2:30:88:d9:ee:3b:b4:50:ff:4c:86:8a:71:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35f49b5d505000b909932c6b4f443e7ef81d780d
        Validity
            Not Before: Nov 23 03:00:24 2024 GMT
            Not After : Nov 24 03:00:24 2024 GMT
        Subject: CN=bfdde05d2e50b9d4e52b7ac3ea9d4d88f4107062
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b6:22:55:f1:b4:7d:d6:ea:52:77:cf:2a:71:
                    b4:4f:09:48:20:37:0d:6f:e8:37:55:c7:05:67:a2:
                    05:74:90:93:f8:03:ca:bd:a6:4a:a6:15:e2:aa:81:
                    ce:61:a5:24:34:1e:ab:c2:b4:5c:c1:36:e6:db:3b:
                    65:fe:cf:de:2d:94:2c:2b:df:f6:e7:0f:0e:6a:c2:
                    c4:95:a5:88:08:63:cb:8e:c0:bc:dd:fc:6f:97:c4:
                    81:61:cc:4f:4f:5a:19:e4:33:26:0d:aa:41:2e:ec:
                    bf:66:77:bc:69:3e:90:c6:bb:23:44:4f:d4:42:e1:
                    42:3e:ec:3c:b8:20:18:ac:08:ee:1e:48:e0:40:9e:
                    c8:ac:b0:9f:cd:db:a7:ae:cd:85:22:10:97:d7:dc:
                    1a:41:c1:9e:d1:51:7a:77:97:ac:89:b7:a8:61:74:
                    7e:64:d4:41:4a:0d:74:6b:00:97:2b:2c:7a:26:5d:
                    58:54:ea:4e:48:74:c0:d0:f9:bd:49:8b:8e:da:6d:
                    21:ce:76:21:4a:ad:f2:65:d5:65:90:29:86:0e:1a:
                    cf:7a:41:fc:0e:8d:ad:3d:6f:2a:47:90:9c:f1:41:
                    ff:1c:82:2b:48:4b:66:69:fb:ab:84:7f:b6:a0:c2:
                    c7:6b:96:11:28:be:2f:40:7d:21:e7:55:48:db:ee:
                    9b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:DD:E0:5D:2E:50:B9:D4:E5:2B:7A:C3:EA:9D:4D:88:F4:10:70:62
            X509v3 Authority Key Identifier:
                keyid:35:F4:9B:5D:50:50:00:B9:09:93:2C:6B:4F:44:3E:7E:F8:1D:78:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfSbXVBQALkJkyxrT0Q-fvgdeA0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/b39217-25d3-401d-a1d1-02b3de834bf4/1/NfSbXVBQALkJkyxrT0Q-fvgdeA0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:c9:fc:44:af:28:c9:a4:11:2b:56:7e:72:bf:bb:52:4d:45:
         1b:8f:81:c4:53:5f:b7:23:1f:bb:a5:fb:0e:b6:6d:5e:c4:ed:
         db:96:53:20:7f:26:da:63:1f:91:8e:49:c5:77:df:96:d8:6a:
         94:41:e0:ae:b6:a5:2d:e0:e5:6d:45:6e:8a:4d:a3:83:7e:68:
         2d:03:46:f3:a5:05:57:d0:da:68:45:d3:22:b8:83:fe:7a:42:
         7a:41:d8:0a:fa:a7:5f:4f:5c:aa:fb:91:6e:65:50:2c:c3:25:
         20:f4:8d:59:df:bb:fa:e4:56:d0:23:09:ba:8a:41:7c:31:ab:
         12:32:36:cd:62:e6:2d:89:91:99:9d:3e:64:6b:bf:50:ea:2f:
         a3:4c:5a:f4:14:ee:75:62:e7:2d:ee:3a:0b:62:2e:92:a4:09:
         0e:c2:49:9d:45:ce:6b:ac:bc:e7:05:84:e2:fe:40:ba:cc:f8:
         37:dc:5f:4c:20:52:a8:68:9e:1a:a6:c5:55:97:89:db:51:5c:
         99:15:71:ad:17:76:58:c7:71:e4:6c:88:6b:74:49:45:08:f9:
         86:e6:0d:06:88:26:80:25:4f:b2:ce:eb:f4:1f:6a:60:7e:c7:
         6e:5c:7f:3d:07:8f:e2:f2:1a:65:8f:2c:21:f6:0b:15:88:d3:
         75:bb:fc:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9qIwiNnuO7RQ/0yGinE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjQ5YjVkNTA1MDAwYjkwOTkzMmM2YjRmNDQzZTdlZjgx
ZDc4MGQwHhcNMjQxMTIzMDMwMDI0WhcNMjQxMTI0MDMwMDI0WjAzMTEwLwYDVQQD
EyhiZmRkZTA1ZDJlNTBiOWQ0ZTUyYjdhYzNlYTlkNGQ4OGY0MTA3MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7YiVfG0fdbqUnfPKnG0TwlIIDcN
b+g3VccFZ6IFdJCT+APKvaZKphXiqoHOYaUkNB6rwrRcwTbm2ztl/s/eLZQsK9/2
5w8OasLElaWICGPLjsC83fxvl8SBYcxPT1oZ5DMmDapBLuy/Zne8aT6QxrsjRE/U
QuFCPuw8uCAYrAjuHkjgQJ7IrLCfzdunrs2FIhCX19waQcGe0VF6d5esibeoYXR+
ZNRBSg10awCXKyx6Jl1YVOpOSHTA0Pm9SYuO2m0hznYhSq3yZdVlkCmGDhrPekH8
Do2tPW8qR5Cc8UH/HIIrSEtmafurhH+2oMLHa5YRKL4vQH0h51VI2+6bCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/d4F0uULnU5St6w+qdTYj0EHBiMB8GA1UdIwQY
MBaAFDX0m11QUAC5CZMsa09EPn74HXgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEt
MDJiM2RlODM0YmY0LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iMzkyMTctMjVkMy00MDFkLWExZDEtMDJiM2RlODM0YmY0
LzEvTmZTYlhWQlFBTGtKa3l4clQwUS1mdmdkZUEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcn8RK8o
yaQRK1Z+cr+7Uk1FG4+BxFNftyMfu6X7DrZtXsTt25ZTIH8m2mMfkY5JxXfflthq
lEHgrralLeDlbUVuik2jg35oLQNG86UFV9DaaEXTIriD/npCekHYCvqnX09cqvuR
bmVQLMMlIPSNWd+7+uRW0CMJuopBfDGrEjI2zWLmLYmRmZ0+ZGu/UOovo0xa9BTu
dWLnLe46C2IukqQJDsJJnUXOa6y85wWE4v5Ausz4N9xfTCBSqGieGqbFVZeJ21Fc
mRVxrRd2WMdx5GyIa3RJRQj5huYNBogmgCVPss7r9B9qYH7Hblx/PQeP4vIaZY8s
IfYLFYjTdbv8pQ==
-----END CERTIFICATE-----