Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          /xYuaihYzTvlDsCerJuwtoM1ItKru/gp1D0X5aqJtfc=
Subject key identifier:   DD:3F:17:45:78:A6:FC:08:1C:F8:FA:AF:C7:DE:6D:3B:7B:B4:FF:E1
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       019356F6F2063FCB2EF45D5F7E859ADB7931
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          12FD
Signing time:             Sat 23 Nov 2024 03:00:44 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:44 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:44 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: GO2gskGqrTglT91nNFyDL1tx4ZfANV6M01zd6OJ3c7w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:f2:06:3f:cb:2e:f4:5d:5f:7e:85:9a:db:79:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Nov 23 03:00:44 2024 GMT
            Not After : Nov 24 03:00:44 2024 GMT
        Subject: CN=dd3f174578a6fc081cf8faafc7de6d3b7bb4ffe1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:89:d3:b6:2d:1b:95:39:d0:23:28:b7:68:4f:
                    4c:27:96:19:7c:10:11:68:de:11:b6:c1:54:78:bb:
                    8c:45:d5:44:b3:43:59:3b:6d:24:6d:06:78:25:98:
                    dc:8e:f3:dc:cc:f5:80:1e:6d:9d:cf:5e:02:59:2c:
                    24:72:05:5f:bd:82:3b:da:8f:d4:26:5c:76:c9:27:
                    4a:a3:e1:ae:eb:63:11:e2:07:71:20:cb:2d:c3:c9:
                    31:8e:4e:41:13:61:6b:98:eb:47:d2:b4:25:57:93:
                    2f:a5:e3:cc:83:61:49:27:ea:ff:ee:b1:b8:95:49:
                    46:9c:41:89:21:88:60:d9:c9:39:69:45:83:60:77:
                    49:58:6d:ad:ca:1d:ba:25:13:65:5d:49:45:ab:20:
                    90:95:8a:cc:ba:c3:87:06:2c:ac:21:48:6f:e5:81:
                    6c:03:bf:30:d5:23:2f:7b:3c:a5:a6:e9:0e:1d:0b:
                    24:d8:c7:3c:87:8b:ac:e9:34:47:b8:42:8f:3e:bc:
                    0f:85:5f:08:4c:f7:1a:9a:7e:d7:54:b5:c1:55:79:
                    2f:d2:54:26:f0:8c:dc:f3:d4:0f:cc:58:01:09:52:
                    d2:20:ef:b4:47:9e:b6:f1:f2:8d:f3:00:b0:fc:35:
                    cb:a2:da:16:2a:f2:30:d8:bc:e0:98:5a:11:46:b5:
                    b7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:3F:17:45:78:A6:FC:08:1C:F8:FA:AF:C7:DE:6D:3B:7B:B4:FF:E1
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:95:a8:36:9e:85:83:bd:66:4e:87:17:c7:3a:8f:f1:d0:77:
         b0:ad:b1:0f:63:37:ab:b2:29:b7:d7:f2:63:a4:4a:b9:ce:37:
         91:2e:c7:0f:d2:e4:a7:39:a1:2e:04:1a:c8:3a:66:c6:b1:c5:
         07:18:72:76:f1:3d:df:e4:01:a4:ba:d9:15:d3:d2:c1:b3:71:
         90:2c:34:77:a9:cd:d3:fd:04:eb:0e:82:e0:4f:c5:68:ff:a8:
         a0:f7:fc:d5:f8:0e:ca:8c:af:03:2c:c3:46:f7:40:25:9f:d8:
         e1:5d:43:1a:f1:45:97:e8:27:4c:fa:89:8f:4f:47:e4:fb:e5:
         e1:8e:0b:8a:fe:30:46:89:fb:76:df:f7:bb:d3:6c:ee:62:46:
         36:9d:c2:bd:7a:13:88:31:db:e8:05:9c:74:d7:b8:f1:df:65:
         51:17:b9:e9:25:58:e0:b2:fd:37:1c:a0:47:fe:e0:3c:9d:f8:
         61:c2:d6:59:be:17:02:24:fd:90:5a:85:df:86:d9:7d:1d:ef:
         45:6a:1e:a0:d6:16:0c:04:32:56:a1:09:9c:30:6b:ba:1c:d7:
         3a:b3:71:73:36:16:81:3d:04:ec:fa:fb:98:ff:ed:f1:ff:57:
         8f:02:11:8d:9c:b0:d4:c2:3e:f5:8a:fc:3a:3e:80:4b:54:c3:
         17:49:49:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9vIGP8su9F1ffoWa23kxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjQxMTIzMDMwMDQ0WhcNMjQxMTI0MDMwMDQ0WjAzMTEwLwYDVQQD
EyhkZDNmMTc0NTc4YTZmYzA4MWNmOGZhYWZjN2RlNmQzYjdiYjRmZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04nTti0blTnQIyi3aE9MJ5YZfBAR
aN4RtsFUeLuMRdVEs0NZO20kbQZ4JZjcjvPczPWAHm2dz14CWSwkcgVfvYI72o/U
Jlx2ySdKo+Gu62MR4gdxIMstw8kxjk5BE2FrmOtH0rQlV5MvpePMg2FJJ+r/7rG4
lUlGnEGJIYhg2ck5aUWDYHdJWG2tyh26JRNlXUlFqyCQlYrMusOHBiysIUhv5YFs
A78w1SMvezylpukOHQsk2Mc8h4us6TRHuEKPPrwPhV8ITPcamn7XVLXBVXkv0lQm
8Izc89QPzFgBCVLSIO+0R5628fKN8wCw/DXLotoWKvIw2LzgmFoRRrW3IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0/F0V4pvwIHPj6r8febTt7tP/hMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgZWoNp6F
g71mTocXxzqP8dB3sK2xD2M3q7Ipt9fyY6RKuc43kS7HD9LkpzmhLgQayDpmxrHF
BxhydvE93+QBpLrZFdPSwbNxkCw0d6nN0/0E6w6C4E/FaP+ooPf81fgOyoyvAyzD
RvdAJZ/Y4V1DGvFFl+gnTPqJj09H5Pvl4Y4Liv4wRon7dt/3u9Ns7mJGNp3CvXoT
iDHb6AWcdNe48d9lURe56SVY4LL9NxygR/7gPJ34YcLWWb4XAiT9kFqF34bZfR3v
RWoeoNYWDAQyVqEJnDBruhzXOrNxczYWgT0E7Pr7mP/t8f9XjwIRjZyw1MI+9Yr8
Oj6AS1TDF0lJyA==
-----END CERTIFICATE-----