Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
File:                     itMkK15lo9DZHGsZ60CRlZskMUg.mft (raw, json)
Hash identifier:          +MdwRDXbVffpTMlWRwpsSwntRc5nUe/LQhcP5m63mgA=
Subject key identifier:   7E:5E:92:84:91:20:F0:8F:DD:21:1E:71:05:C3:08:5E:EF:29:46:6C
Authority key identifier: 8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48
Certificate issuer:       /CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
Certificate serial:       0193568A52CC92FE2D5ECC233A497539566E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
Manifest number:          7D
Signing time:             Sat 23 Nov 2024 01:02:05 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:05 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:05 +0000
Files and hashes:         1: itMkK15lo9DZHGsZ60CRlZskMUg.crl (hash: 8tzeOaAEVZi6C/L0XT+DZfH7A/+Q2vrd7LegoXrAHps=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:52:cc:92:fe:2d:5e:cc:23:3a:49:75:39:56:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ad3242b5e65a3d0d91c6b19eb4091959b243148
        Validity
            Not Before: Nov 23 01:02:05 2024 GMT
            Not After : Nov 24 01:02:05 2024 GMT
        Subject: CN=7e5e92849120f08fdd211e7105c3085eef29466c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:35:6e:6e:ac:14:7e:ff:fb:ff:00:06:a3:af:
                    c1:8f:3b:83:90:ee:15:4f:a8:f0:d9:dc:08:59:5e:
                    87:0d:7a:7c:99:59:da:5e:98:e8:20:f8:ab:79:8b:
                    03:83:82:c2:9b:83:f1:9b:95:a4:cb:fe:12:31:36:
                    7b:7f:23:7c:25:1e:3d:90:96:97:2a:73:cd:8b:cc:
                    83:c6:46:6f:91:a0:d4:dc:20:14:10:d9:77:70:b2:
                    29:51:f5:a5:c3:35:37:ee:a9:b9:77:91:35:4d:fe:
                    3f:9a:0f:a5:0a:a5:f5:c9:77:4e:a8:f6:61:d3:7d:
                    eb:98:c5:b1:05:9f:b2:ab:d4:0d:3b:e4:58:0d:88:
                    74:06:b6:dc:de:00:bb:03:7b:e4:d4:1d:54:0b:09:
                    07:d7:3f:ea:74:8d:5a:7c:3f:48:81:75:7c:ad:c8:
                    9f:b3:21:87:79:34:09:d4:66:a2:20:2f:46:aa:60:
                    cf:3a:b0:84:32:1b:d5:45:77:f9:1c:55:27:ed:df:
                    b0:02:a9:5c:2a:00:e2:4c:c7:ff:3b:69:dc:15:70:
                    07:95:d9:85:b4:25:d8:ef:e2:fd:eb:08:9e:38:48:
                    ed:9f:90:8b:25:45:7c:8a:3f:67:b6:c2:04:e0:db:
                    ec:cb:f6:2e:09:b1:1f:e9:59:2a:f4:13:55:71:20:
                    5f:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:5E:92:84:91:20:F0:8F:DD:21:1E:71:05:C3:08:5E:EF:29:46:6C
            X509v3 Authority Key Identifier:
                keyid:8A:D3:24:2B:5E:65:A3:D0:D9:1C:6B:19:EB:40:91:95:9B:24:31:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itMkK15lo9DZHGsZ60CRlZskMUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/d7de10-5dc0-4d89-9a68-f704b1f53ace/1/itMkK15lo9DZHGsZ60CRlZskMUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:7c:0e:d2:d3:97:dc:d9:14:f7:62:4a:bd:7b:9d:8a:1f:54:
         ed:11:20:e1:93:d2:c9:73:27:d3:7e:ce:ba:e9:ad:86:ae:dd:
         16:15:56:55:a2:96:1e:f2:42:4f:fa:95:b1:ee:dc:75:70:63:
         3c:bd:e2:37:06:c5:36:40:11:c2:fa:45:d2:95:b1:93:78:14:
         45:9c:a0:37:ab:03:ef:d8:be:7d:b2:ce:6e:76:48:96:ce:22:
         a2:2b:53:e9:03:94:94:af:0a:7e:d7:fd:76:84:da:bd:3b:5c:
         b6:17:b4:15:67:8f:a6:33:67:a6:d0:34:44:4a:9f:60:c8:b9:
         5f:36:fb:49:f3:d6:9b:f1:ea:4a:ad:73:e9:b4:f1:17:9a:93:
         6e:67:92:58:4a:ed:43:ba:f0:b1:be:8e:05:07:f8:2f:38:06:
         7d:0f:61:23:00:42:de:b9:86:79:c5:c2:df:8e:fc:0c:c1:fc:
         82:33:cc:95:2e:f3:83:4e:db:b4:ff:39:16:58:d0:a2:b1:8f:
         90:d7:b8:a7:d4:c0:79:60:10:6b:65:88:c1:d4:ad:d6:a2:7d:
         1c:bb:6f:77:bc:b6:54:8d:04:a8:31:20:05:c5:f6:90:9e:44:
         a3:03:71:68:37:65:70:c2:f6:8c:1f:52:ed:4a:1f:2e:6e:54:
         2e:cd:c3:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWilLMkv4tXswjOkl1OVZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDMyNDJiNWU2NWEzZDBkOTFjNmIxOWViNDA5MTk1OWIy
NDMxNDgwHhcNMjQxMTIzMDEwMjA1WhcNMjQxMTI0MDEwMjA1WjAzMTEwLwYDVQQD
Eyg3ZTVlOTI4NDkxMjBmMDhmZGQyMTFlNzEwNWMzMDg1ZWVmMjk0NjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzVubqwUfv/7/wAGo6/BjzuDkO4V
T6jw2dwIWV6HDXp8mVnaXpjoIPireYsDg4LCm4Pxm5Wky/4SMTZ7fyN8JR49kJaX
KnPNi8yDxkZvkaDU3CAUENl3cLIpUfWlwzU37qm5d5E1Tf4/mg+lCqX1yXdOqPZh
033rmMWxBZ+yq9QNO+RYDYh0Brbc3gC7A3vk1B1UCwkH1z/qdI1afD9IgXV8rcif
syGHeTQJ1GaiIC9GqmDPOrCEMhvVRXf5HFUn7d+wAqlcKgDiTMf/O2ncFXAHldmF
tCXY7+L96wieOEjtn5CLJUV8ij9ntsIE4Nvsy/YuCbEf6Vkq9BNVcSBfhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5ekoSRIPCP3SEecQXDCF7vKUZsMB8GA1UdIwQY
MBaAFIrTJCteZaPQ2RxrGetAkZWbJDFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgt
ZjcwNGIxZjUzYWNlLzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9kN2RlMTAtNWRjMC00ZDg5LTlhNjgtZjcwNGIxZjUzYWNl
LzEvaXRNa0sxNWxvOURaSEdzWjYwQ1JsWnNrTVVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmXwO0tOX
3NkU92JKvXudih9U7REg4ZPSyXMn037Ouumthq7dFhVWVaKWHvJCT/qVse7cdXBj
PL3iNwbFNkARwvpF0pWxk3gURZygN6sD79i+fbLObnZIls4ioitT6QOUlK8Kftf9
doTavTtcthe0FWePpjNnptA0REqfYMi5Xzb7SfPWm/HqSq1z6bTxF5qTbmeSWErt
Q7rwsb6OBQf4LzgGfQ9hIwBC3rmGecXC3478DMH8gjPMlS7zg07btP85FljQorGP
kNe4p9TAeWAQa2WIwdSt1qJ9HLtvd7y2VI0EqDEgBcX2kJ5EowNxaDdlcML2jB9S
7UofLm5ULs3DQA==
-----END CERTIFICATE-----