Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          /DJSoCPdGBhgDG4FrA476pNwSGc5ypm3pgFhqLwapKY=
Subject key identifier:   9E:D2:34:7F:16:58:A5:4A:BC:9A:0C:57:F1:E5:C5:AF:DC:AE:31:44
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       019358786C60823799E4426B6CD8FEA6ACD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          0E3B
Signing time:             Sat 23 Nov 2024 10:01:47 +0000
Manifest this update:     Sat 23 Nov 2024 10:01:47 +0000
Manifest next update:     Sun 24 Nov 2024 10:01:47 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: LSTnBBAQHgzB6x+EbgbeOQX6623KT2bLKcxjua3uQk4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:78:6c:60:82:37:99:e4:42:6b:6c:d8:fe:a6:ac:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: Nov 23 10:01:47 2024 GMT
            Not After : Nov 24 10:01:47 2024 GMT
        Subject: CN=9ed2347f1658a54abc9a0c57f1e5c5afdcae3144
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:80:ad:e2:b3:20:62:02:69:16:3c:a3:f0:4e:
                    b6:1c:5c:14:d3:0d:05:bd:48:c3:f5:73:06:b8:c6:
                    b9:2f:ec:44:67:ba:6b:2f:e0:db:6f:2b:c1:8b:d3:
                    e2:f8:53:74:f3:3d:73:2c:25:19:60:7c:c6:b2:82:
                    57:c2:e4:75:b1:39:72:47:55:08:3b:44:13:df:cd:
                    19:18:62:c3:88:14:43:ed:f0:28:1f:53:75:fc:92:
                    a1:0d:78:85:76:1b:68:0a:1b:8a:69:0a:27:28:46:
                    62:e1:44:5f:a7:44:8c:b3:27:55:d6:90:60:c4:01:
                    9e:3f:85:75:67:ff:98:4c:1f:7f:ae:c4:bc:8c:f4:
                    4b:d4:dc:8b:91:ec:b9:22:4e:06:3a:9a:d2:55:ff:
                    8d:f0:b1:91:d4:1c:7c:3c:98:d7:db:e3:95:b1:21:
                    ff:6e:ea:7e:5e:65:b2:a3:db:03:52:86:03:0c:54:
                    0a:f9:91:81:c0:d4:2d:4b:14:47:53:18:15:a4:e0:
                    73:7c:e7:ea:8b:e8:68:39:77:7d:08:0a:ec:28:c9:
                    bb:b4:9b:72:4b:bd:1c:ac:fc:be:56:90:26:d5:aa:
                    53:10:85:0f:48:33:a8:f8:55:f0:ff:d8:f2:9e:da:
                    90:d7:64:61:42:9e:33:7e:90:37:88:a5:54:ae:97:
                    60:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:D2:34:7F:16:58:A5:4A:BC:9A:0C:57:F1:E5:C5:AF:DC:AE:31:44
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:ec:5f:18:81:9c:d0:9f:71:2a:21:5b:13:6d:e1:f5:50:fb:
         65:b8:5a:48:10:dc:df:cf:65:9b:93:72:44:50:44:b6:3b:43:
         0c:88:ea:2f:5e:f9:45:00:2a:60:ed:37:7b:b9:95:1a:6b:1e:
         3c:00:99:56:41:4a:9f:94:22:72:55:20:01:65:24:07:c0:00:
         67:4b:85:38:90:28:e4:66:08:0d:6d:8c:a3:8c:1c:0a:4f:33:
         22:62:e9:b6:d2:4f:2d:d8:c4:99:53:f2:50:49:1e:ae:db:cf:
         d3:bc:17:af:6f:05:0d:ee:67:6d:e3:b0:06:9c:98:e1:be:e0:
         3e:1f:f0:b7:4a:a0:e6:d7:23:6d:79:20:54:9d:2c:6c:df:3b:
         ab:ce:0f:9e:9f:76:bb:2c:b4:c4:f7:e0:c0:79:11:c1:2f:21:
         bc:a3:b8:43:f8:15:7c:63:f3:fb:47:2a:a0:b0:cc:6d:c0:f3:
         d1:d2:36:33:83:45:20:46:08:7b:63:7c:25:c9:7d:cb:eb:e8:
         44:55:30:a6:6e:89:4d:4f:8a:ba:79:61:fc:00:98:20:8f:5a:
         a9:be:6c:e2:d4:aa:a8:24:f0:9d:32:f4:a4:84:04:c1:31:fb:
         50:04:93:ed:7b:35:b3:88:2b:17:8b:de:58:af:b1:cd:cb:53:
         03:b9:c4:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeGxggjeZ5EJrbNj+pqzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjQxMTIzMTAwMTQ3WhcNMjQxMTI0MTAwMTQ3WjAzMTEwLwYDVQQD
Eyg5ZWQyMzQ3ZjE2NThhNTRhYmM5YTBjNTdmMWU1YzVhZmRjYWUzMTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlICt4rMgYgJpFjyj8E62HFwU0w0F
vUjD9XMGuMa5L+xEZ7prL+DbbyvBi9Pi+FN08z1zLCUZYHzGsoJXwuR1sTlyR1UI
O0QT380ZGGLDiBRD7fAoH1N1/JKhDXiFdhtoChuKaQonKEZi4URfp0SMsydV1pBg
xAGeP4V1Z/+YTB9/rsS8jPRL1NyLkey5Ik4GOprSVf+N8LGR1Bx8PJjX2+OVsSH/
bup+XmWyo9sDUoYDDFQK+ZGBwNQtSxRHUxgVpOBzfOfqi+hoOXd9CArsKMm7tJty
S70crPy+VpAm1apTEIUPSDOo+FXw/9jyntqQ12RhQp4zfpA3iKVUrpdg8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ7SNH8WWKVKvJoMV/Hlxa/crjFEMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUOxfGIGc
0J9xKiFbE23h9VD7ZbhaSBDc389lm5NyRFBEtjtDDIjqL175RQAqYO03e7mVGmse
PACZVkFKn5QiclUgAWUkB8AAZ0uFOJAo5GYIDW2Mo4wcCk8zImLpttJPLdjEmVPy
UEkertvP07wXr28FDe5nbeOwBpyY4b7gPh/wt0qg5tcjbXkgVJ0sbN87q84Pnp92
uyy0xPfgwHkRwS8hvKO4Q/gVfGPz+0cqoLDMbcDz0dI2M4NFIEYIe2N8Jcl9y+vo
RFUwpm6JTU+Kunlh/ACYII9aqb5s4tSqqCTwnTL0pIQEwTH7UAST7Xs1s4grF4ve
WK+xzctTA7nExA==
-----END CERTIFICATE-----