Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
File:                     tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft (raw, json)
Hash identifier:          RF8jYOlMJaoAErvAHTOhHD4sOeRQ2vm8e2QVKIFAfEQ=
Subject key identifier:   B8:75:07:47:0C:14:C5:DF:25:AE:F8:3F:B0:D9:96:16:E1:79:85:05
Authority key identifier: B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA
Certificate issuer:       /CN=b50edfc96d2b61788689533142969e65566512aa
Certificate serial:       0193572D7A62937C1DEE69E937F83E5EEA8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
Manifest number:          12EF
Signing time:             Sat 23 Nov 2024 04:00:18 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:18 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:18 +0000
Files and hashes:         1: tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl (hash: MQSttkhL4fSOHDjcZ+mZrq7cL46TfrFJP9IEdN3n6nA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:7a:62:93:7c:1d:ee:69:e9:37:f8:3e:5e:ea:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b50edfc96d2b61788689533142969e65566512aa
        Validity
            Not Before: Nov 23 04:00:18 2024 GMT
            Not After : Nov 24 04:00:18 2024 GMT
        Subject: CN=b87507470c14c5df25aef83fb0d99616e1798505
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:21:46:49:fe:a6:dd:1f:e1:36:b0:07:14:d6:
                    b1:b5:d4:be:11:09:c3:fb:55:92:08:0d:a7:85:4f:
                    36:5b:71:8a:1f:7d:35:ef:ba:ee:0a:ee:52:87:f3:
                    b5:e7:6d:6e:a4:b8:19:1c:6d:5c:8c:d3:b7:40:2c:
                    32:92:2c:d1:a1:f9:81:29:48:78:05:da:66:5e:f1:
                    7f:31:c7:21:ad:99:67:0f:12:2a:6d:82:31:b9:c3:
                    9a:0a:eb:0a:77:36:86:22:54:ce:ce:74:0a:6f:b7:
                    fb:ae:1f:ae:d5:7d:50:48:8a:48:be:c8:f3:af:58:
                    8d:8c:94:04:2e:fa:d8:19:ea:ff:e4:d9:07:e7:34:
                    a5:ae:ac:a6:b2:39:69:b5:2e:30:c9:de:84:b7:c2:
                    f1:8e:10:0c:af:09:f2:48:10:01:26:f2:39:9b:dd:
                    31:28:0a:c3:0c:2f:93:b6:79:a8:1e:86:80:68:64:
                    00:e5:23:77:8d:eb:49:cc:b3:86:61:79:4c:71:3d:
                    10:3d:ce:fd:e3:a3:eb:7c:1c:83:86:f4:d2:c0:69:
                    e0:b1:67:e1:f7:0d:19:bd:29:45:cd:e8:44:2d:aa:
                    27:51:dd:71:df:57:44:74:21:93:7f:b7:8a:f3:67:
                    a7:dc:92:c2:dc:fa:34:7e:a3:fa:e3:e2:67:b4:7f:
                    ab:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:75:07:47:0C:14:C5:DF:25:AE:F8:3F:B0:D9:96:16:E1:79:85:05
            X509v3 Authority Key Identifier:
                keyid:B5:0E:DF:C9:6D:2B:61:78:86:89:53:31:42:96:9E:65:56:65:12:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/dc09cf-770c-4172-a6ee-b61384ff0ec2/1/tQ7fyW0rYXiGiVMxQpaeZVZlEqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:90:86:58:c6:d4:85:d2:74:90:a0:f7:86:87:58:04:08:af:
         de:b8:5d:f0:c8:ee:9e:bd:90:18:fe:95:ae:0d:6c:df:d9:91:
         c6:22:19:0b:85:b9:5c:e7:ed:95:c4:26:fb:6a:a5:02:5a:f7:
         4a:e6:d7:58:a5:c0:ac:ab:66:fb:35:bf:14:f9:f5:e8:a5:c1:
         f5:77:da:ee:3a:28:9f:8a:f4:9f:cb:0b:ae:e3:40:bb:7b:16:
         4f:ea:cd:f4:9c:f7:63:52:cb:86:3e:e4:3a:91:b0:26:b0:2c:
         3d:4e:f9:05:22:e7:c0:f1:ce:1d:0e:a4:e6:89:80:31:20:12:
         fe:f0:ab:f6:d2:1b:ae:42:46:0c:fc:e6:78:63:e8:99:e0:57:
         be:9f:e0:83:2c:4b:31:68:ff:e4:18:1f:5e:2f:ef:88:bf:8d:
         20:52:ba:d1:41:81:76:d4:5b:67:02:ca:85:11:ca:87:e1:c2:
         03:e0:2e:74:49:6f:00:fb:cd:9f:58:f7:ae:79:1b:31:ae:68:
         52:d9:4a:71:4f:1f:c4:c7:4f:bb:f5:f6:ca:60:2a:2d:f7:60:
         0c:be:b1:d4:31:cb:80:a9:05:1a:a7:7b:97:eb:e6:ea:af:66:
         c0:5e:fa:58:2f:23:d9:bb:a2:dc:92:6f:92:83:ce:19:79:8d:
         bb:25:c6:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLXpik3wd7mnpN/g+XuqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MGVkZmM5NmQyYjYxNzg4Njg5NTMzMTQyOTY5ZTY1NTY2
NTEyYWEwHhcNMjQxMTIzMDQwMDE4WhcNMjQxMTI0MDQwMDE4WjAzMTEwLwYDVQQD
EyhiODc1MDc0NzBjMTRjNWRmMjVhZWY4M2ZiMGQ5OTYxNmUxNzk4NTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iFGSf6m3R/hNrAHFNaxtdS+EQnD
+1WSCA2nhU82W3GKH30177ruCu5Sh/O1521upLgZHG1cjNO3QCwykizRofmBKUh4
BdpmXvF/McchrZlnDxIqbYIxucOaCusKdzaGIlTOznQKb7f7rh+u1X1QSIpIvsjz
r1iNjJQELvrYGer/5NkH5zSlrqymsjlptS4wyd6Et8LxjhAMrwnySBABJvI5m90x
KArDDC+TtnmoHoaAaGQA5SN3jetJzLOGYXlMcT0QPc7946PrfByDhvTSwGngsWfh
9w0ZvSlFzehELaonUd1x31dEdCGTf7eK82en3JLC3Po0fqP64+JntH+rbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLh1B0cMFMXfJa74P7DZlhbheYUFMB8GA1UdIwQY
MBaAFLUO38ltK2F4holTMUKWnmVWZRKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUt
YjYxMzg0ZmYwZWMyLzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9kYzA5Y2YtNzcwYy00MTcyLWE2ZWUtYjYxMzg0ZmYwZWMy
LzEvdFE3ZnlXMHJZWGlHaVZNeFFwYWVaVlpsRXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj5CGWMbU
hdJ0kKD3hodYBAiv3rhd8Mjunr2QGP6Vrg1s39mRxiIZC4W5XOftlcQm+2qlAlr3
SubXWKXArKtm+zW/FPn16KXB9Xfa7joon4r0n8sLruNAu3sWT+rN9Jz3Y1LLhj7k
OpGwJrAsPU75BSLnwPHOHQ6k5omAMSAS/vCr9tIbrkJGDPzmeGPomeBXvp/ggyxL
MWj/5BgfXi/viL+NIFK60UGBdtRbZwLKhRHKh+HCA+AudElvAPvNn1j3rnkbMa5o
UtlKcU8fxMdPu/X2ymAqLfdgDL6x1DHLgKkFGqd7l+vm6q9mwF76WC8j2bui3JJv
koPOGXmNuyXGNA==
-----END CERTIFICATE-----