Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
File:                     Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft (raw, json)
Hash identifier:          JWdAf79kbTxd45zL8mSZRRznh32bNjF1I2gab27yMkY=
Subject key identifier:   44:81:E1:06:25:97:3D:83:F2:9B:A9:5E:5B:94:FF:EB:90:AD:08:20
Authority key identifier: 35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0
Certificate issuer:       /CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
Certificate serial:       0193572DCB5EAEDC73976DA3F69B1416AA00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
Manifest number:          013C
Signing time:             Sat 23 Nov 2024 04:00:39 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:39 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:39 +0000
Files and hashes:         1: Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl (hash: 5SFzIGtMu4vINZBenbOEWiTUUa48WhE0Y0ozXD3Hvwo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:cb:5e:ae:dc:73:97:6d:a3:f6:9b:14:16:aa:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35fc74b5798c705b30bd0eafa98ffd3d5bd422b0
        Validity
            Not Before: Nov 23 04:00:39 2024 GMT
            Not After : Nov 24 04:00:39 2024 GMT
        Subject: CN=4481e10625973d83f29ba95e5b94ffeb90ad0820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:c9:65:4e:18:cb:74:81:9c:5b:53:ca:c9:14:
                    18:a7:a6:52:50:22:6e:2f:56:37:fe:5a:d2:38:f4:
                    30:fa:99:b9:57:c3:f4:4d:e1:54:83:9a:e7:29:1d:
                    1f:e8:77:f9:0d:97:95:40:60:d2:27:aa:92:5c:f4:
                    d3:01:b2:db:ec:f6:bc:6a:c3:e1:49:38:7a:bf:8f:
                    dd:ee:08:57:3a:d2:00:3f:42:cd:27:7c:34:70:b3:
                    f7:12:50:3d:98:38:71:da:41:8d:ed:3b:eb:99:c7:
                    3e:0b:a1:18:4b:99:d1:b6:a8:53:35:12:7a:32:66:
                    fc:db:20:f7:0f:8e:e0:ec:17:58:74:89:5b:8f:f1:
                    3b:8d:66:d9:4d:0f:84:15:1b:16:d2:80:67:2f:72:
                    e8:e8:02:4f:85:17:eb:a8:4a:34:4a:06:80:c9:0f:
                    c0:1a:82:41:85:4d:b6:8c:5d:f0:7e:ae:c0:12:7c:
                    88:e1:c9:6f:e6:46:86:3f:bf:bb:62:05:04:d8:62:
                    5c:c9:0e:b8:d0:e6:db:0a:09:4a:90:8a:22:bb:22:
                    a6:40:4b:de:4c:c6:86:d7:e3:88:7f:66:55:dd:f7:
                    15:c0:ac:37:37:33:6c:0a:29:d0:9e:cb:db:26:38:
                    c8:1d:de:36:bd:a4:17:f7:7c:9d:d8:68:32:01:42:
                    d0:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:81:E1:06:25:97:3D:83:F2:9B:A9:5E:5B:94:FF:EB:90:AD:08:20
            X509v3 Authority Key Identifier:
                keyid:35:FC:74:B5:79:8C:70:5B:30:BD:0E:AF:A9:8F:FD:3D:5B:D4:22:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/115cd0-08dd-47ac-9848-cddcd1835516/1/Nfx0tXmMcFswvQ6vqY_9PVvUIrA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:3b:c9:99:f2:e5:91:8a:5a:c5:c9:6a:de:42:9d:d3:d6:78:
         71:0e:64:09:4b:df:2c:22:0d:bf:78:d1:d7:67:ed:72:b6:2f:
         5e:bc:06:39:df:09:f8:60:13:0d:40:1b:82:0c:21:f4:4a:12:
         cc:3f:9b:79:1f:26:ff:ca:f6:c1:06:8f:55:fa:57:aa:d9:10:
         b4:49:dc:2a:fa:3e:a0:85:26:d1:8f:64:4a:16:74:39:68:96:
         f2:13:8c:a6:9a:97:7e:27:5d:c3:d5:0d:75:e0:05:24:8c:cf:
         78:86:81:ca:32:06:31:7b:2f:c6:31:59:69:e5:f3:cc:3d:0a:
         a5:bc:b5:40:a8:63:4c:42:4f:9c:5b:02:a0:45:05:55:a2:8e:
         05:d0:6d:5d:94:ce:cf:27:5d:35:b0:dc:89:e1:5b:9d:76:14:
         21:aa:38:89:54:96:72:8f:f1:c8:d6:11:d5:e4:68:78:cf:dd:
         07:2f:17:8e:a1:41:d1:41:7f:e5:33:23:cd:12:40:59:e2:7f:
         95:36:d0:8e:58:70:82:3e:53:a9:18:23:4f:2f:b4:b0:ac:f5:
         4c:41:b7:b6:4e:f4:6c:09:a8:d2:11:03:f4:87:66:42:17:4f:
         9b:2c:21:9a:a0:d0:82:79:17:f8:f9:5f:b5:03:fd:1a:d3:db:
         00:1f:44:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLctertxzl22j9psUFqoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZmM3NGI1Nzk4YzcwNWIzMGJkMGVhZmE5OGZmZDNkNWJk
NDIyYjAwHhcNMjQxMTIzMDQwMDM5WhcNMjQxMTI0MDQwMDM5WjAzMTEwLwYDVQQD
Eyg0NDgxZTEwNjI1OTczZDgzZjI5YmE5NWU1Yjk0ZmZlYjkwYWQwODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sllThjLdIGcW1PKyRQYp6ZSUCJu
L1Y3/lrSOPQw+pm5V8P0TeFUg5rnKR0f6Hf5DZeVQGDSJ6qSXPTTAbLb7Pa8asPh
STh6v4/d7ghXOtIAP0LNJ3w0cLP3ElA9mDhx2kGN7Tvrmcc+C6EYS5nRtqhTNRJ6
Mmb82yD3D47g7BdYdIlbj/E7jWbZTQ+EFRsW0oBnL3Lo6AJPhRfrqEo0SgaAyQ/A
GoJBhU22jF3wfq7AEnyI4clv5kaGP7+7YgUE2GJcyQ640ObbCglKkIoiuyKmQEve
TMaG1+OIf2ZV3fcVwKw3NzNsCinQnsvbJjjIHd42vaQX93yd2GgyAULQIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFESB4QYllz2D8pupXluU/+uQrQggMB8GA1UdIwQY
MBaAFDX8dLV5jHBbML0Or6mP/T1b1CKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgt
Y2RkY2QxODM1NTE2LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xMTVjZDAtMDhkZC00N2FjLTk4NDgtY2RkY2QxODM1NTE2
LzEvTmZ4MHRYbU1jRnN3dlE2dnFZXzlQVnZVSXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAljvJmfLl
kYpaxclq3kKd09Z4cQ5kCUvfLCINv3jR12ftcrYvXrwGOd8J+GATDUAbggwh9EoS
zD+beR8m/8r2wQaPVfpXqtkQtEncKvo+oIUm0Y9kShZ0OWiW8hOMppqXfiddw9UN
deAFJIzPeIaByjIGMXsvxjFZaeXzzD0Kpby1QKhjTEJPnFsCoEUFVaKOBdBtXZTO
zyddNbDcieFbnXYUIao4iVSWco/xyNYR1eRoeM/dBy8XjqFB0UF/5TMjzRJAWeJ/
lTbQjlhwgj5TqRgjTy+0sKz1TEG3tk70bAmo0hED9IdmQhdPmywhmqDQgnkX+Plf
tQP9GtPbAB9EAA==
-----END CERTIFICATE-----