Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          F8Zu0ZH6NCwK1i8WFCK123U7tghgaApo41kYXHP3Q3c=
Subject key identifier:   A7:72:CA:06:DF:84:D2:8C:0D:95:81:DB:5F:09:10:56:03:A8:B3:A7
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       0194072202C420A9F9193193D9DBF81AFEB1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          04B1
Signing time:             Fri 27 Dec 2024 08:00:56 +0000
Manifest this update:     Fri 27 Dec 2024 08:00:56 +0000
Manifest next update:     Sat 28 Dec 2024 08:00:56 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: sClfJrsgknLVjCDwFp38nGCaOK2M3Stpk8hXmtrQ8q8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 00:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:07:22:02:c4:20:a9:f9:19:31:93:d9:db:f8:1a:fe:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: Dec 27 08:00:56 2024 GMT
            Not After : Dec 28 08:00:56 2024 GMT
        Subject: CN=a772ca06df84d28c0d9581db5f09105603a8b3a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:cf:95:00:4b:a3:70:b7:c0:51:6a:54:72:03:
                    2c:48:9e:5f:d8:5f:ac:eb:fe:7e:6f:87:46:38:db:
                    9a:a6:08:00:0f:82:56:05:1c:e5:01:eb:4b:f1:7d:
                    92:ad:9c:54:ba:ea:c0:a4:6d:ba:31:c1:c8:d1:f2:
                    e7:93:19:7d:75:1d:70:f3:af:ca:c5:e0:c0:00:c2:
                    5c:5e:a6:40:e6:ec:36:86:02:1d:8e:83:bf:70:e6:
                    42:36:29:d7:db:f8:01:3f:8c:69:ce:52:6e:81:4d:
                    b2:8e:3a:e8:bf:15:88:92:0b:93:27:4f:b4:ae:37:
                    41:c8:07:b5:20:0f:f3:92:f4:29:14:6d:02:59:41:
                    10:83:3b:92:0f:c7:3f:6d:4b:d6:79:ed:84:ba:5a:
                    12:86:ab:96:70:cc:ed:50:54:7e:50:18:b1:63:eb:
                    b6:73:70:d2:75:ce:5b:47:47:e9:2f:cb:53:51:b2:
                    5f:76:bd:5a:1c:5c:f3:41:ce:96:f2:5a:05:48:16:
                    4a:59:11:89:f0:62:14:30:bb:5d:81:1a:89:a9:1f:
                    54:31:7b:f6:be:38:97:37:90:e6:5c:8e:a9:8a:ba:
                    63:3d:3b:00:c4:39:6d:ca:55:1e:25:9b:5a:28:fa:
                    0d:b0:be:d1:ea:6b:b5:12:40:95:10:3c:43:05:5e:
                    70:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:72:CA:06:DF:84:D2:8C:0D:95:81:DB:5F:09:10:56:03:A8:B3:A7
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         51:3c:7c:3a:59:20:3b:0d:c0:a3:36:4c:00:15:cb:81:8e:9c:
         85:99:6d:80:18:c7:81:4f:2a:fb:17:2d:e7:8a:01:55:68:b6:
         af:91:a0:03:83:1f:01:bd:8e:78:5c:22:66:f9:0a:43:a8:99:
         4e:02:b9:3c:ac:79:ee:40:74:87:3c:b1:3f:e5:25:fe:1f:5f:
         09:36:b6:5b:a8:51:24:81:d7:dc:7a:d3:25:d7:74:4a:1d:d4:
         ca:dd:29:e0:5d:52:f9:83:c2:0a:16:c5:35:ad:7f:fd:11:d0:
         ef:f7:53:f7:61:48:17:43:1d:8a:8d:57:5e:f4:d1:33:93:8a:
         d4:bb:8b:f8:1f:f4:3c:91:9b:f4:e4:e4:1f:92:94:da:db:e9:
         22:c5:c6:3d:fe:59:89:59:56:55:bb:95:b3:85:f7:47:93:00:
         43:48:48:dd:d2:ef:1c:1b:87:11:8c:7a:b9:61:db:de:9f:6d:
         2b:15:7f:d3:99:67:d1:18:5a:fc:9b:23:d0:f5:8d:25:c7:13:
         7c:58:c1:e9:e3:f1:cd:63:11:dd:4c:f3:98:e5:26:91:4e:e4:
         52:2d:88:b9:7e:2e:9d:39:e0:b0:20:70:e4:f4:b5:ad:f2:8f:
         ad:e4:bc:83:36:48:58:f5:9b:99:77:25:85:d2:b6:61:2f:06:
         b8:a7:10:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQHIgLEIKn5GTGT2dv4Gv6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjQxMjI3MDgwMDU2WhcNMjQxMjI4MDgwMDU2WjAzMTEwLwYDVQQD
EyhhNzcyY2EwNmRmODRkMjhjMGQ5NTgxZGI1ZjA5MTA1NjAzYThiM2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1c+VAEujcLfAUWpUcgMsSJ5f2F+s
6/5+b4dGONuapggAD4JWBRzlAetL8X2SrZxUuurApG26McHI0fLnkxl9dR1w86/K
xeDAAMJcXqZA5uw2hgIdjoO/cOZCNinX2/gBP4xpzlJugU2yjjrovxWIkguTJ0+0
rjdByAe1IA/zkvQpFG0CWUEQgzuSD8c/bUvWee2EuloShquWcMztUFR+UBixY+u2
c3DSdc5bR0fpL8tTUbJfdr1aHFzzQc6W8loFSBZKWRGJ8GIUMLtdgRqJqR9UMXv2
vjiXN5DmXI6pirpjPTsAxDltylUeJZtaKPoNsL7R6mu1EkCVEDxDBV5wmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdyygbfhNKMDZWB218JEFYDqLOnMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUTx8Olkg
Ow3AozZMABXLgY6chZltgBjHgU8q+xct54oBVWi2r5GgA4MfAb2OeFwiZvkKQ6iZ
TgK5PKx57kB0hzyxP+Ul/h9fCTa2W6hRJIHX3HrTJdd0Sh3Uyt0p4F1S+YPCChbF
Na1//RHQ7/dT92FIF0Mdio1XXvTRM5OK1LuL+B/0PJGb9OTkH5KU2tvpIsXGPf5Z
iVlWVbuVs4X3R5MAQ0hI3dLvHBuHEYx6uWHb3p9tKxV/05ln0Rha/Jsj0PWNJccT
fFjB6ePxzWMR3UzzmOUmkU7kUi2IuX4unTngsCBw5PS1rfKPreS8gzZIWPWbmXcl
hdK2YS8GuKcQfg==
-----END CERTIFICATE-----
Generated at Fri Dec 27 10:05:53 2024 by rpki-client on console-ams.rpki-client.org