Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
File:                     2l7eZe_t7t-MigSyRaOl32OmnoQ.mft (raw, json)
Hash identifier:          7Sni6CwagxLx2ta94SzxdOlcIHOH+lQIBlwao1b/X8A=
Subject key identifier:   07:19:4D:82:94:69:08:D4:C2:5D:AE:C7:E3:73:F4:E6:69:9C:10:F6
Authority key identifier: DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84
Certificate issuer:       /CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
Certificate serial:       01935A67454374D506C1CCE3F7D600D48997
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
Manifest number:          1371
Signing time:             Sat 23 Nov 2024 19:02:17 +0000
Manifest this update:     Sat 23 Nov 2024 19:02:17 +0000
Manifest next update:     Sun 24 Nov 2024 19:02:17 +0000
Files and hashes:         1: 2l7eZe_t7t-MigSyRaOl32OmnoQ.crl (hash: aT4rh3yQvVgdo/0g59Aq6twn7ncsN237tQpCjDlZ9Nk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 15:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:5a:67:45:43:74:d5:06:c1:cc:e3:f7:d6:00:d4:89:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da5ede65efedeedf8c8a04b245a3a5df63a69e84
        Validity
            Not Before: Nov 23 19:02:17 2024 GMT
            Not After : Nov 24 19:02:17 2024 GMT
        Subject: CN=07194d82946908d4c25daec7e373f4e6699c10f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:7d:61:6d:2f:8c:ff:77:75:7e:b9:be:c3:57:
                    cf:da:15:72:b9:5a:c4:65:3c:0f:5e:89:9b:e4:2e:
                    34:89:34:ec:6e:88:e9:d4:ae:67:5b:d6:cf:44:62:
                    58:fb:53:37:16:8b:17:08:92:8a:ef:02:39:9d:16:
                    86:e1:2b:ea:94:b5:b4:09:92:ca:75:61:ae:04:e6:
                    fb:b0:1a:ee:3c:05:75:d4:33:19:11:22:44:4c:6a:
                    b9:e0:d9:3e:0c:63:f4:ff:aa:1c:8f:76:e4:3b:09:
                    a4:bb:58:a2:16:dc:19:ef:20:fe:b7:4a:d3:7f:c3:
                    9a:1c:ec:b2:25:34:b2:26:16:eb:70:60:57:9b:c1:
                    f3:76:1a:e9:86:18:62:75:6d:65:f8:a8:db:ef:11:
                    f2:42:50:36:01:e2:41:b6:4a:4c:db:c2:36:e2:57:
                    e5:4c:ce:92:59:cc:6b:5e:c6:58:e2:f1:46:02:34:
                    77:f8:fe:07:61:22:dc:f2:de:2d:92:74:b7:08:c8:
                    68:93:31:b7:07:94:7d:c7:0d:77:59:75:51:f8:4a:
                    1b:9a:1a:80:e9:ae:1b:d1:42:61:3e:8e:67:bf:cb:
                    09:ae:d9:ea:a3:3e:ee:45:c8:d2:ea:ad:0b:1b:ec:
                    5a:96:16:e1:89:23:af:c1:95:d6:99:1c:cc:bc:bf:
                    7a:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:19:4D:82:94:69:08:D4:C2:5D:AE:C7:E3:73:F4:E6:69:9C:10:F6
            X509v3 Authority Key Identifier:
                keyid:DA:5E:DE:65:EF:ED:EE:DF:8C:8A:04:B2:45:A3:A5:DF:63:A6:9E:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2l7eZe_t7t-MigSyRaOl32OmnoQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/a6a9de-6033-4c9d-861b-aff50e4a0e33/1/2l7eZe_t7t-MigSyRaOl32OmnoQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:cd:21:1a:11:8f:d3:9f:67:6d:d7:0c:57:1d:9c:64:dd:38:
         5f:00:c7:29:eb:f5:13:9a:9e:60:29:3f:89:ec:20:4d:a6:da:
         50:56:a4:7a:a6:00:bf:68:25:14:f9:77:c0:87:91:a6:a0:d0:
         5d:58:f7:c1:e4:b7:f5:fb:85:64:a8:13:bd:bf:4a:ae:72:f3:
         f5:79:84:2e:9d:4d:d3:b8:b1:a3:72:73:55:01:5a:59:8e:12:
         12:71:04:a9:58:f0:0e:1a:a6:ce:d7:9d:06:89:21:79:b2:22:
         84:e4:7f:be:70:d1:72:38:61:4a:0f:36:5c:c8:5a:e1:29:48:
         35:e7:9c:0f:f5:fa:6f:8e:42:60:dd:b8:0c:30:26:3a:8d:69:
         bb:e9:33:31:48:d6:6e:56:51:e6:56:01:8d:e6:ea:93:9c:63:
         35:27:ad:df:97:bf:15:69:a1:6b:a6:db:23:2d:c1:5e:c3:55:
         3e:08:dc:3e:e7:3d:fe:2a:b9:7f:59:b6:55:cc:4e:ae:d4:5b:
         2a:1a:4e:c6:3a:97:a4:19:6c:5a:10:a0:55:60:41:1f:03:91:
         51:cd:8f:9a:d7:7b:08:ef:a9:a0:cf:e9:03:87:79:d5:f9:67:
         b7:ac:cb:ed:ab:e9:61:b3:88:bb:d2:4b:99:aa:63:ce:69:98:
         e0:c8:c3:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNaZ0VDdNUGwczj99YA1ImXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNWVkZTY1ZWZlZGVlZGY4YzhhMDRiMjQ1YTNhNWRmNjNh
NjllODQwHhcNMjQxMTIzMTkwMjE3WhcNMjQxMTI0MTkwMjE3WjAzMTEwLwYDVQQD
EygwNzE5NGQ4Mjk0NjkwOGQ0YzI1ZGFlYzdlMzczZjRlNjY5OWMxMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX1hbS+M/3d1frm+w1fP2hVyuVrE
ZTwPXomb5C40iTTsbojp1K5nW9bPRGJY+1M3FosXCJKK7wI5nRaG4SvqlLW0CZLK
dWGuBOb7sBruPAV11DMZESJETGq54Nk+DGP0/6ocj3bkOwmku1iiFtwZ7yD+t0rT
f8OaHOyyJTSyJhbrcGBXm8HzdhrphhhidW1l+Kjb7xHyQlA2AeJBtkpM28I24lfl
TM6SWcxrXsZY4vFGAjR3+P4HYSLc8t4tknS3CMhokzG3B5R9xw13WXVR+EobmhqA
6a4b0UJhPo5nv8sJrtnqoz7uRcjS6q0LG+xalhbhiSOvwZXWmRzMvL96DwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAcZTYKUaQjUwl2ux+Nz9OZpnBD2MB8GA1UdIwQY
MBaAFNpe3mXv7e7fjIoEskWjpd9jpp6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWIt
YWZmNTBlNGEwZTMzLzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9hNmE5ZGUtNjAzMy00YzlkLTg2MWItYWZmNTBlNGEwZTMz
LzEvMmw3ZVplX3Q3dC1NaWdTeVJhT2wzMk9tbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWc0hGhGP
059nbdcMVx2cZN04XwDHKev1E5qeYCk/iewgTabaUFakeqYAv2glFPl3wIeRpqDQ
XVj3weS39fuFZKgTvb9KrnLz9XmELp1N07ixo3JzVQFaWY4SEnEEqVjwDhqmzted
BokhebIihOR/vnDRcjhhSg82XMha4SlINeecD/X6b45CYN24DDAmOo1pu+kzMUjW
blZR5lYBjebqk5xjNSet35e/FWmha6bbIy3BXsNVPgjcPuc9/iq5f1m2VcxOrtRb
KhpOxjqXpBlsWhCgVWBBHwORUc2Pmtd7CO+poM/pA4d51flnt6zL7avpYbOIu9JL
mapjzmmY4MjD1Q==
-----END CERTIFICATE-----