Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
File:                     hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft (raw, json)
Hash identifier:          5d1U8fl4TUFeGBz0rSQXTl+C/nFEMReORjImmWy0HSg=
Subject key identifier:   A1:97:21:A8:06:38:C0:F3:5D:7B:DF:F5:F5:FC:16:0D:E4:4E:C4:83
Authority key identifier: 85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04
Certificate issuer:       /CN=85512d19d37946cd4c236f890469635751f5d904
Certificate serial:       019356F66DBB9F64DFE775A44D65F81A6D5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
Manifest number:          136C
Signing time:             Sat 23 Nov 2024 03:00:10 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:10 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:10 +0000
Files and hashes:         1: hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl (hash: /7/M5TaWIrdA860DyKnB2PlGd7SubfYYt6jpItgWP6E=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f6:6d:bb:9f:64:df:e7:75:a4:4d:65:f8:1a:6d:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=85512d19d37946cd4c236f890469635751f5d904
        Validity
            Not Before: Nov 23 03:00:10 2024 GMT
            Not After : Nov 24 03:00:10 2024 GMT
        Subject: CN=a19721a80638c0f35d7bdff5f5fc160de44ec483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ad:d3:fe:a9:3f:d2:44:71:c4:9d:8a:e0:0d:
                    20:35:55:9c:9d:9a:29:a4:35:f9:2c:b4:88:73:b1:
                    08:43:54:29:01:42:15:bf:ef:fe:f5:70:de:ad:6f:
                    c4:5e:b8:4c:01:e1:c7:f0:68:d5:2e:e9:64:29:12:
                    d0:0c:ec:fc:b5:43:7f:7c:32:b9:2a:6e:37:6e:5a:
                    6e:fa:ef:94:fa:8d:d0:68:10:db:26:07:b6:15:00:
                    33:ae:c7:37:58:4f:50:4b:e2:0e:b0:01:7b:56:b6:
                    2e:5a:d1:39:47:43:29:7a:74:37:6a:a1:c7:2f:15:
                    a2:5f:dd:c4:75:3c:48:c3:10:45:c6:8f:a8:0f:0e:
                    6b:df:4b:54:f8:4d:fd:6c:ff:1f:ca:57:96:fb:b3:
                    0b:66:26:31:e1:43:23:83:4f:08:97:22:26:a5:f4:
                    c1:6c:82:86:ed:cd:e7:27:6c:03:e6:a4:b0:e3:fc:
                    0d:8d:50:b4:e1:d4:5d:df:fe:3f:7e:dd:79:4b:f2:
                    db:11:c3:7c:6c:3a:62:38:0e:39:b8:86:1b:b5:a5:
                    07:a6:bc:95:54:89:b2:0c:bd:ee:57:83:6d:13:bb:
                    fc:21:d2:95:32:e5:59:64:40:de:b1:f7:0c:c5:00:
                    95:79:41:e6:3b:a7:42:b0:9c:0c:0b:87:c9:88:77:
                    dd:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:97:21:A8:06:38:C0:F3:5D:7B:DF:F5:F5:FC:16:0D:E4:4E:C4:83
            X509v3 Authority Key Identifier:
                keyid:85:51:2D:19:D3:79:46:CD:4C:23:6F:89:04:69:63:57:51:F5:D9:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVEtGdN5Rs1MI2-JBGljV1H12QQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e215ce-8de7-484b-baa3-8fffd8f5ebfb/1/hVEtGdN5Rs1MI2-JBGljV1H12QQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:48:3a:03:e6:cd:bd:ee:52:a9:c5:a4:22:6d:25:6f:0c:d1:
         5c:eb:9a:78:18:2b:4a:1e:bc:84:07:22:ae:c3:1f:d8:43:a7:
         29:d2:93:11:ab:ec:fd:7b:8b:50:6c:c0:d7:6c:ed:ea:01:6d:
         33:af:86:8b:73:dd:c3:8d:3c:98:80:8a:88:de:09:07:1f:b4:
         85:c7:b4:d3:92:71:1a:b2:16:73:73:de:7e:35:d5:d5:84:8d:
         ee:45:1b:74:bb:ec:5b:f2:c1:33:24:f6:4b:74:cc:97:86:4c:
         97:f2:bf:96:48:b6:4b:c7:8a:f8:fa:ea:ed:3c:39:49:32:3d:
         58:d0:d8:69:41:19:f9:dd:4c:9f:82:7d:8a:07:ff:b6:be:ff:
         da:18:a5:87:ce:61:07:79:97:37:16:2c:f7:6b:17:35:9f:58:
         20:53:8e:c7:29:a6:47:9d:99:13:09:d0:4c:95:8a:1c:66:2c:
         53:72:1f:19:b4:3a:07:4c:66:b7:e2:a4:f2:25:c1:c1:21:f3:
         0e:9a:c1:ed:3e:ec:a8:36:62:73:bb:34:59:2c:7c:25:c0:f8:
         fe:36:69:94:d9:49:bb:6f:ef:34:ce:7b:50:2e:66:4e:8f:df:
         9b:5f:80:00:b8:2b:cb:09:fb:b2:f4:d9:c3:8e:4b:ce:e1:68:
         7e:8d:26:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9m27n2Tf53WkTWX4Gm1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NTEyZDE5ZDM3OTQ2Y2Q0YzIzNmY4OTA0Njk2MzU3NTFm
NWQ5MDQwHhcNMjQxMTIzMDMwMDEwWhcNMjQxMTI0MDMwMDEwWjAzMTEwLwYDVQQD
EyhhMTk3MjFhODA2MzhjMGYzNWQ3YmRmZjVmNWZjMTYwZGU0NGVjNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq3T/qk/0kRxxJ2K4A0gNVWcnZop
pDX5LLSIc7EIQ1QpAUIVv+/+9XDerW/EXrhMAeHH8GjVLulkKRLQDOz8tUN/fDK5
Km43blpu+u+U+o3QaBDbJge2FQAzrsc3WE9QS+IOsAF7VrYuWtE5R0MpenQ3aqHH
LxWiX93EdTxIwxBFxo+oDw5r30tU+E39bP8fyleW+7MLZiYx4UMjg08IlyImpfTB
bIKG7c3nJ2wD5qSw4/wNjVC04dRd3/4/ft15S/LbEcN8bDpiOA45uIYbtaUHpryV
VImyDL3uV4NtE7v8IdKVMuVZZEDesfcMxQCVeUHmO6dCsJwMC4fJiHfdrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKGXIagGOMDzXXvf9fX8Fg3kTsSDMB8GA1UdIwQY
MBaAFIVRLRnTeUbNTCNviQRpY1dR9dkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMt
OGZmZmQ4ZjVlYmZiLzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lMjE1Y2UtOGRlNy00ODRiLWJhYTMtOGZmZmQ4ZjVlYmZi
LzEvaFZFdEdkTjVSczFNSTItSkJHbGpWMUgxMlFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE0g6A+bN
ve5SqcWkIm0lbwzRXOuaeBgrSh68hAcirsMf2EOnKdKTEavs/XuLUGzA12zt6gFt
M6+Gi3Pdw408mICKiN4JBx+0hce005JxGrIWc3PefjXV1YSN7kUbdLvsW/LBMyT2
S3TMl4ZMl/K/lki2S8eK+Prq7Tw5STI9WNDYaUEZ+d1Mn4J9igf/tr7/2hilh85h
B3mXNxYs92sXNZ9YIFOOxymmR52ZEwnQTJWKHGYsU3IfGbQ6B0xmt+Kk8iXBwSHz
DprB7T7sqDZic7s0WSx8JcD4/jZplNlJu2/vNM57UC5mTo/fm1+AALgrywn7svTZ
w45LzuFofo0mJw==
-----END CERTIFICATE-----