Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
File:                     sCnHJ8biLu2PvNHot2k5V40Nygo.mft (raw, json)
Hash identifier:          4epw938aUVhmPANze8Zt7vKc61lSmesuTB/2YOraBSM=
Subject key identifier:   9D:86:EE:49:B0:BE:13:A5:54:1E:79:6C:B0:84:CE:34:A2:CE:DE:EA
Authority key identifier: B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A
Certificate issuer:       /CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
Certificate serial:       019369D9ED18F255FDFA690751F1061124DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
Manifest number:          1376
Signing time:             Tue 26 Nov 2024 19:01:49 +0000
Manifest this update:     Tue 26 Nov 2024 19:01:49 +0000
Manifest next update:     Wed 27 Nov 2024 19:01:49 +0000
Files and hashes:         1: sCnHJ8biLu2PvNHot2k5V40Nygo.crl (hash: IQlbcwZMMiV8VCOlFKq4xAtNj7ai1lOU/lpnAn2hTf4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:d9:ed:18:f2:55:fd:fa:69:07:51:f1:06:11:24:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b029c727c6e22eed8fbcd1e8b76939578d0dca0a
        Validity
            Not Before: Nov 26 19:01:49 2024 GMT
            Not After : Nov 27 19:01:49 2024 GMT
        Subject: CN=9d86ee49b0be13a5541e796cb084ce34a2cedeea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:bb:5c:75:18:f9:54:3f:71:d1:b3:aa:3a:50:
                    c4:3c:c0:9a:17:b0:50:90:6e:09:9a:1f:66:a9:69:
                    bd:c4:24:f6:9c:50:96:22:75:07:d4:9d:bd:ec:f8:
                    b1:dd:0b:c2:41:62:85:ed:73:6a:57:6a:5f:cc:f9:
                    e2:ca:76:b1:40:70:4d:73:cb:7b:a1:8d:7f:d2:ae:
                    5a:ee:23:6d:84:ea:71:a2:33:b6:4d:2d:7b:85:74:
                    b3:48:9d:b4:f4:0d:87:9a:dd:e6:47:19:c4:74:73:
                    ea:94:7b:36:1b:dc:e6:c6:97:36:63:62:e8:a1:b7:
                    c6:5d:13:cd:6e:09:53:4e:27:71:31:35:2e:d7:f0:
                    06:42:6f:ec:ce:1b:7d:d1:ee:a8:2e:7e:49:f3:61:
                    a0:97:3b:76:f4:76:1b:ab:de:a6:2a:93:bc:d8:24:
                    9d:50:9e:3d:38:7e:08:b0:25:b8:d8:78:78:d6:3e:
                    99:a0:28:09:c4:a1:09:8d:d1:91:2d:f4:b4:6e:38:
                    df:17:23:89:e7:ca:bf:c8:04:e8:25:e1:54:9a:bc:
                    d2:fb:65:ad:8b:72:5d:78:41:81:35:c1:6c:8e:09:
                    91:fc:0c:94:45:ec:b9:3d:7b:2f:7a:cf:49:bf:c6:
                    22:20:91:a3:c0:28:99:b2:85:11:2c:7d:5a:58:d8:
                    97:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:86:EE:49:B0:BE:13:A5:54:1E:79:6C:B0:84:CE:34:A2:CE:DE:EA
            X509v3 Authority Key Identifier:
                keyid:B0:29:C7:27:C6:E2:2E:ED:8F:BC:D1:E8:B7:69:39:57:8D:0D:CA:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCnHJ8biLu2PvNHot2k5V40Nygo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/4615a1-9052-40c6-a18d-a0d79924db6c/1/sCnHJ8biLu2PvNHot2k5V40Nygo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:ce:8a:b0:c5:e2:1a:9a:13:6b:d8:8a:ab:bc:16:64:94:9f:
         36:fb:1b:c8:fe:0a:39:07:35:c3:08:8c:e1:4e:32:3f:e2:0f:
         3d:bc:7a:49:53:b8:ca:0e:32:bd:48:23:87:6f:23:5e:0d:22:
         84:c3:5d:2b:59:13:75:8a:76:8e:90:bb:5a:05:85:95:30:12:
         b2:3f:4e:64:d2:fa:74:a4:a3:a5:cd:f9:35:0c:1a:d9:30:03:
         64:47:c5:ca:23:cb:01:f7:d1:6a:11:1a:ac:fd:fb:db:33:92:
         d4:a0:dd:fe:70:de:26:a1:49:89:ef:11:17:e2:ca:f3:5f:95:
         4f:cf:8b:32:fb:5b:41:18:99:7b:92:87:e1:a4:52:5b:96:3b:
         b2:53:d8:cc:f8:4a:3b:ed:26:01:06:0d:0b:80:c3:29:29:b9:
         0e:b8:e0:05:5c:37:ce:99:10:28:bd:e9:44:22:84:a4:4a:ca:
         1e:5a:a8:0c:ac:04:2b:87:3e:63:21:02:53:36:56:1a:98:32:
         42:b7:59:d6:45:10:39:72:de:f8:05:af:0b:ed:98:e2:49:0e:
         cc:02:de:85:6b:93:76:8c:b6:68:52:9d:80:fb:57:6a:05:e8:
         77:0e:66:e2:6b:48:11:8c:ea:23:4b:82:1a:3d:5e:44:29:92:
         9a:14:08:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2e0Y8lX9+mkHUfEGESTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjljNzI3YzZlMjJlZWQ4ZmJjZDFlOGI3NjkzOTU3OGQw
ZGNhMGEwHhcNMjQxMTI2MTkwMTQ5WhcNMjQxMTI3MTkwMTQ5WjAzMTEwLwYDVQQD
Eyg5ZDg2ZWU0OWIwYmUxM2E1NTQxZTc5NmNiMDg0Y2UzNGEyY2VkZWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLtcdRj5VD9x0bOqOlDEPMCaF7BQ
kG4Jmh9mqWm9xCT2nFCWInUH1J297Pix3QvCQWKF7XNqV2pfzPniynaxQHBNc8t7
oY1/0q5a7iNthOpxojO2TS17hXSzSJ209A2Hmt3mRxnEdHPqlHs2G9zmxpc2Y2Lo
obfGXRPNbglTTidxMTUu1/AGQm/szht90e6oLn5J82Gglzt29HYbq96mKpO82CSd
UJ49OH4IsCW42Hh41j6ZoCgJxKEJjdGRLfS0bjjfFyOJ58q/yAToJeFUmrzS+2Wt
i3JdeEGBNcFsjgmR/AyURey5PXsves9Jv8YiIJGjwCiZsoURLH1aWNiXDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ2G7kmwvhOlVB55bLCEzjSizt7qMB8GA1UdIwQY
MBaAFLApxyfG4i7tj7zR6LdpOVeNDcoKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQt
YTBkNzk5MjRkYjZjLzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC80NjE1YTEtOTA1Mi00MGM2LWExOGQtYTBkNzk5MjRkYjZj
LzEvc0NuSEo4YmlMdTJQdk5Ib3QyazVWNDBOeWdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAls6KsMXi
GpoTa9iKq7wWZJSfNvsbyP4KOQc1wwiM4U4yP+IPPbx6SVO4yg4yvUgjh28jXg0i
hMNdK1kTdYp2jpC7WgWFlTASsj9OZNL6dKSjpc35NQwa2TADZEfFyiPLAffRahEa
rP372zOS1KDd/nDeJqFJie8RF+LK81+VT8+LMvtbQRiZe5KH4aRSW5Y7slPYzPhK
O+0mAQYNC4DDKSm5DrjgBVw3zpkQKL3pRCKEpErKHlqoDKwEK4c+YyECUzZWGpgy
QrdZ1kUQOXLe+AWvC+2Y4kkOzALehWuTdoy2aFKdgPtXagXodw5m4mtIEYzqI0uC
Gj1eRCmSmhQIJQ==
-----END CERTIFICATE-----