Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          bOyUMSHoRmUXOTN/5uUm2DeKNcwGBtSgkZm/I7q8MnY=
Subject key identifier:   48:A4:9D:57:F6:6C:60:49:89:76:EF:28:C6:B2:FD:2A:2D:A3:A4:24
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       0190370654B2423CAAD087B000CDF745241F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          11D0
Signing time:             Thu 20 Jun 2024 19:01:20 +0000
Manifest this update:     Thu 20 Jun 2024 19:01:20 +0000
Manifest next update:     Fri 21 Jun 2024 19:01:20 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: Grb1nCqt3/ER+iJ8In/q9+uuQ+FfeQp0S1GhNamI/4I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 19:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:37:06:54:b2:42:3c:aa:d0:87:b0:00:cd:f7:45:24:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Jun 20 19:01:20 2024 GMT
            Not After : Jun 21 19:01:20 2024 GMT
        Subject: CN=48a49d57f66c60498976ef28c6b2fd2a2da3a424
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:ee:d4:0c:09:4f:1d:6c:03:60:85:f6:65:07:
                    47:96:88:80:3d:96:52:c2:af:1f:c5:d0:bc:18:14:
                    49:65:cb:0b:89:87:53:5b:90:13:48:39:94:93:c5:
                    5a:46:dc:05:33:8a:3d:a8:c8:43:16:35:bc:b9:af:
                    7a:36:f5:fb:a7:d5:82:37:23:10:eb:d6:26:55:76:
                    97:e6:05:ae:2a:ff:ff:b0:f1:01:5a:61:b3:2e:d2:
                    9e:e9:4d:04:41:88:06:b9:e9:22:8a:08:71:3a:1e:
                    c5:81:64:a0:b6:82:13:9d:a6:40:8a:b8:e5:6d:22:
                    a2:62:b6:7d:ed:f4:e3:d6:a4:15:87:bd:cf:a3:72:
                    de:78:e2:ff:f6:7a:62:8d:ce:37:1d:fe:41:bc:80:
                    33:ed:68:17:92:6f:91:78:d1:50:7b:b4:fc:e6:bf:
                    46:66:3b:94:b6:02:57:17:d6:15:54:c1:c9:b7:b2:
                    fb:a7:3d:35:6a:e2:dd:23:eb:86:94:79:a9:64:01:
                    20:c0:b4:4f:c9:e9:68:cb:20:3b:77:eb:15:dd:47:
                    77:85:6e:39:2c:4a:87:51:3a:b5:17:a0:d0:81:ac:
                    0f:0c:c1:0f:68:49:87:fa:0d:4e:38:3f:dd:9f:13:
                    b9:f3:5d:0d:4f:ce:0f:bd:59:93:4c:36:8d:f1:6e:
                    c5:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:A4:9D:57:F6:6C:60:49:89:76:EF:28:C6:B2:FD:2A:2D:A3:A4:24
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:1c:85:c9:76:40:bd:e5:03:62:99:9a:5f:bf:57:a3:7f:43:
         d0:de:dc:3b:fa:66:5a:48:b6:80:f3:87:b1:7d:4c:f6:94:4d:
         57:60:6f:39:f0:3a:d3:40:57:2a:90:b3:88:4b:89:96:fd:78:
         76:d6:0b:5e:af:a9:c8:8b:a2:5e:b5:80:07:4d:02:60:f9:09:
         f5:46:1b:3c:3c:a9:e3:80:4c:46:ca:6d:98:e1:ed:3c:8a:87:
         46:04:f8:e2:ef:65:d8:0d:cb:30:3b:ad:b3:26:f5:55:d9:78:
         cb:59:d6:e6:f4:f6:1c:bb:cf:a2:aa:59:57:58:f5:60:a0:5f:
         b7:61:4a:52:16:16:d7:62:7d:92:36:4f:09:b1:9a:11:fa:e5:
         a7:62:f9:b4:02:be:b7:89:54:3c:15:da:f8:a9:5a:c7:fc:8f:
         6e:86:b9:f9:cb:be:7a:57:dc:e4:5c:5b:c1:fd:36:24:2d:7b:
         f5:75:6a:c3:e6:8c:04:c8:a8:c6:15:d0:06:9b:eb:96:10:0a:
         52:f1:4f:ad:6d:9a:0b:01:ff:0f:37:17:a1:9b:c3:d7:0f:b0:
         e2:98:e1:d7:0a:d2:15:78:98:c6:f8:48:76:8f:21:f2:0d:8a:
         4e:71:49:3d:5f:64:5d:67:d2:a3:52:34:94:29:c4:85:dc:d8:
         f8:04:36:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA3BlSyQjyq0IewAM33RSQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjQwNjIwMTkwMTIwWhcNMjQwNjIxMTkwMTIwWjAzMTEwLwYDVQQD
Eyg0OGE0OWQ1N2Y2NmM2MDQ5ODk3NmVmMjhjNmIyZmQyYTJkYTNhNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe7UDAlPHWwDYIX2ZQdHloiAPZZS
wq8fxdC8GBRJZcsLiYdTW5ATSDmUk8VaRtwFM4o9qMhDFjW8ua96NvX7p9WCNyMQ
69YmVXaX5gWuKv//sPEBWmGzLtKe6U0EQYgGuekiighxOh7FgWSgtoITnaZAirjl
bSKiYrZ97fTj1qQVh73Po3LeeOL/9npijc43Hf5BvIAz7WgXkm+ReNFQe7T85r9G
ZjuUtgJXF9YVVMHJt7L7pz01auLdI+uGlHmpZAEgwLRPyeloyyA7d+sV3Ud3hW45
LEqHUTq1F6DQgawPDMEPaEmH+g1OOD/dnxO5810NT84PvVmTTDaN8W7FOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEiknVf2bGBJiXbvKMay/Soto6QkMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUxyFyXZA
veUDYpmaX79Xo39D0N7cO/pmWki2gPOHsX1M9pRNV2BvOfA600BXKpCziEuJlv14
dtYLXq+pyIuiXrWAB00CYPkJ9UYbPDyp44BMRsptmOHtPIqHRgT44u9l2A3LMDut
syb1Vdl4y1nW5vT2HLvPoqpZV1j1YKBft2FKUhYW12J9kjZPCbGaEfrlp2L5tAK+
t4lUPBXa+Klax/yPboa5+cu+elfc5Fxbwf02JC179XVqw+aMBMioxhXQBpvrlhAK
UvFPrW2aCwH/DzcXoZvD1w+w4pjh1wrSFXiYxvhIdo8h8g2KTnFJPV9kXWfSo1I0
lCnEhdzY+AQ2Sg==
-----END CERTIFICATE-----