Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
File:                     KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft (raw, json)
Hash identifier:          zGmlkHEIzaNfXmbu07VNsKNokGB/INIIBbbn7lRvJeU=
Subject key identifier:   30:4B:75:4C:CD:41:01:E9:AD:76:5F:FC:CC:72:B5:8A:65:12:C3:2A
Authority key identifier: 29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0
Certificate issuer:       /CN=293bc3a5749733104f7b9cc0512dade136d70ad0
Certificate serial:       01901BFDB1385746783D6106DE275FA3E588
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
Manifest number:          11C2
Signing time:             Sat 15 Jun 2024 13:02:08 +0000
Manifest this update:     Sat 15 Jun 2024 13:02:08 +0000
Manifest next update:     Sun 16 Jun 2024 13:02:08 +0000
Files and hashes:         1: KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl (hash: kPPBlTum60Qf9X4QbVc52eVIQAhhZj6Bl/WJ5joR9mM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 13:02:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1b:fd:b1:38:57:46:78:3d:61:06:de:27:5f:a3:e5:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=293bc3a5749733104f7b9cc0512dade136d70ad0
        Validity
            Not Before: Jun 15 13:02:08 2024 GMT
            Not After : Jun 16 13:02:08 2024 GMT
        Subject: CN=304b754ccd4101e9ad765ffccc72b58a6512c32a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:68:c2:48:25:1d:ee:fe:de:db:81:5a:0e:72:
                    0a:5c:c2:33:d0:3a:d7:a4:9d:6b:45:c8:b2:64:af:
                    a1:60:e6:3c:a5:90:57:39:d9:fa:8c:ee:38:43:1d:
                    b1:f5:49:f4:08:92:38:58:eb:a9:c8:46:f5:23:3c:
                    06:a5:aa:57:df:ce:7d:0f:b9:ec:74:3b:a8:87:2b:
                    3d:3a:da:31:e5:dd:d9:64:94:68:cb:71:68:8b:ba:
                    35:24:94:7f:04:31:9b:9b:58:91:2d:55:4c:33:72:
                    99:f1:d2:10:6b:6d:58:e1:55:40:aa:c0:48:c2:15:
                    73:60:98:31:fe:ec:2d:1e:b0:bb:eb:b8:6d:f5:7b:
                    80:31:40:fd:7d:0e:c3:0e:0f:bc:0d:1f:b4:cf:cc:
                    f1:6a:fa:2b:4b:b5:8d:1f:18:34:4a:c8:89:4c:6c:
                    fc:56:76:e0:16:15:b6:19:55:f8:c3:31:cb:63:fa:
                    c7:29:69:4a:bb:d7:a7:1c:8e:d4:ab:f2:f3:99:4b:
                    26:f4:7d:e6:dc:34:ad:97:68:49:f8:a3:d3:0d:0d:
                    76:80:20:29:18:da:78:2a:1a:bf:c4:22:b9:2f:33:
                    e1:c7:9c:7f:0b:12:62:a8:20:4a:8e:4d:76:0f:16:
                    2e:a7:e2:29:0d:51:8a:8d:a3:e4:6c:b0:27:d2:f9:
                    a1:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:4B:75:4C:CD:41:01:E9:AD:76:5F:FC:CC:72:B5:8A:65:12:C3:2A
            X509v3 Authority Key Identifier:
                keyid:29:3B:C3:A5:74:97:33:10:4F:7B:9C:C0:51:2D:AD:E1:36:D7:0A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KTvDpXSXMxBPe5zAUS2t4TbXCtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/bb7f9e-15c0-4d55-822b-609a1e8627fd/1/KTvDpXSXMxBPe5zAUS2t4TbXCtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:cf:1c:f7:0b:80:8f:cb:9a:cc:02:42:13:3e:60:2f:70:34:
         e2:9e:c2:67:2e:a6:3d:00:0d:ef:98:b8:aa:77:ca:ca:83:17:
         74:03:56:79:fd:56:c2:8d:99:a5:18:e7:35:da:9d:5e:ec:8f:
         83:9b:09:fc:55:bb:17:05:e5:81:77:9c:6a:7b:1b:7c:28:37:
         d7:e1:03:d2:58:30:cb:d8:6b:5b:0f:95:d8:ac:b4:58:ce:5c:
         7c:db:87:41:56:2e:e6:69:89:e4:02:11:ca:87:bf:9c:79:11:
         91:5c:21:50:2b:21:d9:a6:21:ed:a5:0c:3f:e5:a0:78:bf:6d:
         58:2b:6e:ff:45:89:16:33:ed:b0:a6:66:f2:42:8f:03:12:cc:
         88:a7:19:cd:b0:18:1b:54:33:c0:13:6a:66:06:06:d5:53:db:
         67:f5:53:be:d3:1e:89:cb:77:18:43:09:9c:60:40:61:19:04:
         5d:0b:f4:19:f0:23:26:2d:30:a1:37:17:9f:9d:90:cc:d3:56:
         e0:03:d4:aa:8f:ba:0d:69:3c:50:a8:a7:fb:3c:bf:0a:bd:f4:
         68:88:64:40:b6:5f:cf:4b:08:a0:e6:e2:34:dc:a5:d8:50:d5:
         be:69:ad:83:25:e0:89:67:96:0a:cb:8c:0a:f2:e4:52:b9:73:
         c3:e0:64:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAb/bE4V0Z4PWEG3idfo+WIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5M2JjM2E1NzQ5NzMzMTA0ZjdiOWNjMDUxMmRhZGUxMzZk
NzBhZDAwHhcNMjQwNjE1MTMwMjA4WhcNMjQwNjE2MTMwMjA4WjAzMTEwLwYDVQQD
EygzMDRiNzU0Y2NkNDEwMWU5YWQ3NjVmZmNjYzcyYjU4YTY1MTJjMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2jCSCUd7v7e24FaDnIKXMIz0DrX
pJ1rRciyZK+hYOY8pZBXOdn6jO44Qx2x9Un0CJI4WOupyEb1IzwGpapX3859D7ns
dDuohys9Otox5d3ZZJRoy3Foi7o1JJR/BDGbm1iRLVVMM3KZ8dIQa21Y4VVAqsBI
whVzYJgx/uwtHrC767ht9XuAMUD9fQ7DDg+8DR+0z8zxavorS7WNHxg0SsiJTGz8
VnbgFhW2GVX4wzHLY/rHKWlKu9enHI7Uq/LzmUsm9H3m3DStl2hJ+KPTDQ12gCAp
GNp4Khq/xCK5LzPhx5x/CxJiqCBKjk12DxYup+IpDVGKjaPkbLAn0vmhawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBLdUzNQQHprXZf/MxytYplEsMqMB8GA1UdIwQY
MBaAFCk7w6V0lzMQT3ucwFEtreE21wrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmIt
NjA5YTFlODYyN2ZkLzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9iYjdmOWUtMTVjMC00ZDU1LTgyMmItNjA5YTFlODYyN2Zk
LzEvS1R2RHBYU1hNeEJQZTV6QVVTMnQ0VGJYQ3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ88c9wuA
j8uazAJCEz5gL3A04p7CZy6mPQAN75i4qnfKyoMXdANWef1Wwo2ZpRjnNdqdXuyP
g5sJ/FW7FwXlgXecansbfCg31+ED0lgwy9hrWw+V2Ky0WM5cfNuHQVYu5mmJ5AIR
yoe/nHkRkVwhUCsh2aYh7aUMP+WgeL9tWCtu/0WJFjPtsKZm8kKPAxLMiKcZzbAY
G1QzwBNqZgYG1VPbZ/VTvtMeict3GEMJnGBAYRkEXQv0GfAjJi0woTcXn52QzNNW
4APUqo+6DWk8UKin+zy/Cr30aIhkQLZfz0sIoObiNNyl2FDVvmmtgyXgiWeWCsuM
CvLkUrlzw+Bk3g==
-----END CERTIFICATE-----