Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
File:                     AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft (raw, json)
Hash identifier:          WrVSf1MnNjURz3/JYURL0e2z0Zralhb+KidExU3oHv0=
Subject key identifier:   4F:FE:04:CB:A0:C3:D2:43:E7:A8:8A:3F:BF:4A:C1:46:5B:EA:C3:2B
Authority key identifier: 02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05
Certificate issuer:       /CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
Certificate serial:       018F343E761132E6C6876B5F6C27CF436A47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
Manifest number:          1149
Signing time:             Wed 01 May 2024 13:00:59 +0000
Manifest this update:     Wed 01 May 2024 13:00:59 +0000
Manifest next update:     Thu 02 May 2024 13:00:59 +0000
Files and hashes:         1: AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl (hash: efN42pCamgwyMT+Jwos1+EvAFhtJRm5p8SJYEKnR0dA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 13:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:34:3e:76:11:32:e6:c6:87:6b:5f:6c:27:cf:43:6a:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0251f6abe0bb26bfe4859e54dee0fdc9a5b78a05
        Validity
            Not Before: May  1 13:00:59 2024 GMT
            Not After : May  2 13:00:59 2024 GMT
        Subject: CN=4ffe04cba0c3d243e7a88a3fbf4ac1465beac32b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:55:e9:11:5e:c2:b2:c9:b2:ed:5a:4f:2b:59:
                    e7:4b:55:c2:f3:7b:79:7c:58:48:17:38:60:aa:d5:
                    a4:1e:3c:2b:47:7c:39:53:fe:47:ee:8b:76:96:55:
                    50:b2:0d:2b:09:78:35:f2:bc:9c:5a:ff:5c:c1:6e:
                    dc:aa:f7:1c:b6:78:5c:0f:04:3e:b7:23:a2:4e:bf:
                    58:10:ae:83:5b:cb:c5:0a:8a:c4:83:02:eb:7e:a3:
                    92:8c:3b:cf:24:65:33:3e:ad:81:9c:82:a2:07:a1:
                    4c:67:cb:f4:68:e9:a1:2e:fe:27:de:19:95:2d:45:
                    d5:e8:a5:01:c9:a6:b2:4e:37:17:5f:c6:9e:b0:f3:
                    93:17:1f:45:e1:18:3c:46:a9:79:17:2e:99:91:f9:
                    89:c9:90:e4:39:c1:82:0c:8a:23:45:3a:8b:4a:e1:
                    05:dd:c3:f6:a8:7d:74:86:73:b9:8e:93:15:cc:e4:
                    e4:b2:2f:3a:65:c6:c5:2d:c5:5f:33:d0:c4:bb:e0:
                    26:82:56:89:ab:21:23:c1:b1:3e:4b:04:76:ee:fb:
                    17:41:a7:da:42:0a:11:a2:b1:76:a8:19:55:bb:20:
                    a2:d1:3b:f2:b1:a1:1b:0d:a6:41:c6:dd:1c:53:fd:
                    9e:a8:23:8f:fd:0a:54:dd:eb:c6:9b:c0:3f:36:97:
                    51:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:FE:04:CB:A0:C3:D2:43:E7:A8:8A:3F:BF:4A:C1:46:5B:EA:C3:2B
            X509v3 Authority Key Identifier:
                keyid:02:51:F6:AB:E0:BB:26:BF:E4:85:9E:54:DE:E0:FD:C9:A5:B7:8A:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AlH2q-C7Jr_khZ5U3uD9yaW3igU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/2fabf5-e3ed-4d9a-9cd8-2f4eb9c06035/1/AlH2q-C7Jr_khZ5U3uD9yaW3igU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:b8:92:8f:18:c4:b4:fd:30:b1:78:73:55:91:ae:25:9a:dc:
         00:22:65:c5:d3:36:ae:ec:f2:0b:83:85:d0:32:75:ce:92:12:
         29:5c:6a:fe:61:73:a5:e7:8b:af:eb:47:35:2f:0e:50:69:37:
         23:ed:e0:c0:60:bd:de:50:8d:5e:0a:e6:1a:b0:e6:1e:e7:fc:
         50:2e:18:4a:9c:ea:0f:ee:40:cc:3a:04:57:1e:b0:f7:a3:ad:
         f3:14:a2:12:82:93:1f:58:50:db:09:94:be:63:c3:bc:59:49:
         0e:1e:c1:72:e2:31:7b:11:c1:a8:6d:07:17:4e:d9:da:f0:24:
         54:e4:5f:b8:b1:9f:33:35:f7:1d:8e:0a:41:f6:c9:29:62:bf:
         95:37:0c:70:5c:31:d5:ea:35:74:d3:39:e0:34:13:88:02:cf:
         e9:20:9d:c1:ff:7d:c7:c0:77:00:02:15:a8:eb:7e:fd:4d:cc:
         c7:6a:e0:ca:4f:63:e1:de:7d:ba:19:8c:70:b3:51:aa:63:ec:
         0b:26:81:31:a8:0b:89:75:fd:b3:7a:df:c6:42:93:2a:3d:72:
         33:0e:d2:a0:3b:e4:fb:07:ab:31:75:53:84:aa:d7:66:60:c7:
         c2:e7:72:b1:a0:af:80:64:88:5f:2a:8a:5a:ae:3b:a6:82:f8:
         85:fd:4c:d5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY80PnYRMubGh2tfbCfPQ2pHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNTFmNmFiZTBiYjI2YmZlNDg1OWU1NGRlZTBmZGM5YTVi
NzhhMDUwHhcNMjQwNTAxMTMwMDU5WhcNMjQwNTAyMTMwMDU5WjAzMTEwLwYDVQQD
Eyg0ZmZlMDRjYmEwYzNkMjQzZTdhODhhM2ZiZjRhYzE0NjViZWFjMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1XpEV7Cssmy7VpPK1nnS1XC83t5
fFhIFzhgqtWkHjwrR3w5U/5H7ot2llVQsg0rCXg18rycWv9cwW7cqvcctnhcDwQ+
tyOiTr9YEK6DW8vFCorEgwLrfqOSjDvPJGUzPq2BnIKiB6FMZ8v0aOmhLv4n3hmV
LUXV6KUByaayTjcXX8aesPOTFx9F4Rg8Rql5Fy6ZkfmJyZDkOcGCDIojRTqLSuEF
3cP2qH10hnO5jpMVzOTksi86ZcbFLcVfM9DEu+AmglaJqyEjwbE+SwR27vsXQafa
QgoRorF2qBlVuyCi0TvysaEbDaZBxt0cU/2eqCOP/QpU3evGm8A/NpdRJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE/+BMugw9JD56iKP79KwUZb6sMrMB8GA1UdIwQY
MBaAFAJR9qvguya/5IWeVN7g/cmlt4oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgt
MmY0ZWI5YzA2MDM1LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8yZmFiZjUtZTNlZC00ZDlhLTljZDgtMmY0ZWI5YzA2MDM1
LzEvQWxIMnEtQzdKcl9raFo1VTN1RDl5YVczaWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABriSjxjE
tP0wsXhzVZGuJZrcACJlxdM2ruzyC4OF0DJ1zpISKVxq/mFzpeeLr+tHNS8OUGk3
I+3gwGC93lCNXgrmGrDmHuf8UC4YSpzqD+5AzDoEVx6w96Ot8xSiEoKTH1hQ2wmU
vmPDvFlJDh7BcuIxexHBqG0HF07Z2vAkVORfuLGfMzX3HY4KQfbJKWK/lTcMcFwx
1eo1dNM54DQTiALP6SCdwf99x8B3AAIVqOt+/U3Mx2rgyk9j4d59uhmMcLNRqmPs
CyaBMagLiXX9s3rfxkKTKj1yMw7SoDvk+werMXVThKrXZmDHwudysaCvgGSIXyqK
Wq47poL4hf1M1Q==
-----END CERTIFICATE-----