Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
File:                     Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft (raw, json)
Hash identifier:          itvzzILEwtIMB0ZA4VgnbGTS0be9Z8Xf1986VKkjQ3c=
Subject key identifier:   4A:D9:8B:D0:C8:76:88:49:44:4E:3F:A7:C4:D8:76:B2:48:3A:DC:2A
Authority key identifier: 67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56
Certificate issuer:       /CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
Certificate serial:       018F87B63EC9FF20391FBDDD5CFE07A4F200
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
Manifest number:          07F9
Signing time:             Fri 17 May 2024 18:00:18 +0000
Manifest this update:     Fri 17 May 2024 18:00:18 +0000
Manifest next update:     Sat 18 May 2024 18:00:18 +0000
Files and hashes:         1: Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl (hash: lq49+gL5275JzhjkZQGezZ9fFXDkC4xUeQNziatMhRc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:3e:c9:ff:20:39:1f:bd:dd:5c:fe:07:a4:f2:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=676fbb577c93dc45d48f0199b19d1ca7a2137c56
        Validity
            Not Before: May 17 18:00:18 2024 GMT
            Not After : May 18 18:00:18 2024 GMT
        Subject: CN=4ad98bd0c8768849444e3fa7c4d876b2483adc2a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:c5:85:29:28:36:30:48:2b:aa:d4:fd:ad:65:
                    87:c2:1d:2c:c3:c5:6f:19:aa:88:50:c6:44:2c:94:
                    26:6c:64:f4:a7:fc:dc:2c:d8:49:d8:b0:56:00:59:
                    7e:b8:71:bd:a3:c1:26:66:02:99:b5:a9:75:06:39:
                    26:a3:33:20:de:f2:79:c2:30:2b:4d:b9:2b:65:22:
                    2b:b2:21:16:c3:71:43:16:f2:2f:75:71:0f:5a:ec:
                    16:35:3f:47:0f:e3:f9:87:e4:e0:90:cb:fc:0f:e6:
                    81:4d:78:fa:e5:d1:3a:dc:3b:e8:93:59:32:d8:a0:
                    97:f1:7f:1a:32:0a:94:b0:4a:b1:3e:87:87:b4:e5:
                    23:e4:e6:90:a1:dd:2e:09:ab:d9:72:d2:92:fd:a3:
                    7b:d5:84:c8:3e:ab:28:dd:80:51:c4:48:8a:ea:35:
                    c9:e4:97:58:a7:e9:f0:b8:c2:9f:58:f5:c3:e9:ac:
                    ab:9d:b5:66:df:e6:b9:f3:e9:ea:7e:94:66:78:07:
                    df:33:8b:7a:c8:90:fd:4b:3d:eb:88:b1:bb:aa:bc:
                    af:1e:24:05:48:78:89:01:70:3f:b8:9d:53:43:7c:
                    41:7d:7c:bd:b9:3b:33:cf:06:57:de:a1:0d:c3:f1:
                    d4:3c:8b:a9:3a:c5:c3:31:19:f2:ce:77:6b:53:c7:
                    94:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D9:8B:D0:C8:76:88:49:44:4E:3F:A7:C4:D8:76:B2:48:3A:DC:2A
            X509v3 Authority Key Identifier:
                keyid:67:6F:BB:57:7C:93:DC:45:D4:8F:01:99:B1:9D:1C:A7:A2:13:7C:56

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/8a107e-ab8b-43e2-971f-1cde731e6fdf/1/Z2-7V3yT3EXUjwGZsZ0cp6ITfFY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:5b:43:19:a2:f3:53:57:6d:57:d2:d8:41:60:32:6a:96:46:
         85:a9:50:ef:6a:4d:03:c4:47:04:56:09:23:e1:6a:4f:aa:0d:
         95:04:47:6f:94:ef:ca:59:f7:64:6f:6d:ad:7c:39:04:81:2e:
         d1:1f:48:86:b4:db:0a:b1:44:f4:15:7e:6d:56:e2:fe:35:f0:
         fe:db:df:bb:e6:0a:f4:78:30:95:b7:cf:f2:a8:f4:12:15:56:
         94:ac:1e:86:f6:00:5a:75:98:e4:de:c4:5d:7a:a5:b0:d8:87:
         8d:91:96:1b:bd:52:01:d8:1f:df:dd:f4:33:9f:60:de:0b:c5:
         b6:14:18:15:ae:63:c8:99:7a:be:f1:2b:b9:88:aa:bc:86:f3:
         6b:7b:5b:02:75:3f:e3:6a:d7:e1:37:3f:f8:ac:99:70:37:53:
         20:77:2a:4d:59:88:04:e1:07:e6:95:fb:34:9c:7b:73:36:fd:
         98:eb:95:6d:79:a5:2a:ed:29:14:7f:b7:2c:b3:7a:98:da:a7:
         4a:3f:5e:91:14:f2:58:9a:15:31:e0:2f:3d:f1:9b:ef:a8:70:
         95:cb:28:ea:a1:85:03:85:8c:a8:c6:b3:20:58:bf:94:34:b7:
         38:7e:0a:65:e1:b5:31:9d:d1:66:cd:bf:a0:81:f4:47:b3:ef:
         bb:98:36:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htj7J/yA5H73dXP4HpPIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NmZiYjU3N2M5M2RjNDVkNDhmMDE5OWIxOWQxY2E3YTIx
MzdjNTYwHhcNMjQwNTE3MTgwMDE4WhcNMjQwNTE4MTgwMDE4WjAzMTEwLwYDVQQD
Eyg0YWQ5OGJkMGM4NzY4ODQ5NDQ0ZTNmYTdjNGQ4NzZiMjQ4M2FkYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcWFKSg2MEgrqtT9rWWHwh0sw8Vv
GaqIUMZELJQmbGT0p/zcLNhJ2LBWAFl+uHG9o8EmZgKZtal1BjkmozMg3vJ5wjAr
TbkrZSIrsiEWw3FDFvIvdXEPWuwWNT9HD+P5h+TgkMv8D+aBTXj65dE63Dvok1ky
2KCX8X8aMgqUsEqxPoeHtOUj5OaQod0uCavZctKS/aN71YTIPqso3YBRxEiK6jXJ
5JdYp+nwuMKfWPXD6ayrnbVm3+a58+nqfpRmeAffM4t6yJD9Sz3riLG7qryvHiQF
SHiJAXA/uJ1TQ3xBfXy9uTszzwZX3qENw/HUPIupOsXDMRnyzndrU8eUOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFErZi9DIdohJRE4/p8TYdrJIOtwqMB8GA1UdIwQY
MBaAFGdvu1d8k9xF1I8BmbGdHKeiE3xWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYt
MWNkZTczMWU2ZmRmLzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy84YTEwN2UtYWI4Yi00M2UyLTk3MWYtMWNkZTczMWU2ZmRm
LzEvWjItN1YzeVQzRVhVandHWnNaMGNwNklUZkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJFtDGaLz
U1dtV9LYQWAyapZGhalQ72pNA8RHBFYJI+FqT6oNlQRHb5Tvyln3ZG9trXw5BIEu
0R9IhrTbCrFE9BV+bVbi/jXw/tvfu+YK9HgwlbfP8qj0EhVWlKwehvYAWnWY5N7E
XXqlsNiHjZGWG71SAdgf3930M59g3gvFthQYFa5jyJl6vvEruYiqvIbza3tbAnU/
42rX4Tc/+KyZcDdTIHcqTVmIBOEH5pX7NJx7czb9mOuVbXmlKu0pFH+3LLN6mNqn
Sj9ekRTyWJoVMeAvPfGb76hwlcso6qGFA4WMqMazIFi/lDS3OH4KZeG1MZ3RZs2/
oIH0R7Pvu5g2lQ==
-----END CERTIFICATE-----