Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
File:                     QaCIiaXMcoT9MkqZK_qN59bCwYo.mft (raw, json)
Hash identifier:          D8m++1QTA5fa9Z5hluHksCWmQf2iEV02/12MTF1FDDE=
Subject key identifier:   96:70:F9:E8:02:41:D3:53:BA:8E:AD:A1:0E:65:C2:BB:B5:C9:0A:9E
Authority key identifier: 41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A
Certificate issuer:       /CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
Certificate serial:       018F885B2BA93C6E6DE0FD9264EBB9B29A06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
Manifest number:          D5
Signing time:             Fri 17 May 2024 21:00:27 +0000
Manifest this update:     Fri 17 May 2024 21:00:27 +0000
Manifest next update:     Sat 18 May 2024 21:00:27 +0000
Files and hashes:         1: QaCIiaXMcoT9MkqZK_qN59bCwYo.crl (hash: q4KB9Ygo4qztQOOhxYx4htMbW0A5aGlQ6wFAA90Rf9U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:5b:2b:a9:3c:6e:6d:e0:fd:92:64:eb:b9:b2:9a:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41a08889a5cc7284fd324a992bfa8de7d6c2c18a
        Validity
            Not Before: May 17 21:00:27 2024 GMT
            Not After : May 18 21:00:27 2024 GMT
        Subject: CN=9670f9e80241d353ba8eada10e65c2bbb5c90a9e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e7:48:91:1f:ec:43:3e:42:36:31:6c:cd:b3:
                    1a:2f:7a:a8:7d:01:0f:c8:38:6b:30:28:8d:c0:8d:
                    e8:9c:6c:ff:a8:4e:b4:2c:b1:20:eb:72:90:5f:8a:
                    54:3b:3c:17:c3:69:40:23:9e:d6:56:2b:ba:1c:86:
                    e4:33:5a:92:78:46:fa:b4:71:78:dc:fc:8a:0d:c1:
                    28:68:bf:3d:90:4f:53:3f:cf:ac:0b:bf:e9:73:f7:
                    9f:e3:f4:31:24:fa:87:20:bc:2b:80:48:fd:df:e5:
                    a0:23:58:d4:6e:b1:e2:c7:74:1e:dc:5b:53:e0:5a:
                    a5:b9:05:0d:c7:94:bb:84:92:cb:d8:ca:8e:45:78:
                    3c:a5:c5:75:2f:09:6f:f6:c6:8e:56:80:3a:5f:41:
                    d6:b3:46:c3:ed:5e:42:9e:27:8b:e4:8b:29:89:15:
                    29:44:c1:df:87:fc:bd:ef:6d:c3:fa:f0:b4:a6:9e:
                    02:4c:cc:29:b7:76:27:dc:cb:86:bf:e9:dd:c0:1b:
                    9a:84:36:59:f9:29:07:62:c2:ac:90:20:42:0d:21:
                    9f:4c:0d:06:28:59:67:ea:89:ea:6e:48:3b:99:69:
                    71:bf:b8:7a:07:87:71:49:aa:a6:ac:be:84:d7:f5:
                    9b:4a:3c:04:63:a8:74:e7:a4:8e:4d:5c:37:a3:ab:
                    05:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:70:F9:E8:02:41:D3:53:BA:8E:AD:A1:0E:65:C2:BB:B5:C9:0A:9E
            X509v3 Authority Key Identifier:
                keyid:41:A0:88:89:A5:CC:72:84:FD:32:4A:99:2B:FA:8D:E7:D6:C2:C1:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QaCIiaXMcoT9MkqZK_qN59bCwYo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ddb5a6-53f3-4d64-bc39-561267a42926/1/QaCIiaXMcoT9MkqZK_qN59bCwYo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:64:a8:af:87:2d:56:77:1d:d1:64:36:18:8a:61:07:10:0e:
         e6:d1:da:8a:cc:2f:45:e5:66:e5:9b:5c:01:d8:da:6e:3f:5e:
         c6:36:70:63:8a:83:e4:35:8c:f1:22:7b:a6:d9:09:44:d9:2f:
         1f:d2:15:7a:69:34:5a:70:44:2c:16:56:10:55:85:c2:82:c4:
         e3:4a:4c:6a:54:02:a7:d9:5c:17:7d:93:a1:95:1f:30:7f:c9:
         48:2c:c5:a2:8d:9e:c8:92:8f:12:f7:a1:a9:e8:9c:52:47:b4:
         b2:68:f0:12:c6:9a:20:6f:7c:eb:20:63:0d:e5:fa:d7:81:96:
         bb:87:39:96:10:7d:b1:2e:67:63:ee:ac:2e:e7:91:aa:7d:84:
         76:35:d6:e2:f1:4f:7e:6a:98:5e:8a:a6:d0:75:ab:bb:47:8b:
         b5:1c:4a:d5:7a:d2:36:85:a0:d2:31:fa:b8:e5:2a:44:31:7d:
         19:79:03:b4:d0:84:8f:6a:60:4e:54:a6:3e:eb:be:e7:48:a9:
         d8:15:e5:ee:3e:7b:53:32:14:3c:38:6f:93:28:ff:ce:f7:66:
         35:0f:6a:4d:00:aa:06:2f:92:f8:62:63:fc:2a:b0:81:5f:c3:
         95:c6:0c:1e:87:53:75:83:08:4a:34:a0:78:cd:2e:25:67:54:
         71:94:60:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IWyupPG5t4P2SZOu5spoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYTA4ODg5YTVjYzcyODRmZDMyNGE5OTJiZmE4ZGU3ZDZj
MmMxOGEwHhcNMjQwNTE3MjEwMDI3WhcNMjQwNTE4MjEwMDI3WjAzMTEwLwYDVQQD
Eyg5NjcwZjllODAyNDFkMzUzYmE4ZWFkYTEwZTY1YzJiYmI1YzkwYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOdIkR/sQz5CNjFszbMaL3qofQEP
yDhrMCiNwI3onGz/qE60LLEg63KQX4pUOzwXw2lAI57WViu6HIbkM1qSeEb6tHF4
3PyKDcEoaL89kE9TP8+sC7/pc/ef4/QxJPqHILwrgEj93+WgI1jUbrHix3Qe3FtT
4FqluQUNx5S7hJLL2MqORXg8pcV1Lwlv9saOVoA6X0HWs0bD7V5CnieL5IspiRUp
RMHfh/y9723D+vC0pp4CTMwpt3Yn3MuGv+ndwBuahDZZ+SkHYsKskCBCDSGfTA0G
KFln6onqbkg7mWlxv7h6B4dxSaqmrL6E1/WbSjwEY6h056SOTVw3o6sFJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZw+egCQdNTuo6toQ5lwru1yQqeMB8GA1UdIwQY
MBaAFEGgiImlzHKE/TJKmSv6jefWwsGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzkt
NTYxMjY3YTQyOTI2LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kZGI1YTYtNTNmMy00ZDY0LWJjMzktNTYxMjY3YTQyOTI2
LzEvUWFDSWlhWE1jb1Q5TWtxWktfcU41OWJDd1lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjGSor4ct
Vncd0WQ2GIphBxAO5tHaiswvReVm5ZtcAdjabj9exjZwY4qD5DWM8SJ7ptkJRNkv
H9IVemk0WnBELBZWEFWFwoLE40pMalQCp9lcF32ToZUfMH/JSCzFoo2eyJKPEveh
qeicUke0smjwEsaaIG986yBjDeX614GWu4c5lhB9sS5nY+6sLueRqn2EdjXW4vFP
fmqYXoqm0HWru0eLtRxK1XrSNoWg0jH6uOUqRDF9GXkDtNCEj2pgTlSmPuu+50ip
2BXl7j57UzIUPDhvkyj/zvdmNQ9qTQCqBi+S+GJj/CqwgV/DlcYMHodTdYMISjSg
eM0uJWdUcZRgXQ==
-----END CERTIFICATE-----