Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File:                     20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier:          mBl7FKIRTgexrKcZPeqSGqm+8iRmmTnAfyY7ScwS3ek=
Subject key identifier:   DB:87:BC:63:69:91:1D:26:0B:E7:A2:5E:FB:0D:22:8F:5F:3E:38:A1
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer:       /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial:       018F599485D19DA36B411B17EBE5CCB3278A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number:          115C
Signing time:             Wed 08 May 2024 19:00:56 +0000
Manifest this update:     Wed 08 May 2024 19:00:56 +0000
Manifest next update:     Thu 09 May 2024 19:00:56 +0000
Files and hashes:         1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: 8u3Qs18yYpnIkP2gOPHqppBzvxnjhpdWAEepGRpyMXA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:59:94:85:d1:9d:a3:6b:41:1b:17:eb:e5:cc:b3:27:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
        Validity
            Not Before: May  8 19:00:56 2024 GMT
            Not After : May  9 19:00:56 2024 GMT
        Subject: CN=db87bc6369911d260be7a25efb0d228f5f3e38a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:8a:4a:73:11:71:6f:12:04:96:1e:13:53:24:
                    1a:56:27:56:79:a7:12:09:d1:45:33:79:6e:43:19:
                    79:f6:cb:5d:56:c9:af:76:d1:c9:dc:b1:d6:9a:44:
                    8f:bc:3a:e6:41:d1:53:1c:c1:9a:53:aa:6b:ab:31:
                    89:7e:16:0c:21:8b:8d:e3:64:be:de:e7:a7:6d:5b:
                    55:b7:6a:d3:bb:e9:ac:21:3d:ea:8d:43:29:16:bd:
                    94:43:0f:8f:37:0f:78:17:73:ca:a7:85:22:ac:9e:
                    0c:2d:a2:27:89:9b:e4:ec:49:3f:cb:b2:21:11:32:
                    a9:e5:c1:c6:d7:f7:77:74:dd:81:08:60:46:d2:ae:
                    1f:95:fc:5c:b3:21:f2:54:49:17:b4:e5:3c:2c:bf:
                    99:13:ee:60:f2:3c:60:d1:e7:9b:2f:5d:e0:81:48:
                    61:0b:a3:bc:ed:2a:dc:3a:c5:cb:2f:e3:ba:c9:86:
                    76:2a:b3:a1:ea:ff:12:38:51:4e:6e:0e:07:f0:13:
                    77:7d:45:49:21:9b:28:a7:8c:9e:98:68:6c:64:f1:
                    cb:75:95:c6:2d:e4:78:6e:b4:0b:47:4a:bc:f3:55:
                    6a:80:f4:88:35:3b:c3:54:dc:88:bb:f7:a7:ba:26:
                    57:06:cf:2d:fe:1e:2d:96:08:86:49:9b:98:83:85:
                    04:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:87:BC:63:69:91:1D:26:0B:E7:A2:5E:FB:0D:22:8F:5F:3E:38:A1
            X509v3 Authority Key Identifier:
                keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:88:37:ba:06:00:78:fe:61:03:33:c8:b2:ed:1b:64:7f:10:
         74:42:7a:28:93:04:b9:22:61:72:bc:8f:e3:3f:dd:ec:bb:55:
         ba:30:1b:09:86:d0:55:6c:b4:ae:ba:f9:a1:13:8b:41:0e:81:
         c4:b2:78:ed:3d:16:29:06:00:86:42:21:76:00:8a:f3:de:a6:
         6a:90:51:11:a2:56:07:dd:e8:53:ce:e4:a9:f3:94:e0:f9:93:
         4e:2f:6b:15:7e:06:59:17:df:40:2e:25:eb:eb:e9:61:4b:56:
         ca:e8:cf:75:0d:c1:1f:95:86:7c:44:b5:52:ad:8c:13:48:63:
         ec:a5:d1:85:70:d0:31:8b:cf:fa:00:7e:7e:06:4a:ab:c0:02:
         e7:eb:00:0e:9a:ce:c9:9c:62:07:02:b4:f8:4e:83:d0:62:44:
         2d:b1:cd:bd:78:6c:a9:75:4f:63:c4:4c:6d:bf:57:00:2e:dd:
         4e:dd:d2:c4:06:f8:f0:2a:e1:27:58:0b:88:ed:80:59:66:c4:
         7d:4e:b4:6c:72:97:1e:a3:cf:fb:88:7f:23:f5:24:dd:24:28:
         e9:24:a8:90:05:32:56:1f:7c:52:d2:63:01:b8:8a:c2:8b:eb:
         f2:5f:02:f7:43:97:a2:b4:c2:56:8e:f4:03:a1:dd:e8:cb:f1:
         3d:71:2a:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9ZlIXRnaNrQRsX6+XMsyeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjQwNTA4MTkwMDU2WhcNMjQwNTA5MTkwMDU2WjAzMTEwLwYDVQQD
EyhkYjg3YmM2MzY5OTExZDI2MGJlN2EyNWVmYjBkMjI4ZjVmM2UzOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YpKcxFxbxIElh4TUyQaVidWeacS
CdFFM3luQxl59stdVsmvdtHJ3LHWmkSPvDrmQdFTHMGaU6prqzGJfhYMIYuN42S+
3uenbVtVt2rTu+msIT3qjUMpFr2UQw+PNw94F3PKp4UirJ4MLaIniZvk7Ek/y7Ih
ETKp5cHG1/d3dN2BCGBG0q4flfxcsyHyVEkXtOU8LL+ZE+5g8jxg0eebL13ggUhh
C6O87SrcOsXLL+O6yYZ2KrOh6v8SOFFObg4H8BN3fUVJIZsop4yemGhsZPHLdZXG
LeR4brQLR0q881VqgPSINTvDVNyIu/enuiZXBs8t/h4tlgiGSZuYg4UEtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuHvGNpkR0mC+eiXvsNIo9fPjihMB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYg3ugYA
eP5hAzPIsu0bZH8QdEJ6KJMEuSJhcryP4z/d7LtVujAbCYbQVWy0rrr5oROLQQ6B
xLJ47T0WKQYAhkIhdgCK896mapBREaJWB93oU87kqfOU4PmTTi9rFX4GWRffQC4l
6+vpYUtWyujPdQ3BH5WGfES1Uq2ME0hj7KXRhXDQMYvP+gB+fgZKq8AC5+sADprO
yZxiBwK0+E6D0GJELbHNvXhsqXVPY8RMbb9XAC7dTt3SxAb48CrhJ1gLiO2AWWbE
fU60bHKXHqPP+4h/I/Uk3SQo6SSokAUyVh98UtJjAbiKwovr8l8C90OXorTCVo70
A6Hd6MvxPXEqQQ==
-----END CERTIFICATE-----