Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
File:                     tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json)
Hash identifier:          VHA7dF48IyWz2+il9b45eZtRkb5KgYfhsNFo6cKsWE0=
Subject key identifier:   1B:31:88:4E:39:D2:9D:70:50:9D:3B:FB:43:A0:00:30:E5:21:5F:59
Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8
Certificate issuer:       /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
Certificate serial:       018F87B6C5D7667977D96DEFD278D1FB6F04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
Manifest number:          038D
Signing time:             Fri 17 May 2024 18:00:53 +0000
Manifest this update:     Fri 17 May 2024 18:00:53 +0000
Manifest next update:     Sat 18 May 2024 18:00:53 +0000
Files and hashes:         1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: uWEFFByJzFf85QobSm6lrU/1K6E2HcGfur2wslovWRk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:c5:d7:66:79:77:d9:6d:ef:d2:78:d1:fb:6f:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8
        Validity
            Not Before: May 17 18:00:53 2024 GMT
            Not After : May 18 18:00:53 2024 GMT
        Subject: CN=1b31884e39d29d70509d3bfb43a00030e5215f59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:83:63:83:dc:28:92:85:d9:37:f6:11:61:ca:
                    c8:a7:50:4e:52:5b:61:da:8e:e4:03:1e:32:52:fa:
                    0f:54:e8:cb:a5:a4:bf:80:f8:a0:64:5b:37:7a:ba:
                    d8:58:92:f3:a3:02:ee:b2:fb:8d:a6:6b:a9:d8:6a:
                    f1:77:91:a9:2d:32:11:f3:c0:4e:ae:fd:dd:1d:25:
                    43:8a:74:51:6b:00:d3:e7:b0:05:7f:a1:9c:06:aa:
                    1c:ab:af:9c:8e:d9:1a:c9:ac:bf:d1:4f:17:bb:56:
                    bf:dc:00:06:92:d9:f1:c3:20:3c:00:b8:03:72:3d:
                    cf:eb:92:88:6d:ca:d0:f9:54:44:45:ba:6e:ca:2d:
                    66:31:20:48:fa:f9:1d:d2:75:8f:20:e2:94:70:ec:
                    bf:e0:82:15:0b:85:e9:77:68:8a:bc:65:3b:c5:9c:
                    50:91:a0:0b:77:86:9f:54:58:81:89:07:c7:03:97:
                    3c:3f:53:1c:06:f7:01:87:b0:f6:fa:b7:81:e0:37:
                    ac:84:56:4f:95:90:0d:98:83:43:88:df:7e:17:2d:
                    bb:b6:e5:57:70:12:e8:3a:d6:4a:d4:90:e3:19:80:
                    96:75:d0:bd:16:e7:99:49:88:5e:4f:90:f6:60:f5:
                    8b:ab:89:5a:96:5a:b3:50:f9:f6:ef:51:64:15:81:
                    38:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:31:88:4E:39:D2:9D:70:50:9D:3B:FB:43:A0:00:30:E5:21:5F:59
            X509v3 Authority Key Identifier:
                keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:d0:b4:ee:29:85:a9:b5:21:89:2f:fa:2a:8b:5d:c6:e6:60:
         a6:00:97:26:29:d7:f7:a8:a6:90:a9:f6:1a:ba:e2:17:06:55:
         f9:70:8a:b9:34:3d:f7:5b:af:52:03:16:43:df:b9:49:97:9c:
         dd:3e:d3:aa:64:dc:d3:3a:59:61:d2:45:14:07:f3:1d:42:a3:
         fb:e4:d5:47:5b:49:07:e1:a8:f0:4c:fa:54:bf:65:6c:c4:f2:
         59:1a:f3:fd:cf:31:98:d2:f6:d8:09:b6:24:2d:9c:5f:de:63:
         e8:c8:12:33:ac:77:88:4d:ef:34:cd:5c:33:61:15:18:db:5c:
         bc:00:41:34:25:f2:85:83:c3:fb:ff:32:81:5b:e9:13:4a:ed:
         18:a4:85:aa:69:2e:62:aa:f8:39:53:e1:9e:da:d6:d0:04:ff:
         7c:99:93:43:dd:37:23:0c:f3:da:64:e0:79:1b:3a:60:a8:53:
         81:b9:09:23:cb:a2:eb:13:58:3b:c4:d2:ff:03:17:b3:81:c9:
         6d:72:d6:6e:1b:d7:0c:e5:00:cf:51:b7:ea:9c:19:22:65:d0:
         11:b6:5a:4f:4d:fe:69:4b:62:fb:a3:de:9b:f7:4b:f3:6c:ab:
         d7:6d:e0:f5:8a:06:41:54:27:b9:c5:83:e9:d9:72:38:ad:02:
         51:f5:39:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtsXXZnl32W3v0njR+28EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl
YTNjZDgwHhcNMjQwNTE3MTgwMDUzWhcNMjQwNTE4MTgwMDUzWjAzMTEwLwYDVQQD
EygxYjMxODg0ZTM5ZDI5ZDcwNTA5ZDNiZmI0M2EwMDAzMGU1MjE1ZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4Njg9wokoXZN/YRYcrIp1BOUlth
2o7kAx4yUvoPVOjLpaS/gPigZFs3errYWJLzowLusvuNpmup2Grxd5GpLTIR88BO
rv3dHSVDinRRawDT57AFf6GcBqocq6+cjtkayay/0U8Xu1a/3AAGktnxwyA8ALgD
cj3P65KIbcrQ+VRERbpuyi1mMSBI+vkd0nWPIOKUcOy/4IIVC4Xpd2iKvGU7xZxQ
kaALd4afVFiBiQfHA5c8P1McBvcBh7D2+reB4DeshFZPlZANmINDiN9+Fy27tuVX
cBLoOtZK1JDjGYCWddC9FueZSYheT5D2YPWLq4lallqzUPn271FkFYE4aQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBsxiE450p1wUJ07+0OgADDlIV9ZMB8GA1UdIwQY
MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt
MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3
LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPdC07imF
qbUhiS/6KotdxuZgpgCXJinX96imkKn2GrriFwZV+XCKuTQ991uvUgMWQ9+5SZec
3T7TqmTc0zpZYdJFFAfzHUKj++TVR1tJB+Go8Ez6VL9lbMTyWRrz/c8xmNL22Am2
JC2cX95j6MgSM6x3iE3vNM1cM2EVGNtcvABBNCXyhYPD+/8ygVvpE0rtGKSFqmku
Yqr4OVPhntrW0AT/fJmTQ903Iwzz2mTgeRs6YKhTgbkJI8ui6xNYO8TS/wMXs4HJ
bXLWbhvXDOUAz1G36pwZImXQEbZaT03+aUti+6Pem/dL82yr123g9YoGQVQnucWD
6dlyOK0CUfU59w==
-----END CERTIFICATE-----