Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
File:                     _1VJGZMcZ70mUPxODHPC-z4ijZU.mft (raw, json)
Hash identifier:          SuysXR3HMdqxERiaoxn9gP14SLQqMN3LhX7UBMw3Y4k=
Subject key identifier:   72:4B:DC:D1:1F:3F:8D:34:C8:6A:43:85:B7:89:25:5B:C7:06:DF:8E
Authority key identifier: FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95
Certificate issuer:       /CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
Certificate serial:       018FB4593D928BDA0E00BCE3D97C70724E86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
Manifest number:          118A
Signing time:             Sun 26 May 2024 10:01:38 +0000
Manifest this update:     Sun 26 May 2024 10:01:38 +0000
Manifest next update:     Mon 27 May 2024 10:01:38 +0000
Files and hashes:         1: _1VJGZMcZ70mUPxODHPC-z4ijZU.crl (hash: H1ygDNAprJkpoeusNp7k7sWrF/3ynJWJ6YPDxEiZD/Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:b4:59:3d:92:8b:da:0e:00:bc:e3:d9:7c:70:72:4e:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff554919931c67bd2650fc4e0c73c2fb3e228d95
        Validity
            Not Before: May 26 10:01:38 2024 GMT
            Not After : May 27 10:01:38 2024 GMT
        Subject: CN=724bdcd11f3f8d34c86a4385b789255bc706df8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:18:61:fc:51:00:41:cd:40:4b:c0:c4:73:46:
                    ed:1f:2e:36:32:22:52:c5:ff:77:92:42:19:74:1e:
                    91:20:4d:10:ea:be:d1:7b:4b:47:02:52:02:ba:89:
                    74:25:72:ff:c8:01:5f:f9:36:26:c7:85:18:b9:be:
                    51:97:36:e8:3d:2a:8b:91:1c:bc:bf:cc:74:96:0a:
                    2d:e4:47:a3:32:53:b8:0e:46:58:f9:9a:98:86:bb:
                    3e:1a:6e:0a:10:80:a2:52:d1:3b:98:66:a8:d7:e4:
                    26:22:8d:a1:bf:f9:0d:62:90:a4:11:03:ea:4c:99:
                    35:76:ee:c3:b8:8f:78:50:fa:bb:de:a7:be:56:8e:
                    0a:fa:69:52:1b:e2:e8:40:64:0c:d6:0b:11:bb:0f:
                    e6:5e:f6:11:40:9b:65:1a:66:f1:a8:4e:eb:1f:1c:
                    21:6c:fa:e3:db:a1:6f:25:f6:ea:68:b1:6a:e7:b6:
                    e2:56:af:94:93:84:d3:ac:66:e9:7b:9e:09:fc:fb:
                    31:e8:a2:77:31:18:94:de:6d:d0:1b:b4:60:e6:b0:
                    42:34:d1:6a:58:40:ad:66:cf:bd:bb:f4:a0:33:ca:
                    39:42:7a:e8:91:39:01:51:59:f7:d5:5f:32:71:b1:
                    56:81:b1:8c:49:0b:bc:a2:ab:62:44:2c:a3:9b:ce:
                    78:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:4B:DC:D1:1F:3F:8D:34:C8:6A:43:85:B7:89:25:5B:C7:06:DF:8E
            X509v3 Authority Key Identifier:
                keyid:FF:55:49:19:93:1C:67:BD:26:50:FC:4E:0C:73:C2:FB:3E:22:8D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1VJGZMcZ70mUPxODHPC-z4ijZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/23244d-4886-470b-b1fc-290aa4318caa/1/_1VJGZMcZ70mUPxODHPC-z4ijZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:af:77:da:c7:04:a7:52:73:c8:76:9a:64:04:ba:c0:0d:d1:
         b0:22:a9:52:d9:f5:ad:91:60:61:30:26:25:66:da:3b:0e:4b:
         f9:8f:aa:77:89:50:71:9c:10:62:42:8e:5e:a6:74:ec:30:e2:
         63:28:b9:65:8c:f5:f8:03:e4:b4:35:b6:1a:c2:f8:62:d3:42:
         b3:77:78:1d:c5:28:6b:fc:df:1c:1e:b7:99:95:c7:40:d1:3f:
         53:ed:24:99:c1:42:96:81:83:fd:ff:3b:59:ef:f8:d8:d0:d6:
         07:ee:92:b8:89:0c:21:bb:74:6f:93:cc:9e:ad:7d:49:24:ca:
         57:43:0d:b4:74:5e:3a:d7:2a:35:86:39:59:7f:4f:d7:5b:ff:
         f6:52:94:79:37:e9:42:7e:08:97:66:b9:a8:5b:08:de:57:02:
         ed:12:0b:18:5c:d4:87:61:1e:63:11:a8:be:6a:98:c8:25:12:
         f3:11:98:f3:b9:52:6a:4b:a3:ba:47:40:be:12:4e:d1:ed:1d:
         fb:00:e4:d2:42:85:3f:2d:40:7d:a4:42:99:ca:5e:66:ab:f8:
         70:7d:8f:00:38:c4:2b:bb:36:01:09:e1:5f:c0:c5:1b:c2:5d:
         76:de:66:10:a2:05:b1:8d:7e:31:34:77:a0:ec:08:a6:ad:b9:
         d5:7d:2d:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+0WT2Si9oOALzj2Xxwck6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNTU0OTE5OTMxYzY3YmQyNjUwZmM0ZTBjNzNjMmZiM2Uy
MjhkOTUwHhcNMjQwNTI2MTAwMTM4WhcNMjQwNTI3MTAwMTM4WjAzMTEwLwYDVQQD
Eyg3MjRiZGNkMTFmM2Y4ZDM0Yzg2YTQzODViNzg5MjU1YmM3MDZkZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRhh/FEAQc1AS8DEc0btHy42MiJS
xf93kkIZdB6RIE0Q6r7Re0tHAlICuol0JXL/yAFf+TYmx4UYub5RlzboPSqLkRy8
v8x0lgot5EejMlO4DkZY+ZqYhrs+Gm4KEICiUtE7mGao1+QmIo2hv/kNYpCkEQPq
TJk1du7DuI94UPq73qe+Vo4K+mlSG+LoQGQM1gsRuw/mXvYRQJtlGmbxqE7rHxwh
bPrj26FvJfbqaLFq57biVq+Uk4TTrGbpe54J/Psx6KJ3MRiU3m3QG7Rg5rBCNNFq
WECtZs+9u/SgM8o5QnrokTkBUVn31V8ycbFWgbGMSQu8oqtiRCyjm854qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHJL3NEfP400yGpDhbeJJVvHBt+OMB8GA1UdIwQY
MBaAFP9VSRmTHGe9JlD8Tgxzwvs+Io2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMt
MjkwYWE0MzE4Y2FhLzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yMzI0NGQtNDg4Ni00NzBiLWIxZmMtMjkwYWE0MzE4Y2Fh
LzEvXzFWSkdaTWNaNzBtVVB4T0RIUEMtejRpalpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMa932scE
p1JzyHaaZAS6wA3RsCKpUtn1rZFgYTAmJWbaOw5L+Y+qd4lQcZwQYkKOXqZ07DDi
Yyi5ZYz1+APktDW2GsL4YtNCs3d4HcUoa/zfHB63mZXHQNE/U+0kmcFCloGD/f87
We/42NDWB+6SuIkMIbt0b5PMnq19SSTKV0MNtHReOtcqNYY5WX9P11v/9lKUeTfp
Qn4Il2a5qFsI3lcC7RILGFzUh2EeYxGovmqYyCUS8xGY87lSakujukdAvhJO0e0d
+wDk0kKFPy1AfaRCmcpeZqv4cH2PADjEK7s2AQnhX8DFG8Jddt5mEKIFsY1+MTR3
oOwIpq251X0tJw==
-----END CERTIFICATE-----