Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
File:                     IujBtA7lecGDeWRV9Aklc9mVodI.mft (raw, json)
Hash identifier:          8XEl0yEtiYdpfHdQdnFfr6xIaJuZqECU4r2mdRo+kOg=
Subject key identifier:   97:7D:05:0B:B7:0E:B3:AB:AC:5C:75:5B:B1:1A:76:8B:48:DF:BF:96
Authority key identifier: 22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2
Certificate issuer:       /CN=22e8c1b40ee579c183796455f4092573d995a1d2
Certificate serial:       018F343FBC18225E3EC04F1B9EE3BCACD8A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
Manifest number:          05AF
Signing time:             Wed 01 May 2024 13:02:23 +0000
Manifest this update:     Wed 01 May 2024 13:02:23 +0000
Manifest next update:     Thu 02 May 2024 13:02:23 +0000
Files and hashes:         1: IujBtA7lecGDeWRV9Aklc9mVodI.crl (hash: Syc4Em+WOrzpVd3fa0U6gmulJT7NJRpwhBDfg7U/rqs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 13:02:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:34:3f:bc:18:22:5e:3e:c0:4f:1b:9e:e3:bc:ac:d8:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e8c1b40ee579c183796455f4092573d995a1d2
        Validity
            Not Before: May  1 13:02:23 2024 GMT
            Not After : May  2 13:02:23 2024 GMT
        Subject: CN=977d050bb70eb3abac5c755bb11a768b48dfbf96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:2b:cf:af:6e:9a:b5:99:b3:39:95:b1:a6:76:
                    eb:97:0e:08:d3:13:5a:a8:19:38:59:12:42:4d:28:
                    18:55:aa:e1:94:8a:61:a5:22:24:e8:8c:da:d7:f9:
                    0c:3f:1c:2f:87:5b:dd:5b:af:fe:e5:88:8d:c5:80:
                    1d:a0:ad:d5:48:ed:36:34:a5:11:57:bc:8c:60:99:
                    17:f5:bb:f8:74:7f:9d:c6:d6:1f:f1:5c:32:fd:f2:
                    4b:2a:ea:6d:10:25:f6:b3:ec:d9:ce:e6:15:69:44:
                    c1:b3:15:00:e2:56:60:46:8d:c1:52:c8:0b:e6:2d:
                    4c:23:0b:8c:7b:a0:06:7d:16:6e:04:13:5a:27:4f:
                    24:fd:e9:c8:b8:87:9f:56:7b:c1:00:ac:43:0b:48:
                    7e:b9:b6:68:45:cc:73:59:74:7a:22:6c:b1:67:29:
                    98:af:ab:61:07:bf:f1:66:9a:49:b3:c8:53:98:09:
                    d9:b3:62:97:a4:9c:37:43:c2:82:53:59:2d:b1:fc:
                    cc:6b:10:fa:a8:e3:58:39:c0:3c:ae:5e:50:9e:3b:
                    46:87:e5:32:23:a1:4e:ce:89:39:cf:b9:0c:ce:17:
                    ac:a7:61:24:5a:4c:03:8a:f5:d1:51:64:dd:2e:7e:
                    36:87:36:d5:78:23:f5:6a:34:d0:cd:7e:38:e0:47:
                    7a:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:7D:05:0B:B7:0E:B3:AB:AC:5C:75:5B:B1:1A:76:8B:48:DF:BF:96
            X509v3 Authority Key Identifier:
                keyid:22:E8:C1:B4:0E:E5:79:C1:83:79:64:55:F4:09:25:73:D9:95:A1:D2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IujBtA7lecGDeWRV9Aklc9mVodI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/14/929d07-7e3b-4c9a-af91-e212fd43897a/1/IujBtA7lecGDeWRV9Aklc9mVodI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:f6:d5:53:aa:64:77:48:70:40:10:96:e7:67:95:6a:ef:4a:
         c1:0f:37:16:ba:4e:88:33:1e:4c:cb:da:92:12:68:53:ec:48:
         aa:d5:a6:d2:ab:80:85:f1:58:e9:4f:5c:22:9a:96:99:ba:ae:
         f6:da:7a:04:1d:a2:aa:1c:c9:5a:d6:65:f7:d6:6d:9e:91:af:
         23:56:50:cd:0f:cb:ac:7a:0e:40:3f:94:26:7f:03:60:fc:4a:
         ac:99:3e:c0:77:98:b4:29:d7:42:5e:df:81:ac:64:a9:0b:f0:
         7b:53:4e:83:e2:f5:b9:fb:37:11:2c:0f:65:97:60:67:73:82:
         2e:f1:8b:23:ad:35:cb:78:bc:6a:85:b1:9c:da:d8:db:76:da:
         d6:bd:c5:6c:22:73:eb:62:13:22:bf:b7:26:91:d3:18:af:14:
         9d:e8:6d:97:2c:20:ad:33:fc:18:ed:d0:37:cf:50:56:4b:6a:
         5a:68:7c:84:29:cb:1e:88:50:2c:0d:79:46:cf:35:33:e8:b8:
         1c:8d:e5:52:d6:2e:41:ba:06:ef:75:e9:ed:12:65:ca:53:aa:
         07:09:27:f4:46:b9:4f:ad:74:66:8f:54:dd:c7:81:7d:66:a9:
         b4:1d:81:5f:a9:0e:9d:0d:d7:da:2c:ed:7a:04:00:69:83:61:
         cb:f4:36:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY80P7wYIl4+wE8bnuO8rNihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZThjMWI0MGVlNTc5YzE4Mzc5NjQ1NWY0MDkyNTczZDk5
NWExZDIwHhcNMjQwNTAxMTMwMjIzWhcNMjQwNTAyMTMwMjIzWjAzMTEwLwYDVQQD
Eyg5NzdkMDUwYmI3MGViM2FiYWM1Yzc1NWJiMTFhNzY4YjQ4ZGZiZjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yvPr26atZmzOZWxpnbrlw4I0xNa
qBk4WRJCTSgYVarhlIphpSIk6Iza1/kMPxwvh1vdW6/+5YiNxYAdoK3VSO02NKUR
V7yMYJkX9bv4dH+dxtYf8Vwy/fJLKuptECX2s+zZzuYVaUTBsxUA4lZgRo3BUsgL
5i1MIwuMe6AGfRZuBBNaJ08k/enIuIefVnvBAKxDC0h+ubZoRcxzWXR6ImyxZymY
r6thB7/xZppJs8hTmAnZs2KXpJw3Q8KCU1ktsfzMaxD6qONYOcA8rl5QnjtGh+Uy
I6FOzok5z7kMzhesp2EkWkwDivXRUWTdLn42hzbVeCP1ajTQzX444Ed6qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJd9BQu3DrOrrFx1W7EadotI37+WMB8GA1UdIwQY
MBaAFCLowbQO5XnBg3lkVfQJJXPZlaHSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEt
ZTIxMmZkNDM4OTdhLzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85MjlkMDctN2UzYi00YzlhLWFmOTEtZTIxMmZkNDM4OTdh
LzEvSXVqQnRBN2xlY0dEZVdSVjlBa2xjOW1Wb2RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALvbVU6pk
d0hwQBCW52eVau9KwQ83FrpOiDMeTMvakhJoU+xIqtWm0quAhfFY6U9cIpqWmbqu
9tp6BB2iqhzJWtZl99ZtnpGvI1ZQzQ/LrHoOQD+UJn8DYPxKrJk+wHeYtCnXQl7f
gaxkqQvwe1NOg+L1ufs3ESwPZZdgZ3OCLvGLI601y3i8aoWxnNrY23ba1r3FbCJz
62ITIr+3JpHTGK8UnehtlywgrTP8GO3QN89QVktqWmh8hCnLHohQLA15Rs81M+i4
HI3lUtYuQboG73Xp7RJlylOqBwkn9Ea5T610Zo9U3ceBfWaptB2BX6kOnQ3X2izt
egQAaYNhy/Q2sw==
-----END CERTIFICATE-----