Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
File:                     nzeBglGggdHMfzAVMg62NSZwm5E.mft (raw, json)
Hash identifier:          36uPN/WEoPY2QhCBriWycqnVo/A8IBolnG565Qwbk9k=
Subject key identifier:   2D:27:AB:FD:34:FB:70:58:9B:EB:BA:68:BD:99:02:D3:35:92:DF:05
Authority key identifier: 9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91
Certificate issuer:       /CN=9f37818251a081d1cc7f3015320eb63526709b91
Certificate serial:       018F874A1BF17137FABFC5C0F1709566ED1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
Manifest number:          01E1
Signing time:             Fri 17 May 2024 16:02:11 +0000
Manifest this update:     Fri 17 May 2024 16:02:11 +0000
Manifest next update:     Sat 18 May 2024 16:02:11 +0000
Files and hashes:         1: nzeBglGggdHMfzAVMg62NSZwm5E.crl (hash: sjzGDUCxGmRqB/dItqBcnFMMaFS3gHYhk66RQOVdNx4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:1b:f1:71:37:fa:bf:c5:c0:f1:70:95:66:ed:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f37818251a081d1cc7f3015320eb63526709b91
        Validity
            Not Before: May 17 16:02:11 2024 GMT
            Not After : May 18 16:02:11 2024 GMT
        Subject: CN=2d27abfd34fb70589bebba68bd9902d33592df05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:51:07:3c:15:4c:2c:f7:b8:4b:5d:38:b5:d5:
                    ff:97:a6:3b:f2:8e:ea:57:07:94:37:55:77:5e:19:
                    72:0f:4c:f7:41:9c:95:ab:18:16:22:ba:c9:a1:bf:
                    e6:fd:f0:4d:95:9e:49:b5:c9:47:04:d7:97:a2:a5:
                    ef:39:16:0b:ed:6a:39:df:cd:70:aa:03:bb:db:04:
                    f5:0f:64:9f:2c:0b:69:2c:c4:c0:4e:b0:d9:7d:6d:
                    21:fa:8a:9d:53:65:45:6e:03:64:fa:0b:74:a3:c2:
                    c4:64:aa:8d:e0:6e:fe:ff:82:2b:50:ad:2c:31:e2:
                    c6:5b:20:57:ba:73:73:04:ae:be:6a:b0:9a:d9:10:
                    cd:78:fd:aa:88:c0:21:4f:62:99:f6:4d:ab:a8:09:
                    fa:cb:51:9a:65:8d:ee:8b:91:63:d0:f6:24:f8:4e:
                    38:5b:82:51:72:45:c5:68:80:19:ca:fd:1e:dc:d4:
                    03:e9:6f:13:ea:e7:8e:2a:31:85:15:33:25:51:bd:
                    2a:53:ce:77:26:1c:b8:78:ed:3e:aa:ab:eb:cb:fc:
                    5f:68:a4:60:45:74:b3:98:54:fd:22:64:9f:68:f5:
                    13:0a:58:96:a2:fc:88:00:c2:78:ec:dd:8a:ec:d7:
                    16:7d:f9:4c:70:54:df:f0:92:ca:aa:d5:3f:62:cf:
                    39:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:27:AB:FD:34:FB:70:58:9B:EB:BA:68:BD:99:02:D3:35:92:DF:05
            X509v3 Authority Key Identifier:
                keyid:9F:37:81:82:51:A0:81:D1:CC:7F:30:15:32:0E:B6:35:26:70:9B:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzeBglGggdHMfzAVMg62NSZwm5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/6b5b7b-f93c-4f37-8a64-6b2f526047a9/1/nzeBglGggdHMfzAVMg62NSZwm5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:54:19:5c:55:69:53:9b:4f:b8:ab:b2:28:d8:8c:a6:15:9e:
         f9:92:64:4c:9c:09:f1:5f:b6:79:37:04:7c:52:dd:a8:b8:b7:
         e1:c3:78:76:84:cb:4a:08:a6:e6:5f:ab:20:d7:a9:14:40:e6:
         a1:56:e0:ab:73:6a:76:75:97:71:dc:74:da:e4:a2:32:43:85:
         bc:63:48:39:aa:ec:eb:43:4d:ad:71:88:36:8f:11:75:73:da:
         35:6d:0f:80:20:f8:ec:85:2d:ef:fc:8c:0e:61:02:c4:21:a0:
         ec:f8:25:d6:89:f6:69:2f:10:68:dd:ea:1c:6f:ea:c5:77:2d:
         bc:c7:ed:b4:a3:f1:58:e6:99:7e:56:32:e3:fb:d7:44:ff:8d:
         f6:4d:6e:c1:bc:39:23:f5:42:30:c2:fd:01:aa:2d:2f:92:07:
         b3:4d:62:f4:c9:94:cd:6b:13:bd:b6:fb:f1:2f:cd:83:2e:6d:
         3d:55:9d:e9:7a:32:cb:ca:16:d2:ac:89:b6:50:1e:21:b9:a1:
         02:54:eb:4c:d2:83:cb:e8:ef:75:db:ab:20:99:5b:13:ef:6d:
         db:c4:55:09:34:0f:9a:42:38:9b:fc:93:ce:14:de:3f:d4:fc:
         a6:fb:4c:31:41:a7:94:99:b6:4d:4a:f6:74:95:0d:ce:51:b1:
         61:0b:71:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HShvxcTf6v8XA8XCVZu0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzc4MTgyNTFhMDgxZDFjYzdmMzAxNTMyMGViNjM1MjY3
MDliOTEwHhcNMjQwNTE3MTYwMjExWhcNMjQwNTE4MTYwMjExWjAzMTEwLwYDVQQD
EygyZDI3YWJmZDM0ZmI3MDU4OWJlYmJhNjhiZDk5MDJkMzM1OTJkZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1EHPBVMLPe4S104tdX/l6Y78o7q
VweUN1V3XhlyD0z3QZyVqxgWIrrJob/m/fBNlZ5JtclHBNeXoqXvORYL7Wo5381w
qgO72wT1D2SfLAtpLMTATrDZfW0h+oqdU2VFbgNk+gt0o8LEZKqN4G7+/4IrUK0s
MeLGWyBXunNzBK6+arCa2RDNeP2qiMAhT2KZ9k2rqAn6y1GaZY3ui5Fj0PYk+E44
W4JRckXFaIAZyv0e3NQD6W8T6ueOKjGFFTMlUb0qU853Jhy4eO0+qqvry/xfaKRg
RXSzmFT9ImSfaPUTCliWovyIAMJ47N2K7NcWfflMcFTf8JLKqtU/Ys85OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC0nq/00+3BYm+u6aL2ZAtM1kt8FMB8GA1UdIwQY
MBaAFJ83gYJRoIHRzH8wFTIOtjUmcJuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQt
NmIyZjUyNjA0N2E5LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82YjViN2ItZjkzYy00ZjM3LThhNjQtNmIyZjUyNjA0N2E5
LzEvbnplQmdsR2dnZEhNZnpBVk1nNjJOU1p3bTVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU1QZXFVp
U5tPuKuyKNiMphWe+ZJkTJwJ8V+2eTcEfFLdqLi34cN4doTLSgim5l+rINepFEDm
oVbgq3NqdnWXcdx02uSiMkOFvGNIOars60NNrXGINo8RdXPaNW0PgCD47IUt7/yM
DmECxCGg7Pgl1on2aS8QaN3qHG/qxXctvMfttKPxWOaZflYy4/vXRP+N9k1uwbw5
I/VCMML9AaotL5IHs01i9MmUzWsTvbb78S/Ngy5tPVWd6Xoyy8oW0qyJtlAeIbmh
AlTrTNKDy+jvddurIJlbE+9t28RVCTQPmkI4m/yTzhTeP9T8pvtMMUGnlJm2TUr2
dJUNzlGxYQtxgA==
-----END CERTIFICATE-----