Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
File:                     HR3nlQkjqWQxniwzg0m9Emh75K4.mft (raw, json)
Hash identifier:          ot9EcHla7OFJDQxLkwMmDYL1v4VvSs/dzT85DZjLa4Q=
Subject key identifier:   25:28:4E:70:C6:93:E7:66:F0:D3:55:BD:42:07:C3:9B:22:36:E6:64
Authority key identifier: 1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE
Certificate issuer:       /CN=1d1de7950923a964319e2c338349bd12687be4ae
Certificate serial:       018F4F48CAF6983A33B7B6A9B7B694A5BC10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
Manifest number:          05D1
Signing time:             Mon 06 May 2024 19:02:01 +0000
Manifest this update:     Mon 06 May 2024 19:02:01 +0000
Manifest next update:     Tue 07 May 2024 19:02:01 +0000
Files and hashes:         1: HR3nlQkjqWQxniwzg0m9Emh75K4.crl (hash: 3XqRaW4msp+5DsunetIcUNX2kKGTYUrxtdI8SKRUTNs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 19:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4f:48:ca:f6:98:3a:33:b7:b6:a9:b7:b6:94:a5:bc:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d1de7950923a964319e2c338349bd12687be4ae
        Validity
            Not Before: May  6 19:02:01 2024 GMT
            Not After : May  7 19:02:01 2024 GMT
        Subject: CN=25284e70c693e766f0d355bd4207c39b2236e664
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1b:fb:7c:33:f1:6a:16:bf:4f:8f:09:97:37:
                    10:15:99:9d:20:3d:2c:fa:4e:f6:e4:8c:aa:31:23:
                    de:a7:44:76:37:fc:70:59:51:20:33:ea:6e:79:d9:
                    f1:ae:e9:b1:97:7b:21:27:51:39:e6:3f:8a:de:62:
                    dc:12:09:9c:b0:17:bd:d1:6b:4a:50:d6:14:d0:ea:
                    54:85:51:fa:1c:96:d5:64:ff:94:1f:14:cb:5b:8c:
                    de:47:c3:ef:90:5e:75:b9:af:8c:17:44:55:94:97:
                    93:77:bd:a3:ef:5a:f7:03:fa:e1:0c:4b:ec:a9:74:
                    ed:b7:3a:a2:fa:91:14:1b:fb:82:1a:4f:be:08:a4:
                    a8:be:eb:26:3a:10:bb:24:ac:67:9a:66:ad:4d:78:
                    f2:70:b7:27:64:6e:22:43:b3:53:72:2c:35:55:af:
                    86:0f:00:37:1e:25:26:bd:9b:ec:c4:0e:ed:85:0e:
                    f7:69:38:23:25:44:da:08:eb:20:c6:12:1b:cd:7b:
                    33:af:5f:09:55:78:4d:16:c6:42:ce:00:93:dd:3f:
                    93:a6:9f:60:77:b0:7b:7c:08:8e:1f:1c:6c:c7:eb:
                    e1:af:4d:85:9b:0e:09:6b:49:bc:08:54:c7:92:9d:
                    a0:07:e9:40:62:dd:e0:e8:7d:8c:fc:16:1a:35:41:
                    00:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:28:4E:70:C6:93:E7:66:F0:D3:55:BD:42:07:C3:9B:22:36:E6:64
            X509v3 Authority Key Identifier:
                keyid:1D:1D:E7:95:09:23:A9:64:31:9E:2C:33:83:49:BD:12:68:7B:E4:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HR3nlQkjqWQxniwzg0m9Emh75K4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bbe160-d9bb-4b4d-8737-d8d00e16c590/1/HR3nlQkjqWQxniwzg0m9Emh75K4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:f3:f4:ae:c0:bd:db:9e:f8:bc:c5:93:3e:a8:e6:80:24:f8:
         57:c8:d1:65:50:2d:9a:8e:1b:63:ea:10:76:cc:03:51:f1:c0:
         99:63:f1:a6:cb:ec:16:b5:f1:e6:47:ec:32:10:1a:fc:4f:3e:
         2f:dd:32:26:a6:26:24:a9:a9:b6:db:06:32:f3:2d:59:71:4c:
         25:91:95:c8:a6:f8:55:37:24:4b:b2:f0:93:34:e2:dd:01:ab:
         46:2e:ba:cb:12:bc:2e:92:5e:1c:68:f8:41:0e:5a:68:97:58:
         44:96:e4:b0:7d:32:af:c6:fd:01:13:98:fd:f3:0c:23:78:73:
         69:1f:82:5d:ab:af:5c:8c:c6:44:a0:de:56:88:11:1d:39:cf:
         33:56:84:8b:37:dd:77:e6:fd:8e:fb:fe:98:2d:46:a0:87:93:
         ce:47:34:37:16:ef:6f:7f:3b:51:4a:fd:7c:63:ae:b2:4a:7c:
         fc:4c:02:c1:d9:fa:f5:46:ba:26:52:70:f2:70:5c:d0:17:4e:
         0d:62:39:0d:15:a4:32:cf:48:0d:38:b2:02:61:c2:60:7e:99:
         8a:2e:99:05:08:77:59:11:8e:e5:6d:04:72:9e:d2:a2:4e:77:
         de:8c:7d:9c:3e:c9:cd:2b:06:8b:85:2a:3a:ed:eb:e7:a1:e7:
         13:a1:49:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9PSMr2mDozt7apt7aUpbwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMWRlNzk1MDkyM2E5NjQzMTllMmMzMzgzNDliZDEyNjg3
YmU0YWUwHhcNMjQwNTA2MTkwMjAxWhcNMjQwNTA3MTkwMjAxWjAzMTEwLwYDVQQD
EygyNTI4NGU3MGM2OTNlNzY2ZjBkMzU1YmQ0MjA3YzM5YjIyMzZlNjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBv7fDPxaha/T48JlzcQFZmdID0s
+k725IyqMSPep0R2N/xwWVEgM+puednxrumxl3shJ1E55j+K3mLcEgmcsBe90WtK
UNYU0OpUhVH6HJbVZP+UHxTLW4zeR8PvkF51ua+MF0RVlJeTd72j71r3A/rhDEvs
qXTttzqi+pEUG/uCGk++CKSovusmOhC7JKxnmmatTXjycLcnZG4iQ7NTciw1Va+G
DwA3HiUmvZvsxA7thQ73aTgjJUTaCOsgxhIbzXszr18JVXhNFsZCzgCT3T+Tpp9g
d7B7fAiOHxxsx+vhr02Fmw4Ja0m8CFTHkp2gB+lAYt3g6H2M/BYaNUEAwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUoTnDGk+dm8NNVvUIHw5siNuZkMB8GA1UdIwQY
MBaAFB0d55UJI6lkMZ4sM4NJvRJoe+SuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3Mzct
ZDhkMDBlMTZjNTkwLzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iYmUxNjAtZDliYi00YjRkLTg3MzctZDhkMDBlMTZjNTkw
LzEvSFIzbmxRa2pxV1F4bml3emcwbTlFbWg3NUs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAifP0rsC9
2574vMWTPqjmgCT4V8jRZVAtmo4bY+oQdswDUfHAmWPxpsvsFrXx5kfsMhAa/E8+
L90yJqYmJKmpttsGMvMtWXFMJZGVyKb4VTckS7LwkzTi3QGrRi66yxK8LpJeHGj4
QQ5aaJdYRJbksH0yr8b9AROY/fMMI3hzaR+CXauvXIzGRKDeVogRHTnPM1aEizfd
d+b9jvv+mC1GoIeTzkc0Nxbvb387UUr9fGOuskp8/EwCwdn69Ua6JlJw8nBc0BdO
DWI5DRWkMs9IDTiyAmHCYH6Zii6ZBQh3WRGO5W0Ecp7Sok533ox9nD7JzSsGi4Uq
Ou3r56HnE6FJFg==
-----END CERTIFICATE-----