Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
File:                     urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft (raw, json)
Hash identifier:          BgFPIn4v7HuBfX2jyWiiVPtzwESFg2m5Mxw8KxbtdUg=
Subject key identifier:   99:A6:15:F6:C6:06:18:51:0E:98:CB:B0:9A:7C:EE:50:68:8D:D1:60
Authority key identifier: BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B
Certificate issuer:       /CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
Certificate serial:       018F8748BFBE8F4DD3734A83554C87D97782
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
Manifest number:          0695
Signing time:             Fri 17 May 2024 16:00:42 +0000
Manifest this update:     Fri 17 May 2024 16:00:42 +0000
Manifest next update:     Sat 18 May 2024 16:00:42 +0000
Files and hashes:         1: urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl (hash: ythj4WMr8rLEk+LdXYHI5TKZNggKRr8z4Btla2ik9Dw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:bf:be:8f:4d:d3:73:4a:83:55:4c:87:d9:77:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bab9bbc24e9ac3d9ec7e10bf95747dab5c45dd2b
        Validity
            Not Before: May 17 16:00:42 2024 GMT
            Not After : May 18 16:00:42 2024 GMT
        Subject: CN=99a615f6c60618510e98cbb09a7cee50688dd160
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:a7:89:61:d5:f4:3b:c8:bd:73:04:a6:ed:00:
                    4a:6d:82:f8:7c:78:a2:a4:b4:df:f3:31:88:01:d6:
                    5d:d7:da:49:7f:e8:45:d1:7c:25:1b:84:f6:d6:5d:
                    78:b3:67:f7:7a:8b:f5:a8:e3:9c:26:0f:e3:ab:40:
                    95:ec:7f:e4:84:5a:03:1b:b6:2c:6e:9e:e7:15:0b:
                    43:7f:19:9c:4d:f6:b5:9b:0d:2a:ab:d3:38:3f:b6:
                    0a:55:9b:3b:a0:40:b8:f8:70:b6:91:47:a6:2e:a4:
                    d2:cb:37:e0:25:55:c8:e3:bf:04:5b:d7:f2:84:35:
                    e6:ac:7f:56:6c:bb:eb:dd:d4:18:83:cb:5e:fa:61:
                    f4:2c:25:32:ab:50:0c:bc:25:60:15:27:4a:05:00:
                    8a:1a:e1:68:ed:e5:8d:d3:ad:7e:85:5d:67:d9:dc:
                    54:8a:1d:09:e2:99:d1:87:51:e3:1d:79:a4:67:6e:
                    27:ce:c8:cf:cc:6f:95:a9:c7:f1:08:df:4e:d0:b0:
                    a2:9b:d0:41:fd:68:e2:3a:81:80:0d:29:eb:fc:af:
                    12:b8:b0:87:2b:41:1f:ca:e4:2f:cb:85:20:d1:85:
                    98:30:47:17:06:86:d8:76:17:95:4b:f1:45:c3:78:
                    33:5e:a3:e2:6e:5a:15:13:01:87:41:0c:e6:df:15:
                    5a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:A6:15:F6:C6:06:18:51:0E:98:CB:B0:9A:7C:EE:50:68:8D:D1:60
            X509v3 Authority Key Identifier:
                keyid:BA:B9:BB:C2:4E:9A:C3:D9:EC:7E:10:BF:95:74:7D:AB:5C:45:DD:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/urm7wk6aw9nsfhC_lXR9q1xF3Ss.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/2829fa-c0a2-4a78-9262-2ebc6448f602/1/urm7wk6aw9nsfhC_lXR9q1xF3Ss.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:24:5d:14:89:09:26:de:85:c8:70:33:0c:e4:c3:ca:25:ad:
         3a:9e:72:e1:3d:94:a1:53:4d:10:cc:1c:c5:ed:44:0c:2f:79:
         c1:b7:8f:0b:9b:22:88:b6:7a:7d:ce:b3:94:73:5c:62:7f:74:
         0b:f3:f9:c0:01:7e:fb:86:4f:93:8e:9c:d9:87:fa:a3:c6:8c:
         5d:e6:0f:ad:34:da:95:7e:3a:53:51:2e:7d:cb:55:e6:81:7c:
         e6:b5:de:63:cf:13:91:22:90:4e:10:ce:e2:2c:db:76:5d:ce:
         dd:98:a2:0f:a3:e5:7e:94:93:c4:35:6d:26:f5:ec:68:85:55:
         9c:75:40:b4:39:58:33:5a:43:00:c9:13:ec:6b:12:5c:3a:60:
         9b:2c:37:c7:89:6f:35:5f:3a:92:b7:bb:77:a3:7e:44:c3:4a:
         62:1a:95:4a:3a:65:0a:6a:ae:66:4b:5c:ed:ea:e0:43:24:c9:
         9b:9f:14:dd:72:d3:87:8c:ef:5f:95:55:85:e5:c4:8f:10:b4:
         a8:73:d1:d3:64:19:0a:73:ac:08:8c:9a:48:1f:0d:36:92:4b:
         28:a6:dd:a3:27:4c:0d:79:40:a4:48:54:87:d8:54:1c:5e:2d:
         17:75:fa:36:b7:37:41:ae:4f:fa:1d:ad:e6:77:be:ee:31:36:
         7a:cc:d7:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSL++j03Tc0qDVUyH2XeCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYjliYmMyNGU5YWMzZDllYzdlMTBiZjk1NzQ3ZGFiNWM0
NWRkMmIwHhcNMjQwNTE3MTYwMDQyWhcNMjQwNTE4MTYwMDQyWjAzMTEwLwYDVQQD
Eyg5OWE2MTVmNmM2MDYxODUxMGU5OGNiYjA5YTdjZWU1MDY4OGRkMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKeJYdX0O8i9cwSm7QBKbYL4fHii
pLTf8zGIAdZd19pJf+hF0XwlG4T21l14s2f3eov1qOOcJg/jq0CV7H/khFoDG7Ys
bp7nFQtDfxmcTfa1mw0qq9M4P7YKVZs7oEC4+HC2kUemLqTSyzfgJVXI478EW9fy
hDXmrH9WbLvr3dQYg8te+mH0LCUyq1AMvCVgFSdKBQCKGuFo7eWN061+hV1n2dxU
ih0J4pnRh1HjHXmkZ24nzsjPzG+VqcfxCN9O0LCim9BB/WjiOoGADSnr/K8SuLCH
K0EfyuQvy4Ug0YWYMEcXBobYdheVS/FFw3gzXqPibloVEwGHQQzm3xVa0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmmFfbGBhhRDpjLsJp87lBojdFgMB8GA1UdIwQY
MBaAFLq5u8JOmsPZ7H4Qv5V0fatcRd0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjIt
MmViYzY0NDhmNjAyLzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yODI5ZmEtYzBhMi00YTc4LTkyNjItMmViYzY0NDhmNjAy
LzEvdXJtN3drNmF3OW5zZmhDX2xYUjlxMXhGM1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeSRdFIkJ
Jt6FyHAzDOTDyiWtOp5y4T2UoVNNEMwcxe1EDC95wbePC5siiLZ6fc6zlHNcYn90
C/P5wAF++4ZPk46c2Yf6o8aMXeYPrTTalX46U1EufctV5oF85rXeY88TkSKQThDO
4izbdl3O3ZiiD6PlfpSTxDVtJvXsaIVVnHVAtDlYM1pDAMkT7GsSXDpgmyw3x4lv
NV86kre7d6N+RMNKYhqVSjplCmquZktc7ergQyTJm58U3XLTh4zvX5VVheXEjxC0
qHPR02QZCnOsCIyaSB8NNpJLKKbdoydMDXlApEhUh9hUHF4tF3X6Nrc3Qa5P+h2t
5ne+7jE2eszXoA==
-----END CERTIFICATE-----