Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
File:                     LsJnz2xrO4jpahG_KemnOlWMXkA.mft (raw, json)
Hash identifier:          vfg6qFVzSz5496mtS93Umfr+80iac7d1V+3ivN8gZ+I=
Subject key identifier:   64:C3:43:EB:30:A9:48:71:9F:95:72:8F:60:30:1C:C3:0D:72:B6:E4
Authority key identifier: 2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40
Certificate issuer:       /CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
Certificate serial:       018F87B6AC7635260A43F7E84494B71D85A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
Manifest number:          1107
Signing time:             Fri 17 May 2024 18:00:46 +0000
Manifest this update:     Fri 17 May 2024 18:00:46 +0000
Manifest next update:     Sat 18 May 2024 18:00:46 +0000
Files and hashes:         1: LsJnz2xrO4jpahG_KemnOlWMXkA.crl (hash: fms642tDboBumolhBQCRNH7Nc3B/1TdP2qET7rHrW/Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:ac:76:35:26:0a:43:f7:e8:44:94:b7:1d:85:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ec267cf6c6b3b88e96a11bf29e9a73a558c5e40
        Validity
            Not Before: May 17 18:00:46 2024 GMT
            Not After : May 18 18:00:46 2024 GMT
        Subject: CN=64c343eb30a948719f95728f60301cc30d72b6e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:31:e6:8e:db:13:e5:22:03:f0:81:da:de:90:
                    a8:64:b8:b9:2a:72:11:b5:3d:71:0e:dd:03:6b:17:
                    2f:c5:0a:f9:6b:8a:d9:b2:31:23:1c:7d:2f:b8:b5:
                    d4:05:58:49:c3:b2:4e:c7:35:21:f2:6c:77:ac:8a:
                    ec:78:1d:b1:a0:42:70:5d:d7:73:71:c9:47:8c:f2:
                    0e:06:6d:33:63:7d:8f:b4:7b:c7:8c:e5:ac:9f:23:
                    f3:4e:1c:2f:9f:16:67:b8:aa:13:4b:56:99:63:32:
                    31:59:f0:77:03:49:2a:50:2d:e4:bf:fd:b7:57:99:
                    29:fa:f0:a9:b8:a7:83:fa:1b:b9:ed:f1:0f:c4:06:
                    c3:92:57:f2:bf:c5:ce:cd:5f:ab:b3:c0:7d:5d:4b:
                    55:11:09:8a:25:48:e6:f7:d8:15:3b:ab:7d:2c:02:
                    34:60:27:86:8c:39:92:ba:fb:73:94:ea:69:b4:c5:
                    de:93:75:3b:ff:b1:c9:31:73:e9:8d:16:79:15:d3:
                    2e:56:92:20:0a:a2:3d:51:ed:29:21:a5:79:c4:8d:
                    d2:e4:f9:50:35:30:3f:59:a9:ad:ef:17:0c:0c:99:
                    d3:10:85:64:1d:12:3d:f7:31:6b:d4:ca:95:bd:c2:
                    90:80:94:d6:34:e2:18:47:0a:89:e8:20:3c:de:6a:
                    94:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:C3:43:EB:30:A9:48:71:9F:95:72:8F:60:30:1C:C3:0D:72:B6:E4
            X509v3 Authority Key Identifier:
                keyid:2E:C2:67:CF:6C:6B:3B:88:E9:6A:11:BF:29:E9:A7:3A:55:8C:5E:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LsJnz2xrO4jpahG_KemnOlWMXkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/cea01b-ee94-4a02-8d62-0dc01fc88141/1/LsJnz2xrO4jpahG_KemnOlWMXkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b8:0b:32:aa:3c:93:09:69:51:4d:20:2f:0e:04:b9:28:ec:bb:
         a7:4c:18:05:cb:79:da:8e:0e:00:7a:c1:97:d2:9c:06:1c:22:
         a5:da:5a:c3:9b:9d:0d:0a:6e:98:e1:f8:53:37:ef:0d:61:42:
         87:d1:17:82:10:dc:86:0a:a2:63:a8:b8:67:99:95:65:92:2e:
         f2:10:0e:b5:0a:54:98:08:9d:58:3c:30:31:1c:25:95:8d:de:
         f7:94:b9:b8:50:da:7e:e2:4e:ef:4b:3f:dd:79:c4:2f:de:0a:
         f2:7a:99:27:7b:71:dd:50:e6:b1:17:4b:d8:95:fc:dc:f7:27:
         fa:f7:1d:6f:e3:ec:33:b0:fb:ff:2a:4a:f9:f7:3e:cb:83:a5:
         dc:64:79:f0:6f:26:32:bf:8a:c5:6c:78:83:78:db:4d:d7:7d:
         85:41:26:b7:6f:95:22:84:0e:2c:3a:77:07:97:11:3e:ac:e2:
         12:97:23:7f:fc:f7:81:f8:d7:c9:7f:50:81:c0:7a:ac:2b:ef:
         ba:5f:40:f3:a5:b5:5b:57:ce:a4:ee:24:d0:ac:87:ec:7f:eb:
         3e:29:7c:39:02:26:2c:67:b5:8b:7b:c1:00:88:c3:f3:8f:25:
         8a:a8:46:d5:9d:51:bc:4f:24:01:ae:a0:c2:b9:a7:0d:e4:8e:
         02:5c:c0:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htqx2NSYKQ/foRJS3HYWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlYzI2N2NmNmM2YjNiODhlOTZhMTFiZjI5ZTlhNzNhNTU4
YzVlNDAwHhcNMjQwNTE3MTgwMDQ2WhcNMjQwNTE4MTgwMDQ2WjAzMTEwLwYDVQQD
Eyg2NGMzNDNlYjMwYTk0ODcxOWY5NTcyOGY2MDMwMWNjMzBkNzJiNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjHmjtsT5SID8IHa3pCoZLi5KnIR
tT1xDt0DaxcvxQr5a4rZsjEjHH0vuLXUBVhJw7JOxzUh8mx3rIrseB2xoEJwXddz
cclHjPIOBm0zY32PtHvHjOWsnyPzThwvnxZnuKoTS1aZYzIxWfB3A0kqUC3kv/23
V5kp+vCpuKeD+hu57fEPxAbDklfyv8XOzV+rs8B9XUtVEQmKJUjm99gVO6t9LAI0
YCeGjDmSuvtzlOpptMXek3U7/7HJMXPpjRZ5FdMuVpIgCqI9Ue0pIaV5xI3S5PlQ
NTA/Wamt7xcMDJnTEIVkHRI99zFr1MqVvcKQgJTWNOIYRwqJ6CA83mqUjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTDQ+swqUhxn5Vyj2AwHMMNcrbkMB8GA1UdIwQY
MBaAFC7CZ89sazuI6WoRvynppzpVjF5AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjIt
MGRjMDFmYzg4MTQxLzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9jZWEwMWItZWU5NC00YTAyLThkNjItMGRjMDFmYzg4MTQx
LzEvTHNKbnoyeHJPNGpwYWhHX0tlbW5PbFdNWGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuAsyqjyT
CWlRTSAvDgS5KOy7p0wYBct52o4OAHrBl9KcBhwipdpaw5udDQpumOH4UzfvDWFC
h9EXghDchgqiY6i4Z5mVZZIu8hAOtQpUmAidWDwwMRwllY3e95S5uFDafuJO70s/
3XnEL94K8nqZJ3tx3VDmsRdL2JX83Pcn+vcdb+PsM7D7/ypK+fc+y4Ol3GR58G8m
Mr+KxWx4g3jbTdd9hUEmt2+VIoQOLDp3B5cRPqziEpcjf/z3gfjXyX9QgcB6rCvv
ul9A86W1W1fOpO4k0KyH7H/rPil8OQImLGe1i3vBAIjD848liqhG1Z1RvE8kAa6g
wrmnDeSOAlzAyw==
-----END CERTIFICATE-----