Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
File:                     9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json)
Hash identifier:          gtWeIuOeC0Ul9aeNsL/1Fb4EmfLha+WhrpuemjmDMsI=
Subject key identifier:   BD:87:5E:58:2C:1F:95:20:52:68:F6:17:43:F4:FF:88:F5:02:C3:92
Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA
Certificate issuer:       /CN=f5b310e9d44e8470d6cd800959066cb00f291efa
Certificate serial:       018F3A0C2699975EEFEEA4A8FA9DAEEEE375
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
Manifest number:          0BB4
Signing time:             Thu 02 May 2024 16:03:45 +0000
Manifest this update:     Thu 02 May 2024 16:03:45 +0000
Manifest next update:     Fri 03 May 2024 16:03:45 +0000
Files and hashes:         1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: luxV6pwkB07kJOWGeodwnR9ZKKrj3hi+N6Xk8ADVAus=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:0c:26:99:97:5e:ef:ee:a4:a8:fa:9d:ae:ee:e3:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa
        Validity
            Not Before: May  2 16:03:45 2024 GMT
            Not After : May  3 16:03:45 2024 GMT
        Subject: CN=bd875e582c1f95205268f61743f4ff88f502c392
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:c2:c3:6f:49:77:95:6c:31:ba:45:09:b5:69:
                    d7:5b:76:63:c2:f6:01:16:75:2f:4c:63:de:6b:f7:
                    46:91:ae:e1:b0:fe:3d:75:3c:9a:ab:15:6e:f3:7c:
                    be:cd:f3:3b:15:b0:a3:a1:b7:95:92:62:24:d7:64:
                    a9:d1:73:56:1f:f7:2f:d6:5f:0e:87:2f:fa:d9:cc:
                    cd:59:29:bf:9f:d5:07:37:7e:c5:49:89:79:98:39:
                    a2:00:5a:b8:ec:d0:f9:29:f0:c1:8e:d2:48:6e:07:
                    54:80:43:aa:52:d3:94:10:3c:d2:a9:9a:ce:80:c0:
                    b8:e6:a5:e2:45:27:6a:da:cf:99:e3:ba:87:aa:7a:
                    57:b9:2d:f1:31:0d:ab:99:60:96:90:38:a3:99:01:
                    d7:34:78:18:0f:42:90:e8:82:4a:40:30:81:09:f4:
                    8b:e8:5a:81:63:3a:11:fe:36:56:75:8b:a9:9c:e1:
                    31:09:76:0f:8e:14:76:c2:02:2d:65:3a:ef:40:0d:
                    01:86:4e:6c:99:be:bf:70:e2:06:c0:ee:71:81:04:
                    31:e2:66:60:95:6f:36:1e:ca:bf:b8:52:b2:23:71:
                    e7:94:63:1c:3e:9f:78:20:b5:32:f7:ea:99:76:a3:
                    80:cf:f4:18:23:fc:9b:68:15:c0:d1:bc:a4:f9:39:
                    e4:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:87:5E:58:2C:1F:95:20:52:68:F6:17:43:F4:FF:88:F5:02:C3:92
            X509v3 Authority Key Identifier:
                keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:da:5e:53:4b:43:3a:4a:4a:d4:43:86:0a:e3:7a:b9:5b:96:
         c8:11:03:16:37:be:ac:70:64:61:70:1c:37:aa:f7:4a:0f:5d:
         98:55:18:c9:3b:1b:7f:31:7c:e8:2d:17:7c:fb:6f:31:fc:1f:
         31:69:e0:02:b8:31:8b:fa:d8:4a:25:8c:a6:0e:ee:ea:7e:a6:
         67:3a:5d:7f:c0:f1:75:ea:75:b0:4f:e0:06:a8:45:f7:ad:2c:
         9d:76:ac:dc:cb:f7:bf:df:2e:dc:2c:03:2e:fa:4b:34:db:68:
         db:f8:13:ca:ed:61:56:70:55:04:df:a8:f3:aa:54:96:e3:ad:
         2d:45:2c:87:cb:a2:2b:5a:e7:67:e9:a6:31:13:06:b7:02:3c:
         cd:c1:96:72:e1:a6:78:e4:3e:f2:bd:75:d4:66:b9:23:f3:70:
         b3:55:2a:dc:32:93:ed:d3:43:d1:72:83:fe:9e:6a:f6:a0:fd:
         5c:59:ae:99:79:db:cc:a7:5b:63:b1:73:55:9a:ea:cd:45:eb:
         9f:33:0a:9e:2d:b5:0d:d6:2a:23:c0:a0:55:dc:4d:a2:c8:88:
         f3:9b:1e:d7:55:ac:c3:b7:46:43:f4:63:19:69:fe:9e:67:de:
         51:27:26:d5:b9:23:52:10:ec:a7:e1:2a:84:bd:9c:88:d8:86:
         6d:55:b8:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY86DCaZl17v7qSo+p2u7uN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy
OTFlZmEwHhcNMjQwNTAyMTYwMzQ1WhcNMjQwNTAzMTYwMzQ1WjAzMTEwLwYDVQQD
EyhiZDg3NWU1ODJjMWY5NTIwNTI2OGY2MTc0M2Y0ZmY4OGY1MDJjMzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MLDb0l3lWwxukUJtWnXW3ZjwvYB
FnUvTGPea/dGka7hsP49dTyaqxVu83y+zfM7FbCjobeVkmIk12Sp0XNWH/cv1l8O
hy/62czNWSm/n9UHN37FSYl5mDmiAFq47ND5KfDBjtJIbgdUgEOqUtOUEDzSqZrO
gMC45qXiRSdq2s+Z47qHqnpXuS3xMQ2rmWCWkDijmQHXNHgYD0KQ6IJKQDCBCfSL
6FqBYzoR/jZWdYupnOExCXYPjhR2wgItZTrvQA0Bhk5smb6/cOIGwO5xgQQx4mZg
lW82Hsq/uFKyI3HnlGMcPp94ILUy9+qZdqOAz/QYI/ybaBXA0byk+TnkGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL2HXlgsH5UgUmj2F0P0/4j1AsOSMB8GA1UdIwQY
MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt
ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm
LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwNpeU0tD
OkpK1EOGCuN6uVuWyBEDFje+rHBkYXAcN6r3Sg9dmFUYyTsbfzF86C0XfPtvMfwf
MWngArgxi/rYSiWMpg7u6n6mZzpdf8Dxdep1sE/gBqhF960snXas3Mv3v98u3CwD
LvpLNNto2/gTyu1hVnBVBN+o86pUluOtLUUsh8uiK1rnZ+mmMRMGtwI8zcGWcuGm
eOQ+8r111Ga5I/Nws1Uq3DKT7dND0XKD/p5q9qD9XFmumXnbzKdbY7FzVZrqzUXr
nzMKni21DdYqI8CgVdxNosiI85se11Wsw7dGQ/RjGWn+nmfeUScm1bkjUhDsp+Eq
hL2ciNiGbVW4oA==
-----END CERTIFICATE-----