Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
File:                     aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft (raw, json)
Hash identifier:          fe5v3R/paWOLuZlEgmRYdEsbuiEdAYg35R72lK1rozs=
Subject key identifier:   7A:36:B3:8E:2D:8E:36:F0:B1:97:72:0D:58:30:E0:5D:13:2F:2F:DB
Authority key identifier: 68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA
Certificate issuer:       /CN=6809515d093644678703c024d92014c532f316ea
Certificate serial:       018F8824657B3D1CD688EFA282F14DD5164B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
Manifest number:          0D77
Signing time:             Fri 17 May 2024 20:00:37 +0000
Manifest this update:     Fri 17 May 2024 20:00:37 +0000
Manifest next update:     Sat 18 May 2024 20:00:37 +0000
Files and hashes:         1: aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl (hash: CpbrXuFFosQvBgT1d226OwgVqD8HX3jJVyAugzasjxA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:65:7b:3d:1c:d6:88:ef:a2:82:f1:4d:d5:16:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6809515d093644678703c024d92014c532f316ea
        Validity
            Not Before: May 17 20:00:37 2024 GMT
            Not After : May 18 20:00:37 2024 GMT
        Subject: CN=7a36b38e2d8e36f0b197720d5830e05d132f2fdb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:5c:1a:35:07:59:7e:e1:0f:55:55:7d:8e:e8:
                    06:aa:36:6b:bc:1e:c5:50:5b:41:74:06:39:ad:2a:
                    7e:b7:12:bc:0f:14:da:82:3b:41:9a:1a:3c:27:a2:
                    6c:0e:6d:10:a0:86:b7:d3:5d:0a:26:2c:01:11:25:
                    3d:50:d6:b5:e8:bc:72:21:14:35:6f:e8:2e:02:fb:
                    e7:3b:cc:ba:24:60:ac:58:ad:d7:91:5b:82:19:ea:
                    a2:90:0e:ec:26:ce:15:3b:eb:ba:9e:d4:a1:10:81:
                    18:85:1a:0f:3f:85:61:40:a6:ef:82:eb:ed:c9:b0:
                    18:51:9d:3e:bb:77:70:1a:31:8a:c6:3b:30:26:c2:
                    73:c2:3a:05:70:6a:5d:47:25:38:eb:a7:7f:21:fc:
                    9e:64:c8:6d:b1:34:8e:80:03:71:09:7f:f1:08:4a:
                    c0:88:b3:97:9a:3c:46:28:a1:16:bb:b8:09:c4:63:
                    68:29:dd:f2:b8:79:9c:df:9c:0f:57:b7:84:ce:0b:
                    f5:1a:d5:3e:19:3c:26:90:89:6f:b0:57:21:74:bc:
                    89:95:c4:55:44:45:23:2f:35:8f:a6:a2:2b:52:8e:
                    96:79:a1:42:c0:ce:97:b6:61:a3:54:f6:db:79:5b:
                    ad:65:84:c0:97:e6:0a:6d:08:be:d7:59:98:55:b8:
                    7a:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:36:B3:8E:2D:8E:36:F0:B1:97:72:0D:58:30:E0:5D:13:2F:2F:DB
            X509v3 Authority Key Identifier:
                keyid:68:09:51:5D:09:36:44:67:87:03:C0:24:D9:20:14:C5:32:F3:16:EA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d757c0-89c3-4669-85b8-423104770552/1/aAlRXQk2RGeHA8Ak2SAUxTLzFuo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:0a:86:1c:ba:c1:f8:70:62:02:3c:2c:08:b5:af:25:7e:c0:
         6f:da:10:cf:f0:d5:e8:f5:e6:30:f8:a3:9d:eb:96:64:49:3b:
         74:b7:af:43:c3:d9:8d:fa:97:72:91:42:cf:28:b7:7a:37:8d:
         67:74:96:36:d5:18:af:ca:dc:2a:c8:b0:1b:86:18:df:ed:a2:
         f5:61:2e:f4:26:58:a8:ae:ac:f5:12:5e:d9:1d:bf:13:fd:e2:
         34:11:2a:f9:4c:51:f5:38:d2:95:29:6f:5c:6b:75:0d:24:bb:
         33:27:c5:77:bd:8e:db:6e:e7:a0:9d:10:0f:e8:9b:53:1b:5b:
         d9:73:33:1e:75:85:43:ae:19:14:21:0e:25:3b:4a:ea:4c:5c:
         48:cc:90:ba:f6:5e:47:ab:fe:62:7e:cb:9f:38:84:64:3c:6a:
         d7:d3:00:c5:c5:3d:af:d7:3c:6c:a1:69:d6:9f:8f:1f:fe:d2:
         df:e8:05:8b:60:23:c0:ac:11:26:a5:16:d8:ae:3f:d4:4f:14:
         ad:dd:b6:d2:5b:bd:0c:50:57:f9:be:8b:88:75:2a:cf:85:b0:
         dc:0a:0d:94:30:e3:52:37:15:79:15:0b:14:3e:89:71:6c:46:
         cf:19:bb:0a:d8:97:b2:32:b9:4f:75:50:58:70:73:55:91:8e:
         4b:c0:bd:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJGV7PRzWiO+igvFN1RZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MDk1MTVkMDkzNjQ0Njc4NzAzYzAyNGQ5MjAxNGM1MzJm
MzE2ZWEwHhcNMjQwNTE3MjAwMDM3WhcNMjQwNTE4MjAwMDM3WjAzMTEwLwYDVQQD
Eyg3YTM2YjM4ZTJkOGUzNmYwYjE5NzcyMGQ1ODMwZTA1ZDEzMmYyZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlwaNQdZfuEPVVV9jugGqjZrvB7F
UFtBdAY5rSp+txK8DxTagjtBmho8J6JsDm0QoIa3010KJiwBESU9UNa16LxyIRQ1
b+guAvvnO8y6JGCsWK3XkVuCGeqikA7sJs4VO+u6ntShEIEYhRoPP4VhQKbvguvt
ybAYUZ0+u3dwGjGKxjswJsJzwjoFcGpdRyU466d/IfyeZMhtsTSOgANxCX/xCErA
iLOXmjxGKKEWu7gJxGNoKd3yuHmc35wPV7eEzgv1GtU+GTwmkIlvsFchdLyJlcRV
REUjLzWPpqIrUo6WeaFCwM6XtmGjVPbbeVutZYTAl+YKbQi+11mYVbh6JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHo2s44tjjbwsZdyDVgw4F0TLy/bMB8GA1UdIwQY
MBaAFGgJUV0JNkRnhwPAJNkgFMUy8xbqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1Yjgt
NDIzMTA0NzcwNTUyLzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kNzU3YzAtODljMy00NjY5LTg1YjgtNDIzMTA0NzcwNTUy
LzEvYUFsUlhRazJSR2VIQThBazJTQVV4VEx6RnVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUAqGHLrB
+HBiAjwsCLWvJX7Ab9oQz/DV6PXmMPijneuWZEk7dLevQ8PZjfqXcpFCzyi3ejeN
Z3SWNtUYr8rcKsiwG4YY3+2i9WEu9CZYqK6s9RJe2R2/E/3iNBEq+UxR9TjSlSlv
XGt1DSS7MyfFd72O227noJ0QD+ibUxtb2XMzHnWFQ64ZFCEOJTtK6kxcSMyQuvZe
R6v+Yn7LnziEZDxq19MAxcU9r9c8bKFp1p+PH/7S3+gFi2AjwKwRJqUW2K4/1E8U
rd220lu9DFBX+b6LiHUqz4Ww3AoNlDDjUjcVeRULFD6JcWxGzxm7CtiXsjK5T3VQ
WHBzVZGOS8C9wQ==
-----END CERTIFICATE-----