Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
File:                     zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft (raw, json)
Hash identifier:          oXJlu8WJGALG7zjkYbEAvPRxBkuTptV7qDif6KXUCGc=
Subject key identifier:   72:E1:E0:F4:07:8D:51:53:62:F4:DA:15:60:9D:4F:79:1C:95:58:44
Authority key identifier: CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14
Certificate issuer:       /CN=cd35f6ff567bde93394fff282fad417da0b53614
Certificate serial:       018FB30F7D580FB7D962E8F8B271690EBE52
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
Manifest number:          0866
Signing time:             Sun 26 May 2024 04:01:27 +0000
Manifest this update:     Sun 26 May 2024 04:01:27 +0000
Manifest next update:     Mon 27 May 2024 04:01:27 +0000
Files and hashes:         1: zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl (hash: LPXnAHasdW5qpYodqIVPHvlnggHznNLtRe3jO9vI8MM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 26 May 2024 23:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:b3:0f:7d:58:0f:b7:d9:62:e8:f8:b2:71:69:0e:be:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd35f6ff567bde93394fff282fad417da0b53614
        Validity
            Not Before: May 26 04:01:27 2024 GMT
            Not After : May 27 04:01:27 2024 GMT
        Subject: CN=72e1e0f4078d515362f4da15609d4f791c955844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:54:ee:49:b9:ce:af:05:15:52:a2:ec:a0:ee:
                    e2:3d:f5:5b:68:9f:a1:b6:5f:f0:5d:e7:53:94:fc:
                    a5:1a:b4:41:88:1e:d0:3e:24:bf:be:aa:5c:40:0d:
                    78:bc:d9:a7:9f:49:19:2e:f7:20:c2:48:9c:7f:33:
                    78:63:24:26:01:ba:93:2b:6b:8e:6b:e5:25:62:77:
                    0e:dc:f6:4e:b8:04:85:2b:bf:4c:7b:a7:fd:8d:8c:
                    f9:c9:ef:1d:e0:a1:88:8b:a1:00:0f:4d:8c:c5:19:
                    77:8c:1e:40:23:66:f5:04:59:e3:ba:43:a3:84:c7:
                    a5:91:b3:4e:43:3e:bd:83:87:66:19:b8:06:c4:37:
                    fd:78:06:61:b5:63:04:a3:b8:b8:b1:73:f1:41:96:
                    cb:bd:9a:4a:11:d0:10:40:a4:81:1b:5c:b7:a4:f2:
                    5a:2f:7f:13:e7:4a:69:cb:dd:2a:bd:ce:b1:97:b6:
                    ff:25:e2:e4:07:dc:27:9d:f7:ef:1b:7f:3f:22:4f:
                    fb:b8:f0:87:89:e8:30:f0:18:45:39:b1:cb:2d:74:
                    02:34:0b:b2:6d:22:a2:be:15:17:d5:b1:dc:fd:68:
                    bf:0c:d4:84:2d:48:05:d6:d9:4a:7b:4b:9b:95:61:
                    4c:2f:37:ae:f2:a9:bc:53:0c:77:78:d3:1e:ff:c6:
                    3e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:E1:E0:F4:07:8D:51:53:62:F4:DA:15:60:9D:4F:79:1C:95:58:44
            X509v3 Authority Key Identifier:
                keyid:CD:35:F6:FF:56:7B:DE:93:39:4F:FF:28:2F:AD:41:7D:A0:B5:36:14

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTX2_1Z73pM5T_8oL61BfaC1NhQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/09dddf-f83f-4650-a347-44a307545d74/1/zTX2_1Z73pM5T_8oL61BfaC1NhQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:a0:b6:f4:cb:94:e2:22:78:46:2b:fd:59:3f:1d:79:b6:84:
         7f:0c:39:50:e8:a8:0b:aa:e7:11:94:30:a5:bf:9d:bb:96:78:
         e4:38:5a:38:c0:3d:10:bf:5f:7e:9c:72:a6:df:b9:2a:f3:27:
         06:9f:fe:c8:bf:98:02:92:46:d9:4c:92:48:43:78:8d:7c:41:
         40:29:53:ee:a2:a1:76:91:a0:46:65:0a:84:4a:82:91:6e:67:
         96:7e:f2:72:d2:bb:c1:05:89:81:ce:c0:4f:98:55:5a:a5:ef:
         4a:1f:7c:23:8e:3d:be:a8:79:99:a6:21:62:89:e8:4e:5a:f0:
         4f:73:71:de:84:5c:40:6a:88:fa:b6:eb:8e:e5:a1:63:50:58:
         d5:b2:5f:5d:04:83:6e:65:fa:62:35:6f:96:76:91:8a:6e:df:
         a2:a4:8d:56:c7:f0:0b:e5:8b:a1:e8:19:5b:a9:b3:b1:41:5c:
         44:4f:73:62:2b:6c:ce:d7:7e:7c:81:f7:03:95:90:98:0d:ac:
         3d:45:56:e7:68:50:1a:d5:8b:ab:07:95:e0:ae:b8:40:dd:bd:
         39:cf:d4:30:71:5d:74:c1:e5:a1:0c:82:1d:7b:a5:15:f5:c4:
         7f:af:14:64:a3:5d:d3:26:50:8f:1f:ed:00:a8:9b:88:4b:a7:
         35:ff:a2:21
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+zD31YD7fZYuj4snFpDr5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzVmNmZmNTY3YmRlOTMzOTRmZmYyODJmYWQ0MTdkYTBi
NTM2MTQwHhcNMjQwNTI2MDQwMTI3WhcNMjQwNTI3MDQwMTI3WjAzMTEwLwYDVQQD
Eyg3MmUxZTBmNDA3OGQ1MTUzNjJmNGRhMTU2MDlkNGY3OTFjOTU1ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVTuSbnOrwUVUqLsoO7iPfVbaJ+h
tl/wXedTlPylGrRBiB7QPiS/vqpcQA14vNmnn0kZLvcgwkicfzN4YyQmAbqTK2uO
a+UlYncO3PZOuASFK79Me6f9jYz5ye8d4KGIi6EAD02MxRl3jB5AI2b1BFnjukOj
hMelkbNOQz69g4dmGbgGxDf9eAZhtWMEo7i4sXPxQZbLvZpKEdAQQKSBG1y3pPJa
L38T50ppy90qvc6xl7b/JeLkB9wnnffvG38/Ik/7uPCHiegw8BhFObHLLXQCNAuy
bSKivhUX1bHc/Wi/DNSELUgF1tlKe0ublWFMLzeu8qm8Uwx3eNMe/8Y+yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHLh4PQHjVFTYvTaFWCdT3kclVhEMB8GA1UdIwQY
MBaAFM019v9We96TOU//KC+tQX2gtTYUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDct
NDRhMzA3NTQ1ZDc0LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8wOWRkZGYtZjgzZi00NjUwLWEzNDctNDRhMzA3NTQ1ZDc0
LzEvelRYMl8xWjczcE01VF84b0w2MUJmYUMxTmhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEqC29MuU
4iJ4Riv9WT8debaEfww5UOioC6rnEZQwpb+du5Z45DhaOMA9EL9ffpxypt+5KvMn
Bp/+yL+YApJG2UySSEN4jXxBQClT7qKhdpGgRmUKhEqCkW5nln7yctK7wQWJgc7A
T5hVWqXvSh98I449vqh5maYhYonoTlrwT3Nx3oRcQGqI+rbrjuWhY1BY1bJfXQSD
bmX6YjVvlnaRim7foqSNVsfwC+WLoegZW6mzsUFcRE9zYitsztd+fIH3A5WQmA2s
PUVW52hQGtWLqweV4K64QN29Oc/UMHFddMHloQyCHXulFfXEf68UZKNd0yZQjx/t
AKibiEunNf+iIQ==
-----END CERTIFICATE-----