Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File:                     clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier:          DIUKBWj3KCXBB+tkWuJQ4EIYUw2MTV7aqklWy3W1OIg=
Subject key identifier:   CB:61:B8:61:3F:17:E1:9D:35:7B:C7:07:16:88:64:A8:DD:56:52:4E
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer:       /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial:       018F87B674A39746ED55E161C4BFA21A4955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number:          0450
Signing time:             Fri 17 May 2024 18:00:32 +0000
Manifest this update:     Fri 17 May 2024 18:00:32 +0000
Manifest next update:     Sat 18 May 2024 18:00:32 +0000
Files and hashes:         1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: 3yNQUfdbyk9bi2eaJz2wajPPTmfAJyNYc5hTXxA3Lo4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:74:a3:97:46:ed:55:e1:61:c4:bf:a2:1a:49:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
        Validity
            Not Before: May 17 18:00:32 2024 GMT
            Not After : May 18 18:00:32 2024 GMT
        Subject: CN=cb61b8613f17e19d357bc707168864a8dd56524e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:07:78:45:ee:60:89:43:d1:0c:9b:12:cd:9c:
                    a3:39:48:ab:0b:1d:91:ac:49:d5:05:0d:ee:3b:a3:
                    ca:eb:23:b2:e5:e0:68:34:fa:dd:bf:bc:51:72:39:
                    1d:b6:29:35:98:ea:78:68:28:fa:bf:80:a7:10:bd:
                    9d:fb:36:d6:2c:25:e0:01:45:36:d7:22:a7:97:76:
                    6b:67:cc:af:98:59:d8:d7:ad:33:94:46:e5:ca:e1:
                    e4:78:c8:dd:b0:7b:e4:21:5c:4d:ce:8d:7d:7d:33:
                    d2:a9:e3:8a:aa:a1:22:5e:de:04:d3:a9:fc:f3:44:
                    57:79:f8:9b:22:5a:de:bf:8a:99:08:76:fc:40:8d:
                    51:42:9f:52:14:30:36:5a:2f:13:22:48:f9:c9:3a:
                    5c:f4:a7:67:6f:a2:ad:a0:81:30:26:4c:18:1b:cb:
                    60:66:55:e9:bb:78:30:7b:e1:cd:1f:2a:87:97:a5:
                    60:b3:e0:90:7b:74:27:fe:61:e3:26:dd:00:35:34:
                    2b:59:e1:b5:dc:f0:87:90:b4:36:6c:14:0d:d7:71:
                    d3:25:27:51:1a:1f:5f:f9:91:1c:3f:cc:90:cb:38:
                    09:27:1c:08:e9:58:c1:5b:03:74:3a:dd:b3:33:b2:
                    94:67:14:61:ea:c7:62:55:56:93:f5:65:e7:9f:6f:
                    58:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:61:B8:61:3F:17:E1:9D:35:7B:C7:07:16:88:64:A8:DD:56:52:4E
            X509v3 Authority Key Identifier:
                keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:6a:9b:26:89:8b:d6:72:d9:b1:b7:31:cd:0b:7c:0d:43:84:
         98:d4:aa:90:54:d2:56:f9:9b:25:4d:7e:ae:fd:a9:9f:70:50:
         33:4f:29:51:dd:f6:f0:de:e3:50:ea:15:b5:3d:3d:42:c1:2a:
         f5:bb:7c:51:50:a3:a0:f9:dc:b7:04:dc:a2:7d:4c:b4:51:cd:
         a2:25:72:75:e1:67:3f:0c:e8:cd:d7:b7:a7:65:9f:b1:04:3f:
         b2:87:89:7b:5b:da:65:d7:8c:b6:5e:37:b9:68:2e:a5:c7:76:
         12:65:b9:c1:d3:a4:71:cf:8f:3c:a4:cf:80:cf:5a:11:76:7e:
         26:5e:eb:c7:e7:1d:cc:91:e7:e6:93:73:dc:e4:34:a2:99:6e:
         f3:2a:ba:5b:3d:44:b2:29:22:14:af:ee:6b:d1:c6:46:98:08:
         54:c1:cd:5e:8f:5d:d4:dd:fe:72:f0:3e:86:a3:10:99:5d:62:
         03:9d:15:48:51:61:d6:8f:92:39:d8:17:2e:9b:16:6e:f1:fd:
         ad:64:14:0d:ad:38:54:71:42:37:e9:2a:c7:7e:6f:c9:95:4a:
         12:fb:fe:a5:ff:3b:cb:fb:30:06:c4:c2:a2:91:b7:35:64:37:
         1a:7a:ff:61:b8:11:b4:5c:af:e5:97:33:9a:bc:1f:56:f8:ea:
         63:7c:d1:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtnSjl0btVeFhxL+iGklVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjQwNTE3MTgwMDMyWhcNMjQwNTE4MTgwMDMyWjAzMTEwLwYDVQQD
EyhjYjYxYjg2MTNmMTdlMTlkMzU3YmM3MDcxNjg4NjRhOGRkNTY1MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAd4Re5giUPRDJsSzZyjOUirCx2R
rEnVBQ3uO6PK6yOy5eBoNPrdv7xRcjkdtik1mOp4aCj6v4CnEL2d+zbWLCXgAUU2
1yKnl3ZrZ8yvmFnY160zlEblyuHkeMjdsHvkIVxNzo19fTPSqeOKqqEiXt4E06n8
80RXefibIlrev4qZCHb8QI1RQp9SFDA2Wi8TIkj5yTpc9Kdnb6KtoIEwJkwYG8tg
ZlXpu3gwe+HNHyqHl6Vgs+CQe3Qn/mHjJt0ANTQrWeG13PCHkLQ2bBQN13HTJSdR
Gh9f+ZEcP8yQyzgJJxwI6VjBWwN0Ot2zM7KUZxRh6sdiVVaT9WXnn29YYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMthuGE/F+GdNXvHBxaIZKjdVlJOMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM2qbJomL
1nLZsbcxzQt8DUOEmNSqkFTSVvmbJU1+rv2pn3BQM08pUd328N7jUOoVtT09QsEq
9bt8UVCjoPnctwTcon1MtFHNoiVydeFnPwzozde3p2WfsQQ/soeJe1vaZdeMtl43
uWgupcd2EmW5wdOkcc+PPKTPgM9aEXZ+Jl7rx+cdzJHn5pNz3OQ0oplu8yq6Wz1E
sikiFK/ua9HGRpgIVMHNXo9d1N3+cvA+hqMQmV1iA50VSFFh1o+SOdgXLpsWbvH9
rWQUDa04VHFCN+kqx35vyZVKEvv+pf87y/swBsTCopG3NWQ3Gnr/YbgRtFyv5Zcz
mrwfVvjqY3zRYg==
-----END CERTIFICATE-----