Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
File:                     N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft (raw, json)
Hash identifier:          tyDImm7b6bxTlrmCYI4Z6kg8uHCxzczq5jRshoJ2Qi8=
Subject key identifier:   A4:04:DE:5D:E4:B9:C7:76:0E:8E:D2:CE:48:34:45:8A:E8:03:83:5E
Authority key identifier: 37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE
Certificate issuer:       /CN=37698b4f37d8081c3505ada0baa85221934341be
Certificate serial:       018F8748522806BB86A901CE47D194A8C292
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
Manifest number:          09D4
Signing time:             Fri 17 May 2024 16:00:14 +0000
Manifest this update:     Fri 17 May 2024 16:00:14 +0000
Manifest next update:     Sat 18 May 2024 16:00:14 +0000
Files and hashes:         1: N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl (hash: XNybNjsjs3FFLGv6+WNKzkrqq2LBmbXjJz9OV+7qvcY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:52:28:06:bb:86:a9:01:ce:47:d1:94:a8:c2:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37698b4f37d8081c3505ada0baa85221934341be
        Validity
            Not Before: May 17 16:00:14 2024 GMT
            Not After : May 18 16:00:14 2024 GMT
        Subject: CN=a404de5de4b9c7760e8ed2ce4834458ae803835e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:47:70:e6:1d:02:91:18:6b:39:69:80:68:47:
                    c2:35:f2:c2:f8:82:3c:bb:af:3a:65:78:09:94:01:
                    09:08:18:fe:a0:0b:4c:ad:3f:3e:21:24:61:2b:a3:
                    6e:97:cc:d2:ed:32:7a:c9:ec:fe:fa:2d:a2:46:0f:
                    a0:8d:5a:81:c0:ff:22:0c:bb:4e:d1:69:20:f2:13:
                    41:dc:cf:ff:eb:68:b9:da:e5:4c:28:30:e6:e7:84:
                    b6:f8:de:98:e0:00:1e:4f:30:15:6e:13:64:f6:ba:
                    bf:64:af:b9:37:96:4a:cc:ad:1c:f3:e9:fb:56:1a:
                    1c:d4:36:01:32:7e:61:c2:6c:f0:29:48:34:b8:d0:
                    cd:b0:22:6b:68:27:9d:12:5d:67:e9:15:52:c2:b5:
                    eb:90:4e:bf:53:67:01:3a:f2:e9:b1:91:be:d1:12:
                    e3:1a:85:d2:b6:42:ef:aa:ef:19:e3:db:21:a4:b3:
                    25:e1:58:d9:89:7b:d2:54:ea:08:b0:dd:54:1c:ec:
                    a8:02:f9:9a:96:14:66:26:ef:29:cf:0c:18:7e:a5:
                    ab:11:1d:72:b6:b7:b2:7c:64:d0:32:98:c0:72:86:
                    0a:ac:e6:1b:c3:1e:c1:e0:09:76:39:3e:69:90:b5:
                    f9:38:3f:1e:59:aa:83:4d:0a:81:9a:0e:20:d2:c7:
                    c0:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:04:DE:5D:E4:B9:C7:76:0E:8E:D2:CE:48:34:45:8A:E8:03:83:5E
            X509v3 Authority Key Identifier:
                keyid:37:69:8B:4F:37:D8:08:1C:35:05:AD:A0:BA:A8:52:21:93:43:41:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N2mLTzfYCBw1Ba2guqhSIZNDQb4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/10bf3d-4eb5-4a13-83b7-2bb81d99d5f1/1/N2mLTzfYCBw1Ba2guqhSIZNDQb4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:b7:c2:8b:ac:ff:c2:52:25:71:31:d6:11:f2:fd:51:7d:ff:
         97:d2:59:9e:21:d0:85:68:6c:c6:47:d1:57:67:85:86:10:31:
         5f:15:3b:ce:85:21:e2:85:a3:db:1b:d6:17:fa:7d:d4:a3:60:
         80:20:58:20:1a:19:13:54:62:79:b6:d5:64:96:70:0e:2f:a6:
         84:0c:a3:c2:ab:7a:60:a5:59:af:8c:4b:ae:7d:69:e5:ff:0c:
         55:22:32:23:44:0d:74:ab:43:4a:2e:9b:0b:ac:f5:dd:1f:d2:
         3f:61:86:f1:50:06:d9:35:a5:79:e9:3d:ac:30:a1:f0:62:5a:
         b5:c0:60:a7:e7:fa:83:db:36:f3:c3:06:6b:c7:0a:6d:a2:a3:
         6e:82:d9:db:d7:3b:13:fb:45:b2:72:c9:b5:9c:43:5a:d7:fc:
         5a:e5:22:d0:77:c8:81:ba:21:a6:22:5c:4e:6d:d2:5b:5e:c0:
         39:56:ee:ac:92:ea:2a:bc:ea:17:30:37:d1:30:95:35:7c:49:
         58:c9:1a:84:eb:ea:8e:91:03:21:2a:f3:ee:71:28:08:df:33:
         d4:28:b9:94:da:2a:72:e5:ff:95:ae:7e:14:23:85:30:6f:87:
         aa:b2:3b:06:87:41:cb:1f:88:a8:d6:fd:4c:8b:74:19:c8:d9:
         91:e9:ae:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSFIoBruGqQHOR9GUqMKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Njk4YjRmMzdkODA4MWMzNTA1YWRhMGJhYTg1MjIxOTM0
MzQxYmUwHhcNMjQwNTE3MTYwMDE0WhcNMjQwNTE4MTYwMDE0WjAzMTEwLwYDVQQD
EyhhNDA0ZGU1ZGU0YjljNzc2MGU4ZWQyY2U0ODM0NDU4YWU4MDM4MzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUdw5h0CkRhrOWmAaEfCNfLC+II8
u686ZXgJlAEJCBj+oAtMrT8+ISRhK6Nul8zS7TJ6yez++i2iRg+gjVqBwP8iDLtO
0Wkg8hNB3M//62i52uVMKDDm54S2+N6Y4AAeTzAVbhNk9rq/ZK+5N5ZKzK0c8+n7
Vhoc1DYBMn5hwmzwKUg0uNDNsCJraCedEl1n6RVSwrXrkE6/U2cBOvLpsZG+0RLj
GoXStkLvqu8Z49shpLMl4VjZiXvSVOoIsN1UHOyoAvmalhRmJu8pzwwYfqWrER1y
treyfGTQMpjAcoYKrOYbwx7B4Al2OT5pkLX5OD8eWaqDTQqBmg4g0sfAQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQE3l3kucd2Do7Szkg0RYroA4NeMB8GA1UdIwQY
MBaAFDdpi0832AgcNQWtoLqoUiGTQ0G+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjct
MmJiODFkOTlkNWYxLzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xMGJmM2QtNGViNS00YTEzLTgzYjctMmJiODFkOTlkNWYx
LzEvTjJtTFR6ZllDQncxQmEyZ3VxaFNJWk5EUWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbfCi6z/
wlIlcTHWEfL9UX3/l9JZniHQhWhsxkfRV2eFhhAxXxU7zoUh4oWj2xvWF/p91KNg
gCBYIBoZE1RiebbVZJZwDi+mhAyjwqt6YKVZr4xLrn1p5f8MVSIyI0QNdKtDSi6b
C6z13R/SP2GG8VAG2TWleek9rDCh8GJatcBgp+f6g9s288MGa8cKbaKjboLZ29c7
E/tFsnLJtZxDWtf8WuUi0HfIgbohpiJcTm3SW17AOVburJLqKrzqFzA30TCVNXxJ
WMkahOvqjpEDISrz7nEoCN8z1Ci5lNoqcuX/la5+FCOFMG+HqrI7BodByx+IqNb9
TIt0GcjZkemuiA==
-----END CERTIFICATE-----