Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
File:                     aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json)
Hash identifier:          BycF26LgdCvsVzN6UUzkpdRsSG4Y226jmemwMFa2MYU=
Subject key identifier:   81:03:5B:61:04:39:26:87:BE:76:20:93:96:9A:59:59:0E:C5:83:BC
Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B
Certificate issuer:       /CN=69448948cf4d8dace47718c0f7259edeeb093e7b
Certificate serial:       018F86A3C4CD7EBBAD89269C498180019BE7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 13:00:30 +0000
Manifest this update:     Fri 17 May 2024 13:00:30 +0000
Manifest next update:     Sat 18 May 2024 13:00:30 +0000
Files and hashes:         1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: zb7azUPSuaa6YSTolPR7qSRbsi21+b/3TOmSmGvXTf8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:c4:cd:7e:bb:ad:89:26:9c:49:81:80:01:9b:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b
        Validity
            Not Before: May 17 13:00:30 2024 GMT
            Not After : May 18 13:00:30 2024 GMT
        Subject: CN=81035b6104392687be762093969a59590ec583bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:ba:57:ba:4c:01:f0:db:b3:50:2b:9e:8c:62:
                    49:b6:f7:f9:af:52:41:c6:93:9c:0b:7f:46:63:a9:
                    67:d0:be:20:25:a2:d6:82:fc:56:a8:01:7a:c3:89:
                    80:01:f8:7c:1d:e1:89:93:1e:95:d0:77:67:df:b1:
                    30:b5:33:c1:1c:6d:bb:3e:f2:d3:e6:31:ef:2d:e0:
                    42:8d:8d:f6:78:3e:15:5b:10:f4:dd:b3:f8:e4:38:
                    1a:04:b2:24:79:a9:45:32:51:75:ee:2e:50:06:28:
                    9a:60:b1:44:f3:90:72:41:cb:69:b1:db:24:c0:3d:
                    f4:e0:d6:d4:56:da:d3:b9:d7:03:e1:9b:2e:f1:c2:
                    d4:40:1e:2f:d2:0b:00:75:eb:8e:31:89:a4:35:9b:
                    8f:7b:a7:0c:02:94:9b:65:02:20:8f:5a:73:6c:0d:
                    24:10:e9:0e:4e:fe:e9:ee:84:05:52:49:75:26:cf:
                    16:d7:50:bc:54:3c:0e:3f:f7:3c:8f:51:c9:2a:d7:
                    03:26:e5:a0:69:6c:a9:42:d8:4f:25:5a:f7:b4:8a:
                    1e:46:e6:97:05:d2:5f:f5:20:e7:5a:f4:cd:8e:16:
                    da:b7:68:e5:e8:98:cb:ae:a9:4c:77:cc:3f:58:86:
                    00:4f:0f:3b:7d:7b:bb:5d:71:bd:3d:12:61:88:dd:
                    f9:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:03:5B:61:04:39:26:87:BE:76:20:93:96:9A:59:59:0E:C5:83:BC
            X509v3 Authority Key Identifier:
                keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:2d:03:92:b4:4c:1d:d1:e2:e7:06:67:f5:45:45:8a:3b:24:
         af:7f:de:7b:f7:9f:5c:3c:bb:5d:60:9f:d2:b4:6d:07:2b:36:
         b5:3d:d5:26:4a:dc:bd:b7:3c:54:4a:2e:db:81:a9:d9:56:76:
         ba:93:2c:85:5d:0f:1c:51:cc:bb:b8:68:dd:43:51:0e:ca:83:
         1e:cc:5c:68:e0:74:b1:d3:4a:3c:60:ce:78:ff:23:3a:f2:b6:
         91:13:db:01:eb:17:11:dc:6b:9d:99:d4:69:45:5d:7e:51:7c:
         e6:bb:9b:73:f6:24:c5:d9:49:d3:e7:cf:4c:3c:a2:91:da:f6:
         ce:84:72:fe:b5:45:a4:62:be:4f:74:ff:19:bd:07:48:70:00:
         36:8d:16:d8:60:f0:80:d3:19:df:06:b8:36:bd:9d:36:4a:57:
         b3:7e:f9:45:40:25:14:5a:dd:3e:ed:1d:46:87:4f:e9:05:39:
         12:64:53:6a:5a:8e:46:52:43:43:a7:d3:ef:d2:4b:3a:55:ec:
         54:b9:59:d5:7f:70:aa:b1:be:bd:4d:e6:83:8b:62:26:46:2a:
         ff:83:90:c4:36:71:19:a9:20:2e:68:f8:21:af:65:0b:e0:86:
         65:f1:72:4c:5c:c8:3a:37:f9:d2:51:2a:5e:70:b4:82:a3:f5:
         c0:4d:df:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go8TNfrutiSacSYGAAZvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw
OTNlN2IwHhcNMjQwNTE3MTMwMDMwWhcNMjQwNTE4MTMwMDMwWjAzMTEwLwYDVQQD
Eyg4MTAzNWI2MTA0MzkyNjg3YmU3NjIwOTM5NjlhNTk1OTBlYzU4M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7pXukwB8NuzUCuejGJJtvf5r1JB
xpOcC39GY6ln0L4gJaLWgvxWqAF6w4mAAfh8HeGJkx6V0Hdn37EwtTPBHG27PvLT
5jHvLeBCjY32eD4VWxD03bP45DgaBLIkealFMlF17i5QBiiaYLFE85ByQctpsdsk
wD304NbUVtrTudcD4Zsu8cLUQB4v0gsAdeuOMYmkNZuPe6cMApSbZQIgj1pzbA0k
EOkOTv7p7oQFUkl1Js8W11C8VDwOP/c8j1HJKtcDJuWgaWypQthPJVr3tIoeRuaX
BdJf9SDnWvTNjhbat2jl6JjLrqlMd8w/WIYATw87fXu7XXG9PRJhiN35QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEDW2EEOSaHvnYgk5aaWVkOxYO8MB8GA1UdIwQY
MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt
NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl
LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdS0DkrRM
HdHi5wZn9UVFijskr3/ee/efXDy7XWCf0rRtBys2tT3VJkrcvbc8VEou24Gp2VZ2
upMshV0PHFHMu7ho3UNRDsqDHsxcaOB0sdNKPGDOeP8jOvK2kRPbAesXEdxrnZnU
aUVdflF85rubc/YkxdlJ0+fPTDyikdr2zoRy/rVFpGK+T3T/Gb0HSHAANo0W2GDw
gNMZ3wa4Nr2dNkpXs375RUAlFFrdPu0dRodP6QU5EmRTalqORlJDQ6fT79JLOlXs
VLlZ1X9wqrG+vU3mg4tiJkYq/4OQxDZxGakgLmj4Ia9lC+CGZfFyTFzIOjf50lEq
XnC0gqP1wE3fMA==
-----END CERTIFICATE-----