Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft
File:                     dyDGcENNpRAiYQmdoQHyXdP3qto.mft (raw, json)
Hash identifier:          C5W5QgGYQjPegR1rlJCffERbNpPPkknI6+XWC2iSs7c=
Subject key identifier:   52:F3:A7:E1:60:DD:55:8B:D4:6D:88:9C:40:A9:EA:72:76:5D:25:7A
Authority key identifier: 77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA
Certificate issuer:       /CN=7720c670434da5102261099da101f25dd3f7aada
Certificate serial:       018F874913F689A5FDAE3EADC16D1CF110D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft
Manifest number:          09BA
Signing time:             Fri 17 May 2024 16:01:04 +0000
Manifest this update:     Fri 17 May 2024 16:01:04 +0000
Manifest next update:     Sat 18 May 2024 16:01:04 +0000
Files and hashes:         1: dyDGcENNpRAiYQmdoQHyXdP3qto.crl (hash: cAEwxYTdWA/Nf66hqat4FdCygL1kGZT7SAlU74qmJ04=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:13:f6:89:a5:fd:ae:3e:ad:c1:6d:1c:f1:10:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7720c670434da5102261099da101f25dd3f7aada
        Validity
            Not Before: May 17 16:01:04 2024 GMT
            Not After : May 18 16:01:04 2024 GMT
        Subject: CN=52f3a7e160dd558bd46d889c40a9ea72765d257a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:50:e3:95:9f:3d:b4:e2:78:20:71:a2:cc:ba:
                    2b:43:c4:69:f7:a5:bf:b7:05:c9:0a:d4:4e:a3:19:
                    e6:61:99:a7:4d:27:a4:0d:88:e2:58:3b:99:6c:d5:
                    0a:3f:68:cc:ef:ff:f3:91:22:0b:de:8f:98:4c:c0:
                    f3:f5:af:79:22:25:86:5e:d5:b8:18:d3:f7:12:7f:
                    0a:ab:fe:01:f3:1d:8e:8f:b4:6f:0e:04:e0:e4:77:
                    d3:25:8b:d6:f8:bb:87:50:7e:b7:49:91:dc:8c:f6:
                    e7:7c:b5:fb:d8:90:2b:de:cc:e1:4a:65:ea:16:f2:
                    c7:86:d7:6c:88:8d:66:ae:43:85:13:a1:a7:db:fc:
                    d4:a1:f1:4d:48:f6:02:76:ed:d6:09:4f:b0:44:b3:
                    fa:1d:d5:fe:0d:60:f5:07:ce:ae:14:42:66:5e:c0:
                    df:e7:e0:89:63:3e:f1:87:86:e5:e2:69:80:39:ef:
                    c2:a9:34:b2:40:36:ca:85:0c:46:28:47:c5:bc:b7:
                    e4:3a:d2:b9:3d:9b:20:b7:8e:24:64:fc:9e:17:fc:
                    50:0a:53:2b:cf:64:29:56:56:0c:b5:ba:a6:47:5f:
                    1d:b7:07:22:f2:81:eb:3e:24:09:a8:f4:86:27:0c:
                    38:61:72:19:44:4e:f3:e1:2e:c2:84:88:f9:4a:22:
                    5c:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:F3:A7:E1:60:DD:55:8B:D4:6D:88:9C:40:A9:EA:72:76:5D:25:7A
            X509v3 Authority Key Identifier:
                keyid:77:20:C6:70:43:4D:A5:10:22:61:09:9D:A1:01:F2:5D:D3:F7:AA:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dyDGcENNpRAiYQmdoQHyXdP3qto.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/cf753f-7781-4dfe-a38e-d845995991ac/1/dyDGcENNpRAiYQmdoQHyXdP3qto.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:41:6a:d7:f8:22:56:8d:f7:3e:96:ef:ff:a0:b3:95:d9:bb:
         98:27:bc:63:95:5b:5c:69:4b:8c:d5:f0:84:da:fa:92:47:fe:
         77:55:d0:79:bf:b9:ca:b0:af:ce:4d:84:0c:06:12:cd:6e:68:
         b4:e3:f9:31:a7:b3:6c:33:9e:6e:86:df:0a:cb:42:28:ff:8f:
         cd:e3:11:94:3d:e9:36:e4:70:5a:a5:1e:95:4c:01:6f:42:32:
         e3:04:bd:a5:ec:be:33:ae:1a:b8:2e:9c:87:05:b4:20:84:fa:
         73:d1:bb:70:f3:92:64:a1:69:c2:62:a1:43:f1:ad:99:63:69:
         e3:3e:3d:89:59:4d:04:b0:32:6e:70:a8:60:cb:5f:d9:fb:79:
         29:59:07:56:a7:a4:f1:a0:7b:96:7d:79:b0:d5:43:00:24:a3:
         fc:fd:ef:ce:10:dc:91:15:77:0a:d4:91:fb:11:9b:33:cc:35:
         64:d1:1d:6e:3d:f1:4c:cf:36:57:a7:dd:fc:1e:2d:e1:b9:62:
         08:31:26:68:95:77:a5:f9:dd:b0:61:d3:1b:d8:38:e2:2e:09:
         e3:a5:95:e2:66:18:db:bf:f0:b9:fd:d9:47:1f:b7:2a:63:5a:
         61:1e:14:a1:8a:d2:4f:0e:da:96:6b:b9:9b:74:b0:06:96:51:
         1f:2a:b9:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSRP2iaX9rj6twW0c8RDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MjBjNjcwNDM0ZGE1MTAyMjYxMDk5ZGExMDFmMjVkZDNm
N2FhZGEwHhcNMjQwNTE3MTYwMTA0WhcNMjQwNTE4MTYwMTA0WjAzMTEwLwYDVQQD
Eyg1MmYzYTdlMTYwZGQ1NThiZDQ2ZDg4OWM0MGE5ZWE3Mjc2NWQyNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6FDjlZ89tOJ4IHGizLorQ8Rp96W/
twXJCtROoxnmYZmnTSekDYjiWDuZbNUKP2jM7//zkSIL3o+YTMDz9a95IiWGXtW4
GNP3En8Kq/4B8x2Oj7RvDgTg5HfTJYvW+LuHUH63SZHcjPbnfLX72JAr3szhSmXq
FvLHhtdsiI1mrkOFE6Gn2/zUofFNSPYCdu3WCU+wRLP6HdX+DWD1B86uFEJmXsDf
5+CJYz7xh4bl4mmAOe/CqTSyQDbKhQxGKEfFvLfkOtK5PZsgt44kZPyeF/xQClMr
z2QpVlYMtbqmR18dtwci8oHrPiQJqPSGJww4YXIZRE7z4S7ChIj5SiJclwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFLzp+Fg3VWL1G2InECp6nJ2XSV6MB8GA1UdIwQY
MBaAFHcgxnBDTaUQImEJnaEB8l3T96raMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUt
ZDg0NTk5NTk5MWFjLzEvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9jZjc1M2YtNzc4MS00ZGZlLWEzOGUtZDg0NTk5NTk5MWFj
LzEvZHlER2NFTk5wUkFpWVFtZG9RSHlYZFAzcXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO0Fq1/gi
Vo33Ppbv/6Czldm7mCe8Y5VbXGlLjNXwhNr6kkf+d1XQeb+5yrCvzk2EDAYSzW5o
tOP5MaezbDOebobfCstCKP+PzeMRlD3pNuRwWqUelUwBb0Iy4wS9pey+M64auC6c
hwW0IIT6c9G7cPOSZKFpwmKhQ/GtmWNp4z49iVlNBLAybnCoYMtf2ft5KVkHVqek
8aB7ln15sNVDACSj/P3vzhDckRV3CtSR+xGbM8w1ZNEdbj3xTM82V6fd/B4t4bli
CDEmaJV3pfndsGHTG9g44i4J46WV4mYY27/wuf3ZRx+3KmNaYR4UoYrSTw7almu5
m3SwBpZRHyq5Vg==
-----END CERTIFICATE-----