Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.mft
File:                     z11k85hBuOQkhzhDPDUl0qRHzV0.mft (raw, json)
Hash identifier:          DKlCQk5LHbjDP1oCXLwJWO3a26EwABWvOOxa3VBZRPE=
Subject key identifier:   D7:AE:31:6D:10:A5:C5:31:39:B9:67:2C:5E:15:D8:D6:4F:8B:6C:B5
Authority key identifier: CF:5D:64:F3:98:41:B8:E4:24:87:38:43:3C:35:25:D2:A4:47:CD:5D
Certificate issuer:       /CN=cf5d64f39841b8e4248738433c3525d2a447cd5d
Certificate serial:       018F874A2896AC677713B6DC21141EE5ADE3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z11k85hBuOQkhzhDPDUl0qRHzV0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.mft
Manifest number:          0CDD
Signing time:             Fri 17 May 2024 16:02:15 +0000
Manifest this update:     Fri 17 May 2024 16:02:15 +0000
Manifest next update:     Sat 18 May 2024 16:02:15 +0000
Files and hashes:         1: z11k85hBuOQkhzhDPDUl0qRHzV0.crl (hash: UpwQEh+sUl0iqlRt5Z6n3qcGLHL+7bBGxz8zpD6FZVg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z11k85hBuOQkhzhDPDUl0qRHzV0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:28:96:ac:67:77:13:b6:dc:21:14:1e:e5:ad:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf5d64f39841b8e4248738433c3525d2a447cd5d
        Validity
            Not Before: May 17 16:02:15 2024 GMT
            Not After : May 18 16:02:15 2024 GMT
        Subject: CN=d7ae316d10a5c53139b9672c5e15d8d64f8b6cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:8b:51:00:dd:ab:36:51:7a:82:db:03:48:5f:
                    2f:f9:4a:08:90:c5:a4:e2:e4:31:86:d6:09:3f:50:
                    0e:b3:7c:19:b2:40:a1:b2:66:1f:f2:c6:b7:7a:a3:
                    ec:3f:95:2b:0d:c4:c3:8b:03:5d:da:1a:a7:8c:32:
                    06:98:8b:35:72:ef:1e:4e:c8:95:63:e2:cd:c1:7f:
                    d7:3b:b1:d5:27:22:ab:d6:f7:82:5e:f3:d2:94:62:
                    bb:81:8f:21:ff:db:7a:39:60:62:71:11:df:24:d6:
                    78:b3:8b:0a:4b:a8:fc:93:7a:4d:85:60:e9:50:5e:
                    ab:b3:c7:05:c6:2a:ba:cb:57:b3:9c:d4:9e:0e:31:
                    31:b0:82:4b:95:26:5e:39:8a:90:32:0f:fe:1f:31:
                    21:23:f3:6d:8d:40:b8:7c:8e:49:df:ca:c0:a5:18:
                    75:71:19:3d:8f:eb:b9:c9:4d:06:b7:53:14:fc:8f:
                    02:b9:1b:54:46:3b:b6:75:7b:31:97:78:ff:01:e6:
                    68:ef:4c:5e:27:c4:a7:28:19:d5:5c:34:e2:44:58:
                    7b:3a:41:64:78:54:00:b6:ed:1f:58:f8:86:8d:67:
                    03:df:41:a1:72:f8:c7:51:9d:7f:db:47:68:18:a1:
                    ef:2f:86:e9:3d:32:a7:fa:3c:47:e0:85:0b:f8:c2:
                    26:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:AE:31:6D:10:A5:C5:31:39:B9:67:2C:5E:15:D8:D6:4F:8B:6C:B5
            X509v3 Authority Key Identifier:
                keyid:CF:5D:64:F3:98:41:B8:E4:24:87:38:43:3C:35:25:D2:A4:47:CD:5D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z11k85hBuOQkhzhDPDUl0qRHzV0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/356f20-226e-4339-9d40-65de97e2757c/1/z11k85hBuOQkhzhDPDUl0qRHzV0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4e:04:69:dc:de:05:01:13:cf:bf:11:ad:d4:37:26:8b:ea:ff:
         69:eb:c8:3f:71:80:95:90:63:5b:ce:ed:10:08:0c:bd:bc:7f:
         71:a1:f6:06:15:89:27:1c:73:98:a1:41:65:8e:3a:bf:29:e0:
         66:d7:ff:ac:d8:44:b8:27:d2:ed:d8:5e:2d:93:94:41:9c:e2:
         1a:91:32:85:84:d4:fa:41:c3:78:5d:0d:78:ba:a7:8a:72:a4:
         87:2f:f0:0a:da:a2:e2:74:66:ef:15:de:94:c4:80:6f:eb:7c:
         33:e8:1b:00:05:bd:c9:1a:37:21:b7:13:70:64:d6:fa:c8:57:
         27:e2:a5:ac:19:f2:f5:66:82:f6:35:e3:4e:45:6d:fe:6e:f6:
         21:de:55:e2:45:d1:bc:ea:f1:c6:97:64:95:92:2c:c7:17:0f:
         66:05:4c:a1:ae:da:34:6e:5b:11:cd:d5:51:40:ea:9e:39:56:
         4b:b4:26:26:7f:1f:e2:33:00:1c:04:ae:35:a3:32:6f:b0:83:
         b7:1c:87:2e:75:f8:a7:ef:65:3d:6e:be:f1:ba:cb:4d:ed:e8:
         23:1d:ca:76:e9:5d:c6:b8:c4:54:4c:2f:d1:bf:63:9b:a6:0b:
         16:d7:b9:9a:39:3a:0a:23:ad:96:53:1d:dd:db:fd:9a:b1:4a:
         95:cf:f8:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSiiWrGd3E7bcIRQe5a3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNWQ2NGYzOTg0MWI4ZTQyNDg3Mzg0MzNjMzUyNWQyYTQ0
N2NkNWQwHhcNMjQwNTE3MTYwMjE1WhcNMjQwNTE4MTYwMjE1WjAzMTEwLwYDVQQD
EyhkN2FlMzE2ZDEwYTVjNTMxMzliOTY3MmM1ZTE1ZDhkNjRmOGI2Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4tRAN2rNlF6gtsDSF8v+UoIkMWk
4uQxhtYJP1AOs3wZskChsmYf8sa3eqPsP5UrDcTDiwNd2hqnjDIGmIs1cu8eTsiV
Y+LNwX/XO7HVJyKr1veCXvPSlGK7gY8h/9t6OWBicRHfJNZ4s4sKS6j8k3pNhWDp
UF6rs8cFxiq6y1eznNSeDjExsIJLlSZeOYqQMg/+HzEhI/NtjUC4fI5J38rApRh1
cRk9j+u5yU0Gt1MU/I8CuRtURju2dXsxl3j/AeZo70xeJ8SnKBnVXDTiRFh7OkFk
eFQAtu0fWPiGjWcD30GhcvjHUZ1/20doGKHvL4bpPTKn+jxH4IUL+MImmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeuMW0QpcUxOblnLF4V2NZPi2y1MB8GA1UdIwQY
MBaAFM9dZPOYQbjkJIc4Qzw1JdKkR81dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejExazg1aEJ1T1FraHpoRFBEVWwwcVJIelYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zNTZmMjAtMjI2ZS00MzM5LTlkNDAt
NjVkZTk3ZTI3NTdjLzEvejExazg1aEJ1T1FraHpoRFBEVWwwcVJIelYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zNTZmMjAtMjI2ZS00MzM5LTlkNDAtNjVkZTk3ZTI3NTdj
LzEvejExazg1aEJ1T1FraHpoRFBEVWwwcVJIelYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATgRp3N4F
ARPPvxGt1Dcmi+r/aevIP3GAlZBjW87tEAgMvbx/caH2BhWJJxxzmKFBZY46vyng
Ztf/rNhEuCfS7dheLZOUQZziGpEyhYTU+kHDeF0NeLqninKkhy/wCtqi4nRm7xXe
lMSAb+t8M+gbAAW9yRo3IbcTcGTW+shXJ+KlrBny9WaC9jXjTkVt/m72Id5V4kXR
vOrxxpdklZIsxxcPZgVMoa7aNG5bEc3VUUDqnjlWS7QmJn8f4jMAHASuNaMyb7CD
txyHLnX4p+9lPW6+8brLTe3oIx3KduldxrjEVEwv0b9jm6YLFte5mjk6CiOtllMd
3dv9mrFKlc/4Ew==
-----END CERTIFICATE-----