Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
File:                     QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft (raw, json)
Hash identifier:          kYtmbLI2DkwB9OYtf5KLd/s0IbQNX6WbKtVxHo+nyI4=
Subject key identifier:   8D:73:79:D3:2C:CD:A4:7B:74:41:A2:42:1C:3E:75:4C:DC:67:E0:FC
Authority key identifier: 40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47
Certificate issuer:       /CN=40471b34c21a5008f6f096e48fe8e35519d6b847
Certificate serial:       018F8749ABA3550D04B9C7F91787FF418AA2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
Manifest number:          0919
Signing time:             Fri 17 May 2024 16:01:43 +0000
Manifest this update:     Fri 17 May 2024 16:01:43 +0000
Manifest next update:     Sat 18 May 2024 16:01:43 +0000
Files and hashes:         1: QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl (hash: 0vqFLR9E2pAd79xcLRuQd2e/Ha7uKpSDN/mDL2+Ef04=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:ab:a3:55:0d:04:b9:c7:f9:17:87:ff:41:8a:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40471b34c21a5008f6f096e48fe8e35519d6b847
        Validity
            Not Before: May 17 16:01:43 2024 GMT
            Not After : May 18 16:01:43 2024 GMT
        Subject: CN=8d7379d32ccda47b7441a2421c3e754cdc67e0fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:03:01:3e:dd:61:81:3e:a4:81:ea:ef:fa:d2:
                    13:99:7e:72:ca:11:60:9e:41:ab:52:0c:41:8f:03:
                    d5:4a:f9:d1:b3:46:96:ec:6d:14:08:f7:cc:39:5f:
                    f8:1d:fc:8d:13:96:4f:51:c9:d9:32:45:ea:b5:dc:
                    91:8b:61:9a:a8:53:fa:99:f8:60:22:96:eb:90:81:
                    ca:1a:f1:bc:ee:d2:78:48:19:a9:06:95:62:a2:f2:
                    2e:b4:c1:55:da:90:e7:db:74:a3:e9:da:08:4d:6f:
                    c2:51:50:c3:9c:4a:8d:c3:10:28:75:0e:f5:78:f3:
                    9b:2b:d9:ac:64:d9:3a:ca:1e:b6:5a:7b:52:08:ba:
                    14:7b:18:e1:9d:39:f8:e1:ca:62:b0:fd:f4:99:30:
                    87:45:1a:06:7f:e7:02:1d:c6:62:c7:42:2f:60:b1:
                    6e:61:df:42:5e:c4:1a:69:8a:6a:b5:5f:00:99:98:
                    d1:0d:e7:a2:9c:29:72:d0:cc:32:80:f7:2e:ee:36:
                    cc:30:d8:69:b9:6c:9b:3c:94:2d:b6:98:bf:74:d6:
                    a6:13:a4:d9:af:52:82:53:c0:46:a0:a9:e4:ad:7b:
                    c0:b2:58:82:69:f2:8d:c7:ac:68:5e:f8:7f:37:b5:
                    80:5b:f9:c0:68:64:ac:20:01:27:34:08:18:94:f0:
                    c2:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:73:79:D3:2C:CD:A4:7B:74:41:A2:42:1C:3E:75:4C:DC:67:E0:FC
            X509v3 Authority Key Identifier:
                keyid:40:47:1B:34:C2:1A:50:08:F6:F0:96:E4:8F:E8:E3:55:19:D6:B8:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEcbNMIaUAj28Jbkj-jjVRnWuEc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/04f9f3-31f6-4366-93a1-1142dfacfccf/1/QEcbNMIaUAj28Jbkj-jjVRnWuEc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:88:94:90:de:69:b1:4e:92:99:1a:7b:c4:65:81:23:a0:45:
         5a:b8:c5:06:7b:a0:4e:5c:3a:b5:be:d1:21:7a:55:d1:5a:18:
         00:e3:40:1a:d5:e7:15:78:ee:d6:76:51:ee:0c:75:98:50:62:
         7b:c8:61:8b:00:67:d7:83:6e:cd:36:2b:aa:0e:50:9f:8d:55:
         b4:80:78:3a:f3:9e:0c:3d:bb:c7:ca:f9:e5:be:9e:4e:b7:4f:
         dc:75:1e:5a:3b:94:7b:f5:55:53:ac:4e:e1:c1:ca:4b:43:8d:
         e7:ad:a0:1b:98:4f:3b:fd:01:1e:93:31:71:92:1f:c8:35:f9:
         47:0b:d9:ba:42:7b:6b:f0:e0:18:1f:65:6d:cf:8f:9b:a8:8e:
         bb:e8:4d:cc:5b:60:6d:bb:0d:10:dc:b4:d1:17:23:ee:1e:5b:
         c0:06:30:b2:ab:fb:56:71:59:94:7a:6c:e9:6f:77:62:3e:2b:
         51:a1:7e:e5:21:04:71:24:b7:c2:6f:48:e8:3b:3b:9e:90:c3:
         20:4e:87:0a:00:bb:55:7c:c8:5e:a3:50:e2:cd:45:4d:27:dc:
         16:76:03:cc:29:56:d1:ee:b8:c1:6b:6b:45:f6:c1:7f:ff:1d:
         32:53:15:b1:b2:3e:43:23:43:28:2e:86:ed:3c:23:ff:a7:2c:
         2e:34:e5:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSaujVQ0Eucf5F4f/QYqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDcxYjM0YzIxYTUwMDhmNmYwOTZlNDhmZThlMzU1MTlk
NmI4NDcwHhcNMjQwNTE3MTYwMTQzWhcNMjQwNTE4MTYwMTQzWjAzMTEwLwYDVQQD
Eyg4ZDczNzlkMzJjY2RhNDdiNzQ0MWEyNDIxYzNlNzU0Y2RjNjdlMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAMBPt1hgT6kgerv+tITmX5yyhFg
nkGrUgxBjwPVSvnRs0aW7G0UCPfMOV/4HfyNE5ZPUcnZMkXqtdyRi2GaqFP6mfhg
IpbrkIHKGvG87tJ4SBmpBpViovIutMFV2pDn23Sj6doITW/CUVDDnEqNwxAodQ71
ePObK9msZNk6yh62WntSCLoUexjhnTn44cpisP30mTCHRRoGf+cCHcZix0IvYLFu
Yd9CXsQaaYpqtV8AmZjRDeeinCly0MwygPcu7jbMMNhpuWybPJQttpi/dNamE6TZ
r1KCU8BGoKnkrXvAsliCafKNx6xoXvh/N7WAW/nAaGSsIAEnNAgYlPDCXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1zedMszaR7dEGiQhw+dUzcZ+D8MB8GA1UdIwQY
MBaAFEBHGzTCGlAI9vCW5I/o41UZ1rhHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEt
MTE0MmRmYWNmY2NmLzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNGY5ZjMtMzFmNi00MzY2LTkzYTEtMTE0MmRmYWNmY2Nm
LzEvUUVjYk5NSWFVQWoyOEpia2otampWUm5XdUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIiUkN5p
sU6SmRp7xGWBI6BFWrjFBnugTlw6tb7RIXpV0VoYAONAGtXnFXju1nZR7gx1mFBi
e8hhiwBn14NuzTYrqg5Qn41VtIB4OvOeDD27x8r55b6eTrdP3HUeWjuUe/VVU6xO
4cHKS0ON562gG5hPO/0BHpMxcZIfyDX5RwvZukJ7a/DgGB9lbc+Pm6iOu+hNzFtg
bbsNENy00Rcj7h5bwAYwsqv7VnFZlHps6W93Yj4rUaF+5SEEcSS3wm9I6Ds7npDD
IE6HCgC7VXzIXqNQ4s1FTSfcFnYDzClW0e64wWtrRfbBf/8dMlMVsbI+QyNDKC6G
7Twj/6csLjTl2Q==
-----END CERTIFICATE-----