Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
File:                     xDzur3eV-33zSLBLIn5QpJoaG3w.mft (raw, json)
Hash identifier:          zz9VBPTY08mdrkyX3FUFkgMYmgVR/+YB+clr0T8DNa0=
Subject key identifier:   6F:99:6C:44:F5:BE:0C:BC:82:FE:FC:46:31:7B:CF:06:DD:DD:4F:4B
Authority key identifier: C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C
Certificate issuer:       /CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
Certificate serial:       018F95A94944B88F43D01AC9DAC02EC1C16F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
Manifest number:          0EB9
Signing time:             Mon 20 May 2024 11:00:50 +0000
Manifest this update:     Mon 20 May 2024 11:00:50 +0000
Manifest next update:     Tue 21 May 2024 11:00:50 +0000
Files and hashes:         1: xDzur3eV-33zSLBLIn5QpJoaG3w.crl (hash: y07C1nvif6BngKbRT3owOkF4yVDMF9J/AFvy/jIDmeo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:95:a9:49:44:b8:8f:43:d0:1a:c9:da:c0:2e:c1:c1:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c43ceeaf7795fb7df348b04b227e50a49a1a1b7c
        Validity
            Not Before: May 20 11:00:50 2024 GMT
            Not After : May 21 11:00:50 2024 GMT
        Subject: CN=6f996c44f5be0cbc82fefc46317bcf06dddd4f4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:36:94:0b:cf:aa:a9:3b:80:85:11:69:da:00:
                    31:5e:c8:6e:3f:68:4b:9d:48:0e:79:b3:1d:e5:5d:
                    5f:7a:e0:df:bc:7a:e1:ac:47:6d:f1:ee:51:06:4a:
                    c7:59:48:21:1a:dc:c1:d1:d4:bf:71:fa:16:ae:71:
                    71:b5:92:15:3f:95:99:54:6d:ae:45:19:fb:95:cb:
                    1f:2d:90:79:6d:06:19:8a:11:7a:59:bc:fa:c1:c9:
                    9b:55:ee:a1:e6:5b:03:e6:f5:28:e7:3c:3a:47:8a:
                    28:a3:f2:8c:00:3a:f9:10:39:c8:0c:8f:fc:9c:36:
                    bf:22:2c:e8:77:9f:71:43:d4:b0:80:8d:98:48:f1:
                    b2:57:ed:e4:92:98:16:54:47:ea:8a:99:ec:d3:de:
                    aa:1b:0c:56:b5:6a:df:6e:79:6a:4b:d7:1d:61:26:
                    7d:6c:4a:c5:fa:71:76:45:f7:03:71:e5:18:64:5b:
                    45:f4:97:56:d8:51:f8:38:2d:ff:cc:19:3d:4a:e6:
                    4b:b9:fa:54:5e:8c:8d:e7:e1:bb:54:fc:da:94:e4:
                    4f:f2:5c:6d:2f:ab:90:33:b4:17:4a:6e:15:ee:de:
                    ad:4b:bc:ea:f7:60:fe:fe:b8:4f:23:d0:4e:56:67:
                    05:4c:03:78:7f:70:af:5c:5f:56:24:ae:e4:8e:35:
                    06:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:99:6C:44:F5:BE:0C:BC:82:FE:FC:46:31:7B:CF:06:DD:DD:4F:4B
            X509v3 Authority Key Identifier:
                keyid:C4:3C:EE:AF:77:95:FB:7D:F3:48:B0:4B:22:7E:50:A4:9A:1A:1B:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDzur3eV-33zSLBLIn5QpJoaG3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/8a8d3a-0804-44d7-8655-08bae3a54ff6/1/xDzur3eV-33zSLBLIn5QpJoaG3w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:cb:d5:c4:f5:51:7a:8b:12:9e:33:9a:d9:98:cc:99:30:6b:
         06:da:b2:11:64:86:a4:f7:44:d8:27:28:d3:04:8c:dc:2f:ea:
         3f:a1:cb:86:05:27:6c:4f:7f:db:44:9c:cf:6f:08:8a:b6:3e:
         39:b0:58:e9:f9:38:26:47:1d:bf:9c:2f:f6:55:3b:71:fc:59:
         3c:32:cf:b0:32:3f:29:09:ee:94:a2:7b:41:de:cb:82:e9:d5:
         14:f4:c6:fb:0e:2f:cc:b3:fe:6b:1c:08:53:1d:4e:d1:c0:a9:
         15:0d:82:44:e7:3f:2b:9d:4e:e0:a8:1e:03:96:2d:77:ca:fc:
         b0:da:c7:2c:29:22:46:43:0a:09:bb:1a:e2:2d:86:37:ce:a3:
         7d:49:ff:d7:3e:6d:b0:34:8e:4d:f8:3c:14:5d:c5:22:62:20:
         f6:a1:bc:b0:40:16:ac:e5:64:67:8f:16:21:f6:08:73:26:cc:
         d8:8c:5b:68:63:0e:43:94:48:70:6b:30:c3:74:57:ff:41:3b:
         63:38:b6:17:b0:17:25:6d:89:4d:b9:c6:52:bf:44:ac:ed:4e:
         05:64:0b:d7:77:21:84:ab:fd:e5:f1:43:9d:33:9d:56:ae:45:
         0e:d7:04:58:15:30:d0:ed:44:26:96:9e:1f:cc:1b:56:b8:09:
         74:28:c1:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+VqUlEuI9D0BrJ2sAuwcFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2NlZWFmNzc5NWZiN2RmMzQ4YjA0YjIyN2U1MGE0OWEx
YTFiN2MwHhcNMjQwNTIwMTEwMDUwWhcNMjQwNTIxMTEwMDUwWjAzMTEwLwYDVQQD
Eyg2Zjk5NmM0NGY1YmUwY2JjODJmZWZjNDYzMTdiY2YwNmRkZGQ0ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjaUC8+qqTuAhRFp2gAxXshuP2hL
nUgOebMd5V1feuDfvHrhrEdt8e5RBkrHWUghGtzB0dS/cfoWrnFxtZIVP5WZVG2u
RRn7lcsfLZB5bQYZihF6Wbz6wcmbVe6h5lsD5vUo5zw6R4ooo/KMADr5EDnIDI/8
nDa/Iizod59xQ9SwgI2YSPGyV+3kkpgWVEfqipns096qGwxWtWrfbnlqS9cdYSZ9
bErF+nF2RfcDceUYZFtF9JdW2FH4OC3/zBk9SuZLufpUXoyN5+G7VPzalORP8lxt
L6uQM7QXSm4V7t6tS7zq92D+/rhPI9BOVmcFTAN4f3CvXF9WJK7kjjUGxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG+ZbET1vgy8gv78RjF7zwbd3U9LMB8GA1UdIwQY
MBaAFMQ87q93lft980iwSyJ+UKSaGht8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUt
MDhiYWUzYTU0ZmY2LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS84YThkM2EtMDgwNC00NGQ3LTg2NTUtMDhiYWUzYTU0ZmY2
LzEveER6dXIzZVYtMzN6U0xCTEluNVFwSm9hRzN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ8vVxPVR
eosSnjOa2ZjMmTBrBtqyEWSGpPdE2Cco0wSM3C/qP6HLhgUnbE9/20Scz28IirY+
ObBY6fk4Jkcdv5wv9lU7cfxZPDLPsDI/KQnulKJ7Qd7LgunVFPTG+w4vzLP+axwI
Ux1O0cCpFQ2CROc/K51O4KgeA5Ytd8r8sNrHLCkiRkMKCbsa4i2GN86jfUn/1z5t
sDSOTfg8FF3FImIg9qG8sEAWrOVkZ48WIfYIcybM2IxbaGMOQ5RIcGsww3RX/0E7
Yzi2F7AXJW2JTbnGUr9ErO1OBWQL13chhKv95fFDnTOdVq5FDtcEWBUw0O1EJpae
H8wbVrgJdCjBGA==
-----END CERTIFICATE-----