Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
File:                     s_sdIFBvVM-5oflFH6EKiP87L2Q.mft (raw, json)
Hash identifier:          8XRPFnIYGsf2LM9rZ6xkaAFQNLzPD5QZpCOTPLzetSU=
Subject key identifier:   9B:25:10:C4:23:18:2A:92:27:9A:B1:CF:0D:C6:13:85:69:BB:BF:63
Authority key identifier: B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64
Certificate issuer:       /CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
Certificate serial:       018F87B69E71C36BC06A309E013A3B2DDC55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
Manifest number:          081D
Signing time:             Fri 17 May 2024 18:00:43 +0000
Manifest this update:     Fri 17 May 2024 18:00:43 +0000
Manifest next update:     Sat 18 May 2024 18:00:43 +0000
Files and hashes:         1: s_sdIFBvVM-5oflFH6EKiP87L2Q.crl (hash: ZqJCyrX1f1YBr3uRpXHz7bfgUuCN2kak7//YBNtVIQA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:9e:71:c3:6b:c0:6a:30:9e:01:3a:3b:2d:dc:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3fb1d20506f54cfb9a1f9451fa10a88ff3b2f64
        Validity
            Not Before: May 17 18:00:43 2024 GMT
            Not After : May 18 18:00:43 2024 GMT
        Subject: CN=9b2510c423182a92279ab1cf0dc6138569bbbf63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b6:0f:f0:d3:6c:da:7d:76:3a:51:47:e2:53:
                    61:3a:5b:74:73:b1:be:bb:a3:ec:f7:32:e5:22:ec:
                    89:56:fd:87:b3:3d:d4:18:75:c3:a9:f9:20:5f:10:
                    30:86:7b:ba:69:5b:8f:ba:2b:5a:c9:66:b2:7f:4f:
                    06:f3:b3:87:73:88:58:e5:5b:5e:b5:60:78:7c:04:
                    89:1e:81:99:be:49:94:1f:1a:69:ad:0e:97:eb:16:
                    9b:02:02:23:3c:05:ab:22:52:32:51:3b:2c:49:31:
                    bd:68:d8:23:98:d8:5e:70:32:3d:b8:78:a4:7b:c8:
                    ad:c2:ba:27:3b:fb:83:ea:50:7b:c4:9e:b5:46:ac:
                    00:85:02:3e:d6:1d:31:ee:00:8c:f7:22:69:66:84:
                    e3:b3:5e:69:d8:dd:eb:05:85:ce:09:9c:ec:6d:f4:
                    f9:fc:96:a0:b7:8f:72:4b:39:ca:10:be:f0:06:d4:
                    13:3e:6d:5b:aa:03:f6:97:27:7a:d7:a9:76:12:ef:
                    50:c6:55:74:ea:6f:1a:bf:40:c6:58:f0:7c:15:fe:
                    f2:14:3a:31:e3:bc:9d:29:b3:70:39:fa:81:69:6b:
                    27:6c:95:01:e8:f7:66:4d:c0:2f:f1:2f:b7:8a:11:
                    39:7e:e2:91:3c:15:f2:40:a1:e8:ae:e5:e7:a1:fb:
                    71:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:25:10:C4:23:18:2A:92:27:9A:B1:CF:0D:C6:13:85:69:BB:BF:63
            X509v3 Authority Key Identifier:
                keyid:B3:FB:1D:20:50:6F:54:CF:B9:A1:F9:45:1F:A1:0A:88:FF:3B:2F:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s_sdIFBvVM-5oflFH6EKiP87L2Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c42df5-4f92-447d-bd25-86d6e2f46642/1/s_sdIFBvVM-5oflFH6EKiP87L2Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:80:74:e9:f6:1b:6c:c3:5b:5c:21:ce:eb:f4:be:03:05:21:
         7b:0e:6d:e2:36:a0:ee:4b:77:bc:af:88:9b:79:fa:75:12:6e:
         c9:77:2e:ef:62:ec:8b:19:a0:10:1c:1c:81:cf:5c:b5:1f:50:
         73:40:5e:a1:a9:90:cd:01:f9:b0:a1:a3:d0:15:58:a2:1e:a5:
         24:e9:76:9a:b3:e1:66:c3:26:ee:2b:2d:f7:86:da:4e:07:5d:
         41:8b:80:77:e0:63:07:b3:ec:db:bb:25:c3:7e:dc:30:ec:37:
         8e:fb:f0:25:eb:5e:d0:69:66:12:38:1e:cc:d9:34:c0:93:09:
         d8:f1:ef:ec:b8:00:8a:54:24:6c:c2:bf:3d:b1:64:4c:6c:d7:
         08:02:bf:7e:9d:e1:23:80:1a:7d:fc:e7:7d:62:aa:ed:de:3e:
         3d:b0:2b:1a:85:36:45:d3:d0:fd:8a:c0:75:e5:05:33:d2:82:
         80:eb:2a:3d:0e:6a:3b:40:74:27:d0:fd:15:9f:3c:3d:01:ea:
         40:69:38:50:b9:a8:a8:43:8f:2f:01:66:48:88:49:fa:65:34:
         47:26:20:29:d3:d8:b3:b9:b5:bc:49:ea:e2:b3:e8:6d:22:06:
         f9:23:ee:22:51:cc:64:d5:24:13:fc:af:6f:0b:11:2c:be:53:
         20:ad:db:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htp5xw2vAajCeATo7LdxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZmIxZDIwNTA2ZjU0Y2ZiOWExZjk0NTFmYTEwYTg4ZmYz
YjJmNjQwHhcNMjQwNTE3MTgwMDQzWhcNMjQwNTE4MTgwMDQzWjAzMTEwLwYDVQQD
Eyg5YjI1MTBjNDIzMTgyYTkyMjc5YWIxY2YwZGM2MTM4NTY5YmJiZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrYP8NNs2n12OlFH4lNhOlt0c7G+
u6Ps9zLlIuyJVv2Hsz3UGHXDqfkgXxAwhnu6aVuPuitayWayf08G87OHc4hY5Vte
tWB4fASJHoGZvkmUHxpprQ6X6xabAgIjPAWrIlIyUTssSTG9aNgjmNhecDI9uHik
e8itwronO/uD6lB7xJ61RqwAhQI+1h0x7gCM9yJpZoTjs15p2N3rBYXOCZzsbfT5
/Jagt49ySznKEL7wBtQTPm1bqgP2lyd616l2Eu9QxlV06m8av0DGWPB8Ff7yFDox
47ydKbNwOfqBaWsnbJUB6PdmTcAv8S+3ihE5fuKRPBXyQKHoruXnoftxXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJslEMQjGCqSJ5qxzw3GE4Vpu79jMB8GA1UdIwQY
MBaAFLP7HSBQb1TPuaH5RR+hCoj/Oy9kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUt
ODZkNmUyZjQ2NjQyLzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNDJkZjUtNGY5Mi00NDdkLWJkMjUtODZkNmUyZjQ2NjQy
LzEvc19zZElGQnZWTS01b2ZsRkg2RUtpUDg3TDJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIB06fYb
bMNbXCHO6/S+AwUhew5t4jag7kt3vK+Im3n6dRJuyXcu72LsixmgEBwcgc9ctR9Q
c0BeoamQzQH5sKGj0BVYoh6lJOl2mrPhZsMm7ist94baTgddQYuAd+BjB7Ps27sl
w37cMOw3jvvwJete0GlmEjgezNk0wJMJ2PHv7LgAilQkbMK/PbFkTGzXCAK/fp3h
I4AaffznfWKq7d4+PbArGoU2RdPQ/YrAdeUFM9KCgOsqPQ5qO0B0J9D9FZ88PQHq
QGk4ULmoqEOPLwFmSIhJ+mU0RyYgKdPYs7m1vEnq4rPobSIG+SPuIlHMZNUkE/yv
bwsRLL5TIK3buw==
-----END CERTIFICATE-----