Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
File:                     NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft (raw, json)
Hash identifier:          SzSRCwl2iij0Z1o/B5elqGxGoBfC5yRo84gShcn/Lxo=
Subject key identifier:   6F:64:12:ED:B4:9B:0A:3E:E2:40:5C:10:7E:3C:18:ED:43:22:AF:B3
Authority key identifier: 35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79
Certificate issuer:       /CN=3541e9d600daab653543725cf1f9cf988b50d879
Certificate serial:       018F87B62A518F7F7A9DB42ACE7DB4F6CDA8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
Manifest number:          05DA
Signing time:             Fri 17 May 2024 18:00:13 +0000
Manifest this update:     Fri 17 May 2024 18:00:13 +0000
Manifest next update:     Sat 18 May 2024 18:00:13 +0000
Files and hashes:         1: NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl (hash: lG4gokzKERPBlkTQamN5n+5aVib/iDqGv/9r35nV9CU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:2a:51:8f:7f:7a:9d:b4:2a:ce:7d:b4:f6:cd:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3541e9d600daab653543725cf1f9cf988b50d879
        Validity
            Not Before: May 17 18:00:13 2024 GMT
            Not After : May 18 18:00:13 2024 GMT
        Subject: CN=6f6412edb49b0a3ee2405c107e3c18ed4322afb3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:50:7d:4d:9b:a2:1e:3c:d1:c9:26:ce:fe:83:
                    31:d5:d2:bd:e7:a4:47:ba:a5:d1:64:a1:2c:2b:17:
                    a9:d0:36:cd:da:4c:d3:ff:d7:5b:ab:5e:dd:ab:f8:
                    40:6d:c4:de:81:a4:56:52:91:6c:6b:58:f2:08:56:
                    c0:0e:a1:70:5c:e7:ba:e8:c0:a4:99:3f:27:2a:ed:
                    c3:dd:d8:5d:a3:60:d5:3f:19:d4:eb:fa:b3:ea:43:
                    99:e6:73:cc:bf:2c:92:8f:7f:6d:dc:c0:75:4e:c2:
                    5a:3a:69:90:11:65:6d:af:e1:67:ed:04:bf:26:3b:
                    5b:b2:08:9e:c7:f3:10:bd:ff:cf:b1:a7:3f:0c:4e:
                    fb:30:14:03:a9:8b:74:6f:2a:f3:7a:e3:38:ae:01:
                    6a:bb:64:7e:32:47:db:b5:c1:79:f1:41:de:14:64:
                    1d:0f:48:30:39:d7:79:ef:86:d9:49:e3:bd:94:92:
                    1d:68:5b:c7:f6:45:37:49:5b:d5:ab:c0:da:60:10:
                    5b:13:81:35:3e:8e:a8:eb:ce:2e:0a:ae:db:2d:a6:
                    84:dd:c0:37:49:16:e0:89:f7:0a:0d:da:9d:15:47:
                    36:d7:31:0d:f3:d0:f7:49:e0:d9:2a:a4:57:af:70:
                    03:de:c0:ba:c7:08:ea:c5:70:6b:09:7b:2f:81:41:
                    51:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:64:12:ED:B4:9B:0A:3E:E2:40:5C:10:7E:3C:18:ED:43:22:AF:B3
            X509v3 Authority Key Identifier:
                keyid:35:41:E9:D6:00:DA:AB:65:35:43:72:5C:F1:F9:CF:98:8B:50:D8:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af4b7d-686c-487b-ab03-d14838de1602/1/NUHp1gDaq2U1Q3Jc8fnPmItQ2Hk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2b:65:51:4e:ee:04:ec:44:92:2f:73:48:35:22:5d:ab:f0:bd:
         4d:9a:0b:b5:54:f3:13:0c:23:ad:dc:90:37:a8:b9:ca:cb:d6:
         f6:5b:7a:1f:94:7f:e7:de:c8:d6:0b:60:1f:60:1c:88:01:d2:
         35:1e:25:ba:9e:4d:45:e3:33:69:35:8e:ac:cc:33:4b:5c:81:
         0a:ad:cd:7d:5d:b3:02:20:e2:c7:45:bd:6d:02:b4:0d:7c:8e:
         23:6a:87:be:ed:2f:dd:16:85:6e:b1:06:92:43:62:ed:b0:b3:
         5e:c1:b0:59:35:22:1f:72:51:08:44:d9:b4:b7:71:78:68:f6:
         e3:90:f9:c0:36:4f:63:42:e7:1e:bc:40:60:bc:e1:19:d5:6a:
         48:a6:c9:5a:c4:f0:e9:ee:de:6f:ac:05:a1:51:4f:6d:75:10:
         b8:02:9d:e6:ab:35:d3:98:7e:9d:6b:9e:ca:90:c8:21:5c:4e:
         29:ea:13:6e:41:5e:1e:f2:d0:ff:ea:99:8e:48:ad:90:47:80:
         b6:29:46:93:e7:de:c4:46:bb:38:97:05:e6:5d:b0:b0:3b:a9:
         8b:a2:d2:0c:ba:95:83:9e:0a:4f:62:58:3a:bc:52:56:32:ed:
         41:ec:fb:a7:94:b6:1f:ca:85:82:97:96:9d:81:5c:c9:69:d0:
         29:d3:60:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtipRj396nbQqzn209s2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NDFlOWQ2MDBkYWFiNjUzNTQzNzI1Y2YxZjljZjk4OGI1
MGQ4NzkwHhcNMjQwNTE3MTgwMDEzWhcNMjQwNTE4MTgwMDEzWjAzMTEwLwYDVQQD
Eyg2ZjY0MTJlZGI0OWIwYTNlZTI0MDVjMTA3ZTNjMThlZDQzMjJhZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulB9TZuiHjzRySbO/oMx1dK956RH
uqXRZKEsKxep0DbN2kzT/9dbq17dq/hAbcTegaRWUpFsa1jyCFbADqFwXOe66MCk
mT8nKu3D3dhdo2DVPxnU6/qz6kOZ5nPMvyySj39t3MB1TsJaOmmQEWVtr+Fn7QS/
Jjtbsgiex/MQvf/Psac/DE77MBQDqYt0byrzeuM4rgFqu2R+MkfbtcF58UHeFGQd
D0gwOdd574bZSeO9lJIdaFvH9kU3SVvVq8DaYBBbE4E1Po6o684uCq7bLaaE3cA3
SRbgifcKDdqdFUc21zEN89D3SeDZKqRXr3AD3sC6xwjqxXBrCXsvgUFRZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG9kEu20mwo+4kBcEH48GO1DIq+zMB8GA1UdIwQY
MBaAFDVB6dYA2qtlNUNyXPH5z5iLUNh5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMt
ZDE0ODM4ZGUxNjAyLzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjRiN2QtNjg2Yy00ODdiLWFiMDMtZDE0ODM4ZGUxNjAy
LzEvTlVIcDFnRGFxMlUxUTNKYzhmblBtSXRRMkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK2VRTu4E
7ESSL3NINSJdq/C9TZoLtVTzEwwjrdyQN6i5ysvW9lt6H5R/597I1gtgH2AciAHS
NR4lup5NReMzaTWOrMwzS1yBCq3NfV2zAiDix0W9bQK0DXyOI2qHvu0v3RaFbrEG
kkNi7bCzXsGwWTUiH3JRCETZtLdxeGj245D5wDZPY0LnHrxAYLzhGdVqSKbJWsTw
6e7eb6wFoVFPbXUQuAKd5qs105h+nWueypDIIVxOKeoTbkFeHvLQ/+qZjkitkEeA
tilGk+fexEa7OJcF5l2wsDupi6LSDLqVg54KT2JYOrxSVjLtQez7p5S2H8qFgpeW
nYFcyWnQKdNg6g==
-----END CERTIFICATE-----