Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
File:                     Q5OKPegDvWyR8UrZZ71BQbigKK8.mft (raw, json)
Hash identifier:          anz/yPL5lijTpz1bA3/VUbcBnt/XRvAiMDfkY2OtTy4=
Subject key identifier:   A7:F7:4F:6A:0D:18:8D:B1:4A:44:D6:25:FC:C2:7B:E9:E9:F2:8B:E0
Authority key identifier: 43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF
Certificate issuer:       /CN=43938a3de803bd6c91f14ad967bd4141b8a028af
Certificate serial:       018F86365BDBFB9A934558C1183A4D7E2DD5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
Manifest number:          0E98
Signing time:             Fri 17 May 2024 11:01:00 +0000
Manifest this update:     Fri 17 May 2024 11:01:00 +0000
Manifest next update:     Sat 18 May 2024 11:01:00 +0000
Files and hashes:         1: Q5OKPegDvWyR8UrZZ71BQbigKK8.crl (hash: jkV61zZn0EFIZQDx30d8QL818CJuuKkqLxWQw16lNWk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:36:5b:db:fb:9a:93:45:58:c1:18:3a:4d:7e:2d:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43938a3de803bd6c91f14ad967bd4141b8a028af
        Validity
            Not Before: May 17 11:01:00 2024 GMT
            Not After : May 18 11:01:00 2024 GMT
        Subject: CN=a7f74f6a0d188db14a44d625fcc27be9e9f28be0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:70:77:27:ae:7d:8f:9e:29:6c:7d:04:88:43:
                    c7:b8:d6:94:17:5b:12:06:7f:d2:56:cd:05:02:58:
                    fe:33:eb:55:cb:b6:e9:b1:a1:39:a2:fc:83:53:33:
                    91:e5:ff:4e:5b:5a:99:c4:33:0e:99:29:8f:b4:6b:
                    68:76:09:bc:a8:4d:4a:94:a9:9a:02:13:9f:97:25:
                    d4:a3:8c:9b:f6:81:86:55:4f:c6:fe:5f:45:2a:7b:
                    a0:b5:bb:5a:35:31:fe:9a:f8:db:67:55:b4:1b:0c:
                    62:ef:f6:ac:19:ce:16:d9:fb:61:76:24:75:23:23:
                    e1:a4:a7:12:01:47:f4:a0:c7:9c:21:0b:ae:02:a0:
                    c4:be:79:8e:0c:bf:99:26:c2:9b:67:02:61:ec:f8:
                    f2:2c:3d:f5:8a:79:5b:7a:c9:ac:0e:50:02:3c:26:
                    1f:b2:45:fa:c8:95:94:43:b7:c3:6f:41:bd:1d:dd:
                    5e:b7:e8:b4:18:fd:0e:43:d2:dc:1f:aa:62:34:f2:
                    5c:2d:01:a1:bd:0b:cb:5b:bf:f8:bd:96:41:88:e3:
                    04:18:4d:9b:5c:c0:90:49:e0:43:d1:3e:f6:61:79:
                    8e:bf:73:1c:36:9c:dc:45:17:42:fb:8c:8e:a1:09:
                    c0:19:ef:05:5c:e8:0c:4c:c0:0f:95:76:c7:a7:31:
                    82:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:F7:4F:6A:0D:18:8D:B1:4A:44:D6:25:FC:C2:7B:E9:E9:F2:8B:E0
            X509v3 Authority Key Identifier:
                keyid:43:93:8A:3D:E8:03:BD:6C:91:F1:4A:D9:67:BD:41:41:B8:A0:28:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5OKPegDvWyR8UrZZ71BQbigKK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/ecda24-d7c3-446a-af36-fe5634c17cc9/1/Q5OKPegDvWyR8UrZZ71BQbigKK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9a:b3:0a:fd:a3:f6:5f:53:e3:41:67:24:d9:06:06:55:93:c8:
         c0:bd:a1:80:c0:89:ee:d3:08:1c:3e:ba:f4:29:e4:6d:3f:e1:
         35:e1:6f:af:1f:92:64:1b:2e:35:1f:fa:8e:ca:77:ea:8f:84:
         e7:d8:94:98:06:b0:ce:a6:8e:9e:cb:48:d8:b2:cc:6a:a6:7c:
         bf:f0:77:8d:8d:44:8f:13:77:c0:69:07:72:b4:99:69:c7:e8:
         44:33:17:04:0d:fa:70:4e:72:0f:d9:bc:4e:0f:2e:e5:e2:a7:
         79:56:59:e4:29:fb:0a:f8:05:63:e0:fc:8e:8a:d0:4e:e0:33:
         7a:86:7e:f7:d6:47:32:8b:71:bd:c7:d8:42:d8:4a:64:a4:53:
         25:d7:55:b3:03:94:8a:43:be:61:0a:74:19:4c:3f:05:a8:7d:
         f1:ac:c9:51:1b:df:e0:53:0e:12:1e:17:96:55:f2:ef:61:40:
         04:f1:f8:5b:d2:ed:d8:25:bc:bd:ae:cc:f9:46:b1:78:aa:1e:
         8e:a2:42:ec:36:2f:e8:84:14:13:73:63:4c:57:0a:76:46:f3:
         f6:f2:e4:ac:56:74:67:50:2b:d9:68:99:f2:8b:fc:43:f0:2f:
         89:a7:df:ec:f4:e2:88:a4:ad:a5:5a:a1:38:20:69:2a:5e:74:
         7a:b0:bc:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+GNlvb+5qTRVjBGDpNfi3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTM4YTNkZTgwM2JkNmM5MWYxNGFkOTY3YmQ0MTQxYjhh
MDI4YWYwHhcNMjQwNTE3MTEwMTAwWhcNMjQwNTE4MTEwMTAwWjAzMTEwLwYDVQQD
EyhhN2Y3NGY2YTBkMTg4ZGIxNGE0NGQ2MjVmY2MyN2JlOWU5ZjI4YmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3B3J659j54pbH0EiEPHuNaUF1sS
Bn/SVs0FAlj+M+tVy7bpsaE5ovyDUzOR5f9OW1qZxDMOmSmPtGtodgm8qE1KlKma
AhOflyXUo4yb9oGGVU/G/l9FKnugtbtaNTH+mvjbZ1W0Gwxi7/asGc4W2fthdiR1
IyPhpKcSAUf0oMecIQuuAqDEvnmODL+ZJsKbZwJh7PjyLD31inlbesmsDlACPCYf
skX6yJWUQ7fDb0G9Hd1et+i0GP0OQ9LcH6piNPJcLQGhvQvLW7/4vZZBiOMEGE2b
XMCQSeBD0T72YXmOv3McNpzcRRdC+4yOoQnAGe8FXOgMTMAPlXbHpzGCdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKf3T2oNGI2xSkTWJfzCe+np8ovgMB8GA1UdIwQY
MBaAFEOTij3oA71skfFK2We9QUG4oCivMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYt
ZmU1NjM0YzE3Y2M5LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lY2RhMjQtZDdjMy00NDZhLWFmMzYtZmU1NjM0YzE3Y2M5
LzEvUTVPS1BlZ0R2V3lSOFVyWlo3MUJRYmlnS0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmrMK/aP2
X1PjQWck2QYGVZPIwL2hgMCJ7tMIHD669CnkbT/hNeFvrx+SZBsuNR/6jsp36o+E
59iUmAawzqaOnstI2LLMaqZ8v/B3jY1EjxN3wGkHcrSZacfoRDMXBA36cE5yD9m8
Tg8u5eKneVZZ5Cn7CvgFY+D8jorQTuAzeoZ+99ZHMotxvcfYQthKZKRTJddVswOU
ikO+YQp0GUw/Bah98azJURvf4FMOEh4XllXy72FABPH4W9Lt2CW8va7M+UaxeKoe
jqJC7DYv6IQUE3NjTFcKdkbz9vLkrFZ0Z1Ar2WiZ8ov8Q/Aviaff7PTiiKStpVqh
OCBpKl50erC8rw==
-----END CERTIFICATE-----