Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          0j/Ox/IDq+8+NPmm1M7cc3Sp3i+92pdH2vS4qi7mLUI=
Subject key identifier:   1E:A9:DF:C2:EF:B9:FC:5E:8D:31:E7:AC:5D:BC:48:29:92:A2:BD:E0
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       018F874B42C125109F1BF426CFFA90802322
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          03A1
Signing time:             Fri 17 May 2024 16:03:27 +0000
Manifest this update:     Fri 17 May 2024 16:03:27 +0000
Manifest next update:     Sat 18 May 2024 16:03:27 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: NJ4Y3jc7uNBObNJGtns8nNG94WuCQoCcN0rbodGqKZU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:03:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4b:42:c1:25:10:9f:1b:f4:26:cf:fa:90:80:23:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: May 17 16:03:27 2024 GMT
            Not After : May 18 16:03:27 2024 GMT
        Subject: CN=1ea9dfc2efb9fc5e8d31e7ac5dbc482992a2bde0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d2:36:12:bf:bd:05:11:bb:a8:76:d9:93:4f:
                    68:c2:4b:d2:ec:44:fb:7a:2c:aa:c0:7d:6e:ce:97:
                    1e:bc:38:0b:26:53:9f:89:63:25:53:b3:5c:30:60:
                    6a:ae:99:3f:5e:b7:ad:00:17:c9:87:52:d0:cb:fd:
                    96:13:30:a7:ab:d8:7e:47:d9:f0:45:4d:23:f5:7e:
                    97:70:a0:e6:8a:b4:65:f7:5e:9c:88:04:d2:df:04:
                    c6:69:fa:8f:d5:5e:f5:56:5e:5a:44:53:29:02:17:
                    dc:a7:4f:08:8d:24:60:91:67:76:bc:f1:b5:d5:57:
                    85:8b:3b:b0:95:52:1a:dd:a0:38:27:83:7f:67:dd:
                    2a:8e:28:e8:d1:41:46:d8:ce:1c:2f:2a:18:73:c7:
                    04:fe:52:5b:79:2e:28:74:73:ad:3d:a7:7b:65:61:
                    5c:3c:08:63:e2:21:56:69:e1:c8:41:47:aa:25:1b:
                    25:60:43:b1:2a:14:8d:cd:96:fe:8f:05:6a:bf:7e:
                    7c:9c:ea:cd:ae:21:65:1f:00:4c:84:6f:78:63:19:
                    91:b2:f3:d8:7a:48:ae:bf:da:fb:ca:13:fb:9e:d7:
                    71:a6:fe:07:dc:23:0f:be:71:dc:5c:90:ca:28:d6:
                    44:6b:79:89:1c:b2:71:50:f2:3d:e6:07:a1:86:fb:
                    32:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:A9:DF:C2:EF:B9:FC:5E:8D:31:E7:AC:5D:BC:48:29:92:A2:BD:E0
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:90:ee:f3:47:19:93:d9:47:85:81:19:77:29:e5:c3:e3:a9:
         a1:24:b5:c9:70:09:ab:71:eb:fa:fb:fc:14:7e:b4:e3:d5:4a:
         40:b4:76:84:8f:0e:b4:f4:c7:16:e8:eb:62:d9:3f:14:1d:26:
         e2:7e:93:67:fb:4f:0c:76:76:e2:93:a3:14:33:40:a3:d2:3f:
         49:a8:c3:cb:55:b2:d7:09:e4:bc:a0:a1:dc:f7:51:a1:2e:ac:
         1b:b6:be:fe:3d:94:fb:b9:50:21:54:bd:4f:f0:67:b3:36:ed:
         4c:88:4d:5c:21:9d:f8:bd:b0:d0:7f:df:13:a7:09:b6:f6:5c:
         72:29:97:fc:2f:90:bf:c6:c6:d5:3c:32:db:77:eb:52:40:83:
         cb:c2:25:a9:f3:94:7a:3f:d9:5e:ed:db:0c:99:88:bc:21:2f:
         f1:8b:0b:57:8a:13:3a:66:52:6b:21:f9:b9:70:f6:f7:ef:4a:
         67:f4:d8:bc:99:26:fb:eb:41:db:36:4a:27:fe:84:a0:e9:69:
         47:bc:b8:5a:ce:b7:d0:df:21:7b:3d:1e:28:b8:e2:86:42:23:
         90:39:19:64:11:b1:33:ee:f0:70:84:ac:11:7f:62:8e:02:0a:
         59:1b:d8:1d:82:32:b4:cf:4b:77:29:31:ad:01:37:94:a4:4f:
         37:86:62:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HS0LBJRCfG/Qmz/qQgCMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjQwNTE3MTYwMzI3WhcNMjQwNTE4MTYwMzI3WjAzMTEwLwYDVQQD
EygxZWE5ZGZjMmVmYjlmYzVlOGQzMWU3YWM1ZGJjNDgyOTkyYTJiZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtI2Er+9BRG7qHbZk09owkvS7ET7
eiyqwH1uzpcevDgLJlOfiWMlU7NcMGBqrpk/XretABfJh1LQy/2WEzCnq9h+R9nw
RU0j9X6XcKDmirRl916ciATS3wTGafqP1V71Vl5aRFMpAhfcp08IjSRgkWd2vPG1
1VeFizuwlVIa3aA4J4N/Z90qjijo0UFG2M4cLyoYc8cE/lJbeS4odHOtPad7ZWFc
PAhj4iFWaeHIQUeqJRslYEOxKhSNzZb+jwVqv358nOrNriFlHwBMhG94YxmRsvPY
ekiuv9r7yhP7ntdxpv4H3CMPvnHcXJDKKNZEa3mJHLJxUPI95gehhvsyfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6p38LvufxejTHnrF28SCmSor3gMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgJDu80cZ
k9lHhYEZdynlw+OpoSS1yXAJq3Hr+vv8FH6049VKQLR2hI8OtPTHFujrYtk/FB0m
4n6TZ/tPDHZ24pOjFDNAo9I/SajDy1Wy1wnkvKCh3PdRoS6sG7a+/j2U+7lQIVS9
T/BnszbtTIhNXCGd+L2w0H/fE6cJtvZccimX/C+Qv8bG1Twy23frUkCDy8IlqfOU
ej/ZXu3bDJmIvCEv8YsLV4oTOmZSayH5uXD29+9KZ/TYvJkm++tB2zZKJ/6EoOlp
R7y4Ws630N8hez0eKLjihkIjkDkZZBGxM+7wcISsEX9ijgIKWRvYHYIytM9Ldykx
rQE3lKRPN4ZiSg==
-----END CERTIFICATE-----