Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
File:                     QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft (raw, json)
Hash identifier:          bSbYJ7LCIuAJRQfMw5wTVNmcx5udbHUny978y5xwK/g=
Subject key identifier:   0F:E0:49:46:46:93:37:D2:0D:89:F5:8B:79:F3:F6:18:37:31:05:B7
Authority key identifier: 41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87
Certificate issuer:       /CN=41c4a5644f0429521d1fdc5bbb233a041b200887
Certificate serial:       018F87B6B189FC2BBB20A96E6DF5FA642084
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 18:00:48 +0000
Manifest this update:     Fri 17 May 2024 18:00:48 +0000
Manifest next update:     Sat 18 May 2024 18:00:48 +0000
Files and hashes:         1: QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl (hash: Q3/JvQ4jicYXm8SGCCmrO71Z6/7PgX5BtGvWPwRdXXw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:b1:89:fc:2b:bb:20:a9:6e:6d:f5:fa:64:20:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41c4a5644f0429521d1fdc5bbb233a041b200887
        Validity
            Not Before: May 17 18:00:48 2024 GMT
            Not After : May 18 18:00:48 2024 GMT
        Subject: CN=0fe04946469337d20d89f58b79f3f618373105b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6a:80:00:f2:1f:9f:1c:64:bb:5d:0e:72:93:
                    d9:e3:16:18:3e:84:9a:fc:87:b8:c1:06:3f:4a:0d:
                    ea:92:de:df:2e:99:40:c2:ca:da:c5:f6:68:7b:2c:
                    09:e9:22:b1:26:9b:41:b5:e6:2c:f0:36:2c:63:0d:
                    74:5d:83:70:7b:37:47:7c:1c:95:49:49:af:f1:6c:
                    36:c9:a6:43:d4:cc:b1:ac:17:ce:94:89:2f:b6:d6:
                    93:31:fc:8a:b4:12:ed:e6:38:66:39:54:2e:51:d8:
                    32:ce:e9:31:35:96:3d:1b:43:1b:5d:c1:bb:34:29:
                    8a:05:6a:52:66:43:b8:e0:70:e1:d6:5e:2c:f7:01:
                    2a:8d:57:72:67:af:7a:00:ad:61:cb:09:87:a0:fe:
                    23:84:d1:24:1a:ef:da:80:a9:8d:a6:71:68:7f:cf:
                    48:28:40:df:67:e8:b1:84:bd:d6:a2:a9:f2:c6:10:
                    d6:4a:54:dd:a4:99:9c:f7:e4:19:af:df:88:a9:1e:
                    0a:13:90:e3:67:5d:fb:0e:c1:df:be:91:c0:29:87:
                    1a:31:ff:ae:51:72:92:8d:3f:3e:8d:da:55:28:61:
                    8c:dd:63:8b:5f:69:ea:99:c3:61:22:da:c6:4b:f4:
                    b9:b5:df:a7:2d:e6:59:c9:72:88:1f:b0:38:94:40:
                    cf:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:E0:49:46:46:93:37:D2:0D:89:F5:8B:79:F3:F6:18:37:31:05:B7
            X509v3 Authority Key Identifier:
                keyid:41:C4:A5:64:4F:04:29:52:1D:1F:DC:5B:BB:23:3A:04:1B:20:08:87

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QcSlZE8EKVIdH9xbuyM6BBsgCIc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5cc4b7-867d-452a-8902-e87932c555f3/1/QcSlZE8EKVIdH9xbuyM6BBsgCIc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:32:3e:c8:6a:a3:44:b1:b0:e3:c6:8f:b8:21:68:72:cf:32:
         16:71:e7:d4:21:0e:6b:f3:fa:44:09:72:15:78:fd:41:a8:6b:
         5b:07:65:5c:cf:aa:3a:23:8b:8b:3b:07:fa:68:01:e1:57:84:
         15:b6:a2:59:a9:f3:b7:69:be:5c:e8:97:2d:84:78:53:c0:39:
         9a:db:4a:8c:28:2a:0e:b9:f6:3b:ba:87:c7:23:f1:74:3e:73:
         c1:e6:3e:55:d6:4c:5f:d3:8d:dd:07:9a:e9:69:86:e9:13:98:
         da:75:2e:a6:81:c2:cd:3b:78:4b:ea:51:05:33:91:6b:95:95:
         e3:bd:58:25:1b:e3:ea:e0:2d:1e:49:22:ff:10:0b:6d:c4:2f:
         e7:45:9c:4b:7e:b1:11:16:60:ed:c5:e4:d2:ab:ec:0d:eb:d1:
         dc:a5:d8:8a:de:6e:ed:cd:0e:0f:5e:de:26:00:56:cf:b1:52:
         a6:1f:0e:75:09:59:74:6f:4d:9b:83:4c:ca:2e:26:d1:2a:be:
         27:c9:b7:87:3f:46:ef:46:d6:3d:b1:3a:c6:27:53:e3:3c:48:
         e9:e0:da:ee:cc:42:5e:3e:9a:48:bd:12:d2:f2:b1:ac:5e:f7:
         42:35:49:87:a6:09:44:d8:9b:93:19:46:35:69:cf:72:7c:ea:
         77:35:23:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtrGJ/Cu7IKlubfX6ZCCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxYzRhNTY0NGYwNDI5NTIxZDFmZGM1YmJiMjMzYTA0MWIy
MDA4ODcwHhcNMjQwNTE3MTgwMDQ4WhcNMjQwNTE4MTgwMDQ4WjAzMTEwLwYDVQQD
EygwZmUwNDk0NjQ2OTMzN2QyMGQ4OWY1OGI3OWYzZjYxODM3MzEwNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmqAAPIfnxxku10OcpPZ4xYYPoSa
/Ie4wQY/Sg3qkt7fLplAwsraxfZoeywJ6SKxJptBteYs8DYsYw10XYNwezdHfByV
SUmv8Ww2yaZD1MyxrBfOlIkvttaTMfyKtBLt5jhmOVQuUdgyzukxNZY9G0MbXcG7
NCmKBWpSZkO44HDh1l4s9wEqjVdyZ696AK1hywmHoP4jhNEkGu/agKmNpnFof89I
KEDfZ+ixhL3WoqnyxhDWSlTdpJmc9+QZr9+IqR4KE5DjZ137DsHfvpHAKYcaMf+u
UXKSjT8+jdpVKGGM3WOLX2nqmcNhItrGS/S5td+nLeZZyXKIH7A4lEDPWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/gSUZGkzfSDYn1i3nz9hg3MQW3MB8GA1UdIwQY
MBaAFEHEpWRPBClSHR/cW7sjOgQbIAiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDIt
ZTg3OTMyYzU1NWYzLzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81Y2M0YjctODY3ZC00NTJhLTg5MDItZTg3OTMyYzU1NWYz
LzEvUWNTbFpFOEVLVklkSDl4YnV5TTZCQnNnQ0ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvDI+yGqj
RLGw48aPuCFocs8yFnHn1CEOa/P6RAlyFXj9QahrWwdlXM+qOiOLizsH+mgB4VeE
FbaiWanzt2m+XOiXLYR4U8A5mttKjCgqDrn2O7qHxyPxdD5zweY+VdZMX9ON3Qea
6WmG6ROY2nUupoHCzTt4S+pRBTORa5WV471YJRvj6uAtHkki/xALbcQv50WcS36x
ERZg7cXk0qvsDevR3KXYit5u7c0OD17eJgBWz7FSph8OdQlZdG9Nm4NMyi4m0Sq+
J8m3hz9G70bWPbE6xidT4zxI6eDa7sxCXj6aSL0S0vKxrF73QjVJh6YJRNibkxlG
NWnPcnzqdzUjTw==
-----END CERTIFICATE-----