Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
File:                     _4fgqwMrDAXrXnTMLAhpjdMk2WM.mft (raw, json)
Hash identifier:          lVuCNIVXI1tZeKnGy+zMp8w9fYJoLIRJYVu0+VbC+SY=
Subject key identifier:   76:43:ED:D3:C5:B4:95:0D:AA:12:2E:61:1C:CB:AA:33:0E:FE:D2:85
Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63
Certificate issuer:       /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
Certificate serial:       018F87ED91D9BC431E60879C1EFEF92AF69B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
Manifest number:          11B4
Signing time:             Fri 17 May 2024 19:00:44 +0000
Manifest this update:     Fri 17 May 2024 19:00:44 +0000
Manifest next update:     Sat 18 May 2024 19:00:44 +0000
Files and hashes:         1: _4fgqwMrDAXrXnTMLAhpjdMk2WM.crl (hash: ARXnnWAdzyYb4ztOL5lOpRmB+fGu3A8Xo72V4kYZl7I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:91:d9:bc:43:1e:60:87:9c:1e:fe:f9:2a:f6:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963
        Validity
            Not Before: May 17 19:00:44 2024 GMT
            Not After : May 18 19:00:44 2024 GMT
        Subject: CN=7643edd3c5b4950daa122e611ccbaa330efed285
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:f2:52:03:90:99:2d:b9:bf:fd:e1:c2:f9:9b:
                    d4:50:a8:fc:22:6f:87:bc:59:0f:1e:16:77:c0:2a:
                    b7:58:ab:93:5c:68:bd:1c:2e:98:b1:15:d7:c0:3c:
                    5a:8a:d4:89:cf:75:65:48:09:b4:a6:6b:a9:1a:a3:
                    9d:48:b8:59:38:0e:04:74:11:a6:a1:4d:ee:29:9e:
                    cd:1b:7e:21:49:ea:10:07:76:09:3f:3f:b3:f3:fa:
                    26:9b:3a:c4:0a:73:45:68:c9:45:20:97:3e:c9:66:
                    ef:e7:3d:69:c7:22:8b:a6:16:d2:d4:ce:f5:5f:38:
                    8d:29:77:a7:87:c1:ba:bc:86:9a:6e:54:5b:46:7d:
                    9d:2f:f4:06:40:23:0c:d7:c7:e7:21:51:f3:42:93:
                    78:5a:89:98:77:9d:b2:db:7b:d7:f9:57:0c:ce:a5:
                    76:97:e5:08:9d:ad:f0:cd:38:26:b4:76:be:da:8e:
                    1e:d6:48:4b:d9:21:6c:d1:79:71:e3:e7:53:c2:3e:
                    6a:cf:9a:27:f9:4d:34:e3:15:11:17:65:e4:f9:bc:
                    bb:6a:9d:8f:ea:b2:10:b1:7b:37:95:01:9a:94:32:
                    08:c2:b5:08:1b:3e:61:f3:f3:f2:cb:00:dc:0a:d6:
                    87:a4:0b:39:d7:51:e1:39:01:f4:47:70:2f:57:34:
                    a8:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:43:ED:D3:C5:B4:95:0D:AA:12:2E:61:1C:CB:AA:33:0E:FE:D2:85
            X509v3 Authority Key Identifier:
                keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6c:fc:ae:d0:f4:8d:3d:11:21:d6:d9:3c:16:76:b6:3d:c3:93:
         ae:50:57:6f:5d:ff:be:3c:0b:b5:87:10:a9:16:71:db:33:37:
         68:b2:11:31:d0:e9:c7:07:74:af:49:8c:30:5c:2b:4e:92:80:
         d2:88:d7:cc:b6:68:e8:63:8a:f4:15:22:59:96:11:a1:f6:ec:
         0c:93:7d:54:3e:91:d2:8c:f1:79:17:04:b6:00:b3:86:f6:a2:
         30:3c:a3:26:a1:f2:95:c5:39:5b:ce:a8:40:16:d2:17:8d:f1:
         59:cf:4a:a3:a8:43:ba:d7:33:38:bf:8d:d6:62:dd:0f:0f:02:
         9b:6c:10:0b:05:6d:45:fd:24:87:fb:81:ee:a1:7e:31:83:04:
         ae:31:1e:5c:dc:5c:f1:10:01:68:e9:00:5f:f8:64:54:9e:9a:
         33:c5:c7:6c:ab:40:5a:07:0c:aa:4a:5a:3b:c6:9b:c5:9a:6a:
         5f:24:f2:d5:c5:94:e6:9d:af:fd:ac:4a:08:39:8c:b8:33:98:
         a0:db:e7:0b:18:8e:2c:ad:db:9e:c8:c2:5e:5f:ff:1b:2f:e4:
         fd:f9:e5:fd:55:9f:b8:32:b7:c3:51:e2:18:5a:9e:59:ab:6d:
         4f:3f:63:e1:ad:8f:88:71:98:84:c6:a8:7b:d7:4d:27:b6:56:
         f1:e8:53:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7ZHZvEMeYIecHv75KvabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy
NGQ5NjMwHhcNMjQwNTE3MTkwMDQ0WhcNMjQwNTE4MTkwMDQ0WjAzMTEwLwYDVQQD
Eyg3NjQzZWRkM2M1YjQ5NTBkYWExMjJlNjExY2NiYWEzMzBlZmVkMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvJSA5CZLbm//eHC+ZvUUKj8Im+H
vFkPHhZ3wCq3WKuTXGi9HC6YsRXXwDxaitSJz3VlSAm0pmupGqOdSLhZOA4EdBGm
oU3uKZ7NG34hSeoQB3YJPz+z8/ommzrECnNFaMlFIJc+yWbv5z1pxyKLphbS1M71
XziNKXenh8G6vIaablRbRn2dL/QGQCMM18fnIVHzQpN4WomYd52y23vX+VcMzqV2
l+UIna3wzTgmtHa+2o4e1khL2SFs0Xlx4+dTwj5qz5on+U004xURF2Xk+by7ap2P
6rIQsXs3lQGalDIIwrUIGz5h8/PyywDcCtaHpAs511HhOQH0R3AvVzSoiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZD7dPFtJUNqhIuYRzLqjMO/tKFMB8GA1UdIwQY
MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt
NzFlYjk1ZjUwZTViLzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi
LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbPyu0PSN
PREh1tk8Fna2PcOTrlBXb13/vjwLtYcQqRZx2zM3aLIRMdDpxwd0r0mMMFwrTpKA
0ojXzLZo6GOK9BUiWZYRofbsDJN9VD6R0ozxeRcEtgCzhvaiMDyjJqHylcU5W86o
QBbSF43xWc9Ko6hDutczOL+N1mLdDw8Cm2wQCwVtRf0kh/uB7qF+MYMErjEeXNxc
8RABaOkAX/hkVJ6aM8XHbKtAWgcMqkpaO8abxZpqXyTy1cWU5p2v/axKCDmMuDOY
oNvnCxiOLK3bnsjCXl//Gy/k/fnl/VWfuDK3w1HiGFqeWattTz9j4a2PiHGYhMao
e9dNJ7ZW8ehTbw==
-----END CERTIFICATE-----