Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
File:                     QpeJWSkM6bssG1thREOEQVta-tY.mft (raw, json)
Hash identifier:          KIKqvoIfpgCERHkV1q+7kD0mQ3SY9OIfRhr4cRgZjyA=
Subject key identifier:   A0:0F:44:75:2C:93:22:41:6F:88:64:B1:25:3F:DB:7D:1D:14:58:B5
Authority key identifier: 42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6
Certificate issuer:       /CN=42978959290ce9bb2c1b5b61444384415b5afad6
Certificate serial:       018F8938302C12B1EF713CE1E4F036901E96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
Manifest number:          1175
Signing time:             Sat 18 May 2024 01:01:51 +0000
Manifest this update:     Sat 18 May 2024 01:01:51 +0000
Manifest next update:     Sun 19 May 2024 01:01:51 +0000
Files and hashes:         1: QpeJWSkM6bssG1thREOEQVta-tY.crl (hash: X4yBUYCVCLPoYg8zO6npB5XHekhJ3HNVPyIt3fUUgjY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:38:30:2c:12:b1:ef:71:3c:e1:e4:f0:36:90:1e:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=42978959290ce9bb2c1b5b61444384415b5afad6
        Validity
            Not Before: May 18 01:01:51 2024 GMT
            Not After : May 19 01:01:51 2024 GMT
        Subject: CN=a00f44752c9322416f8864b1253fdb7d1d1458b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:02:fc:b7:7b:00:53:4a:49:ac:5e:8e:18:b9:
                    f9:24:49:56:35:7f:f4:bb:b0:22:35:35:da:fe:76:
                    d3:38:de:86:07:2d:8a:30:a6:cd:f2:75:6b:dd:1c:
                    a5:52:69:34:c2:a3:80:c7:c3:bb:9b:e6:ee:f5:9e:
                    9f:ff:9e:94:b6:1b:e1:f7:bb:e1:30:59:08:b9:c1:
                    77:17:ca:e2:9d:71:54:97:57:cc:ed:8f:0d:6c:91:
                    d2:3b:39:20:00:7e:21:7b:9e:a8:2c:11:e4:bb:84:
                    76:aa:de:0a:b2:94:cf:21:98:f2:5b:e4:d0:56:f2:
                    8b:90:d9:72:90:12:e6:1b:51:3e:61:dd:48:a4:5d:
                    e5:5a:47:9f:e9:96:1b:a5:94:aa:e7:50:97:c0:90:
                    ce:4d:a1:3b:78:4b:c0:43:b8:44:7c:8c:20:cf:7a:
                    6b:e1:45:fa:02:05:1f:00:2b:d3:1c:94:db:81:4f:
                    83:0a:a3:15:2f:01:28:da:e6:b2:3f:22:88:3f:e2:
                    fc:da:5b:ef:bf:7e:6c:e4:0b:2c:63:d4:e9:c1:7d:
                    a3:68:27:9c:a6:ff:83:9b:1b:f3:0f:fd:db:1c:a9:
                    02:da:a7:8f:e1:de:6d:75:df:f7:b2:e5:47:56:be:
                    b6:70:2e:81:97:68:24:45:02:13:54:b7:ae:46:f7:
                    ef:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:0F:44:75:2C:93:22:41:6F:88:64:B1:25:3F:DB:7D:1D:14:58:B5
            X509v3 Authority Key Identifier:
                keyid:42:97:89:59:29:0C:E9:BB:2C:1B:5B:61:44:43:84:41:5B:5A:FA:D6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpeJWSkM6bssG1thREOEQVta-tY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ac0b0a-2e83-469d-b89b-326808eccccc/1/QpeJWSkM6bssG1thREOEQVta-tY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:4b:07:0c:57:59:b8:ba:87:60:1f:c1:dc:cb:2f:94:11:6e:
         b9:d0:0e:cb:11:c5:ce:a4:a6:63:67:61:33:99:e6:16:a0:9e:
         65:6f:d2:fa:2c:44:4a:0f:1b:f9:7f:6a:4b:4a:f0:c8:6d:08:
         2f:02:d5:85:f8:5c:63:a4:cc:57:c4:b0:3c:3a:cb:56:2d:25:
         43:85:da:03:8c:bf:f9:75:41:b3:1f:82:93:98:2a:22:d2:26:
         74:e2:17:18:3a:cc:82:fb:46:00:6b:50:40:44:ec:9d:4f:98:
         50:6f:b5:cc:36:80:77:1f:72:61:f9:bc:ba:61:57:d6:e2:7c:
         71:ab:7a:5a:4d:1e:40:c5:f0:48:54:ef:d5:99:1d:c4:84:6f:
         5a:cb:d4:8f:16:fd:4e:b8:54:d7:6d:60:c9:33:dc:30:da:90:
         2e:97:af:99:a2:93:21:f5:21:29:0c:59:de:59:5e:e9:c9:03:
         c2:4d:95:bd:be:0f:e6:ec:3c:82:d3:11:97:97:a0:db:7a:c5:
         b8:e6:40:6d:86:6a:27:61:3a:4c:e0:ac:a3:02:10:9f:ce:5e:
         43:af:f5:e1:a1:29:e0:a4:ed:ea:b5:aa:c9:48:15:ba:d5:6f:
         6d:29:06:21:14:cf:d7:4a:cf:f3:33:1a:20:9f:9c:ab:45:93:
         61:fb:ff:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JODAsErHvcTzh5PA2kB6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTc4OTU5MjkwY2U5YmIyYzFiNWI2MTQ0NDM4NDQxNWI1
YWZhZDYwHhcNMjQwNTE4MDEwMTUxWhcNMjQwNTE5MDEwMTUxWjAzMTEwLwYDVQQD
EyhhMDBmNDQ3NTJjOTMyMjQxNmY4ODY0YjEyNTNmZGI3ZDFkMTQ1OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QL8t3sAU0pJrF6OGLn5JElWNX/0
u7AiNTXa/nbTON6GBy2KMKbN8nVr3RylUmk0wqOAx8O7m+bu9Z6f/56Uthvh97vh
MFkIucF3F8rinXFUl1fM7Y8NbJHSOzkgAH4he56oLBHku4R2qt4KspTPIZjyW+TQ
VvKLkNlykBLmG1E+Yd1IpF3lWkef6ZYbpZSq51CXwJDOTaE7eEvAQ7hEfIwgz3pr
4UX6AgUfACvTHJTbgU+DCqMVLwEo2uayPyKIP+L82lvvv35s5AssY9TpwX2jaCec
pv+DmxvzD/3bHKkC2qeP4d5tdd/3suVHVr62cC6Bl2gkRQITVLeuRvfvvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAPRHUskyJBb4hksSU/230dFFi1MB8GA1UdIwQY
MBaAFEKXiVkpDOm7LBtbYURDhEFbWvrWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWIt
MzI2ODA4ZWNjY2NjLzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hYzBiMGEtMmU4My00NjlkLWI4OWItMzI2ODA4ZWNjY2Nj
LzEvUXBlSldTa002YnNzRzF0aFJFT0VRVnRhLXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi0sHDFdZ
uLqHYB/B3MsvlBFuudAOyxHFzqSmY2dhM5nmFqCeZW/S+ixESg8b+X9qS0rwyG0I
LwLVhfhcY6TMV8SwPDrLVi0lQ4XaA4y/+XVBsx+Ck5gqItImdOIXGDrMgvtGAGtQ
QETsnU+YUG+1zDaAdx9yYfm8umFX1uJ8cat6Wk0eQMXwSFTv1ZkdxIRvWsvUjxb9
TrhU121gyTPcMNqQLpevmaKTIfUhKQxZ3lle6ckDwk2Vvb4P5uw8gtMRl5eg23rF
uOZAbYZqJ2E6TOCsowIQn85eQ6/14aEp4KTt6rWqyUgVutVvbSkGIRTP10rP8zMa
IJ+cq0WTYfv/2g==
-----END CERTIFICATE-----