Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
File:                     BZqsWXzkoNE7edIrO_GKSJnddk8.mft (raw, json)
Hash identifier:          XGusR6K4ryrikex4/FBpOo0+HGZHuQ7W67RB5viIuw8=
Subject key identifier:   0B:AC:16:84:A6:D9:C4:61:A5:44:E0:89:5E:B0:77:A3:29:33:40:72
Authority key identifier: 05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F
Certificate issuer:       /CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
Certificate serial:       018F3A7828572D49D2C01A1DC0DD47B51D88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
Manifest number:          05DE
Signing time:             Thu 02 May 2024 18:01:44 +0000
Manifest this update:     Thu 02 May 2024 18:01:44 +0000
Manifest next update:     Fri 03 May 2024 18:01:44 +0000
Files and hashes:         1: BZqsWXzkoNE7edIrO_GKSJnddk8.crl (hash: Dn8+bO1pe/Tr2d4rE9NLKtXQ0qao2BMomB7r7FjqlKc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:59:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:78:28:57:2d:49:d2:c0:1a:1d:c0:dd:47:b5:1d:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059aac597ce4a0d13b79d22b3bf18a4899dd764f
        Validity
            Not Before: May  2 18:01:44 2024 GMT
            Not After : May  3 18:01:44 2024 GMT
        Subject: CN=0bac1684a6d9c461a544e0895eb077a329334072
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:c9:c4:61:be:f5:48:c0:3c:a9:ab:99:20:a2:
                    bb:5f:5a:8c:8c:97:1a:c5:6c:c7:e5:42:a4:7e:39:
                    43:71:c3:95:df:3e:be:d7:4c:83:cd:47:d4:0b:a6:
                    1a:05:71:b3:b3:7a:0c:6e:2c:bf:c4:a5:1c:48:73:
                    b4:74:51:87:b3:82:b6:b0:9b:e5:7a:c8:0e:3c:08:
                    7c:c7:0c:e2:a9:d8:3f:31:ff:2f:8c:f6:85:b5:2d:
                    e2:0f:a8:b4:01:1b:71:47:7a:d2:f0:83:f9:89:e7:
                    83:1b:41:84:56:c6:64:8d:a8:9d:56:0d:54:fe:5e:
                    45:a6:ae:0a:6d:aa:d1:65:d0:c2:e9:bc:63:e9:e4:
                    7d:ef:68:b4:00:88:e7:d4:2d:48:6a:a7:1a:2f:52:
                    96:b9:93:f7:d0:1d:32:d4:96:45:5d:f7:a0:b0:3b:
                    0a:85:98:63:66:88:57:dd:5d:fb:6e:c2:2e:d0:50:
                    92:f7:6a:1c:c2:50:01:52:f6:e2:e2:2e:9b:23:cf:
                    3e:d2:b9:84:b1:38:0a:8e:9e:92:2f:a0:3e:aa:bc:
                    f8:5b:4f:a1:9a:55:b2:9b:4c:c6:4d:68:ad:95:c7:
                    6a:e5:41:f6:38:3e:d8:69:8e:26:8c:97:58:40:23:
                    93:6a:bb:35:10:d8:1d:4e:e8:09:38:ae:97:39:9e:
                    cd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:AC:16:84:A6:D9:C4:61:A5:44:E0:89:5E:B0:77:A3:29:33:40:72
            X509v3 Authority Key Identifier:
                keyid:05:9A:AC:59:7C:E4:A0:D1:3B:79:D2:2B:3B:F1:8A:48:99:DD:76:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZqsWXzkoNE7edIrO_GKSJnddk8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/bab89a-d990-4fc7-86dd-e2c816db81cc/1/BZqsWXzkoNE7edIrO_GKSJnddk8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:07:7d:9b:e4:97:0f:e4:f0:1f:93:3c:52:03:3e:1b:eb:f3:
         d2:d4:31:43:e0:cc:dd:ce:7a:27:27:9a:bd:33:e4:8c:ec:ab:
         47:7a:39:17:35:9b:c1:db:dc:44:d3:37:b5:ec:6e:56:e1:14:
         68:6e:95:fd:67:41:22:f4:f4:e0:eb:ec:05:e0:b2:aa:0a:ba:
         c9:63:62:d5:13:1c:08:01:27:ae:dc:9a:83:d1:54:b5:d6:de:
         4d:61:8e:31:26:37:f3:f8:77:bc:2a:fc:69:94:aa:b7:7e:17:
         8a:c3:3c:80:9f:73:45:c3:d4:4a:aa:b8:6b:9f:8a:74:af:40:
         d9:50:ee:e7:09:77:91:a1:5e:60:29:6b:a2:de:3f:60:c5:db:
         56:32:4b:ad:67:32:f8:06:32:76:d3:e2:55:55:e5:88:5a:44:
         0b:8e:3b:42:ce:f3:f0:2b:e7:17:7a:3b:49:1b:be:86:35:24:
         c9:ae:eb:55:99:5e:38:f9:7a:b7:2d:e1:fb:7e:63:62:c0:0b:
         c5:5e:4e:01:b0:bc:d8:cd:28:61:bb:31:7c:3d:b2:d7:1d:95:
         ea:09:b4:9d:9f:5f:d6:c9:74:25:77:0f:b2:8d:21:6f:f1:fb:
         e6:40:40:f5:6e:17:28:d9:e0:67:8c:86:e2:70:86:2f:05:d8:
         b5:21:17:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY86eChXLUnSwBodwN1HtR2IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWFhYzU5N2NlNGEwZDEzYjc5ZDIyYjNiZjE4YTQ4OTlk
ZDc2NGYwHhcNMjQwNTAyMTgwMTQ0WhcNMjQwNTAzMTgwMTQ0WjAzMTEwLwYDVQQD
EygwYmFjMTY4NGE2ZDljNDYxYTU0NGUwODk1ZWIwNzdhMzI5MzM0MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMnEYb71SMA8qauZIKK7X1qMjJca
xWzH5UKkfjlDccOV3z6+10yDzUfUC6YaBXGzs3oMbiy/xKUcSHO0dFGHs4K2sJvl
esgOPAh8xwziqdg/Mf8vjPaFtS3iD6i0ARtxR3rS8IP5ieeDG0GEVsZkjaidVg1U
/l5Fpq4KbarRZdDC6bxj6eR972i0AIjn1C1IaqcaL1KWuZP30B0y1JZFXfegsDsK
hZhjZohX3V37bsIu0FCS92ocwlABUvbi4i6bI88+0rmEsTgKjp6SL6A+qrz4W0+h
mlWym0zGTWitlcdq5UH2OD7YaY4mjJdYQCOTars1ENgdTugJOK6XOZ7NlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAusFoSm2cRhpUTgiV6wd6MpM0ByMB8GA1UdIwQY
MBaAFAWarFl85KDRO3nSKzvxikiZ3XZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQt
ZTJjODE2ZGI4MWNjLzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iYWI4OWEtZDk5MC00ZmM3LTg2ZGQtZTJjODE2ZGI4MWNj
LzEvQlpxc1dYemtvTkU3ZWRJck9fR0tTSm5kZGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmwd9m+SX
D+TwH5M8UgM+G+vz0tQxQ+DM3c56JyeavTPkjOyrR3o5FzWbwdvcRNM3texuVuEU
aG6V/WdBIvT04OvsBeCyqgq6yWNi1RMcCAEnrtyag9FUtdbeTWGOMSY38/h3vCr8
aZSqt34XisM8gJ9zRcPUSqq4a5+KdK9A2VDu5wl3kaFeYClrot4/YMXbVjJLrWcy
+AYydtPiVVXliFpEC447Qs7z8CvnF3o7SRu+hjUkya7rVZleOPl6ty3h+35jYsAL
xV5OAbC82M0oYbsxfD2y1x2V6gm0nZ9f1sl0JXcPso0hb/H75kBA9W4XKNngZ4yG
4nCGLwXYtSEXaw==
-----END CERTIFICATE-----