Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
File:                     ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft (raw, json)
Hash identifier:          Ss5QgByJmHZnSkJC5h3RGhsT/qaDaUL4kSCxqOljL/U=
Subject key identifier:   71:D0:CE:E2:8B:D6:2D:1C:89:2B:3C:60:7C:1E:D2:0E:AB:97:9D:CA
Authority key identifier: 89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB
Certificate issuer:       /CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
Certificate serial:       018F863611046A5A5C03253638C718B1D193
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
Manifest number:          0A74
Signing time:             Fri 17 May 2024 11:00:41 +0000
Manifest this update:     Fri 17 May 2024 11:00:41 +0000
Manifest next update:     Sat 18 May 2024 11:00:41 +0000
Files and hashes:         1: ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl (hash: ZFC6P6s8pGvjTRxXPV5gkBJlErf1ZTXqUYQCEqNfZOw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:36:11:04:6a:5a:5c:03:25:36:38:c7:18:b1:d1:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89b98b1dbc4db0fbd8656d2b2b8a53e2c3dca6ab
        Validity
            Not Before: May 17 11:00:41 2024 GMT
            Not After : May 18 11:00:41 2024 GMT
        Subject: CN=71d0cee28bd62d1c892b3c607c1ed20eab979dca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:be:96:26:bf:43:f2:fa:32:b9:39:8c:eb:cd:
                    a2:fb:17:4e:cd:bd:71:69:4e:fb:ab:a7:47:ec:85:
                    60:29:41:07:f9:4e:2c:74:c7:c4:57:5c:03:ad:e4:
                    fc:24:16:ce:d2:69:ad:9e:a8:e2:e3:c8:99:c8:2d:
                    c5:f2:6d:ab:95:c0:dd:f2:83:5e:4b:ae:46:cf:07:
                    27:fd:58:ca:c9:e7:a5:92:31:6f:1a:18:9c:6b:7f:
                    b6:17:9b:3e:2e:59:c5:11:87:3c:9b:ad:93:83:19:
                    38:e9:a3:13:50:59:18:8b:25:fc:b2:a0:e2:08:0e:
                    31:13:5e:b6:e7:63:73:02:6c:28:d3:7d:37:38:5d:
                    9c:67:cb:87:31:1a:75:73:69:7b:1b:f4:cd:70:86:
                    15:bd:03:72:ce:ab:f8:75:0d:bc:8c:6d:a0:ee:27:
                    ec:f1:37:54:4c:90:e2:37:63:72:6f:91:d3:02:01:
                    7b:42:6b:20:4d:54:0c:d4:e7:68:95:94:20:45:26:
                    8d:b6:68:21:b8:d0:cb:8c:53:a0:13:bc:54:8b:8b:
                    6b:72:4f:bf:29:43:37:df:c5:fd:b5:23:8f:29:81:
                    cd:3d:44:e4:bb:22:ef:bb:2b:80:fc:06:06:66:78:
                    01:68:42:7f:56:95:c5:67:db:97:fc:f8:f0:cd:2d:
                    d8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:D0:CE:E2:8B:D6:2D:1C:89:2B:3C:60:7C:1E:D2:0E:AB:97:9D:CA
            X509v3 Authority Key Identifier:
                keyid:89:B9:8B:1D:BC:4D:B0:FB:D8:65:6D:2B:2B:8A:53:E2:C3:DC:A6:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibmLHbxNsPvYZW0rK4pT4sPcpqs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b4b600-47a7-4707-9a9e-4da54471762e/1/ibmLHbxNsPvYZW0rK4pT4sPcpqs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:6c:b1:ea:61:a9:8f:ff:75:2e:18:2a:11:5b:ab:d3:8c:c3:
         35:b6:de:d3:8e:e1:4f:be:91:fe:0e:bd:12:44:03:f1:11:cb:
         7d:a2:04:e2:3c:c7:4d:a9:0d:e7:de:94:ce:b3:21:0c:d6:44:
         4a:d8:75:d3:b3:54:1b:ff:77:f9:39:3d:5e:1a:c9:36:f7:12:
         1b:d8:e2:f1:31:d6:2b:c2:c8:f7:17:21:40:5b:bb:e4:09:1b:
         47:be:70:54:23:a5:38:bc:80:0b:05:f1:8a:4e:09:85:f7:b0:
         ef:a8:80:a7:9b:9f:69:80:64:a1:e8:04:aa:bc:bc:f0:d6:69:
         68:d2:11:a0:d1:ca:18:ac:09:b8:0d:8d:87:02:5f:c8:90:ba:
         b3:75:73:3c:9c:e4:59:72:d1:e8:cc:53:3d:d4:a1:29:9a:9b:
         5f:a1:5f:02:6b:4e:d7:eb:19:23:d8:86:e7:34:ab:ee:44:7c:
         48:f2:0b:9d:47:ac:c1:65:16:5f:92:70:75:11:d2:4e:f5:60:
         4a:b4:4d:f8:49:de:a0:d9:87:d5:b1:60:98:a8:af:68:0d:53:
         18:97:7f:d4:78:fc:4c:e7:d2:7e:aa:65:ab:73:21:d0:b0:28:
         0b:a4:c7:6d:5d:18:cf:91:2c:fb:b9:41:98:60:11:a5:b7:88:
         41:08:f4:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+GNhEEalpcAyU2OMcYsdGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5Yjk4YjFkYmM0ZGIwZmJkODY1NmQyYjJiOGE1M2UyYzNk
Y2E2YWIwHhcNMjQwNTE3MTEwMDQxWhcNMjQwNTE4MTEwMDQxWjAzMTEwLwYDVQQD
Eyg3MWQwY2VlMjhiZDYyZDFjODkyYjNjNjA3YzFlZDIwZWFiOTc5ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb6WJr9D8voyuTmM682i+xdOzb1x
aU77q6dH7IVgKUEH+U4sdMfEV1wDreT8JBbO0mmtnqji48iZyC3F8m2rlcDd8oNe
S65Gzwcn/VjKyeelkjFvGhica3+2F5s+LlnFEYc8m62Tgxk46aMTUFkYiyX8sqDi
CA4xE16252NzAmwo0303OF2cZ8uHMRp1c2l7G/TNcIYVvQNyzqv4dQ28jG2g7ifs
8TdUTJDiN2Nyb5HTAgF7QmsgTVQM1OdolZQgRSaNtmghuNDLjFOgE7xUi4trck+/
KUM338X9tSOPKYHNPUTkuyLvuyuA/AYGZngBaEJ/VpXFZ9uX/PjwzS3Y0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHHQzuKL1i0ciSs8YHwe0g6rl53KMB8GA1UdIwQY
MBaAFIm5ix28TbD72GVtKyuKU+LD3KarMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUt
NGRhNTQ0NzE3NjJlLzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iNGI2MDAtNDdhNy00NzA3LTlhOWUtNGRhNTQ0NzE3NjJl
LzEvaWJtTEhieE5zUHZZWlcwcks0cFQ0c1BjcHFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABWyx6mGp
j/91LhgqEVur04zDNbbe047hT76R/g69EkQD8RHLfaIE4jzHTakN596UzrMhDNZE
Sth107NUG/93+Tk9XhrJNvcSG9ji8THWK8LI9xchQFu75AkbR75wVCOlOLyACwXx
ik4Jhfew76iAp5ufaYBkoegEqry88NZpaNIRoNHKGKwJuA2NhwJfyJC6s3VzPJzk
WXLR6MxTPdShKZqbX6FfAmtO1+sZI9iG5zSr7kR8SPILnUeswWUWX5JwdRHSTvVg
SrRN+EneoNmH1bFgmKivaA1TGJd/1Hj8TOfSfqplq3Mh0LAoC6THbV0Yz5Es+7lB
mGARpbeIQQj0AQ==
-----END CERTIFICATE-----