Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
File:                     JQfjIVuSyGWOv0lfa4fOC6anvSc.mft (raw, json)
Hash identifier:          8ZEHmbLs/kHv7HmQHyBvJgxa1tF1GafquClB2xN3prg=
Subject key identifier:   FA:AC:18:13:98:62:12:98:E2:3A:EE:84:1C:20:8C:10:7F:6C:72:38
Authority key identifier: 25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27
Certificate issuer:       /CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
Certificate serial:       018F87ED7A66EDB3B798F56625B288F88BA1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
Manifest number:          0318
Signing time:             Fri 17 May 2024 19:00:38 +0000
Manifest this update:     Fri 17 May 2024 19:00:38 +0000
Manifest next update:     Sat 18 May 2024 19:00:38 +0000
Files and hashes:         1: JQfjIVuSyGWOv0lfa4fOC6anvSc.crl (hash: qKgZGlmQnaRfUmuvDvWMkyFzBMbi4WtIvgIW2zvtp9U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:7a:66:ed:b3:b7:98:f5:66:25:b2:88:f8:8b:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2507e3215b92c8658ebf495f6b87ce0ba6a7bd27
        Validity
            Not Before: May 17 19:00:38 2024 GMT
            Not After : May 18 19:00:38 2024 GMT
        Subject: CN=faac181398621298e23aee841c208c107f6c7238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4b:45:99:14:54:1c:5e:84:52:6e:e0:7f:0c:
                    bc:62:fb:9a:95:46:0b:51:6b:05:95:43:50:88:78:
                    5b:7e:72:76:03:c7:05:e1:75:c2:82:1d:06:9a:29:
                    d8:86:42:ac:46:1b:ca:17:a4:9b:a1:64:bb:b3:f4:
                    d8:a8:a3:24:a8:11:af:95:68:15:a9:2b:33:cd:3e:
                    54:73:2d:2d:a6:b2:c6:5c:69:60:26:f1:7a:93:1e:
                    e1:fb:30:3c:7f:56:05:e1:83:08:7e:d8:c2:65:26:
                    df:e8:03:66:9c:77:da:d4:18:83:39:60:90:8e:d6:
                    15:33:f3:9c:37:92:09:cc:62:ba:89:68:a3:2d:b4:
                    6a:72:56:db:a9:25:83:5e:3e:e1:2e:85:4a:71:56:
                    ac:0f:ef:3e:f0:13:10:25:f8:41:19:03:13:40:b7:
                    95:fb:63:13:25:5b:7c:62:97:31:d7:98:44:66:df:
                    98:f4:66:09:18:ec:73:5b:96:79:0a:44:7b:76:f3:
                    f0:d1:70:12:aa:02:ea:89:7e:7e:6e:98:46:85:d1:
                    32:59:2c:55:2b:55:21:55:a9:32:12:ce:09:64:17:
                    a9:e9:ad:c6:d7:4b:e3:2f:a5:27:63:da:1d:99:c5:
                    3e:d8:fa:89:ea:a6:2d:1f:1e:95:83:1e:6c:08:61:
                    b5:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:AC:18:13:98:62:12:98:E2:3A:EE:84:1C:20:8C:10:7F:6C:72:38
            X509v3 Authority Key Identifier:
                keyid:25:07:E3:21:5B:92:C8:65:8E:BF:49:5F:6B:87:CE:0B:A6:A7:BD:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JQfjIVuSyGWOv0lfa4fOC6anvSc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4eef1b-c30b-4ed7-af2a-01c356b73f0d/1/JQfjIVuSyGWOv0lfa4fOC6anvSc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:96:7a:8b:ba:7e:ce:b5:f5:db:b4:4d:89:4f:ff:f6:bc:08:
         c4:29:3b:6d:0a:2d:a1:0b:19:91:36:25:ee:6e:92:38:4c:ea:
         b8:62:9b:58:50:0b:58:17:5d:73:5d:c3:48:bd:1c:82:4a:ba:
         64:16:7c:4f:30:d4:13:c6:f8:cc:c1:14:58:b9:61:36:eb:ce:
         a9:44:17:8f:a2:3d:f9:b3:c5:03:74:0a:b9:53:d2:4c:b2:a1:
         6a:c1:c2:56:7c:3b:18:81:e8:73:95:68:a9:68:69:97:90:85:
         f8:1e:f5:8d:be:fe:ae:62:85:8f:6c:88:da:b2:a4:07:8a:e1:
         2b:6b:6b:aa:6d:f4:88:6b:2c:6f:a6:2c:86:84:bc:8f:9f:94:
         c8:57:b5:15:d2:2c:27:3e:f8:f5:7b:8b:b8:ca:05:14:c3:dc:
         ea:10:92:a0:c9:c7:4d:19:c3:63:14:1a:32:0f:c2:9c:4a:f1:
         05:12:00:33:ff:27:9c:c6:4e:6a:47:ac:ab:b0:40:8d:de:cd:
         79:ae:c9:41:ba:31:14:ab:3b:20:9e:97:f2:c8:89:50:f7:cd:
         b3:aa:8c:57:bd:de:06:84:0c:be:e4:0a:a2:89:c9:66:12:ae:
         9a:80:01:12:85:82:86:5d:90:93:c4:df:3d:23:dc:fb:e8:4d:
         e9:4b:ab:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7Xpm7bO3mPVmJbKI+IuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MDdlMzIxNWI5MmM4NjU4ZWJmNDk1ZjZiODdjZTBiYTZh
N2JkMjcwHhcNMjQwNTE3MTkwMDM4WhcNMjQwNTE4MTkwMDM4WjAzMTEwLwYDVQQD
EyhmYWFjMTgxMzk4NjIxMjk4ZTIzYWVlODQxYzIwOGMxMDdmNmM3MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEtFmRRUHF6EUm7gfwy8YvualUYL
UWsFlUNQiHhbfnJ2A8cF4XXCgh0GminYhkKsRhvKF6SboWS7s/TYqKMkqBGvlWgV
qSszzT5Ucy0tprLGXGlgJvF6kx7h+zA8f1YF4YMIftjCZSbf6ANmnHfa1BiDOWCQ
jtYVM/OcN5IJzGK6iWijLbRqclbbqSWDXj7hLoVKcVasD+8+8BMQJfhBGQMTQLeV
+2MTJVt8Ypcx15hEZt+Y9GYJGOxzW5Z5CkR7dvPw0XASqgLqiX5+bphGhdEyWSxV
K1UhVakyEs4JZBep6a3G10vjL6UnY9odmcU+2PqJ6qYtHx6Vgx5sCGG1rQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqsGBOYYhKY4jruhBwgjBB/bHI4MB8GA1UdIwQY
MBaAFCUH4yFbkshljr9JX2uHzgump70nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEt
MDFjMzU2YjczZjBkLzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZWVmMWItYzMwYi00ZWQ3LWFmMmEtMDFjMzU2YjczZjBk
LzEvSlFmaklWdVN5R1dPdjBsZmE0Zk9DNmFudlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZZ6i7p+
zrX127RNiU//9rwIxCk7bQotoQsZkTYl7m6SOEzquGKbWFALWBddc13DSL0cgkq6
ZBZ8TzDUE8b4zMEUWLlhNuvOqUQXj6I9+bPFA3QKuVPSTLKhasHCVnw7GIHoc5Vo
qWhpl5CF+B71jb7+rmKFj2yI2rKkB4rhK2trqm30iGssb6YshoS8j5+UyFe1FdIs
Jz749XuLuMoFFMPc6hCSoMnHTRnDYxQaMg/CnErxBRIAM/8nnMZOakesq7BAjd7N
ea7JQboxFKs7IJ6X8siJUPfNs6qMV73eBoQMvuQKoonJZhKumoABEoWChl2Qk8Tf
PSPc++hN6Uur0A==
-----END CERTIFICATE-----