Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
File:                     JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft (raw, json)
Hash identifier:          XOyKbJ37IBbvfcuT/NJqX2fzbL0Fc+rIREfpbkVy2Ng=
Subject key identifier:   E6:D9:4D:4D:BF:89:54:F2:B4:86:9F:91:D6:38:F6:AE:17:EE:79:DC
Authority key identifier: 25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39
Certificate issuer:       /CN=25a290559f72a701231c028e70a250690355a639
Certificate serial:       018F874999A645F8EE4D1F3F665E51AF9166
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
Manifest number:          0EB7
Signing time:             Fri 17 May 2024 16:01:38 +0000
Manifest this update:     Fri 17 May 2024 16:01:38 +0000
Manifest next update:     Sat 18 May 2024 16:01:38 +0000
Files and hashes:         1: JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl (hash: DURCiJ/A4Xdsl7CkniUzzVtrdyI8vHEFypkQV2IY8Ik=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:99:a6:45:f8:ee:4d:1f:3f:66:5e:51:af:91:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a290559f72a701231c028e70a250690355a639
        Validity
            Not Before: May 17 16:01:38 2024 GMT
            Not After : May 18 16:01:38 2024 GMT
        Subject: CN=e6d94d4dbf8954f2b4869f91d638f6ae17ee79dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:16:3a:bf:3c:7d:86:d7:40:52:99:f0:01:35:
                    22:af:d9:86:3b:82:92:f6:f2:c3:43:3d:fa:95:ce:
                    a8:b8:c4:87:38:3b:50:86:38:21:6e:d0:85:56:cd:
                    6e:45:8e:fe:79:be:b2:07:56:59:1b:4e:62:fa:f3:
                    da:85:3e:dc:81:77:35:41:c1:0d:b3:43:e2:98:98:
                    c7:8f:fb:52:c9:9a:0e:f8:c7:28:de:91:32:5a:ea:
                    df:c3:db:52:6a:89:f5:4e:99:c7:ab:f9:ff:52:c9:
                    c7:d8:1f:e2:45:76:b3:c0:71:30:49:69:c7:30:2e:
                    68:ad:61:e9:9a:8f:7b:64:a9:86:e5:a5:f7:05:e5:
                    38:38:fe:fc:60:08:cd:ca:a1:c4:07:36:b9:51:f6:
                    99:b8:f1:95:7b:aa:b5:24:18:61:97:b3:34:f8:1d:
                    05:f9:95:31:64:af:e6:ae:b5:17:73:6c:69:2f:5d:
                    17:ef:eb:60:34:05:82:99:7c:85:b1:ea:21:77:2c:
                    11:74:65:12:61:5e:82:01:6f:cc:6a:75:40:c4:f3:
                    8b:01:a0:dc:2c:82:8e:45:e6:bb:f8:2a:25:7c:cc:
                    28:c4:ea:cd:ba:82:ef:45:71:9b:31:cb:80:f2:cb:
                    f4:bb:f7:78:fa:d8:9b:bd:cc:e5:ca:a2:e0:48:8b:
                    d0:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:D9:4D:4D:BF:89:54:F2:B4:86:9F:91:D6:38:F6:AE:17:EE:79:DC
            X509v3 Authority Key Identifier:
                keyid:25:A2:90:55:9F:72:A7:01:23:1C:02:8E:70:A2:50:69:03:55:A6:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e7fe06-4d44-430f-9ecb-295fcf87ea27/1/JaKQVZ9ypwEjHAKOcKJQaQNVpjk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:b4:24:86:7d:49:66:f1:e5:0e:4a:35:e9:d6:48:5d:93:49:
         a7:3b:83:2f:2c:64:22:ac:98:0f:98:c6:fb:ed:04:ee:9b:6e:
         bf:91:d1:51:05:95:f0:bd:c5:4e:e5:61:7e:f9:bb:07:30:b2:
         40:50:06:f7:8b:56:60:03:4b:f2:ee:ce:ca:b1:5c:63:3c:8a:
         5d:c4:70:76:08:64:cc:09:02:7d:82:31:31:e1:a5:42:34:44:
         62:32:6b:6a:b3:e8:b2:06:c6:63:3d:25:bd:9e:99:a1:67:11:
         10:e6:82:c6:7a:22:08:77:39:62:f4:29:f6:9d:c5:a8:7e:01:
         80:0e:6e:02:ea:74:ce:61:99:d6:2a:cc:4b:37:55:0e:00:6c:
         da:7f:1e:a0:ee:d4:11:2b:df:9d:fc:0c:40:55:fd:16:b6:9b:
         30:b3:73:99:f9:ba:f2:41:4f:f2:b4:ec:41:9e:1a:f3:ec:a6:
         4b:68:ec:17:c8:92:78:92:43:38:44:8c:77:cb:ce:03:28:ab:
         38:ff:10:ea:16:1a:9d:22:d5:6b:7b:11:64:c8:5f:7d:76:d7:
         b7:38:cb:8a:22:f2:80:3f:46:d2:9b:a2:ae:a2:7d:ac:21:5c:
         18:fe:ad:c7:bb:25:9b:9d:4c:a0:44:d9:6d:52:6b:d5:ff:67:
         8c:46:46:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSZmmRfjuTR8/Zl5Rr5FmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTI5MDU1OWY3MmE3MDEyMzFjMDI4ZTcwYTI1MDY5MDM1
NWE2MzkwHhcNMjQwNTE3MTYwMTM4WhcNMjQwNTE4MTYwMTM4WjAzMTEwLwYDVQQD
EyhlNmQ5NGQ0ZGJmODk1NGYyYjQ4NjlmOTFkNjM4ZjZhZTE3ZWU3OWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BY6vzx9htdAUpnwATUir9mGO4KS
9vLDQz36lc6ouMSHODtQhjghbtCFVs1uRY7+eb6yB1ZZG05i+vPahT7cgXc1QcEN
s0PimJjHj/tSyZoO+Mco3pEyWurfw9tSaon1TpnHq/n/UsnH2B/iRXazwHEwSWnH
MC5orWHpmo97ZKmG5aX3BeU4OP78YAjNyqHEBza5UfaZuPGVe6q1JBhhl7M0+B0F
+ZUxZK/mrrUXc2xpL10X7+tgNAWCmXyFseohdywRdGUSYV6CAW/ManVAxPOLAaDc
LIKORea7+ColfMwoxOrNuoLvRXGbMcuA8sv0u/d4+tibvczlyqLgSIvQjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFObZTU2/iVTytIafkdY49q4X7nncMB8GA1UdIwQY
MBaAFCWikFWfcqcBIxwCjnCiUGkDVaY5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2It
Mjk1ZmNmODdlYTI3LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lN2ZlMDYtNGQ0NC00MzBmLTllY2ItMjk1ZmNmODdlYTI3
LzEvSmFLUVZaOXlwd0VqSEFLT2NLSlFhUU5WcGprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbQkhn1J
ZvHlDko16dZIXZNJpzuDLyxkIqyYD5jG++0E7ptuv5HRUQWV8L3FTuVhfvm7BzCy
QFAG94tWYANL8u7OyrFcYzyKXcRwdghkzAkCfYIxMeGlQjREYjJrarPosgbGYz0l
vZ6ZoWcREOaCxnoiCHc5YvQp9p3FqH4BgA5uAup0zmGZ1irMSzdVDgBs2n8eoO7U
ESvfnfwMQFX9FrabMLNzmfm68kFP8rTsQZ4a8+ymS2jsF8iSeJJDOESMd8vOAyir
OP8Q6hYanSLVa3sRZMhffXbXtzjLiiLygD9G0puirqJ9rCFcGP6tx7slm51MoETZ
bVJr1f9njEZGxA==
-----END CERTIFICATE-----