Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
File:                     ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft (raw, json)
Hash identifier:          +V7iKwewpl6crqzOmgNOribDD7Qi3qXUepUYzO24C1g=
Subject key identifier:   66:7A:DD:D0:15:1D:39:98:4F:4C:41:30:D7:6B:51:17:0E:4B:23:08
Authority key identifier: 65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A
Certificate issuer:       /CN=65d4d922286a845f461fef1f53d320cd2eef728a
Certificate serial:       018F86A38BA137BC6CD3D850A2AC605A8608
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
Manifest number:          0B40
Signing time:             Fri 17 May 2024 13:00:15 +0000
Manifest this update:     Fri 17 May 2024 13:00:15 +0000
Manifest next update:     Sat 18 May 2024 13:00:15 +0000
Files and hashes:         1: ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl (hash: bi25MWyCjNIOtUX+eGKBumIO8TCxZ80B0b413/bbB/8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:8b:a1:37:bc:6c:d3:d8:50:a2:ac:60:5a:86:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65d4d922286a845f461fef1f53d320cd2eef728a
        Validity
            Not Before: May 17 13:00:15 2024 GMT
            Not After : May 18 13:00:15 2024 GMT
        Subject: CN=667addd0151d39984f4c4130d76b51170e4b2308
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:32:76:73:65:92:43:e1:4c:a0:15:72:6c:dd:
                    ed:36:eb:1f:ad:e4:17:0d:6d:67:bd:d3:e3:4a:28:
                    db:64:de:97:d7:34:01:c7:d3:d6:7e:be:29:b0:4f:
                    39:b1:0d:c6:16:bc:47:08:29:26:d3:06:8a:0c:aa:
                    6f:6a:4a:85:b1:6e:28:2d:e2:e5:9e:2e:7a:0b:a7:
                    ee:91:43:23:a2:a8:4f:79:82:e1:db:e1:00:67:a0:
                    99:5b:f0:b7:2e:5c:40:5a:03:33:4a:e1:26:48:96:
                    76:2c:cd:cb:35:ec:85:36:13:9a:3b:44:67:73:64:
                    e9:5e:ff:b4:f9:7e:f6:d7:32:4f:bb:29:8f:4e:3d:
                    a8:41:3c:26:c5:22:75:63:57:12:f8:08:b0:63:48:
                    7f:5c:f3:21:b0:b8:a0:02:6b:2e:13:3e:8f:35:83:
                    8a:7d:b9:77:58:2c:79:af:6c:84:99:58:f7:51:4e:
                    79:b5:80:28:23:a8:75:dc:1b:0b:96:6e:ff:9b:91:
                    70:ab:c2:46:7d:9c:50:ce:82:bf:cc:99:2b:dd:58:
                    97:6b:29:46:85:33:72:45:23:d8:3d:86:4f:05:f6:
                    c7:a2:b5:b8:11:59:24:84:a9:ab:43:cf:36:07:f2:
                    20:da:ad:36:d6:28:35:68:3c:74:93:8f:b7:bc:a8:
                    d0:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:7A:DD:D0:15:1D:39:98:4F:4C:41:30:D7:6B:51:17:0E:4B:23:08
            X509v3 Authority Key Identifier:
                keyid:65:D4:D9:22:28:6A:84:5F:46:1F:EF:1F:53:D3:20:CD:2E:EF:72:8A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdTZIihqhF9GH-8fU9MgzS7vcoo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/6889b3-7227-41d4-90cd-64f70c103519/1/ZdTZIihqhF9GH-8fU9MgzS7vcoo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:e6:2b:6f:8c:95:d6:f8:4c:4b:4c:a8:58:1c:c1:36:6f:fd:
         57:f1:c3:8b:8d:b0:fd:51:df:98:57:13:bf:b3:eb:09:21:e5:
         58:08:d7:f4:36:4e:ec:d5:72:75:2a:9f:71:7d:aa:d1:2a:70:
         08:d7:24:aa:16:b8:ba:10:ff:05:26:68:de:63:93:f9:c6:34:
         55:a4:d8:be:01:41:3c:6a:5e:2d:24:ca:7d:16:02:e9:cf:bb:
         a4:b1:22:b5:26:5b:ea:54:38:c0:3f:89:e9:1d:b2:95:8c:e8:
         39:b0:8b:26:b3:27:c9:6b:1b:1b:35:c4:c7:a9:2f:ee:2b:76:
         dd:26:71:ac:eb:f5:2a:b8:d9:4d:f0:2f:de:a1:df:6f:0c:e2:
         a2:e6:ce:6d:2f:41:2d:4c:88:f1:72:96:6a:9a:bd:9d:0b:18:
         a3:58:3d:03:7c:6f:ba:e7:01:0d:88:14:07:7b:e6:13:ca:81:
         71:72:5d:bd:3d:83:ea:5c:71:27:ee:6a:98:b1:ba:e6:a5:ea:
         cb:b0:d7:fb:9e:d1:5c:57:92:86:0d:2d:50:27:15:0a:bd:25:
         55:ce:d3:ce:69:a8:30:3a:ef:86:9b:2f:ff:e1:ec:86:04:c4:
         08:e9:da:8b:64:9d:59:36:b0:51:60:69:ba:6e:67:93:ae:c7:
         50:40:93:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go4uhN7xs09hQoqxgWoYIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDRkOTIyMjg2YTg0NWY0NjFmZWYxZjUzZDMyMGNkMmVl
ZjcyOGEwHhcNMjQwNTE3MTMwMDE1WhcNMjQwNTE4MTMwMDE1WjAzMTEwLwYDVQQD
Eyg2NjdhZGRkMDE1MWQzOTk4NGY0YzQxMzBkNzZiNTExNzBlNGIyMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjJ2c2WSQ+FMoBVybN3tNusfreQX
DW1nvdPjSijbZN6X1zQBx9PWfr4psE85sQ3GFrxHCCkm0waKDKpvakqFsW4oLeLl
ni56C6fukUMjoqhPeYLh2+EAZ6CZW/C3LlxAWgMzSuEmSJZ2LM3LNeyFNhOaO0Rn
c2TpXv+0+X721zJPuymPTj2oQTwmxSJ1Y1cS+AiwY0h/XPMhsLigAmsuEz6PNYOK
fbl3WCx5r2yEmVj3UU55tYAoI6h13BsLlm7/m5Fwq8JGfZxQzoK/zJkr3ViXaylG
hTNyRSPYPYZPBfbHorW4EVkkhKmrQ882B/Ig2q021ig1aDx0k4+3vKjQKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGZ63dAVHTmYT0xBMNdrURcOSyMIMB8GA1UdIwQY
MBaAFGXU2SIoaoRfRh/vH1PTIM0u73KKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2Qt
NjRmNzBjMTAzNTE5LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82ODg5YjMtNzIyNy00MWQ0LTkwY2QtNjRmNzBjMTAzNTE5
LzEvWmRUWklpaHFoRjlHSC04ZlU5TWd6Uzd2Y29vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj+Yrb4yV
1vhMS0yoWBzBNm/9V/HDi42w/VHfmFcTv7PrCSHlWAjX9DZO7NVydSqfcX2q0Spw
CNckqha4uhD/BSZo3mOT+cY0VaTYvgFBPGpeLSTKfRYC6c+7pLEitSZb6lQ4wD+J
6R2ylYzoObCLJrMnyWsbGzXEx6kv7it23SZxrOv1KrjZTfAv3qHfbwzioubObS9B
LUyI8XKWapq9nQsYo1g9A3xvuucBDYgUB3vmE8qBcXJdvT2D6lxxJ+5qmLG65qXq
y7DX+57RXFeShg0tUCcVCr0lVc7TzmmoMDrvhpsv/+HshgTECOnai2SdWTawUWBp
um5nk67HUECT3Q==
-----END CERTIFICATE-----