Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
File:                     QAnHa7ftKz0UTNhVpewajrfU3pk.mft (raw, json)
Hash identifier:          l92RR9rPP8yyhrQTTNcMPl2l6Pjiyz93UteQ/CEvZ4Q=
Subject key identifier:   41:58:F4:18:93:23:3B:93:A9:91:AB:9E:13:16:4E:A4:88:CC:F8:41
Authority key identifier: 40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99
Certificate issuer:       /CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
Certificate serial:       018F8892496ACABFFC545AED534202A74557
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
Manifest number:          101D
Signing time:             Fri 17 May 2024 22:00:39 +0000
Manifest this update:     Fri 17 May 2024 22:00:39 +0000
Manifest next update:     Sat 18 May 2024 22:00:39 +0000
Files and hashes:         1: QAnHa7ftKz0UTNhVpewajrfU3pk.crl (hash: 8yvTm/cO/Divu0xYJwFZzznMbUeQi50JANF5g8xv6pM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:49:6a:ca:bf:fc:54:5a:ed:53:42:02:a7:45:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4009c76bb7ed2b3d144cd855a5ec1a8eb7d4de99
        Validity
            Not Before: May 17 22:00:39 2024 GMT
            Not After : May 18 22:00:39 2024 GMT
        Subject: CN=4158f41893233b93a991ab9e13164ea488ccf841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e4:e5:1b:69:55:05:19:03:96:b3:2a:04:88:
                    e2:fc:1b:dd:bc:8e:47:72:df:ab:c8:f6:f6:12:b3:
                    78:06:05:a8:32:21:a4:3f:7a:3f:c7:8d:ef:4a:36:
                    97:c6:c1:c3:48:5f:51:e4:01:0f:e8:d2:16:7a:f8:
                    f5:fe:c7:36:bf:8e:93:b1:85:dc:ea:f9:0c:5e:f4:
                    8a:f6:bc:87:4e:a7:b6:97:32:b5:41:d8:2d:8c:69:
                    57:4e:bc:48:92:4f:ef:f0:49:93:f6:35:e3:06:cd:
                    e5:d4:ff:1b:e8:a9:a0:5e:e0:79:3a:4d:bf:df:f5:
                    d8:80:85:d4:26:09:cc:d9:18:b0:ea:90:ff:00:2b:
                    ac:f7:a6:26:09:0a:4f:97:7a:39:41:91:29:ba:ee:
                    eb:6c:46:c5:30:55:aa:15:b3:29:b8:a3:d5:56:9b:
                    16:81:b8:61:68:10:39:06:e1:a5:0f:2d:05:23:8d:
                    ad:73:c6:9a:17:b0:2b:e9:03:8e:9e:3e:4b:cf:12:
                    f9:d3:54:58:8a:10:f5:9d:51:09:4b:c3:be:f5:63:
                    c2:7b:6d:82:6d:d7:d3:d7:9d:aa:5e:fc:62:3e:9e:
                    11:78:fd:76:32:0c:c2:00:42:58:0b:56:e5:47:32:
                    4d:a8:2e:87:64:29:bc:0a:74:22:b7:78:86:e4:7c:
                    12:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:58:F4:18:93:23:3B:93:A9:91:AB:9E:13:16:4E:A4:88:CC:F8:41
            X509v3 Authority Key Identifier:
                keyid:40:09:C7:6B:B7:ED:2B:3D:14:4C:D8:55:A5:EC:1A:8E:B7:D4:DE:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QAnHa7ftKz0UTNhVpewajrfU3pk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d60eb6-3bb2-45c0-9daf-9f55b4ae90cc/1/QAnHa7ftKz0UTNhVpewajrfU3pk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         66:8d:b7:d6:c8:21:94:5a:96:68:c7:e2:c9:a8:ee:14:9a:1b:
         8e:8c:9e:f7:71:49:51:b6:5b:ae:69:c6:16:fe:34:20:e1:f2:
         2d:36:ba:b8:7f:a1:6a:f2:29:22:69:60:52:73:bc:13:2d:c3:
         dc:07:12:60:72:f7:c8:aa:d8:13:e0:81:64:0d:4f:02:04:d9:
         9c:8d:15:ce:e4:45:54:ed:0e:40:8f:09:0c:db:5c:e7:14:c3:
         08:b9:60:0c:4c:bc:ea:12:67:16:cd:6a:34:c2:40:47:7c:00:
         9c:10:0b:a7:c5:5b:60:63:f1:ff:57:67:0f:f0:80:eb:eb:d4:
         c5:40:31:2b:93:68:3c:c9:73:51:9f:10:0d:83:6c:99:f7:a3:
         b6:3a:58:b1:8b:30:cd:6d:36:9c:23:60:e5:ad:42:56:b3:80:
         33:c1:fb:77:d2:95:8d:72:f4:2c:01:a7:68:fc:1e:a1:10:4d:
         ee:7f:4a:8a:30:0a:9b:5b:a2:5d:99:8a:c4:57:41:e0:b4:ae:
         43:9d:3c:49:96:2f:bd:19:99:23:ee:b2:17:f6:f9:e1:3d:72:
         29:32:47:20:03:88:f1:09:5b:48:52:f5:56:62:7e:57:36:d8:
         0c:b0:61:12:cd:7b:1f:c8:6c:e9:1f:51:e4:60:83:ce:41:44:
         5c:88:1e:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikklqyr/8VFrtU0ICp0VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMDljNzZiYjdlZDJiM2QxNDRjZDg1NWE1ZWMxYThlYjdk
NGRlOTkwHhcNMjQwNTE3MjIwMDM5WhcNMjQwNTE4MjIwMDM5WjAzMTEwLwYDVQQD
Eyg0MTU4ZjQxODkzMjMzYjkzYTk5MWFiOWUxMzE2NGVhNDg4Y2NmODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeTlG2lVBRkDlrMqBIji/BvdvI5H
ct+ryPb2ErN4BgWoMiGkP3o/x43vSjaXxsHDSF9R5AEP6NIWevj1/sc2v46TsYXc
6vkMXvSK9ryHTqe2lzK1QdgtjGlXTrxIkk/v8EmT9jXjBs3l1P8b6KmgXuB5Ok2/
3/XYgIXUJgnM2Riw6pD/ACus96YmCQpPl3o5QZEpuu7rbEbFMFWqFbMpuKPVVpsW
gbhhaBA5BuGlDy0FI42tc8aaF7Ar6QOOnj5LzxL501RYihD1nVEJS8O+9WPCe22C
bdfT152qXvxiPp4ReP12MgzCAEJYC1blRzJNqC6HZCm8CnQit3iG5HwSaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEFY9BiTIzuTqZGrnhMWTqSIzPhBMB8GA1UdIwQY
MBaAFEAJx2u37Ss9FEzYVaXsGo631N6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYt
OWY1NWI0YWU5MGNjLzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kNjBlYjYtM2JiMi00NWMwLTlkYWYtOWY1NWI0YWU5MGNj
LzEvUUFuSGE3ZnRLejBVVE5oVnBld2FqcmZVM3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZo231sgh
lFqWaMfiyajuFJobjoye93FJUbZbrmnGFv40IOHyLTa6uH+havIpImlgUnO8Ey3D
3AcSYHL3yKrYE+CBZA1PAgTZnI0VzuRFVO0OQI8JDNtc5xTDCLlgDEy86hJnFs1q
NMJAR3wAnBALp8VbYGPx/1dnD/CA6+vUxUAxK5NoPMlzUZ8QDYNsmfejtjpYsYsw
zW02nCNg5a1CVrOAM8H7d9KVjXL0LAGnaPweoRBN7n9KijAKm1uiXZmKxFdB4LSu
Q508SZYvvRmZI+6yF/b54T1yKTJHIAOI8QlbSFL1VmJ+VzbYDLBhEs17H8hs6R9R
5GCDzkFEXIgeQA==
-----END CERTIFICATE-----