Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
File:                     JmQ9Xo5785a-PNTesdkvYBtRFp8.mft (raw, json)
Hash identifier:          PFsppBkgohvQfaASPENQcd3fC8p18wYFSh1zrG7AfDk=
Subject key identifier:   19:EF:C0:72:36:40:59:6D:5C:CE:6B:97:BF:84:E2:0B:E1:78:49:FC
Authority key identifier: 26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F
Certificate issuer:       /CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
Certificate serial:       018F86A38DB314E6B262ABA1288D23E22DE8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
Manifest number:          080B
Signing time:             Fri 17 May 2024 13:00:16 +0000
Manifest this update:     Fri 17 May 2024 13:00:16 +0000
Manifest next update:     Sat 18 May 2024 13:00:16 +0000
Files and hashes:         1: JmQ9Xo5785a-PNTesdkvYBtRFp8.crl (hash: fgvjBPFneRyIWQ29jnplWCjxjiDcnZnhkg7LBxURFvs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:8d:b3:14:e6:b2:62:ab:a1:28:8d:23:e2:2d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26643d5e8e7bf396be3cd4deb1d92f601b51169f
        Validity
            Not Before: May 17 13:00:16 2024 GMT
            Not After : May 18 13:00:16 2024 GMT
        Subject: CN=19efc0723640596d5cce6b97bf84e20be17849fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:ac:58:56:e3:ab:ac:5f:cd:74:6c:1e:89:2d:
                    85:f5:cd:f5:6a:ac:67:ba:a8:ac:43:20:72:d7:32:
                    7f:a9:0a:a5:ba:29:8f:5b:e9:ae:81:36:c0:f4:32:
                    fa:ff:37:d4:fc:ca:01:af:00:75:93:1a:7c:7d:63:
                    97:d6:bf:4d:24:98:bc:0c:9b:57:b8:a1:fd:89:66:
                    c4:7e:72:7a:8b:fd:c5:2d:b0:11:29:a2:3b:a9:6d:
                    72:cb:95:97:a5:ed:eb:c8:54:74:f1:91:df:bd:a8:
                    dd:22:e5:4b:1c:c8:4b:21:86:67:6b:b0:4a:78:81:
                    cd:c1:ab:31:ad:d6:66:02:dd:e4:ef:06:d4:9d:2c:
                    74:a2:83:86:fd:9c:fd:6b:c1:db:9e:83:31:02:83:
                    f9:fb:ad:7c:c6:77:fa:00:9d:33:c3:a8:bd:cb:d2:
                    86:fb:56:38:3d:df:7d:a5:39:b3:c8:79:b8:ee:4e:
                    67:aa:94:9f:78:cd:d7:d7:80:50:d0:fd:fd:d4:2b:
                    70:79:60:d9:28:f2:d7:01:88:bf:7a:0c:22:e6:df:
                    60:e3:20:6c:19:78:4c:a6:65:1f:1a:fa:79:31:18:
                    9f:9a:69:75:5e:c9:13:ea:b3:8f:28:f3:25:50:f1:
                    1e:ec:78:07:fc:4c:9e:40:c1:4a:b8:b5:ec:8b:c4:
                    ad:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:EF:C0:72:36:40:59:6D:5C:CE:6B:97:BF:84:E2:0B:E1:78:49:FC
            X509v3 Authority Key Identifier:
                keyid:26:64:3D:5E:8E:7B:F3:96:BE:3C:D4:DE:B1:D9:2F:60:1B:51:16:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmQ9Xo5785a-PNTesdkvYBtRFp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/ecdb18-8d3b-4a72-a883-3284684ac7ec/1/JmQ9Xo5785a-PNTesdkvYBtRFp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:10:a3:f6:9f:87:f2:18:ad:99:9c:87:75:58:a0:d5:6d:e1:
         86:78:a9:b2:87:fc:df:83:34:a9:bb:94:77:5c:7d:d3:67:18:
         86:bf:3a:14:38:30:e8:08:5d:6c:8e:df:46:dc:68:c4:3f:c2:
         f6:3c:9a:99:46:12:04:53:7c:01:03:94:50:ce:96:00:d8:2c:
         d4:da:d4:05:d6:a4:56:2d:5e:2d:df:6d:08:c6:69:5a:e4:a9:
         57:4d:53:24:cd:8d:4d:85:88:9d:78:c7:74:b9:0e:e2:3d:58:
         02:de:0d:ee:a0:e8:41:4f:c0:17:90:6e:2a:6d:1c:89:db:5d:
         24:a3:04:4a:f8:12:af:23:ca:bf:10:c9:0e:d8:12:63:5f:b8:
         ba:01:4b:6f:ac:ba:ff:45:79:94:f0:45:c4:d8:af:6b:98:13:
         89:31:27:07:b0:24:aa:d2:45:6f:c3:c6:b1:96:cd:69:23:bb:
         9f:07:a2:97:7e:e9:84:bc:77:2b:9e:f8:c0:a8:6e:8d:f4:b1:
         05:fa:72:58:fd:fa:e0:03:af:af:9a:9e:47:d8:69:d6:45:5f:
         ce:66:03:5d:58:66:18:0a:7c:40:11:7a:3b:ec:d0:d2:74:62:
         e9:47:d4:ac:69:6f:8e:f4:eb:df:e2:6b:1c:a2:3a:5e:c8:d4:
         6e:d6:8f:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go42zFOayYquhKI0j4i3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjQzZDVlOGU3YmYzOTZiZTNjZDRkZWIxZDkyZjYwMWI1
MTE2OWYwHhcNMjQwNTE3MTMwMDE2WhcNMjQwNTE4MTMwMDE2WjAzMTEwLwYDVQQD
EygxOWVmYzA3MjM2NDA1OTZkNWNjZTZiOTdiZjg0ZTIwYmUxNzg0OWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKxYVuOrrF/NdGweiS2F9c31aqxn
uqisQyBy1zJ/qQqluimPW+mugTbA9DL6/zfU/MoBrwB1kxp8fWOX1r9NJJi8DJtX
uKH9iWbEfnJ6i/3FLbARKaI7qW1yy5WXpe3ryFR08ZHfvajdIuVLHMhLIYZna7BK
eIHNwasxrdZmAt3k7wbUnSx0ooOG/Zz9a8HbnoMxAoP5+618xnf6AJ0zw6i9y9KG
+1Y4Pd99pTmzyHm47k5nqpSfeM3X14BQ0P391CtweWDZKPLXAYi/egwi5t9g4yBs
GXhMpmUfGvp5MRifmml1XskT6rOPKPMlUPEe7HgH/EyeQMFKuLXsi8SthQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBnvwHI2QFltXM5rl7+E4gvheEn8MB8GA1UdIwQY
MBaAFCZkPV6Oe/OWvjzU3rHZL2AbURafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMt
MzI4NDY4NGFjN2VjLzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9lY2RiMTgtOGQzYi00YTcyLWE4ODMtMzI4NDY4NGFjN2Vj
LzEvSm1ROVhvNTc4NWEtUE5UZXNka3ZZQnRSRnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxRCj9p+H
8hitmZyHdVig1W3hhnipsof834M0qbuUd1x902cYhr86FDgw6AhdbI7fRtxoxD/C
9jyamUYSBFN8AQOUUM6WANgs1NrUBdakVi1eLd9tCMZpWuSpV01TJM2NTYWInXjH
dLkO4j1YAt4N7qDoQU/AF5BuKm0cidtdJKMESvgSryPKvxDJDtgSY1+4ugFLb6y6
/0V5lPBFxNiva5gTiTEnB7AkqtJFb8PGsZbNaSO7nweil37phLx3K574wKhujfSx
BfpyWP364AOvr5qeR9hp1kVfzmYDXVhmGAp8QBF6O+zQ0nRi6UfUrGlvjvTr3+Jr
HKI6XsjUbtaP4w==
-----END CERTIFICATE-----