Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
File:                     rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft (raw, json)
Hash identifier:          v+slrTtsYxsO+O3zZAKUZPlsOCfKIZJwzfOpxJkG1Ts=
Subject key identifier:   A8:CE:B3:96:45:A4:22:EB:DD:A7:E5:D3:13:80:6C:85:6B:48:7D:0D
Authority key identifier: AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03
Certificate issuer:       /CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
Certificate serial:       018F8749E45FB6604CF18030DFDDCA17F9C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 16:01:57 +0000
Manifest this update:     Fri 17 May 2024 16:01:57 +0000
Manifest next update:     Sat 18 May 2024 16:01:57 +0000
Files and hashes:         1: rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl (hash: kLEoOKtuOE1bb3ZlTxtyvN+0MZT2IUtvZI7A6T1Mvgw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:e4:5f:b6:60:4c:f1:80:30:df:dd:ca:17:f9:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae50ec352e8dbb0cdf6e08c57c71caa11a445003
        Validity
            Not Before: May 17 16:01:57 2024 GMT
            Not After : May 18 16:01:57 2024 GMT
        Subject: CN=a8ceb39645a422ebdda7e5d313806c856b487d0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:43:2d:54:5f:f5:b9:d1:56:53:6d:1a:d6:a9:
                    61:3a:63:0c:52:23:16:f1:fd:ba:34:7d:b9:31:01:
                    68:b9:e0:b1:2d:33:ef:10:2a:e0:9f:e5:ee:d6:85:
                    bd:63:2e:63:c7:e4:74:b2:15:d4:91:65:2d:bc:14:
                    c3:0a:30:bd:dc:c8:04:3d:49:17:76:a7:04:84:e6:
                    f2:5c:cf:fe:7f:8e:e2:b2:13:77:14:e2:70:65:57:
                    6f:8e:af:00:62:27:57:ea:5a:53:8a:c5:b6:cf:49:
                    6b:08:67:df:87:71:05:6d:00:35:0a:72:a7:ec:95:
                    f4:e8:8e:6d:d7:52:03:82:f9:4f:31:6f:40:a7:9f:
                    ab:ee:d4:30:d3:1c:d8:1c:5b:8d:de:36:ef:11:c9:
                    b7:a4:e2:a8:ae:46:cc:24:3a:04:d1:f3:6a:d1:11:
                    00:54:27:f1:a9:d7:7f:42:5d:dc:7a:1a:df:00:2d:
                    83:95:a4:4a:f1:21:a3:af:6e:6a:b9:0a:32:e9:94:
                    47:87:e3:05:5b:84:cc:34:84:62:6c:de:59:34:d6:
                    69:ec:b0:53:44:a4:f1:7d:bd:44:a2:d2:dc:f3:16:
                    9f:c1:be:15:90:a0:c6:e5:8b:e6:04:7e:20:35:3f:
                    3d:fa:ab:77:90:02:1c:cc:1f:7c:dc:9b:22:53:a5:
                    fc:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:CE:B3:96:45:A4:22:EB:DD:A7:E5:D3:13:80:6C:85:6B:48:7D:0D
            X509v3 Authority Key Identifier:
                keyid:AE:50:EC:35:2E:8D:BB:0C:DF:6E:08:C5:7C:71:CA:A1:1A:44:50:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rlDsNS6NuwzfbgjFfHHKoRpEUAM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c8961f-d1d7-46ac-9f8d-33ebac095077/1/rlDsNS6NuwzfbgjFfHHKoRpEUAM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:87:7b:f7:d3:63:32:c2:e4:b2:7f:58:29:0e:60:5e:03:44:
         a4:96:bb:1b:37:cb:e1:8f:86:33:be:3e:e8:b2:0b:71:2d:d0:
         7c:54:c2:1c:69:18:95:99:e9:54:9f:9e:d8:80:48:3f:21:1a:
         28:27:e3:28:fc:59:22:26:ae:da:23:62:09:e6:74:8f:4c:af:
         cf:46:a4:30:c7:d8:ff:88:98:75:66:a3:43:5e:ad:18:66:0b:
         f0:69:84:47:98:bd:11:38:71:1b:29:b9:f2:b4:4a:e2:d8:3e:
         9f:f6:fc:d5:c7:2c:99:71:41:74:db:ba:a4:03:c7:e7:3a:13:
         63:c1:e7:94:0a:5f:d1:08:fd:12:f7:33:24:d4:80:eb:b1:34:
         cd:2c:bf:ac:45:a0:78:83:64:c4:56:a1:02:ac:58:f2:0d:9a:
         f5:5b:cc:26:5e:88:3d:e8:3e:d5:6d:59:15:d1:a9:c7:20:bc:
         ca:5d:cb:05:47:03:31:8a:31:e4:03:88:2f:57:95:c8:4d:43:
         72:a7:0f:c7:3d:eb:ef:55:2e:1b:4d:d4:a8:81:af:19:47:09:
         4b:e8:23:92:b4:cb:9b:42:cb:e4:9c:c6:95:cb:37:48:20:63:
         5d:62:4f:f6:04:3c:31:fb:58:56:f5:d6:4b:ba:50:cd:ce:09:
         39:3d:43:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSeRftmBM8YAw393KF/nDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNTBlYzM1MmU4ZGJiMGNkZjZlMDhjNTdjNzFjYWExMWE0
NDUwMDMwHhcNMjQwNTE3MTYwMTU3WhcNMjQwNTE4MTYwMTU3WjAzMTEwLwYDVQQD
EyhhOGNlYjM5NjQ1YTQyMmViZGRhN2U1ZDMxMzgwNmM4NTZiNDg3ZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUMtVF/1udFWU20a1qlhOmMMUiMW
8f26NH25MQFoueCxLTPvECrgn+Xu1oW9Yy5jx+R0shXUkWUtvBTDCjC93MgEPUkX
dqcEhObyXM/+f47ishN3FOJwZVdvjq8AYidX6lpTisW2z0lrCGffh3EFbQA1CnKn
7JX06I5t11IDgvlPMW9Ap5+r7tQw0xzYHFuN3jbvEcm3pOKorkbMJDoE0fNq0REA
VCfxqdd/Ql3cehrfAC2DlaRK8SGjr25quQoy6ZRHh+MFW4TMNIRibN5ZNNZp7LBT
RKTxfb1EotLc8xafwb4VkKDG5YvmBH4gNT89+qt3kAIczB983JsiU6X8iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKjOs5ZFpCLr3afl0xOAbIVrSH0NMB8GA1UdIwQY
MBaAFK5Q7DUujbsM324IxXxxyqEaRFADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQt
MzNlYmFjMDk1MDc3LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jODk2MWYtZDFkNy00NmFjLTlmOGQtMzNlYmFjMDk1MDc3
LzEvcmxEc05TNk51d3pmYmdqRmZISEtvUnBFVUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABod799Nj
MsLksn9YKQ5gXgNEpJa7GzfL4Y+GM74+6LILcS3QfFTCHGkYlZnpVJ+e2IBIPyEa
KCfjKPxZIiau2iNiCeZ0j0yvz0akMMfY/4iYdWajQ16tGGYL8GmER5i9EThxGym5
8rRK4tg+n/b81ccsmXFBdNu6pAPH5zoTY8HnlApf0Qj9EvczJNSA67E0zSy/rEWg
eINkxFahAqxY8g2a9VvMJl6IPeg+1W1ZFdGpxyC8yl3LBUcDMYox5AOIL1eVyE1D
cqcPxz3r71UuG03UqIGvGUcJS+gjkrTLm0LL5JzGlcs3SCBjXWJP9gQ8MftYVvXW
S7pQzc4JOT1DfA==
-----END CERTIFICATE-----