Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
File:                     _4MmzOvF_DL70ONP7n85u6iPuaI.mft (raw, json)
Hash identifier:          ltUc4Uo+sGoTxTLM8xONZ//7yxi38nFa4qCD5jhVxb8=
Subject key identifier:   01:5E:7E:38:48:1F:29:EF:09:5B:34:A2:E0:DF:13:F8:D9:00:5B:46
Authority key identifier: FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2
Certificate issuer:       /CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
Certificate serial:       018F8636386AC18AF0C1D49E80B59F346345
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
Manifest number:          0CF7
Signing time:             Fri 17 May 2024 11:00:51 +0000
Manifest this update:     Fri 17 May 2024 11:00:51 +0000
Manifest next update:     Sat 18 May 2024 11:00:51 +0000
Files and hashes:         1: _4MmzOvF_DL70ONP7n85u6iPuaI.crl (hash: 0IkDOMu+z0kRdVAGHSDFI9JNxcWFQxMJJpcCqvvYceY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:00:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:36:38:6a:c1:8a:f0:c1:d4:9e:80:b5:9f:34:63:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff8326ccebc5fc32fbd0e34fee7f39bba88fb9a2
        Validity
            Not Before: May 17 11:00:51 2024 GMT
            Not After : May 18 11:00:51 2024 GMT
        Subject: CN=015e7e38481f29ef095b34a2e0df13f8d9005b46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:26:69:2c:6c:1e:19:b0:38:ae:4e:d6:b5:39:
                    c0:d5:97:8b:67:55:a8:de:84:a9:be:96:c9:70:c5:
                    fd:d2:a7:e2:e1:a0:5a:66:9a:b3:6d:ab:3b:09:c1:
                    a1:22:9c:85:58:bf:76:24:44:0a:65:8b:ff:4d:f8:
                    3b:2d:39:89:8a:12:86:d2:95:01:00:40:3b:40:a2:
                    fd:a4:f9:2e:3a:d0:bf:fd:17:cc:84:89:cd:e2:d3:
                    4e:87:55:40:5b:69:da:dd:d6:63:46:76:71:79:c9:
                    8e:f2:44:05:58:79:0b:c0:60:cb:7e:bd:a2:6d:6c:
                    35:f9:ed:67:e3:0c:d2:5b:20:ce:c7:94:0d:56:31:
                    20:86:de:93:51:0f:b2:fd:f6:92:8d:3b:58:76:aa:
                    a7:3e:ee:4b:14:18:c7:25:ed:7d:5e:35:7c:0d:5f:
                    99:ee:16:55:21:7c:d6:c2:a4:e7:eb:69:b5:01:8c:
                    b0:3d:5d:44:d4:39:8e:75:a2:73:08:1e:e8:dc:e2:
                    ca:fd:5f:dc:98:c1:66:b6:70:46:49:4e:5d:a0:6e:
                    fa:90:57:00:ec:60:49:5b:86:7e:3c:50:52:f2:e8:
                    c5:79:2e:e0:bd:fc:b8:54:92:04:8d:45:7e:0f:31:
                    c5:67:3d:12:67:00:67:a9:3d:1b:61:ec:bd:2b:13:
                    14:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:5E:7E:38:48:1F:29:EF:09:5B:34:A2:E0:DF:13:F8:D9:00:5B:46
            X509v3 Authority Key Identifier:
                keyid:FF:83:26:CC:EB:C5:FC:32:FB:D0:E3:4F:EE:7F:39:BB:A8:8F:B9:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4MmzOvF_DL70ONP7n85u6iPuaI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6f5b6a-f4bb-4fde-8a51-8b1344b7d5a6/1/_4MmzOvF_DL70ONP7n85u6iPuaI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:1d:e6:d2:eb:ed:7a:d6:45:60:b8:c4:c2:d5:c0:68:c4:1e:
         17:70:b3:3e:d5:64:27:dd:33:89:2e:db:e2:90:1c:c7:59:8a:
         63:8e:88:87:c8:57:42:82:8b:28:8d:0e:77:98:24:25:35:42:
         2e:51:41:21:12:34:bd:b7:e9:c3:0e:e4:f5:c1:df:a0:bb:a1:
         d0:d9:ac:12:2c:6b:94:e8:65:4e:df:71:54:76:55:fd:d5:a6:
         7f:fa:3d:e9:39:21:50:19:6f:80:fa:52:2d:f6:63:10:d9:1b:
         c1:5f:f2:7e:ed:24:5a:42:9f:23:ce:b5:94:f4:d6:71:42:4d:
         11:0e:1f:fc:62:36:ef:43:44:b0:40:07:bc:67:c8:f0:35:41:
         4e:c5:51:34:25:11:08:99:8a:4f:dd:43:f6:79:21:b2:c1:b2:
         41:4f:fa:ed:56:56:66:5a:e7:1d:1d:26:4d:94:5f:8a:07:64:
         ac:ec:1a:fb:32:90:69:f4:28:81:21:4c:64:f7:b4:c5:7d:23:
         84:d8:f4:c2:35:52:d5:85:dd:5b:ad:b2:76:09:03:34:bd:21:
         5a:48:e1:c7:c2:84:5c:36:48:86:3b:e7:f8:78:a1:43:6c:6d:
         92:39:0b:50:5f:28:84:c4:83:86:1d:63:ee:6b:46:bf:17:a6:
         13:e8:8d:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+GNjhqwYrwwdSegLWfNGNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODMyNmNjZWJjNWZjMzJmYmQwZTM0ZmVlN2YzOWJiYTg4
ZmI5YTIwHhcNMjQwNTE3MTEwMDUxWhcNMjQwNTE4MTEwMDUxWjAzMTEwLwYDVQQD
EygwMTVlN2UzODQ4MWYyOWVmMDk1YjM0YTJlMGRmMTNmOGQ5MDA1YjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyZpLGweGbA4rk7WtTnA1ZeLZ1Wo
3oSpvpbJcMX90qfi4aBaZpqzbas7CcGhIpyFWL92JEQKZYv/Tfg7LTmJihKG0pUB
AEA7QKL9pPkuOtC//RfMhInN4tNOh1VAW2na3dZjRnZxecmO8kQFWHkLwGDLfr2i
bWw1+e1n4wzSWyDOx5QNVjEght6TUQ+y/faSjTtYdqqnPu5LFBjHJe19XjV8DV+Z
7hZVIXzWwqTn62m1AYywPV1E1DmOdaJzCB7o3OLK/V/cmMFmtnBGSU5doG76kFcA
7GBJW4Z+PFBS8ujFeS7gvfy4VJIEjUV+DzHFZz0SZwBnqT0bYey9KxMUUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAFefjhIHynvCVs0ouDfE/jZAFtGMB8GA1UdIwQY
MBaAFP+DJszrxfwy+9DjT+5/Obuoj7miMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEt
OGIxMzQ0YjdkNWE2LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZjViNmEtZjRiYi00ZmRlLThhNTEtOGIxMzQ0YjdkNWE2
LzEvXzRNbXpPdkZfREw3ME9OUDduODV1NmlQdWFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwB3m0uvt
etZFYLjEwtXAaMQeF3CzPtVkJ90ziS7b4pAcx1mKY46Ih8hXQoKLKI0Od5gkJTVC
LlFBIRI0vbfpww7k9cHfoLuh0NmsEixrlOhlTt9xVHZV/dWmf/o96TkhUBlvgPpS
LfZjENkbwV/yfu0kWkKfI861lPTWcUJNEQ4f/GI270NEsEAHvGfI8DVBTsVRNCUR
CJmKT91D9nkhssGyQU/67VZWZlrnHR0mTZRfigdkrOwa+zKQafQogSFMZPe0xX0j
hNj0wjVS1YXdW62ydgkDNL0hWkjhx8KEXDZIhjvn+HihQ2xtkjkLUF8ohMSDhh1j
7mtGvxemE+iNvA==
-----END CERTIFICATE-----