Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
File:                     Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft (raw, json)
Hash identifier:          Z/p1Y/jAwPRXnMHs61nE5UHgW/0QcFjllSBzv+LD8IM=
Subject key identifier:   79:32:9B:CB:F2:A6:55:7B:D9:89:2D:40:B0:C6:70:05:BE:A7:8A:0F
Authority key identifier: 46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45
Certificate issuer:       /CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
Certificate serial:       018F88247EF59FEF5DF6718DC07A5DB2D9F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
Manifest number:          0E35
Signing time:             Fri 17 May 2024 20:00:44 +0000
Manifest this update:     Fri 17 May 2024 20:00:44 +0000
Manifest next update:     Sat 18 May 2024 20:00:44 +0000
Files and hashes:         1: Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl (hash: NBvYf8S2dxF94buo8t/F/Dy6lLpmm9Mil5YgJIyX5j0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:7e:f5:9f:ef:5d:f6:71:8d:c0:7a:5d:b2:d9:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=467a388112e68f4c7d4d80c32d37cfcd6cd23a45
        Validity
            Not Before: May 17 20:00:44 2024 GMT
            Not After : May 18 20:00:44 2024 GMT
        Subject: CN=79329bcbf2a6557bd9892d40b0c67005bea78a0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:00:a5:37:98:78:c5:06:23:1b:bd:f8:73:1f:
                    53:ef:c8:9a:9b:39:7f:89:d0:df:c0:d4:e0:76:6f:
                    4b:e1:38:80:82:44:8f:d1:a0:93:4e:65:6c:29:da:
                    17:ba:c0:57:33:2d:8f:d6:6d:31:ac:0d:8b:a0:ee:
                    aa:55:78:57:a6:19:f9:11:8c:8a:76:c4:b5:ae:18:
                    ef:2d:6d:ea:62:30:e6:5a:0e:ba:83:5e:66:c1:9a:
                    21:fd:23:8f:21:0a:4a:cd:c3:5f:8f:ee:f0:db:9a:
                    d1:8f:e3:63:e1:fc:11:42:a8:3e:52:56:59:1c:38:
                    26:2c:28:68:e1:b6:a5:1e:d0:71:6f:a5:c2:f1:23:
                    8c:f9:1d:c1:29:b1:34:a8:bd:34:6f:41:ad:2d:5b:
                    00:e4:dc:f4:33:2b:3d:1a:56:92:b3:85:d8:0c:d0:
                    5e:46:f1:28:d7:53:e2:dd:25:e1:14:2d:e2:e6:d2:
                    6a:cb:46:db:70:e5:12:6c:44:38:fa:7c:3b:06:a1:
                    8e:bc:c2:cc:9c:bb:51:5d:29:d4:b4:ae:9a:e9:a2:
                    d5:ae:ed:73:0c:87:29:5d:45:94:f1:32:0d:a6:a5:
                    f0:4c:b7:87:c6:86:10:b1:93:99:cd:7f:62:18:33:
                    48:06:e3:7e:c8:54:cb:6e:7e:fe:b6:d6:9a:5c:95:
                    fa:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:32:9B:CB:F2:A6:55:7B:D9:89:2D:40:B0:C6:70:05:BE:A7:8A:0F
            X509v3 Authority Key Identifier:
                keyid:46:7A:38:81:12:E6:8F:4C:7D:4D:80:C3:2D:37:CF:CD:6C:D2:3A:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rno4gRLmj0x9TYDDLTfPzWzSOkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/1d7727-a4de-4ae8-b6c5-c71845a01749/1/Rno4gRLmj0x9TYDDLTfPzWzSOkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5c:87:04:23:bc:3d:0e:43:0f:90:70:a6:59:81:61:da:1a:2a:
         d1:c6:77:e8:4f:05:dd:49:8f:d0:52:b3:b3:2c:b6:fd:2c:f4:
         68:27:72:37:2f:1e:10:3a:35:f1:ef:a4:e1:4e:8a:df:23:17:
         84:3e:05:8b:46:49:1c:b1:4c:fe:00:73:92:06:d6:54:64:9a:
         9b:b2:e4:2e:0c:eb:7e:25:32:49:66:d1:53:5e:91:0a:70:ba:
         92:e0:16:8e:86:b3:a0:16:c1:ed:49:8c:0c:50:c5:cf:a5:b0:
         1f:9e:d6:60:5e:9c:4d:04:2e:8c:c2:f0:6f:a4:e1:8b:38:bf:
         e7:2e:95:a4:2c:39:4b:00:f7:69:cc:f5:76:51:f6:8c:56:58:
         d0:31:3b:5e:75:e5:e1:ef:b8:64:86:ef:e8:9a:b0:8f:3e:82:
         5c:54:5f:af:f9:4a:0f:6f:d7:90:df:01:be:a5:0b:8f:28:6d:
         e6:ef:75:18:f4:ad:34:7b:da:96:67:9e:30:84:e8:4b:28:30:
         c2:ef:02:39:f6:e0:76:73:2f:3d:f3:97:cd:d1:2f:78:e1:7a:
         63:f1:96:a0:46:e1:7a:69:ef:48:aa:d3:70:91:18:12:88:9a:
         2a:03:36:e9:8f:91:cd:aa:79:73:31:b4:94:cb:2b:13:75:bd:
         f3:7e:1c:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJH71n+9d9nGNwHpdstnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2N2EzODgxMTJlNjhmNGM3ZDRkODBjMzJkMzdjZmNkNmNk
MjNhNDUwHhcNMjQwNTE3MjAwMDQ0WhcNMjQwNTE4MjAwMDQ0WjAzMTEwLwYDVQQD
Eyg3OTMyOWJjYmYyYTY1NTdiZDk4OTJkNDBiMGM2NzAwNWJlYTc4YTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugClN5h4xQYjG734cx9T78iamzl/
idDfwNTgdm9L4TiAgkSP0aCTTmVsKdoXusBXMy2P1m0xrA2LoO6qVXhXphn5EYyK
dsS1rhjvLW3qYjDmWg66g15mwZoh/SOPIQpKzcNfj+7w25rRj+Nj4fwRQqg+UlZZ
HDgmLCho4balHtBxb6XC8SOM+R3BKbE0qL00b0GtLVsA5Nz0Mys9GlaSs4XYDNBe
RvEo11Pi3SXhFC3i5tJqy0bbcOUSbEQ4+nw7BqGOvMLMnLtRXSnUtK6a6aLVru1z
DIcpXUWU8TINpqXwTLeHxoYQsZOZzX9iGDNIBuN+yFTLbn7+ttaaXJX6vwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHkym8vyplV72YktQLDGcAW+p4oPMB8GA1UdIwQY
MBaAFEZ6OIES5o9MfU2Awy03z81s0jpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUt
YzcxODQ1YTAxNzQ5LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8xZDc3MjctYTRkZS00YWU4LWI2YzUtYzcxODQ1YTAxNzQ5
LzEvUm5vNGdSTG1qMHg5VFlERExUZlB6V3pTT2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXIcEI7w9
DkMPkHCmWYFh2hoq0cZ36E8F3UmP0FKzsyy2/Sz0aCdyNy8eEDo18e+k4U6K3yMX
hD4Fi0ZJHLFM/gBzkgbWVGSam7LkLgzrfiUySWbRU16RCnC6kuAWjoazoBbB7UmM
DFDFz6WwH57WYF6cTQQujMLwb6Thizi/5y6VpCw5SwD3acz1dlH2jFZY0DE7XnXl
4e+4ZIbv6Jqwjz6CXFRfr/lKD2/XkN8BvqULjyht5u91GPStNHvalmeeMIToSygw
wu8COfbgdnMvPfOXzdEveOF6Y/GWoEbhemnvSKrTcJEYEoiaKgM26Y+Rzap5czG0
lMsrE3W9834cEw==
-----END CERTIFICATE-----