Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
File:                     lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft (raw, json)
Hash identifier:          8BUP944Vs98jTxjwdrLESBd54HBQNPMRCMWan/BGQbM=
Subject key identifier:   20:07:8B:EB:04:55:1E:17:E4:AB:30:13:FF:B7:F4:97:B6:02:49:7A
Authority key identifier: 94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B
Certificate issuer:       /CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
Certificate serial:       018F874872ECC81D0939DE661F51448AE0BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
Manifest number:          0E78
Signing time:             Fri 17 May 2024 16:00:23 +0000
Manifest this update:     Fri 17 May 2024 16:00:23 +0000
Manifest next update:     Sat 18 May 2024 16:00:23 +0000
Files and hashes:         1: lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl (hash: qr4PJvUxWk7/h7WBQGkCHDfcUH1ERiXwuizZ9SHB4aQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:72:ec:c8:1d:09:39:de:66:1f:51:44:8a:e0:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=946221f79abea6d3c0c3480642590dd0ae0caa3b
        Validity
            Not Before: May 17 16:00:23 2024 GMT
            Not After : May 18 16:00:23 2024 GMT
        Subject: CN=20078beb04551e17e4ab3013ffb7f497b602497a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:fc:81:3c:92:f7:27:9d:5e:a5:28:75:c6:f6:
                    73:07:1e:21:df:fe:7c:f5:ec:16:ef:04:77:05:9e:
                    ab:ca:2c:d6:b6:2d:7c:d7:e2:51:14:71:16:f2:79:
                    eb:1e:48:2c:30:af:ca:f9:f8:1a:80:56:a0:38:64:
                    33:23:29:86:8e:ef:53:20:36:3f:32:75:0e:38:f6:
                    d2:37:af:a9:d1:99:a2:2c:1c:b5:01:64:e5:9d:e3:
                    ce:67:f2:0a:72:51:c0:bc:65:f2:b7:db:7f:87:6f:
                    a2:28:6c:e2:43:cf:3e:62:58:e0:e3:d3:e0:33:f8:
                    4f:67:35:9b:bf:b1:23:1f:8a:7e:d0:16:ae:72:20:
                    bd:50:19:0d:a7:d1:6b:1d:2d:53:42:a8:22:d9:a5:
                    d3:fd:94:86:73:58:6c:b0:7e:8b:22:d9:55:85:db:
                    db:21:36:0b:63:ff:a1:59:86:2f:4e:1d:88:cd:ab:
                    74:4d:dd:e0:33:bf:6d:f7:f9:61:ec:f6:9b:c5:a6:
                    b3:3a:79:96:92:25:13:58:bc:4d:7e:0d:f0:98:76:
                    cc:d9:50:1b:51:35:66:5a:4b:ac:a8:2c:a3:ff:c7:
                    b4:4c:3d:1d:83:52:47:f2:2f:30:be:09:6b:af:7a:
                    30:dc:51:3f:8e:19:24:f8:eb:d6:d2:f3:83:1a:ed:
                    6a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:07:8B:EB:04:55:1E:17:E4:AB:30:13:FF:B7:F4:97:B6:02:49:7A
            X509v3 Authority Key Identifier:
                keyid:94:62:21:F7:9A:BE:A6:D3:C0:C3:48:06:42:59:0D:D0:AE:0C:AA:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lGIh95q-ptPAw0gGQlkN0K4Mqjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/8d9aa5-d52a-486f-b64c-7c605d32165d/1/lGIh95q-ptPAw0gGQlkN0K4Mqjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:61:3e:13:cf:e5:f5:c2:0e:2b:80:01:71:87:51:f3:ed:99:
         49:41:13:d7:9f:80:22:4f:12:73:7c:0e:cf:c1:16:80:d0:b7:
         60:37:57:bc:1e:9d:63:81:55:3a:f5:e6:24:15:dc:1a:29:64:
         b4:ef:fa:d8:91:55:6d:6b:b2:05:2e:eb:89:34:b3:47:d0:7e:
         26:fb:f9:6a:09:c9:e8:33:d7:b4:d5:41:03:f0:16:5f:d4:33:
         1e:ac:c4:cc:e0:7b:de:76:97:00:e2:9e:86:a9:8b:4b:34:54:
         9f:98:bb:db:00:65:3a:8d:0e:7c:14:fa:11:d2:f0:5f:2e:b2:
         19:c1:bf:41:11:d2:c5:87:69:2a:f5:15:e5:5f:87:7e:e7:0d:
         33:0f:67:c6:7c:31:75:44:30:f7:67:68:a8:5f:80:da:94:c0:
         15:a9:75:18:76:41:27:8b:f1:5a:8a:1e:2a:6a:8f:e8:fa:99:
         f8:e4:e1:55:81:d4:57:6e:b2:e2:03:06:1b:21:a7:6d:f6:2f:
         97:d2:6c:35:9e:c4:c3:cc:c8:52:60:1b:85:76:ae:ab:b8:56:
         75:66:3a:30:6f:a5:b5:3b:41:ee:04:8b:a4:33:83:45:a2:1a:
         f9:db:00:d1:f1:77:0f:c6:cc:eb:2e:0d:bc:d9:78:44:f5:3e:
         a2:b8:76:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSHLsyB0JOd5mH1FEiuC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NjIyMWY3OWFiZWE2ZDNjMGMzNDgwNjQyNTkwZGQwYWUw
Y2FhM2IwHhcNMjQwNTE3MTYwMDIzWhcNMjQwNTE4MTYwMDIzWjAzMTEwLwYDVQQD
EygyMDA3OGJlYjA0NTUxZTE3ZTRhYjMwMTNmZmI3ZjQ5N2I2MDI0OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vyBPJL3J51epSh1xvZzBx4h3/58
9ewW7wR3BZ6ryizWti181+JRFHEW8nnrHkgsMK/K+fgagFagOGQzIymGju9TIDY/
MnUOOPbSN6+p0ZmiLBy1AWTlnePOZ/IKclHAvGXyt9t/h2+iKGziQ88+Yljg49Pg
M/hPZzWbv7EjH4p+0BauciC9UBkNp9FrHS1TQqgi2aXT/ZSGc1hssH6LItlVhdvb
ITYLY/+hWYYvTh2Izat0Td3gM79t9/lh7PabxaazOnmWkiUTWLxNfg3wmHbM2VAb
UTVmWkusqCyj/8e0TD0dg1JH8i8wvglrr3ow3FE/jhkk+OvW0vODGu1qOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAHi+sEVR4X5KswE/+39Je2Akl6MB8GA1UdIwQY
MBaAFJRiIfeavqbTwMNIBkJZDdCuDKo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMt
N2M2MDVkMzIxNjVkLzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84ZDlhYTUtZDUyYS00ODZmLWI2NGMtN2M2MDVkMzIxNjVk
LzEvbEdJaDk1cS1wdFBBdzBnR1Fsa04wSzRNcWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWE+E8/l
9cIOK4ABcYdR8+2ZSUET15+AIk8Sc3wOz8EWgNC3YDdXvB6dY4FVOvXmJBXcGilk
tO/62JFVbWuyBS7riTSzR9B+Jvv5agnJ6DPXtNVBA/AWX9QzHqzEzOB73naXAOKe
hqmLSzRUn5i72wBlOo0OfBT6EdLwXy6yGcG/QRHSxYdpKvUV5V+HfucNMw9nxnwx
dUQw92doqF+A2pTAFal1GHZBJ4vxWooeKmqP6PqZ+OThVYHUV26y4gMGGyGnbfYv
l9JsNZ7Ew8zIUmAbhXauq7hWdWY6MG+ltTtB7gSLpDODRaIa+dsA0fF3D8bM6y4N
vNl4RPU+orh2aw==
-----END CERTIFICATE-----