Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
File:                     XeHEMjIqoQWMPm_lf2N0qSlgacE.mft (raw, json)
Hash identifier:          8iUhe0ls5kEggRFxiKA1LYOH2B/IwqoD0g3T1Q9hoqE=
Subject key identifier:   B1:B9:EE:C1:E3:F0:51:16:1B:38:6D:2C:7A:F1:41:33:F4:2B:35:AB
Authority key identifier: 5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1
Certificate issuer:       /CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
Certificate serial:       018F88921C2E69BD269FFECE9FD8AA837847
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
Manifest number:          065B
Signing time:             Fri 17 May 2024 22:00:27 +0000
Manifest this update:     Fri 17 May 2024 22:00:27 +0000
Manifest next update:     Sat 18 May 2024 22:00:27 +0000
Files and hashes:         1: XeHEMjIqoQWMPm_lf2N0qSlgacE.crl (hash: osvzuJH3zFHSdj/+y+7EaDlRoYDhZLnSP9wIjzo+jDM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:1c:2e:69:bd:26:9f:fe:ce:9f:d8:aa:83:78:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5de1c432322aa1058c3e6fe57f6374a9296069c1
        Validity
            Not Before: May 17 22:00:27 2024 GMT
            Not After : May 18 22:00:27 2024 GMT
        Subject: CN=b1b9eec1e3f051161b386d2c7af14133f42b35ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d7:01:06:a2:68:72:92:ce:e2:69:ea:4b:15:
                    8a:61:0e:6e:e2:39:0f:74:24:cf:dc:8c:2b:9d:d5:
                    0c:4e:79:9e:74:89:a7:8d:20:c3:71:7d:8b:1b:14:
                    fd:44:a7:d8:5b:8f:18:2d:74:2f:e1:cf:d8:75:bb:
                    b5:56:7f:35:3c:c1:74:64:03:32:04:bc:53:14:95:
                    f8:cf:65:fd:be:de:a7:80:e1:02:49:06:f2:e1:c0:
                    2a:29:35:36:d0:1d:37:51:25:0b:5e:3b:f3:4d:24:
                    d7:3a:15:55:4c:43:2f:39:87:0d:bb:d4:66:d4:a4:
                    e6:fc:87:2e:12:f2:31:6d:e6:f1:32:3a:ad:7f:61:
                    12:8a:6d:fc:34:3a:d6:c3:18:6b:c0:c5:d3:f2:54:
                    e0:11:d0:f8:16:7c:67:4f:9b:7f:bc:ef:14:fe:75:
                    56:f3:30:72:c8:09:59:b2:62:9d:7f:89:f3:b5:fd:
                    13:95:4b:62:45:c0:09:2b:7c:e8:de:82:24:49:34:
                    f4:ea:f6:9c:69:a4:1b:6f:2e:fc:9f:95:f7:ee:c6:
                    fb:cf:e4:22:38:8b:56:49:b2:d6:8b:eb:90:48:96:
                    7b:b4:42:5d:d1:61:7a:40:57:89:99:10:fa:51:a0:
                    00:7d:39:d2:40:ac:1a:8e:fd:78:e9:f8:8e:bf:59:
                    60:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:B9:EE:C1:E3:F0:51:16:1B:38:6D:2C:7A:F1:41:33:F4:2B:35:AB
            X509v3 Authority Key Identifier:
                keyid:5D:E1:C4:32:32:2A:A1:05:8C:3E:6F:E5:7F:63:74:A9:29:60:69:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XeHEMjIqoQWMPm_lf2N0qSlgacE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/33796e-7d5f-475c-b569-d78bb6f5b8f5/1/XeHEMjIqoQWMPm_lf2N0qSlgacE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:bf:23:af:65:f9:2f:5b:f4:7c:bf:ef:12:37:a6:8b:8a:0e:
         87:f9:e6:96:00:b6:14:bd:0f:3d:c9:9f:75:85:8e:13:d2:96:
         4b:a8:a5:52:80:77:1d:fb:82:65:84:67:7c:16:5a:01:96:67:
         cc:b0:2b:a1:28:1f:44:e2:00:31:3f:1b:93:11:8c:df:8b:19:
         fa:2e:94:e3:a5:cf:e9:49:00:d3:7f:8e:ef:00:46:04:2b:ad:
         f8:f6:c8:35:d4:df:40:14:77:b3:8a:22:10:4d:b4:d3:d2:06:
         02:07:c5:c5:e8:27:60:9f:92:08:52:68:5f:0d:96:be:bc:68:
         d5:f9:bc:ad:b9:9e:47:c0:b6:87:7d:5e:5f:1d:5e:c7:33:d4:
         e9:f4:dd:20:63:96:95:db:73:11:55:50:5b:a6:bf:a6:4c:67:
         3a:23:71:b9:82:22:0c:34:88:9d:b4:81:61:2e:68:27:2d:18:
         4f:24:b1:a6:7d:26:d6:78:f2:5b:37:38:41:28:bc:1b:85:36:
         e3:1f:38:b7:a1:43:91:b6:84:3e:b4:97:e9:84:bc:1f:75:a5:
         26:2b:9a:68:31:02:20:34:25:ea:b2:66:5c:a6:89:8c:88:04:
         83:a0:78:ad:04:99:af:9f:09:de:f8:de:c0:e7:97:57:07:85:
         ea:99:33:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikhwuab0mn/7On9iqg3hHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZTFjNDMyMzIyYWExMDU4YzNlNmZlNTdmNjM3NGE5Mjk2
MDY5YzEwHhcNMjQwNTE3MjIwMDI3WhcNMjQwNTE4MjIwMDI3WjAzMTEwLwYDVQQD
EyhiMWI5ZWVjMWUzZjA1MTE2MWIzODZkMmM3YWYxNDEzM2Y0MmIzNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNcBBqJocpLO4mnqSxWKYQ5u4jkP
dCTP3IwrndUMTnmedImnjSDDcX2LGxT9RKfYW48YLXQv4c/Ydbu1Vn81PMF0ZAMy
BLxTFJX4z2X9vt6ngOECSQby4cAqKTU20B03USULXjvzTSTXOhVVTEMvOYcNu9Rm
1KTm/IcuEvIxbebxMjqtf2ESim38NDrWwxhrwMXT8lTgEdD4FnxnT5t/vO8U/nVW
8zByyAlZsmKdf4nztf0TlUtiRcAJK3zo3oIkSTT06vacaaQbby78n5X37sb7z+Qi
OItWSbLWi+uQSJZ7tEJd0WF6QFeJmRD6UaAAfTnSQKwajv146fiOv1lgAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLG57sHj8FEWGzhtLHrxQTP0KzWrMB8GA1UdIwQY
MBaAFF3hxDIyKqEFjD5v5X9jdKkpYGnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1Njkt
ZDc4YmI2ZjViOGY1LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8zMzc5NmUtN2Q1Zi00NzVjLWI1NjktZDc4YmI2ZjViOGY1
LzEvWGVIRU1qSXFvUVdNUG1fbGYyTjBxU2xnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAir8jr2X5
L1v0fL/vEjemi4oOh/nmlgC2FL0PPcmfdYWOE9KWS6ilUoB3HfuCZYRnfBZaAZZn
zLAroSgfROIAMT8bkxGM34sZ+i6U46XP6UkA03+O7wBGBCut+PbINdTfQBR3s4oi
EE2009IGAgfFxegnYJ+SCFJoXw2Wvrxo1fm8rbmeR8C2h31eXx1exzPU6fTdIGOW
ldtzEVVQW6a/pkxnOiNxuYIiDDSInbSBYS5oJy0YTySxpn0m1njyWzc4QSi8G4U2
4x84t6FDkbaEPrSX6YS8H3WlJiuaaDECIDQl6rJmXKaJjIgEg6B4rQSZr58J3vje
wOeXVweF6pkzlQ==
-----END CERTIFICATE-----