Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
File:                     QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft (raw, json)
Hash identifier:          FvH+l+8Bn8whC2X3RZolIh3eqwaEP1Oh6d2Ua2o+3WA=
Subject key identifier:   5D:6E:98:9E:61:F2:3E:E7:E4:C8:85:D3:C7:BD:5C:B1:13:3F:44:28
Authority key identifier: 40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94
Certificate issuer:       /CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
Certificate serial:       018F87ED7C2B38BB89761A6DA4EE3DAE577A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 19:00:38 +0000
Manifest this update:     Fri 17 May 2024 19:00:38 +0000
Manifest next update:     Sat 18 May 2024 19:00:38 +0000
Files and hashes:         1: QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl (hash: iVYvBkT5mkW89jma+K7oF5YdH9ruipaTySP6+m5Uv4k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:7c:2b:38:bb:89:76:1a:6d:a4:ee:3d:ae:57:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=408b0fe658eb96fb50b135f71bb92f27b92c1394
        Validity
            Not Before: May 17 19:00:38 2024 GMT
            Not After : May 18 19:00:38 2024 GMT
        Subject: CN=5d6e989e61f23ee7e4c885d3c7bd5cb1133f4428
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c9:e7:db:ad:86:44:48:cb:67:e7:d1:84:73:
                    15:30:1c:69:68:31:1c:5f:3a:8c:72:37:2f:5a:57:
                    fc:02:b9:5f:8c:a2:83:ea:19:ef:fe:61:55:c3:d4:
                    d7:ea:e2:ff:3c:62:c0:ea:2c:e4:60:ca:9e:bb:5d:
                    98:96:2c:5f:85:d6:e7:81:9a:b6:22:52:bd:34:af:
                    42:53:08:a5:e2:2f:52:67:93:90:ca:bb:40:ba:8e:
                    eb:bd:51:21:aa:65:0a:24:31:f4:d7:a6:37:99:40:
                    f4:c0:a8:c1:e3:75:50:d5:4b:7f:ab:bf:a2:fe:a4:
                    ed:93:d2:a5:be:e2:57:cc:31:70:91:01:a8:d0:50:
                    03:8c:52:af:ee:15:54:ba:9e:e7:ae:25:4b:f9:a0:
                    5e:e7:cc:7e:2b:67:62:98:b8:1d:79:8c:06:98:9c:
                    ee:44:f5:90:64:d0:c9:18:29:5a:c6:a2:32:89:77:
                    6d:17:d1:6b:37:b2:b7:3d:72:3a:ad:a6:ec:7a:3b:
                    cf:10:40:7e:b5:09:54:bf:a6:e1:d5:b3:1d:3e:2b:
                    38:1c:5e:ac:f3:cf:93:9b:e5:e5:22:a7:61:de:1e:
                    0e:52:c4:48:a3:01:91:07:3f:b8:b8:d6:d1:78:7a:
                    17:94:c0:42:67:ea:ab:d4:a6:45:6c:62:27:4a:dd:
                    22:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6E:98:9E:61:F2:3E:E7:E4:C8:85:D3:C7:BD:5C:B1:13:3F:44:28
            X509v3 Authority Key Identifier:
                keyid:40:8B:0F:E6:58:EB:96:FB:50:B1:35:F7:1B:B9:2F:27:B9:2C:13:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e5654c-9fe7-4793-8a8f-40edadeee860/1/QIsP5ljrlvtQsTX3G7kvJ7ksE5Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:8f:d7:f5:b1:5e:9c:71:49:ee:86:b0:c4:18:eb:fa:e9:b7:
         04:2b:cc:81:67:a3:8e:c7:e7:da:c0:71:17:91:8d:94:5f:01:
         59:61:db:76:9a:bf:39:f3:a0:3a:f9:9d:35:06:a3:d0:34:24:
         b0:25:90:87:1a:a2:36:c2:4c:c0:05:08:c4:2f:86:d8:d0:14:
         00:0d:80:17:fe:4b:c3:52:8d:76:5b:ae:f0:19:d4:49:ed:17:
         71:f0:df:b2:86:4c:d1:44:24:af:e5:4d:5d:79:0d:b3:ba:36:
         d9:2a:34:33:0e:36:5e:03:eb:0a:5d:2c:ae:2b:8a:71:8c:b5:
         86:1b:fa:61:6a:7a:93:8d:bb:d2:7c:60:d2:10:25:4a:98:0d:
         ce:06:16:28:98:e9:26:0f:ed:cf:c4:2d:f7:40:73:81:8b:72:
         30:e9:48:e6:5d:38:db:de:3a:82:1b:45:8f:66:29:fa:d3:dc:
         8b:2c:ce:61:89:fe:3f:00:ea:0a:87:94:29:59:2a:e8:b0:e1:
         3b:ad:a3:38:62:05:6d:65:ab:4e:d3:65:a9:11:89:01:38:94:
         5f:14:42:28:1d:db:8b:c4:55:b0:e9:2b:c6:92:68:ea:07:9d:
         ef:40:d5:5d:fa:b5:98:f6:7b:17:d3:f8:fd:32:75:cd:74:31:
         08:c0:e7:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7XwrOLuJdhptpO49rld6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGIwZmU2NThlYjk2ZmI1MGIxMzVmNzFiYjkyZjI3Yjky
YzEzOTQwHhcNMjQwNTE3MTkwMDM4WhcNMjQwNTE4MTkwMDM4WjAzMTEwLwYDVQQD
Eyg1ZDZlOTg5ZTYxZjIzZWU3ZTRjODg1ZDNjN2JkNWNiMTEzM2Y0NDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcnn262GREjLZ+fRhHMVMBxpaDEc
XzqMcjcvWlf8ArlfjKKD6hnv/mFVw9TX6uL/PGLA6izkYMqeu12YlixfhdbngZq2
IlK9NK9CUwil4i9SZ5OQyrtAuo7rvVEhqmUKJDH016Y3mUD0wKjB43VQ1Ut/q7+i
/qTtk9KlvuJXzDFwkQGo0FADjFKv7hVUup7nriVL+aBe58x+K2dimLgdeYwGmJzu
RPWQZNDJGClaxqIyiXdtF9FrN7K3PXI6rabsejvPEEB+tQlUv6bh1bMdPis4HF6s
88+Tm+XlIqdh3h4OUsRIowGRBz+4uNbReHoXlMBCZ+qr1KZFbGInSt0ilwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1umJ5h8j7n5MiF08e9XLETP0QoMB8GA1UdIwQY
MBaAFECLD+ZY65b7ULE19xu5Lye5LBOUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYt
NDBlZGFkZWVlODYwLzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lNTY1NGMtOWZlNy00NzkzLThhOGYtNDBlZGFkZWVlODYw
LzEvUUlzUDVsanJsdnRRc1RYM0c3a3ZKN2tzRTVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaI/X9bFe
nHFJ7oawxBjr+um3BCvMgWejjsfn2sBxF5GNlF8BWWHbdpq/OfOgOvmdNQaj0DQk
sCWQhxqiNsJMwAUIxC+G2NAUAA2AF/5Lw1KNdluu8BnUSe0XcfDfsoZM0UQkr+VN
XXkNs7o22So0Mw42XgPrCl0sriuKcYy1hhv6YWp6k4270nxg0hAlSpgNzgYWKJjp
Jg/tz8Qt90BzgYtyMOlI5l042946ghtFj2Yp+tPciyzOYYn+PwDqCoeUKVkq6LDh
O62jOGIFbWWrTtNlqRGJATiUXxRCKB3bi8RVsOkrxpJo6ged70DVXfq1mPZ7F9P4
/TJ1zXQxCMDnxA==
-----END CERTIFICATE-----