Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
File:                     bxfKsp3wkGVUwRzpqynGDR56Z1w.mft (raw, json)
Hash identifier:          4AcSfQa2htTvm4K31vuer9a5wIwTtb392QL7OMJWgJM=
Subject key identifier:   16:D3:2D:9B:88:9F:E2:20:3C:3B:22:7B:AF:18:BB:DB:6E:CF:F1:4D
Authority key identifier: 6F:17:CA:B2:9D:F0:90:65:54:C1:1C:E9:AB:29:C6:0D:1E:7A:67:5C
Certificate issuer:       /CN=6f17cab29df0906554c11ce9ab29c60d1e7a675c
Certificate serial:       018F87ED385F8B3AC0EAE9594169975D33A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
Manifest number:          4F
Signing time:             Fri 17 May 2024 19:00:21 +0000
Manifest this update:     Fri 17 May 2024 19:00:21 +0000
Manifest next update:     Sat 18 May 2024 19:00:21 +0000
Files and hashes:         1: bxfKsp3wkGVUwRzpqynGDR56Z1w.crl (hash: Wz6pRUa/GLGATv5yDkKWZwdXyracRdHPL3vQXTeMaUE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:38:5f:8b:3a:c0:ea:e9:59:41:69:97:5d:33:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6f17cab29df0906554c11ce9ab29c60d1e7a675c
        Validity
            Not Before: May 17 19:00:21 2024 GMT
            Not After : May 18 19:00:21 2024 GMT
        Subject: CN=16d32d9b889fe2203c3b227baf18bbdb6ecff14d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d9:68:5d:6a:35:c2:0d:cd:2f:5a:d9:79:82:
                    cc:3b:45:a0:7a:83:ac:d4:03:e7:20:ea:6e:ef:97:
                    57:a7:d2:b6:5e:98:54:96:6f:0d:28:8e:8f:84:7c:
                    0f:92:87:95:d7:09:75:9e:fd:73:9a:d1:e4:64:f9:
                    79:a3:40:24:2e:ed:f7:dc:ef:77:79:d6:d5:f8:32:
                    0b:8f:0c:d5:f9:b3:ce:df:5c:b8:7c:06:ea:cd:e6:
                    d3:8f:41:23:a6:d3:11:84:c4:d0:20:5d:41:67:da:
                    52:35:0c:e6:ce:f2:5a:f0:ca:5d:3c:8f:a6:38:20:
                    5c:9b:45:d1:e6:50:82:da:2e:bb:d5:bd:95:de:2e:
                    e6:91:ca:8b:a1:93:de:cf:9f:5d:7e:e7:0d:30:02:
                    7b:26:c4:5f:12:96:ff:e2:dc:20:83:fe:92:ba:ed:
                    5a:55:39:ba:14:a8:0d:e5:60:63:8a:e9:5c:a0:a1:
                    8f:04:77:76:0f:f7:62:cb:17:1b:60:3d:6c:f6:0b:
                    d6:30:72:d1:6a:27:81:97:36:98:9b:f9:cf:7f:8f:
                    e2:d3:99:40:bb:e8:bd:45:5f:e3:c1:59:67:43:df:
                    cb:f2:ba:68:ad:c3:6a:80:c6:f2:09:14:8d:1e:27:
                    8c:8e:fa:4d:4d:67:ef:bd:2a:1d:49:38:75:c9:c6:
                    1b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:D3:2D:9B:88:9F:E2:20:3C:3B:22:7B:AF:18:BB:DB:6E:CF:F1:4D
            X509v3 Authority Key Identifier:
                keyid:6F:17:CA:B2:9D:F0:90:65:54:C1:1C:E9:AB:29:C6:0D:1E:7A:67:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bxfKsp3wkGVUwRzpqynGDR56Z1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/56/3113e1-4230-4380-971e-6782a73c2b47/1/bxfKsp3wkGVUwRzpqynGDR56Z1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:fd:0c:12:8a:e9:fb:df:ee:b4:cd:5d:c0:fc:a3:20:28:2f:
         19:14:2f:32:1e:4a:a6:44:af:16:c4:93:88:d4:56:43:d9:3a:
         ad:4b:ad:55:9e:0d:15:5a:20:20:1e:23:97:69:62:a9:7a:3e:
         e5:f0:d1:f9:d3:cb:12:59:7e:1a:0e:34:6a:da:8b:49:9a:63:
         c5:98:22:c2:cf:99:2d:6c:03:54:1b:4b:d8:1b:f6:03:0a:ad:
         18:58:9f:bc:99:4c:00:58:4d:49:d1:20:14:13:35:c4:f3:8b:
         28:ae:1f:f4:fd:1c:d8:8b:96:78:13:70:9d:d8:92:56:db:5f:
         6f:f8:bd:d3:1a:6c:63:ee:31:9f:1e:a1:c0:1f:14:f6:9e:1d:
         5c:c6:7f:9f:bc:d3:4e:7a:c6:e7:7c:c7:82:57:32:e9:8a:ae:
         42:98:f6:19:ae:9f:d6:cf:b7:1a:e4:d8:87:ba:cd:25:95:29:
         25:3f:dd:93:97:66:39:3a:2c:d3:b1:27:96:9e:55:e7:f9:38:
         1e:27:53:1f:a2:b8:2a:94:50:1a:a3:cb:57:00:f9:cb:8e:e0:
         39:35:2c:79:5b:93:5f:3a:87:8c:cb:e6:23:42:46:b7:d6:4a:
         02:69:7c:1f:03:d1:bc:9b:ef:a3:65:29:3f:da:45:72:1e:b9:
         17:98:65:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7ThfizrA6ulZQWmXXTOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMTdjYWIyOWRmMDkwNjU1NGMxMWNlOWFiMjljNjBkMWU3
YTY3NWMwHhcNMjQwNTE3MTkwMDIxWhcNMjQwNTE4MTkwMDIxWjAzMTEwLwYDVQQD
EygxNmQzMmQ5Yjg4OWZlMjIwM2MzYjIyN2JhZjE4YmJkYjZlY2ZmMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9loXWo1wg3NL1rZeYLMO0WgeoOs
1APnIOpu75dXp9K2XphUlm8NKI6PhHwPkoeV1wl1nv1zmtHkZPl5o0AkLu333O93
edbV+DILjwzV+bPO31y4fAbqzebTj0EjptMRhMTQIF1BZ9pSNQzmzvJa8MpdPI+m
OCBcm0XR5lCC2i671b2V3i7mkcqLoZPez59dfucNMAJ7JsRfEpb/4twgg/6Suu1a
VTm6FKgN5WBjiulcoKGPBHd2D/diyxcbYD1s9gvWMHLRaieBlzaYm/nPf4/i05lA
u+i9RV/jwVlnQ9/L8rporcNqgMbyCRSNHieMjvpNTWfvvSodSTh1ycYbxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbTLZuIn+IgPDsie68Yu9tuz/FNMB8GA1UdIwQY
MBaAFG8XyrKd8JBlVMEc6aspxg0eemdcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8zMTEzZTEtNDIzMC00MzgwLTk3MWUt
Njc4MmE3M2MyYjQ3LzEvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8zMTEzZTEtNDIzMC00MzgwLTk3MWUtNjc4MmE3M2MyYjQ3
LzEvYnhmS3NwM3drR1ZVd1J6cHF5bkdEUjU2WjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh/0MEorp
+9/utM1dwPyjICgvGRQvMh5KpkSvFsSTiNRWQ9k6rUutVZ4NFVogIB4jl2liqXo+
5fDR+dPLEll+Gg40atqLSZpjxZgiws+ZLWwDVBtL2Bv2AwqtGFifvJlMAFhNSdEg
FBM1xPOLKK4f9P0c2IuWeBNwndiSVttfb/i90xpsY+4xnx6hwB8U9p4dXMZ/n7zT
TnrG53zHglcy6YquQpj2Ga6f1s+3GuTYh7rNJZUpJT/dk5dmOTos07Enlp5V5/k4
HidTH6K4KpRQGqPLVwD5y47gOTUseVuTXzqHjMvmI0JGt9ZKAml8HwPRvJvvo2Up
P9pFch65F5hlWQ==
-----END CERTIFICATE-----