Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
File:                     pkLcUMWwgtCc5unHvqeug3EHPvI.mft (raw, json)
Hash identifier:          2Ss7cgu6N2ZKiYotZ/ujGyTU0QAuluL8vnGA63VpErg=
Subject key identifier:   17:D1:2B:00:86:7A:BB:6B:33:34:A7:32:47:D3:30:B7:FC:89:5C:B5
Authority key identifier: A6:42:DC:50:C5:B0:82:D0:9C:E6:E9:C7:BE:A7:AE:83:71:07:3E:F2
Certificate issuer:       /CN=a642dc50c5b082d09ce6e9c7bea7ae8371073ef2
Certificate serial:       018F87492C92602D0B828A64BF452AE95C8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
Manifest number:          1176
Signing time:             Fri 17 May 2024 16:01:10 +0000
Manifest this update:     Fri 17 May 2024 16:01:10 +0000
Manifest next update:     Sat 18 May 2024 16:01:10 +0000
Files and hashes:         1: pkLcUMWwgtCc5unHvqeug3EHPvI.crl (hash: JUccnEcZRa8iw8VcfFaQDowysg0dG+7v1lIMDmNvqaQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:2c:92:60:2d:0b:82:8a:64:bf:45:2a:e9:5c:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a642dc50c5b082d09ce6e9c7bea7ae8371073ef2
        Validity
            Not Before: May 17 16:01:10 2024 GMT
            Not After : May 18 16:01:10 2024 GMT
        Subject: CN=17d12b00867abb6b3334a73247d330b7fc895cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:71:fd:4f:a3:22:53:2c:26:b7:3d:30:dd:a0:
                    8b:cd:af:0a:bf:e7:54:c9:8e:f1:74:b7:32:c2:5e:
                    a7:96:04:0c:24:53:86:ba:27:fd:b5:f8:6a:1e:40:
                    e7:fd:49:71:69:7d:4c:61:90:2a:5f:5c:fe:fd:d2:
                    44:a7:73:52:e0:4f:46:e4:5f:a6:22:19:40:c2:52:
                    0d:3b:46:41:d1:f1:3a:bb:0f:b8:a3:a1:2e:3c:31:
                    2e:0b:a0:98:5c:03:1d:c0:c6:a9:cb:59:77:b6:a3:
                    a3:d9:bf:5f:f1:87:e0:bc:68:e2:05:07:5b:65:48:
                    80:bb:c5:a1:77:20:65:cd:98:9d:dc:a2:0c:de:74:
                    72:c4:33:ba:86:1d:eb:d8:55:d9:c4:c1:70:58:61:
                    7c:9c:78:d4:e8:f0:de:6d:c5:d4:f4:8b:92:46:b8:
                    d0:6e:44:15:10:cc:70:03:19:32:0e:47:41:91:74:
                    4b:d2:7a:6e:ec:f5:28:ce:18:5a:e8:01:65:0b:11:
                    6c:dc:9b:6c:8b:71:54:ab:aa:04:f8:b4:ef:8f:03:
                    1e:15:59:1b:a2:c1:eb:de:ae:45:ae:39:f7:37:f9:
                    e8:3b:65:c6:71:ac:78:ce:61:4e:7b:53:86:86:7c:
                    2c:89:97:f5:d2:d7:cc:29:5f:a0:9b:36:8f:fd:a5:
                    4d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:D1:2B:00:86:7A:BB:6B:33:34:A7:32:47:D3:30:B7:FC:89:5C:B5
            X509v3 Authority Key Identifier:
                keyid:A6:42:DC:50:C5:B0:82:D0:9C:E6:E9:C7:BE:A7:AE:83:71:07:3E:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkLcUMWwgtCc5unHvqeug3EHPvI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6b2d86-7f7e-487b-9180-2ed8d28599da/1/pkLcUMWwgtCc5unHvqeug3EHPvI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:61:35:0b:f8:c7:15:33:e6:d2:c2:eb:12:2b:2b:2e:d3:eb:
         51:56:22:d1:06:ab:94:41:62:00:a8:2d:58:db:98:a6:7b:94:
         d7:ba:64:64:45:40:4d:6d:50:82:b1:3e:c5:d6:90:d6:bb:56:
         d8:c8:13:e8:b3:9a:22:d0:61:01:db:ce:f3:c8:e3:ce:1f:a8:
         99:41:58:d9:4e:11:a3:81:a4:7a:cd:15:f0:59:2a:34:24:58:
         ad:74:dc:e8:7b:86:29:df:7b:92:1b:41:a4:a2:ab:d3:7d:95:
         6d:60:5d:c7:99:a0:d2:a3:d8:fb:40:72:af:7f:c0:a2:6a:68:
         aa:d6:ee:cc:7a:55:db:0c:dd:67:c0:33:12:af:0e:44:ba:b7:
         13:ac:0e:08:d7:68:1c:7b:40:8a:c5:72:c4:2a:8d:c4:9c:5a:
         98:a7:32:f6:a6:41:71:68:2d:8f:1a:f7:9c:29:11:da:9f:a4:
         36:53:cd:51:ed:e5:d5:ca:10:b8:ab:95:99:cc:20:7f:ae:2f:
         a5:92:14:a7:de:23:c0:be:a7:ee:ab:1d:1e:a0:4e:a4:e2:ee:
         8f:23:d8:c9:39:b5:18:7c:87:36:91:eb:00:4e:99:b1:9c:7c:
         1e:68:50:1e:f3:3d:63:71:ef:bb:b1:91:22:77:08:f7:ef:1a:
         73:df:ec:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSSySYC0Lgopkv0Uq6VyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDJkYzUwYzViMDgyZDA5Y2U2ZTljN2JlYTdhZTgzNzEw
NzNlZjIwHhcNMjQwNTE3MTYwMTEwWhcNMjQwNTE4MTYwMTEwWjAzMTEwLwYDVQQD
EygxN2QxMmIwMDg2N2FiYjZiMzMzNGE3MzI0N2QzMzBiN2ZjODk1Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3H9T6MiUywmtz0w3aCLza8Kv+dU
yY7xdLcywl6nlgQMJFOGuif9tfhqHkDn/UlxaX1MYZAqX1z+/dJEp3NS4E9G5F+m
IhlAwlINO0ZB0fE6uw+4o6EuPDEuC6CYXAMdwMapy1l3tqOj2b9f8YfgvGjiBQdb
ZUiAu8WhdyBlzZid3KIM3nRyxDO6hh3r2FXZxMFwWGF8nHjU6PDebcXU9IuSRrjQ
bkQVEMxwAxkyDkdBkXRL0npu7PUozhha6AFlCxFs3Jtsi3FUq6oE+LTvjwMeFVkb
osHr3q5Frjn3N/noO2XGcax4zmFOe1OGhnwsiZf10tfMKV+gmzaP/aVNewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBfRKwCGertrMzSnMkfTMLf8iVy1MB8GA1UdIwQY
MBaAFKZC3FDFsILQnObpx76nroNxBz7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi82YjJkODYtN2Y3ZS00ODdiLTkxODAt
MmVkOGQyODU5OWRhLzEvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi82YjJkODYtN2Y3ZS00ODdiLTkxODAtMmVkOGQyODU5OWRh
LzEvcGtMY1VNV3dndENjNXVuSHZxZXVnM0VIUHZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGE1C/jH
FTPm0sLrEisrLtPrUVYi0QarlEFiAKgtWNuYpnuU17pkZEVATW1QgrE+xdaQ1rtW
2MgT6LOaItBhAdvO88jjzh+omUFY2U4Ro4Gkes0V8FkqNCRYrXTc6HuGKd97khtB
pKKr032VbWBdx5mg0qPY+0Byr3/AompoqtbuzHpV2wzdZ8AzEq8ORLq3E6wOCNdo
HHtAisVyxCqNxJxamKcy9qZBcWgtjxr3nCkR2p+kNlPNUe3l1coQuKuVmcwgf64v
pZIUp94jwL6n7qsdHqBOpOLujyPYyTm1GHyHNpHrAE6ZsZx8HmhQHvM9Y3Hvu7GR
IncI9+8ac9/sdw==
-----END CERTIFICATE-----