Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
File:                     _VnTVh_4rdtfGww2o90laLdMpRU.mft (raw, json)
Hash identifier:          oen/kus8fY75Zd8D+QsZe9QSkCveTosFeQKIvEjA9Zk=
Subject key identifier:   F8:4E:29:31:D0:4A:96:1C:EA:E5:1D:06:07:8C:3F:AA:3D:BD:82:51
Authority key identifier: FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15
Certificate issuer:       /CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
Certificate serial:       018F87ED4A7808405DF7FB5537F5919D3699
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
Manifest number:          065B
Signing time:             Fri 17 May 2024 19:00:26 +0000
Manifest this update:     Fri 17 May 2024 19:00:26 +0000
Manifest next update:     Sat 18 May 2024 19:00:26 +0000
Files and hashes:         1: _VnTVh_4rdtfGww2o90laLdMpRU.crl (hash: kAXK8hYDNEPndpoObpSCSfDHUK6UZ+rG4aabsH/h0Sc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:4a:78:08:40:5d:f7:fb:55:37:f5:91:9d:36:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd59d3561ff8addb5f1b0c36a3dd2568b74ca515
        Validity
            Not Before: May 17 19:00:26 2024 GMT
            Not After : May 18 19:00:26 2024 GMT
        Subject: CN=f84e2931d04a961ceae51d06078c3faa3dbd8251
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:98:52:69:84:3b:a6:1f:33:a5:45:4a:93:da:
                    1e:b3:c5:75:9a:5a:37:75:0d:a8:3f:75:e0:a6:db:
                    d4:f6:20:5a:fb:18:91:03:f8:35:76:19:e5:43:69:
                    c2:d2:e3:eb:ff:17:e5:c6:3c:c9:63:14:3d:bd:2e:
                    6d:ff:b1:aa:e3:8d:48:1f:a0:8d:f6:80:67:c0:9f:
                    bd:33:b2:d5:01:89:df:a7:94:df:5e:5e:fb:47:f8:
                    ed:39:77:98:5d:3c:59:ce:67:a0:98:cc:39:36:8c:
                    b9:53:49:7d:31:f3:9b:8d:dd:38:25:de:41:45:1f:
                    c6:00:39:2e:32:d8:a6:aa:a1:f0:2b:ce:1e:9e:87:
                    57:0b:7b:43:99:96:fc:54:04:36:d8:4d:c8:3b:20:
                    f0:c6:93:31:8d:28:11:57:8d:83:39:d7:12:f0:0c:
                    56:14:ce:2a:7a:c7:99:fe:fa:61:5f:0b:70:74:47:
                    0f:8e:a0:ac:64:c8:27:54:a3:3e:53:48:54:52:47:
                    98:ba:84:16:22:6a:a2:dd:c2:37:3f:0d:07:26:18:
                    62:83:74:89:a8:e4:7f:ba:c5:36:82:04:e6:e7:0f:
                    c8:c8:e9:36:b5:7a:a1:fa:a4:54:ee:53:84:38:a5:
                    0a:f1:b4:e4:cf:00:09:97:95:9d:8b:cd:13:99:f1:
                    aa:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:4E:29:31:D0:4A:96:1C:EA:E5:1D:06:07:8C:3F:AA:3D:BD:82:51
            X509v3 Authority Key Identifier:
                keyid:FD:59:D3:56:1F:F8:AD:DB:5F:1B:0C:36:A3:DD:25:68:B7:4C:A5:15

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_VnTVh_4rdtfGww2o90laLdMpRU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/af2b36-6e8b-4601-b074-d612a21ebeae/1/_VnTVh_4rdtfGww2o90laLdMpRU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         69:cc:06:1b:5d:7f:c2:f3:7d:45:9b:01:34:82:bb:70:f0:b2:
         d4:9d:01:87:1e:c5:df:27:11:13:0f:96:b1:3b:76:2a:5b:09:
         34:bc:0c:32:42:5b:ce:53:99:6e:6a:91:d0:c3:74:8d:96:51:
         fd:db:5c:f2:20:37:c7:9b:16:fb:80:e8:cb:45:af:c3:ce:a7:
         6d:60:4c:1a:8d:fe:a8:36:b8:4b:78:52:be:0f:0e:f3:c3:02:
         46:c6:ea:91:16:e2:c5:b0:69:51:da:c3:39:0f:f0:c8:3f:66:
         04:a5:2d:d7:bf:67:97:d7:d3:0d:9e:63:3f:1d:bb:d3:9c:5f:
         c1:bd:42:46:90:3d:87:e0:14:c5:15:4a:89:9a:d3:57:ba:23:
         44:dd:09:82:fa:1d:a1:35:73:65:f8:53:12:72:65:fb:05:91:
         78:84:40:15:b5:be:44:7e:2b:94:35:84:8a:51:7e:2e:80:33:
         b4:32:78:84:df:07:b8:e9:5a:50:ea:e4:bb:23:5c:ea:e2:71:
         29:45:e0:f3:6f:b9:0c:3c:64:00:16:ae:2e:02:06:ce:3f:b6:
         5f:0d:39:a1:c3:22:58:b2:d0:96:e1:37:3a:a2:3d:b6:81:d5:
         f6:b6:de:b1:c5:8e:a0:d1:cf:c0:eb:19:22:2a:2b:28:63:47:
         c5:cc:58:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7Up4CEBd9/tVN/WRnTaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNTlkMzU2MWZmOGFkZGI1ZjFiMGMzNmEzZGQyNTY4Yjc0
Y2E1MTUwHhcNMjQwNTE3MTkwMDI2WhcNMjQwNTE4MTkwMDI2WjAzMTEwLwYDVQQD
EyhmODRlMjkzMWQwNGE5NjFjZWFlNTFkMDYwNzhjM2ZhYTNkYmQ4MjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJhSaYQ7ph8zpUVKk9oes8V1mlo3
dQ2oP3XgptvU9iBa+xiRA/g1dhnlQ2nC0uPr/xflxjzJYxQ9vS5t/7Gq441IH6CN
9oBnwJ+9M7LVAYnfp5TfXl77R/jtOXeYXTxZzmegmMw5Noy5U0l9MfObjd04Jd5B
RR/GADkuMtimqqHwK84enodXC3tDmZb8VAQ22E3IOyDwxpMxjSgRV42DOdcS8AxW
FM4qeseZ/vphXwtwdEcPjqCsZMgnVKM+U0hUUkeYuoQWImqi3cI3Pw0HJhhig3SJ
qOR/usU2ggTm5w/IyOk2tXqh+qRU7lOEOKUK8bTkzwAJl5Wdi80TmfGq2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPhOKTHQSpYc6uUdBgeMP6o9vYJRMB8GA1UdIwQY
MBaAFP1Z01Yf+K3bXxsMNqPdJWi3TKUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQt
ZDYxMmEyMWViZWFlLzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9hZjJiMzYtNmU4Yi00NjAxLWIwNzQtZDYxMmEyMWViZWFl
LzEvX1ZuVFZoXzRyZHRmR3d3Mm85MGxhTGRNcFJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacwGG11/
wvN9RZsBNIK7cPCy1J0Bhx7F3ycREw+WsTt2KlsJNLwMMkJbzlOZbmqR0MN0jZZR
/dtc8iA3x5sW+4Doy0Wvw86nbWBMGo3+qDa4S3hSvg8O88MCRsbqkRbixbBpUdrD
OQ/wyD9mBKUt179nl9fTDZ5jPx2705xfwb1CRpA9h+AUxRVKiZrTV7ojRN0Jgvod
oTVzZfhTEnJl+wWReIRAFbW+RH4rlDWEilF+LoAztDJ4hN8HuOlaUOrkuyNc6uJx
KUXg82+5DDxkABauLgIGzj+2Xw05ocMiWLLQluE3OqI9toHV9rbescWOoNHPwOsZ
IiorKGNHxcxYwQ==
-----END CERTIFICATE-----