Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
File:                     yAH8mVpSGvH1Atnq8S1mIaZMr00.mft (raw, json)
Hash identifier:          cbmdRsZXITgx91l+i3z/CRHITxLI0sUGNOCuPcyiiJA=
Subject key identifier:   7C:3D:8B:76:7F:2F:BF:A1:12:E8:15:D0:14:2A:75:15:40:37:D2:FD
Authority key identifier: C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D
Certificate issuer:       /CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
Certificate serial:       018F8937F10F6D425A0F4545FBC7684B6D08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
Manifest number:          1175
Signing time:             Sat 18 May 2024 01:01:35 +0000
Manifest this update:     Sat 18 May 2024 01:01:35 +0000
Manifest next update:     Sun 19 May 2024 01:01:35 +0000
Files and hashes:         1: yAH8mVpSGvH1Atnq8S1mIaZMr00.crl (hash: BoCVdG+laFXcxO1oHgLU4xCYAnyF6ERcxWFlSJ7ecMg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:37:f1:0f:6d:42:5a:0f:45:45:fb:c7:68:4b:6d:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c801fc995a521af1f502d9eaf12d6621a64caf4d
        Validity
            Not Before: May 18 01:01:35 2024 GMT
            Not After : May 19 01:01:35 2024 GMT
        Subject: CN=7c3d8b767f2fbfa112e815d0142a75154037d2fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:57:db:56:d5:75:43:73:71:2d:b1:d7:bd:c1:
                    38:2f:70:7a:04:b2:63:10:b2:6c:61:3f:40:77:37:
                    5e:80:99:e6:05:15:3f:e9:cf:d2:28:55:e6:1d:4e:
                    d8:c7:63:c8:ff:8d:07:a1:9d:53:1c:5c:b2:69:16:
                    e3:63:3b:c2:e5:c8:dc:60:db:78:87:2e:6e:8d:a2:
                    ab:a6:d6:5c:5e:ac:aa:3c:ea:1e:7d:dc:32:cf:3c:
                    36:f6:a2:98:c2:25:ad:b1:94:b9:1f:66:6d:fd:ff:
                    14:f2:99:7a:8b:27:f1:82:58:8d:54:2a:3c:fe:79:
                    53:43:5d:d6:a8:96:98:d1:dc:54:10:0f:e1:0d:34:
                    0a:55:74:6b:ff:ba:73:2c:70:ae:4f:fc:b1:95:0e:
                    8f:b7:16:f1:06:ce:64:03:65:9c:96:ea:38:d7:52:
                    e1:8e:8d:38:73:8f:e1:48:39:b3:fb:5a:ab:3b:ee:
                    7b:b6:35:53:ed:43:24:3f:be:60:cc:83:74:81:2d:
                    3f:44:d6:92:0a:f2:a6:50:8e:bf:94:df:d7:65:2e:
                    99:3e:a0:93:61:d3:0f:07:cf:ec:07:94:eb:5a:d2:
                    1e:63:c2:f6:4a:c6:e1:d5:07:be:a5:e4:ab:cc:3d:
                    b2:a6:b8:be:53:dd:0a:ea:b6:8c:8f:7d:dc:94:22:
                    fa:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3D:8B:76:7F:2F:BF:A1:12:E8:15:D0:14:2A:75:15:40:37:D2:FD
            X509v3 Authority Key Identifier:
                keyid:C8:01:FC:99:5A:52:1A:F1:F5:02:D9:EA:F1:2D:66:21:A6:4C:AF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAH8mVpSGvH1Atnq8S1mIaZMr00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/b041b8-6b24-44f3-a748-72c0d509334d/1/yAH8mVpSGvH1Atnq8S1mIaZMr00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:32:f8:b3:c8:3a:50:81:d5:45:8d:b1:e5:1e:65:6e:ca:a7:
         2a:ae:02:b7:0a:35:c7:95:0c:17:c1:c5:37:52:2d:ce:70:db:
         e4:fc:be:6b:a2:aa:7e:e2:81:70:dd:af:7a:af:e7:78:d2:36:
         fc:7d:5b:e3:58:fc:34:62:f1:08:2f:42:ab:8d:5e:14:d1:7e:
         d5:7b:f8:38:90:62:6a:ce:80:00:80:f8:24:21:a3:fe:b5:29:
         35:8a:fc:c0:d4:24:e6:97:b0:63:14:e2:2d:d1:68:78:de:22:
         3b:c4:ed:12:20:56:69:1d:39:6b:21:d6:10:e6:d0:a2:f7:3d:
         73:35:87:22:5f:e5:4e:b7:f2:8c:e3:da:40:9a:10:dc:50:53:
         d9:67:2a:06:8c:dd:64:2f:78:22:a2:8a:79:54:af:84:42:1b:
         ef:71:15:72:b3:87:e4:8c:e7:01:31:89:a2:34:84:c1:ff:13:
         e4:07:3a:dc:75:d5:7e:99:52:99:bf:06:2f:42:24:ca:84:36:
         43:81:25:cb:83:86:1c:a8:f7:4d:fe:b6:a5:69:89:e3:05:64:
         23:2d:12:f3:1c:4a:02:9b:76:1f:3c:e9:4a:23:69:c8:b0:55:
         f4:ae:33:91:42:d3:64:2a:4d:dc:07:87:64:85:61:fc:d1:a7:
         7b:7d:1e:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JN/EPbUJaD0VF+8doS20IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDFmYzk5NWE1MjFhZjFmNTAyZDllYWYxMmQ2NjIxYTY0
Y2FmNGQwHhcNMjQwNTE4MDEwMTM1WhcNMjQwNTE5MDEwMTM1WjAzMTEwLwYDVQQD
Eyg3YzNkOGI3NjdmMmZiZmExMTJlODE1ZDAxNDJhNzUxNTQwMzdkMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVfbVtV1Q3NxLbHXvcE4L3B6BLJj
ELJsYT9AdzdegJnmBRU/6c/SKFXmHU7Yx2PI/40HoZ1THFyyaRbjYzvC5cjcYNt4
hy5ujaKrptZcXqyqPOoefdwyzzw29qKYwiWtsZS5H2Zt/f8U8pl6iyfxgliNVCo8
/nlTQ13WqJaY0dxUEA/hDTQKVXRr/7pzLHCuT/yxlQ6PtxbxBs5kA2Wcluo411Lh
jo04c4/hSDmz+1qrO+57tjVT7UMkP75gzIN0gS0/RNaSCvKmUI6/lN/XZS6ZPqCT
YdMPB8/sB5TrWtIeY8L2Ssbh1Qe+peSrzD2ypri+U90K6raMj33clCL6IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHw9i3Z/L7+hEugV0BQqdRVAN9L9MB8GA1UdIwQY
MBaAFMgB/JlaUhrx9QLZ6vEtZiGmTK9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgt
NzJjMGQ1MDkzMzRkLzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9iMDQxYjgtNmIyNC00NGYzLWE3NDgtNzJjMGQ1MDkzMzRk
LzEveUFIOG1WcFNHdkgxQXRucThTMW1JYVpNcjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhTL4s8g6
UIHVRY2x5R5lbsqnKq4Ctwo1x5UMF8HFN1ItznDb5Py+a6KqfuKBcN2veq/neNI2
/H1b41j8NGLxCC9Cq41eFNF+1Xv4OJBias6AAID4JCGj/rUpNYr8wNQk5pewYxTi
LdFoeN4iO8TtEiBWaR05ayHWEObQovc9czWHIl/lTrfyjOPaQJoQ3FBT2WcqBozd
ZC94IqKKeVSvhEIb73EVcrOH5IznATGJojSEwf8T5Ac63HXVfplSmb8GL0IkyoQ2
Q4Ely4OGHKj3Tf62pWmJ4wVkIy0S8xxKApt2HzzpSiNpyLBV9K4zkULTZCpN3AeH
ZIVh/NGne30ezw==
-----END CERTIFICATE-----