Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
File:                     4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json)
Hash identifier:          cE1e2QecMYr9Kc4MMzY3VMKrBVFHRx+YfvCNzXmpaFA=
Subject key identifier:   E7:FF:8D:22:79:2A:83:EE:F0:F9:8A:17:E6:0E:C5:C5:2D:27:9E:4B
Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B
Certificate issuer:       /CN=e155b430dedda11310f6c87389e3208fc6529e9b
Certificate serial:       018F4FB63D7198F7102F22A94A9E7270B96B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
Manifest number:          0A84
Signing time:             Mon 06 May 2024 21:01:34 +0000
Manifest this update:     Mon 06 May 2024 21:01:34 +0000
Manifest next update:     Tue 07 May 2024 21:01:34 +0000
Files and hashes:         1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: s1NCBSVeS6RJjsypQLfmIoVFrwHfOI/RVwkITTTLh7k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4f:b6:3d:71:98:f7:10:2f:22:a9:4a:9e:72:70:b9:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b
        Validity
            Not Before: May  6 21:01:34 2024 GMT
            Not After : May  7 21:01:34 2024 GMT
        Subject: CN=e7ff8d22792a83eef0f98a17e60ec5c52d279e4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a3:3b:10:a1:3a:04:61:97:46:4a:67:d3:4a:
                    81:c7:d4:df:b2:59:d5:64:f9:19:2a:54:18:8d:0d:
                    36:90:66:75:84:39:c4:99:d3:95:0c:3e:63:80:7a:
                    6a:10:83:2e:c2:5f:28:34:fe:b6:22:79:73:a5:b5:
                    e6:2f:d1:39:66:5e:22:d8:b8:f4:43:a3:f1:be:d3:
                    ec:f1:d8:39:73:20:15:f9:2b:23:4f:bd:90:5b:84:
                    fa:76:ea:c0:27:63:7b:6a:76:81:c1:4f:12:3e:dc:
                    63:32:e5:a7:30:90:42:1b:f7:14:aa:2b:bc:1e:ad:
                    15:68:11:d6:bd:61:96:c7:d3:de:97:f3:8c:2e:fb:
                    8b:03:5f:54:8b:79:b1:76:57:6f:e6:ce:7c:ff:90:
                    ff:17:e2:bc:d8:bb:10:3d:7a:56:15:d1:bb:2d:ab:
                    63:41:e7:1a:f5:d9:3e:44:74:84:cd:15:e6:db:ad:
                    3f:ed:38:77:d3:50:81:81:53:19:a0:1b:32:68:71:
                    5f:dd:eb:d6:8d:47:06:3a:8e:6f:52:c7:ea:8e:1f:
                    84:a2:fb:72:a8:c6:6f:d7:fd:7f:89:0a:06:11:08:
                    a9:81:7c:82:40:08:89:ad:b3:81:35:93:c3:75:55:
                    66:da:d5:93:70:0d:ec:5f:28:ad:ef:3e:8b:00:7c:
                    9e:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:FF:8D:22:79:2A:83:EE:F0:F9:8A:17:E6:0E:C5:C5:2D:27:9E:4B
            X509v3 Authority Key Identifier:
                keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:b3:38:15:87:64:12:23:7c:15:eb:99:00:69:e2:67:3a:ab:
         c0:b8:e6:00:8a:3d:a8:ee:c1:1a:b5:ae:95:54:bc:13:09:c5:
         c0:ae:1b:c0:c0:42:32:6f:7d:a3:ed:c3:b5:6f:e7:07:69:37:
         2e:ac:d7:e0:e9:fb:f2:84:b1:28:74:0b:b0:b2:53:22:b5:31:
         60:e2:75:0a:9d:03:e1:06:d3:8a:30:68:37:2c:90:51:33:cd:
         81:9d:b7:7e:cd:a0:61:8a:23:a9:6c:c2:8c:1f:a8:3a:0f:db:
         96:7c:83:31:68:18:47:5d:40:35:7c:66:7f:b1:9d:74:d8:a4:
         46:d6:0c:71:c1:1f:43:21:e2:95:4d:23:58:bf:e1:29:87:56:
         09:ef:fc:ca:35:0a:72:5e:d0:2e:65:e2:37:5b:8e:31:f2:9f:
         de:e0:7b:a5:c1:9c:e8:04:7c:43:f8:bf:ba:5a:37:47:11:5b:
         21:09:dc:8c:27:d1:7f:b6:ba:b7:ac:0b:37:95:68:f8:7a:f5:
         d9:d9:6a:ad:a4:72:37:c6:19:23:99:b4:9f:29:1d:e5:2f:c4:
         9b:d4:8e:93:53:7c:b8:8c:df:8e:a1:12:38:a3:64:09:61:82:
         32:1d:60:e1:e3:f9:bf:9d:91:0f:4f:e5:9a:5a:1d:6b:7d:58:
         70:0e:75:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Ptj1xmPcQLyKpSp5ycLlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1
MjllOWIwHhcNMjQwNTA2MjEwMTM0WhcNMjQwNTA3MjEwMTM0WjAzMTEwLwYDVQQD
EyhlN2ZmOGQyMjc5MmE4M2VlZjBmOThhMTdlNjBlYzVjNTJkMjc5ZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6M7EKE6BGGXRkpn00qBx9TfslnV
ZPkZKlQYjQ02kGZ1hDnEmdOVDD5jgHpqEIMuwl8oNP62InlzpbXmL9E5Zl4i2Lj0
Q6PxvtPs8dg5cyAV+SsjT72QW4T6durAJ2N7anaBwU8SPtxjMuWnMJBCG/cUqiu8
Hq0VaBHWvWGWx9Pel/OMLvuLA19Ui3mxdldv5s58/5D/F+K82LsQPXpWFdG7Latj
Qeca9dk+RHSEzRXm260/7Th301CBgVMZoBsyaHFf3evWjUcGOo5vUsfqjh+Eovty
qMZv1/1/iQoGEQipgXyCQAiJrbOBNZPDdVVm2tWTcA3sXyit7z6LAHyebwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOf/jSJ5KoPu8PmKF+YOxcUtJ55LMB8GA1UdIwQY
MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt
MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk
LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLM4FYdk
EiN8FeuZAGniZzqrwLjmAIo9qO7BGrWulVS8EwnFwK4bwMBCMm99o+3DtW/nB2k3
LqzX4On78oSxKHQLsLJTIrUxYOJ1Cp0D4QbTijBoNyyQUTPNgZ23fs2gYYojqWzC
jB+oOg/blnyDMWgYR11ANXxmf7GddNikRtYMccEfQyHilU0jWL/hKYdWCe/8yjUK
cl7QLmXiN1uOMfKf3uB7pcGc6AR8Q/i/ulo3RxFbIQncjCfRf7a6t6wLN5Vo+Hr1
2dlqraRyN8YZI5m0nykd5S/Em9SOk1N8uIzfjqESOKNkCWGCMh1g4eP5v52RD0/l
mloda31YcA51MQ==
-----END CERTIFICATE-----