Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
File:                     zb7dtaniq1M0dBCLfIAPgTLxDiE.mft (raw, json)
Hash identifier:          S8DJfw76kD8LfrbAeH3W5Jbpf2M0rgEx6S2A5W4A/Zg=
Subject key identifier:   C2:31:C5:6A:B1:1D:54:7B:B0:67:F7:65:67:63:61:BD:A6:56:D8:34
Authority key identifier: CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21
Certificate issuer:       /CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
Certificate serial:       018F87B621D929AE701233DBD08B89AFA1F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
Manifest number:          1178
Signing time:             Fri 17 May 2024 18:00:11 +0000
Manifest this update:     Fri 17 May 2024 18:00:11 +0000
Manifest next update:     Sat 18 May 2024 18:00:11 +0000
Files and hashes:         1: zb7dtaniq1M0dBCLfIAPgTLxDiE.crl (hash: UeZ2sm3xOgI+5/gIeb9Rfo03q+yQOukTI64bGLIBoFI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:21:d9:29:ae:70:12:33:db:d0:8b:89:af:a1:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdbeddb5a9e2ab533474108b7c800f8132f10e21
        Validity
            Not Before: May 17 18:00:11 2024 GMT
            Not After : May 18 18:00:11 2024 GMT
        Subject: CN=c231c56ab11d547bb067f765676361bda656d834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4f:6b:52:a1:b2:8b:f5:cc:5b:d3:ef:e7:f9:
                    14:d0:d1:1e:55:ee:2f:c2:ec:5a:67:9f:03:89:52:
                    1d:f5:4c:a8:02:b3:e1:c2:29:3f:d8:84:9c:37:0b:
                    cd:00:45:74:d8:8b:55:52:1a:55:1a:19:d4:2d:30:
                    01:30:e2:7b:d4:9a:6b:c5:54:5f:eb:b2:0c:9a:8d:
                    90:f0:25:df:65:40:2d:5b:0a:63:fe:e5:14:f9:f4:
                    bc:00:52:87:78:9a:d0:b4:bc:19:2a:ae:1f:84:c6:
                    6e:9b:54:3a:a2:22:ef:9e:84:33:ee:9a:f9:be:16:
                    e4:fc:52:2d:fb:b3:0f:c2:ed:d5:ca:e9:8c:ec:1c:
                    79:5f:82:92:88:cb:1b:d1:4e:db:47:95:3f:82:c0:
                    7b:cf:c2:bf:c8:5f:23:ea:f5:9d:62:7b:af:87:9b:
                    46:d7:c9:88:27:9a:65:6e:e3:94:ab:d1:80:8e:f6:
                    d7:2f:d9:1c:b5:f5:a1:6b:4e:7b:a8:74:b6:f3:ca:
                    20:71:37:a1:89:b5:66:38:89:47:64:fe:9d:fe:29:
                    8e:de:07:71:fc:5e:49:41:b9:2b:14:ba:91:d2:de:
                    77:fd:bd:cc:b0:a4:44:08:69:11:c3:a2:11:db:9a:
                    5d:57:3e:03:d4:67:72:e2:57:64:9d:2a:b9:a6:39:
                    30:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:31:C5:6A:B1:1D:54:7B:B0:67:F7:65:67:63:61:BD:A6:56:D8:34
            X509v3 Authority Key Identifier:
                keyid:CD:BE:DD:B5:A9:E2:AB:53:34:74:10:8B:7C:80:0F:81:32:F1:0E:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zb7dtaniq1M0dBCLfIAPgTLxDiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a8fe73-8f95-49ba-861d-9e1433f93b4e/1/zb7dtaniq1M0dBCLfIAPgTLxDiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:91:98:b7:c2:e2:f4:d7:ac:80:2b:77:3a:30:b0:fb:3e:64:
         8b:b8:89:c0:0c:68:a7:d2:d4:dd:02:3f:f0:1f:65:86:0a:3c:
         dc:e7:4e:b5:1c:5b:54:c2:fb:28:db:5b:de:1c:99:3e:af:1d:
         4c:7c:06:44:cb:18:d7:57:60:99:b3:12:6e:f1:6c:9d:e1:81:
         1d:0c:85:ad:82:63:73:a0:31:3e:7b:51:2d:7e:ec:85:a7:7f:
         0b:8b:30:01:e3:f9:2c:06:db:cf:b0:8e:2c:b5:29:56:a2:53:
         bb:59:43:ca:73:ca:27:7a:f6:51:e2:2d:e8:11:95:22:e3:2b:
         1e:04:4e:91:56:24:a5:09:95:65:95:66:58:fb:8e:90:6c:73:
         85:d7:33:0a:a5:11:de:f6:cc:ad:b8:38:0f:7e:37:e1:e5:79:
         24:e4:5b:4c:2f:92:0e:3a:25:f5:9f:9a:72:fb:96:fe:ba:05:
         d7:37:dc:8e:31:4f:ad:a9:70:d0:71:70:bf:95:d3:d8:21:f4:
         7f:8c:52:3d:de:88:ca:e7:26:ea:8f:31:b7:3d:1f:2d:90:35:
         0d:de:63:16:31:9f:fc:bf:fe:4c:2c:78:a9:4c:1e:5f:96:b5:
         d4:df:a8:6c:42:88:a0:00:f0:01:4e:78:df:aa:c6:40:34:dd:
         70:d0:55:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtiHZKa5wEjPb0IuJr6H5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmVkZGI1YTllMmFiNTMzNDc0MTA4YjdjODAwZjgxMzJm
MTBlMjEwHhcNMjQwNTE3MTgwMDExWhcNMjQwNTE4MTgwMDExWjAzMTEwLwYDVQQD
EyhjMjMxYzU2YWIxMWQ1NDdiYjA2N2Y3NjU2NzYzNjFiZGE2NTZkODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt09rUqGyi/XMW9Pv5/kU0NEeVe4v
wuxaZ58DiVId9UyoArPhwik/2IScNwvNAEV02ItVUhpVGhnULTABMOJ71JprxVRf
67IMmo2Q8CXfZUAtWwpj/uUU+fS8AFKHeJrQtLwZKq4fhMZum1Q6oiLvnoQz7pr5
vhbk/FIt+7MPwu3VyumM7Bx5X4KSiMsb0U7bR5U/gsB7z8K/yF8j6vWdYnuvh5tG
18mIJ5plbuOUq9GAjvbXL9kctfWha057qHS288ogcTehibVmOIlHZP6d/imO3gdx
/F5JQbkrFLqR0t53/b3MsKRECGkRw6IR25pdVz4D1Gdy4ldknSq5pjkwewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIxxWqxHVR7sGf3ZWdjYb2mVtg0MB8GA1UdIwQY
MBaAFM2+3bWp4qtTNHQQi3yAD4Ey8Q4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQt
OWUxNDMzZjkzYjRlLzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9hOGZlNzMtOGY5NS00OWJhLTg2MWQtOWUxNDMzZjkzYjRl
LzEvemI3ZHRhbmlxMU0wZEJDTGZJQVBnVEx4RGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALJGYt8Li
9NesgCt3OjCw+z5ki7iJwAxop9LU3QI/8B9lhgo83OdOtRxbVML7KNtb3hyZPq8d
THwGRMsY11dgmbMSbvFsneGBHQyFrYJjc6AxPntRLX7shad/C4swAeP5LAbbz7CO
LLUpVqJTu1lDynPKJ3r2UeIt6BGVIuMrHgROkVYkpQmVZZVmWPuOkGxzhdczCqUR
3vbMrbg4D3434eV5JORbTC+SDjol9Z+acvuW/roF1zfcjjFPralw0HFwv5XT2CH0
f4xSPd6Iyucm6o8xtz0fLZA1Dd5jFjGf/L/+TCx4qUweX5a11N+obEKIoADwAU54
36rGQDTdcNBV/w==
-----END CERTIFICATE-----