Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
File:                     vPI0wEREFriFL7NHh4rTdtCBjWQ.mft (raw, json)
Hash identifier:          u4uuZi3wlt/DLZ1/QJ/hO6yXOJSyVS2v44YllHIn3Xg=
Subject key identifier:   33:AA:43:E3:67:6E:32:46:D2:DB:05:95:09:DD:4D:DB:82:77:4F:64
Authority key identifier: BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64
Certificate issuer:       /CN=bcf234c0444416b8852fb347878ad376d0818d64
Certificate serial:       018F86A4088A63304F3D164736D7C80C567E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
Manifest number:          0502
Signing time:             Fri 17 May 2024 13:00:48 +0000
Manifest this update:     Fri 17 May 2024 13:00:48 +0000
Manifest next update:     Sat 18 May 2024 13:00:48 +0000
Files and hashes:         1: vPI0wEREFriFL7NHh4rTdtCBjWQ.crl (hash: h5rDqa+bM0jGfLKo77MSu5kqEBtWvv21cx6IjJcuaO4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a4:08:8a:63:30:4f:3d:16:47:36:d7:c8:0c:56:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf234c0444416b8852fb347878ad376d0818d64
        Validity
            Not Before: May 17 13:00:48 2024 GMT
            Not After : May 18 13:00:48 2024 GMT
        Subject: CN=33aa43e3676e3246d2db059509dd4ddb82774f64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:61:e0:f8:48:02:07:27:a6:ac:9a:81:bb:d6:
                    21:ee:c4:0b:95:9f:e8:06:2c:57:62:bd:c0:32:04:
                    33:f5:2f:bb:a4:52:ab:72:97:4f:fa:cb:7d:e4:32:
                    3c:98:b8:ae:79:83:f8:97:f0:fb:a7:e2:55:d1:b4:
                    b5:3e:bb:1b:d5:e0:50:78:d9:10:05:05:d1:76:d5:
                    eb:d8:0f:c6:ae:1b:e6:c1:96:1d:d6:b8:66:7f:6a:
                    98:25:73:d4:dd:0a:46:86:43:48:2a:1d:f9:76:11:
                    a1:99:2d:be:7c:51:a6:34:d4:e2:95:61:53:b5:61:
                    49:8a:7c:88:5f:06:25:1b:4a:56:5e:07:6b:f6:46:
                    f3:60:26:c6:c4:ff:1a:06:a6:dd:e2:cf:1a:4b:a7:
                    38:b5:35:9b:1e:90:a3:b3:5f:69:d8:ab:cc:5a:e5:
                    90:ce:fe:50:4d:81:c3:c1:3d:3d:7e:11:dc:6f:64:
                    32:21:55:5e:41:7a:8c:9a:b1:14:aa:71:cf:13:8c:
                    32:3a:90:d8:d1:70:be:36:c3:a7:ab:ef:af:a4:6d:
                    97:11:dc:75:0b:24:f6:91:19:e7:a6:51:7f:ec:97:
                    75:f2:a3:c0:2c:af:f2:e8:4d:c1:5a:40:42:08:1a:
                    e5:23:4b:ce:fa:95:15:36:d7:d9:25:9b:f0:3e:c4:
                    a1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:AA:43:E3:67:6E:32:46:D2:DB:05:95:09:DD:4D:DB:82:77:4F:64
            X509v3 Authority Key Identifier:
                keyid:BC:F2:34:C0:44:44:16:B8:85:2F:B3:47:87:8A:D3:76:D0:81:8D:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPI0wEREFriFL7NHh4rTdtCBjWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/bb7a7a-303f-4234-82a1-9aca7bd8ec0f/1/vPI0wEREFriFL7NHh4rTdtCBjWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:01:6f:4f:1d:a3:0b:62:b4:85:e0:6f:e4:e8:e8:da:e4:53:
         f8:06:8a:99:a5:b7:57:75:d9:ae:de:32:8c:d9:51:d4:8b:15:
         34:75:da:bd:37:50:3b:b2:17:d5:18:a6:d9:b4:bf:39:e2:ea:
         35:7d:f9:37:bf:17:8c:19:68:6d:c4:01:22:7e:c5:70:cf:e5:
         0b:e1:ab:6f:ba:67:44:01:08:ac:ef:18:bf:2b:a5:be:74:88:
         a9:ab:0d:90:50:6c:e3:8d:bf:b5:08:5c:36:20:6d:e7:e8:14:
         9a:e6:7f:1b:1a:80:14:d4:cf:24:41:2a:46:77:7c:15:7e:f2:
         58:90:7e:4f:38:c5:fd:93:d4:ae:a6:c9:14:38:f1:26:e5:64:
         ea:1a:ff:e9:d2:50:31:d5:3b:d5:c0:4c:42:42:42:80:f6:02:
         e1:8a:81:50:56:d3:9b:4b:f7:e6:b2:e5:00:c1:06:8f:c8:70:
         e8:1c:42:8f:64:db:62:72:10:22:5d:19:cd:30:7b:0a:ca:38:
         e0:1b:d2:63:6e:82:c0:80:4c:94:57:3b:67:be:a7:0f:de:10:
         17:70:86:3c:ba:01:39:90:21:d4:cd:4d:25:cd:30:09:10:61:
         9f:ac:89:d5:26:50:c7:26:3e:64:4c:5a:e8:fa:7a:43:07:df:
         94:d5:b4:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+GpAiKYzBPPRZHNtfIDFZ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjIzNGMwNDQ0NDE2Yjg4NTJmYjM0Nzg3OGFkMzc2ZDA4
MThkNjQwHhcNMjQwNTE3MTMwMDQ4WhcNMjQwNTE4MTMwMDQ4WjAzMTEwLwYDVQQD
EygzM2FhNDNlMzY3NmUzMjQ2ZDJkYjA1OTUwOWRkNGRkYjgyNzc0ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWHg+EgCByemrJqBu9Yh7sQLlZ/o
BixXYr3AMgQz9S+7pFKrcpdP+st95DI8mLiueYP4l/D7p+JV0bS1Prsb1eBQeNkQ
BQXRdtXr2A/GrhvmwZYd1rhmf2qYJXPU3QpGhkNIKh35dhGhmS2+fFGmNNTilWFT
tWFJinyIXwYlG0pWXgdr9kbzYCbGxP8aBqbd4s8aS6c4tTWbHpCjs19p2KvMWuWQ
zv5QTYHDwT09fhHcb2QyIVVeQXqMmrEUqnHPE4wyOpDY0XC+NsOnq++vpG2XEdx1
CyT2kRnnplF/7Jd18qPALK/y6E3BWkBCCBrlI0vO+pUVNtfZJZvwPsShiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDOqQ+NnbjJG0tsFlQndTduCd09kMB8GA1UdIwQY
MBaAFLzyNMBERBa4hS+zR4eK03bQgY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEt
OWFjYTdiZDhlYzBmLzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iYjdhN2EtMzAzZi00MjM0LTgyYTEtOWFjYTdiZDhlYzBm
LzEvdlBJMHdFUkVGcmlGTDdOSGg0clRkdENCaldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZwFvTx2j
C2K0heBv5Ojo2uRT+AaKmaW3V3XZrt4yjNlR1IsVNHXavTdQO7IX1Rim2bS/OeLq
NX35N78XjBlobcQBIn7FcM/lC+Grb7pnRAEIrO8YvyulvnSIqasNkFBs442/tQhc
NiBt5+gUmuZ/GxqAFNTPJEEqRnd8FX7yWJB+TzjF/ZPUrqbJFDjxJuVk6hr/6dJQ
MdU71cBMQkJCgPYC4YqBUFbTm0v35rLlAMEGj8hw6BxCj2TbYnIQIl0ZzTB7Cso4
4BvSY26CwIBMlFc7Z76nD94QF3CGPLoBOZAh1M1NJc0wCRBhn6yJ1SZQxyY+ZExa
6Pp6QwfflNW0Bw==
-----END CERTIFICATE-----