Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
File:                     Gvq72Ih6kieJRewu74JDoSlq33g.mft (raw, json)
Hash identifier:          NW9GqjWsJ+IdvR2sT9kADB3uOjzee2dlFtmyidbudXk=
Subject key identifier:   6D:63:15:87:6C:99:9A:8B:6C:77:C0:C1:9C:8B:DC:F6:72:34:2D:E4
Authority key identifier: 1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78
Certificate issuer:       /CN=1afabbd8887a92278945ec2eef8243a1296adf78
Certificate serial:       018F4B6BCA36DFF7FDC7A94152C5066818D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
Manifest number:          1156
Signing time:             Mon 06 May 2024 01:01:46 +0000
Manifest this update:     Mon 06 May 2024 01:01:46 +0000
Manifest next update:     Tue 07 May 2024 01:01:46 +0000
Files and hashes:         1: Gvq72Ih6kieJRewu74JDoSlq33g.crl (hash: IEdBGkYOQKG2PMZo/sKCnULcqWEfYOxN6SFXmgLS9bA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 01:01:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4b:6b:ca:36:df:f7:fd:c7:a9:41:52:c5:06:68:18:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1afabbd8887a92278945ec2eef8243a1296adf78
        Validity
            Not Before: May  6 01:01:46 2024 GMT
            Not After : May  7 01:01:46 2024 GMT
        Subject: CN=6d6315876c999a8b6c77c0c19c8bdcf672342de4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:42:8b:d8:b7:73:46:54:61:a1:11:1a:79:d7:
                    97:1d:e9:6d:22:41:3c:55:2d:9a:41:56:c7:92:f2:
                    8e:a6:e6:35:08:7b:0d:7b:83:3a:b0:55:25:61:e7:
                    bf:5c:20:d8:78:b1:d6:68:17:c7:b6:09:86:83:df:
                    bd:76:b0:0f:c5:85:94:22:3e:46:6c:fa:1c:95:99:
                    78:a5:e6:58:30:e5:66:c0:a2:21:57:e3:63:09:e0:
                    4c:cc:cb:4b:92:3c:a1:c2:f4:c1:20:ea:79:4e:fd:
                    ca:3d:ec:25:be:8b:2d:93:34:b2:f3:07:6b:ee:38:
                    a2:aa:7b:a3:3e:14:a2:73:4b:60:1b:62:8f:ad:ef:
                    5f:95:66:62:c6:b8:a8:1a:60:a7:41:d7:6f:6f:8b:
                    31:9c:30:65:83:c9:d2:f3:fe:46:b3:0b:0a:b9:fe:
                    fe:f3:52:a7:84:c9:d6:d4:e0:3b:1b:a9:f9:c1:89:
                    9a:5b:84:44:5a:1c:c7:da:2a:cb:03:db:f5:f7:c0:
                    ae:e7:dd:a9:9d:3a:b2:aa:1e:cd:d9:c4:bd:45:f0:
                    cd:59:e5:52:d2:bb:5b:9b:47:58:05:80:b6:30:95:
                    2e:42:64:71:a2:2e:02:56:b0:9a:5a:fd:b7:0f:26:
                    e8:55:a5:da:0a:4f:fc:2e:61:7e:25:dd:75:b6:dd:
                    cb:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:63:15:87:6C:99:9A:8B:6C:77:C0:C1:9C:8B:DC:F6:72:34:2D:E4
            X509v3 Authority Key Identifier:
                keyid:1A:FA:BB:D8:88:7A:92:27:89:45:EC:2E:EF:82:43:A1:29:6A:DF:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gvq72Ih6kieJRewu74JDoSlq33g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/df7a4c-2548-40dd-900e-516065b6cfa5/1/Gvq72Ih6kieJRewu74JDoSlq33g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3d:09:6a:c7:f3:ac:d2:ca:f9:78:dc:a3:a7:bd:a0:c6:cd:f5:
         51:07:17:63:fd:fc:e4:20:e5:ca:8d:70:7f:19:62:6b:3e:90:
         49:be:60:83:34:87:c9:90:32:5f:78:14:bd:16:d3:a7:71:b8:
         e0:b2:16:24:1c:8c:52:4f:16:37:c1:e8:2d:2f:38:e7:eb:08:
         35:40:63:d5:28:7d:97:1f:cf:8e:f6:35:d8:e9:3e:ac:0c:40:
         a7:cd:e8:7e:03:f5:4e:ed:8b:de:74:d9:dc:10:33:37:c9:6d:
         2b:aa:c5:c4:2c:a3:fb:e0:cf:e3:09:84:f9:e5:c4:0e:2b:57:
         c8:05:4e:9e:aa:b2:b6:6c:4c:27:93:de:c4:a1:09:0c:1c:e8:
         5a:b3:7b:b0:7f:40:b4:c2:6a:d4:48:c2:89:0c:33:de:cc:b2:
         82:ac:36:b5:ea:68:99:2c:99:97:72:73:56:20:94:c6:d2:00:
         b8:0b:65:34:12:0a:6c:5c:11:5f:69:14:14:94:43:0a:09:7c:
         98:a4:07:6e:bd:3c:77:2e:34:35:d0:03:f2:f4:4c:bd:92:55:
         54:06:2d:f8:3a:c5:8e:79:78:4d:76:3b:7c:64:48:5e:41:b8:
         04:33:ee:c6:d4:a1:a6:06:15:07:82:0d:d9:5a:7d:a8:4e:8a:
         f1:32:5b:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9La8o23/f9x6lBUsUGaBjXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmFiYmQ4ODg3YTkyMjc4OTQ1ZWMyZWVmODI0M2ExMjk2
YWRmNzgwHhcNMjQwNTA2MDEwMTQ2WhcNMjQwNTA3MDEwMTQ2WjAzMTEwLwYDVQQD
Eyg2ZDYzMTU4NzZjOTk5YThiNmM3N2MwYzE5YzhiZGNmNjcyMzQyZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0KL2LdzRlRhoREaedeXHeltIkE8
VS2aQVbHkvKOpuY1CHsNe4M6sFUlYee/XCDYeLHWaBfHtgmGg9+9drAPxYWUIj5G
bPoclZl4peZYMOVmwKIhV+NjCeBMzMtLkjyhwvTBIOp5Tv3KPewlvostkzSy8wdr
7jiiqnujPhSic0tgG2KPre9flWZixrioGmCnQddvb4sxnDBlg8nS8/5GswsKuf7+
81KnhMnW1OA7G6n5wYmaW4REWhzH2irLA9v198Cu592pnTqyqh7N2cS9RfDNWeVS
0rtbm0dYBYC2MJUuQmRxoi4CVrCaWv23DyboVaXaCk/8LmF+Jd11tt3LwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1jFYdsmZqLbHfAwZyL3PZyNC3kMB8GA1UdIwQY
MBaAFBr6u9iIepIniUXsLu+CQ6Epat94MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUt
NTE2MDY1YjZjZmE1LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kZjdhNGMtMjU0OC00MGRkLTkwMGUtNTE2MDY1YjZjZmE1
LzEvR3ZxNzJJaDZraWVKUmV3dTc0SkRvU2xxMzNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPQlqx/Os
0sr5eNyjp72gxs31UQcXY/385CDlyo1wfxliaz6QSb5ggzSHyZAyX3gUvRbTp3G4
4LIWJByMUk8WN8HoLS845+sINUBj1Sh9lx/PjvY12Ok+rAxAp83ofgP1Tu2L3nTZ
3BAzN8ltK6rFxCyj++DP4wmE+eXEDitXyAVOnqqytmxMJ5PexKEJDBzoWrN7sH9A
tMJq1EjCiQwz3syygqw2tepomSyZl3JzViCUxtIAuAtlNBIKbFwRX2kUFJRDCgl8
mKQHbr08dy40NdAD8vRMvZJVVAYt+DrFjnl4TXY7fGRIXkG4BDPuxtShpgYVB4IN
2Vp9qE6K8TJbcA==
-----END CERTIFICATE-----