Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
File:                     G2t-l-0j1mqR-4qRv9nGdxEpsas.mft (raw, json)
Hash identifier:          yYQF18D3kzihdcvxLa7tAcKWmlXrO5WhfimiG/0V0J0=
Subject key identifier:   6A:B5:B6:4B:E9:DD:76:F6:0F:33:3D:72:C3:A8:1B:22:52:A0:D9:3D
Authority key identifier: 1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB
Certificate issuer:       /CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
Certificate serial:       018F460E58B165CFAA325364CB3F6F7BEE28
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
Manifest number:          0A4F
Signing time:             Sun 05 May 2024 00:01:36 +0000
Manifest this update:     Sun 05 May 2024 00:01:36 +0000
Manifest next update:     Mon 06 May 2024 00:01:36 +0000
Files and hashes:         1: G2t-l-0j1mqR-4qRv9nGdxEpsas.crl (hash: QcRnsFZ8yhbUtBv7AqnSNpmpih3p0eXdGP5AkJ2GAuQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 20:58:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:46:0e:58:b1:65:cf:aa:32:53:64:cb:3f:6f:7b:ee:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b6b7e97ed23d66a91fb8a91bfd9c6771129b1ab
        Validity
            Not Before: May  5 00:01:36 2024 GMT
            Not After : May  6 00:01:36 2024 GMT
        Subject: CN=6ab5b64be9dd76f60f333d72c3a81b2252a0d93d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:12:ba:a2:81:98:8b:3c:cb:3d:71:a4:af:2c:
                    1e:05:7e:e0:09:ef:7d:d3:2f:e9:93:3f:05:a8:97:
                    c5:4b:06:d6:cb:47:bd:45:d9:8d:2a:9f:db:68:5a:
                    5e:1a:0d:f8:1a:84:9b:f8:02:3c:d3:2a:12:9b:68:
                    b6:03:3a:3f:8c:cf:68:32:11:90:11:cd:9a:ae:4a:
                    4e:46:27:b9:88:2a:13:ff:26:5b:92:03:68:6b:02:
                    c9:b1:2f:1f:2c:9a:8d:fe:fa:1c:cf:7f:da:cc:d7:
                    1f:8f:cc:7b:b2:0b:bd:c4:e9:a8:69:43:22:1a:b7:
                    30:4f:6b:2d:fb:42:8f:0e:67:02:af:ef:1f:40:56:
                    d1:a3:cd:72:ed:8e:04:a6:d7:bc:86:84:34:36:9a:
                    51:7a:a6:2e:a7:34:a5:c8:5e:fc:c1:7d:a2:ff:af:
                    fa:9d:5c:8c:60:c5:96:af:74:6c:d2:7d:f4:23:b4:
                    8a:a4:c1:7e:86:af:ae:38:27:79:ee:87:ae:5a:b5:
                    c2:b1:30:b7:f9:74:4b:fd:a2:99:d9:01:ab:1a:f5:
                    5f:61:95:02:3c:53:67:d6:c7:18:fc:e8:08:19:05:
                    76:28:cd:56:5a:d2:0e:7b:5d:aa:83:61:fc:79:27:
                    53:08:40:39:f3:b6:e6:19:53:df:cc:eb:fc:64:c0:
                    e1:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:B5:B6:4B:E9:DD:76:F6:0F:33:3D:72:C3:A8:1B:22:52:A0:D9:3D
            X509v3 Authority Key Identifier:
                keyid:1B:6B:7E:97:ED:23:D6:6A:91:FB:8A:91:BF:D9:C6:77:11:29:B1:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2t-l-0j1mqR-4qRv9nGdxEpsas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/bb0e00-a24d-4935-8c07-1361550cb3d5/1/G2t-l-0j1mqR-4qRv9nGdxEpsas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         24:3b:8f:ac:29:c6:03:c3:61:ff:a7:53:77:14:63:f3:f9:6c:
         6a:5e:ad:ef:72:9e:9d:0e:c9:39:c8:51:81:bb:2b:a4:2f:01:
         46:64:3d:b9:04:f3:f0:d9:2c:c4:6f:20:be:d4:a1:5e:6d:78:
         73:05:14:64:9d:91:49:2f:2e:eb:b1:4f:de:92:14:05:89:53:
         5e:a6:52:e7:29:a0:a5:68:6e:f4:c2:d4:6e:dd:6b:1a:3e:dc:
         aa:d8:31:b1:b3:25:26:b1:57:16:54:ce:cc:32:36:0f:0f:4b:
         da:fd:15:43:b8:50:24:2d:fd:5a:e9:85:36:c5:4b:0a:88:bd:
         b5:60:f4:b3:0b:54:2c:e7:93:e2:ef:da:fd:7f:41:65:ae:12:
         9e:b1:5c:8a:84:99:f1:aa:5d:24:c9:5f:c0:dd:6e:39:b1:79:
         e0:24:70:c3:6c:7d:e8:90:84:e3:41:39:f9:c2:d4:dc:7d:54:
         c8:e9:13:07:65:51:70:57:12:7e:e0:bf:3c:09:4a:2e:43:e3:
         1d:40:21:83:54:79:29:f8:b3:ad:44:a6:64:c8:f0:82:17:2a:
         07:f9:5d:32:8e:1a:7e:a4:ae:02:be:7a:35:5d:73:1a:2d:31:
         d8:fa:52:95:a3:bf:70:12:29:53:2e:d2:d1:7d:ae:b0:d2:4c:
         57:c5:c5:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9GDlixZc+qMlNkyz9ve+4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmI3ZTk3ZWQyM2Q2NmE5MWZiOGE5MWJmZDljNjc3MTEy
OWIxYWIwHhcNMjQwNTA1MDAwMTM2WhcNMjQwNTA2MDAwMTM2WjAzMTEwLwYDVQQD
Eyg2YWI1YjY0YmU5ZGQ3NmY2MGYzMzNkNzJjM2E4MWIyMjUyYTBkOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxK6ooGYizzLPXGkryweBX7gCe99
0y/pkz8FqJfFSwbWy0e9RdmNKp/baFpeGg34GoSb+AI80yoSm2i2Azo/jM9oMhGQ
Ec2arkpORie5iCoT/yZbkgNoawLJsS8fLJqN/vocz3/azNcfj8x7sgu9xOmoaUMi
GrcwT2st+0KPDmcCr+8fQFbRo81y7Y4Epte8hoQ0NppReqYupzSlyF78wX2i/6/6
nVyMYMWWr3Rs0n30I7SKpMF+hq+uOCd57oeuWrXCsTC3+XRL/aKZ2QGrGvVfYZUC
PFNn1scY/OgIGQV2KM1WWtIOe12qg2H8eSdTCEA587bmGVPfzOv8ZMDhjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGq1tkvp3Xb2DzM9csOoGyJSoNk9MB8GA1UdIwQY
MBaAFBtrfpftI9ZqkfuKkb/ZxncRKbGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDct
MTM2MTU1MGNiM2Q1LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9iYjBlMDAtYTI0ZC00OTM1LThjMDctMTM2MTU1MGNiM2Q1
LzEvRzJ0LWwtMGoxbXFSLTRxUnY5bkdkeEVwc2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDuPrCnG
A8Nh/6dTdxRj8/lsal6t73KenQ7JOchRgbsrpC8BRmQ9uQTz8NksxG8gvtShXm14
cwUUZJ2RSS8u67FP3pIUBYlTXqZS5ymgpWhu9MLUbt1rGj7cqtgxsbMlJrFXFlTO
zDI2Dw9L2v0VQ7hQJC39WumFNsVLCoi9tWD0swtULOeT4u/a/X9BZa4SnrFcioSZ
8apdJMlfwN1uObF54CRww2x96JCE40E5+cLU3H1UyOkTB2VRcFcSfuC/PAlKLkPj
HUAhg1R5KfizrUSmZMjwghcqB/ldMo4afqSuAr56NV1zGi0x2PpSlaO/cBIpUy7S
0X2usNJMV8XFGA==
-----END CERTIFICATE-----