Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
File:                     Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft (raw, json)
Hash identifier:          1j4Xyn7bk8DjmFiUoKDHx0SaH+Es/Z+a80kxVtHnKGM=
Subject key identifier:   55:C8:6A:96:B0:D5:2E:18:3F:95:96:22:F6:A9:94:BD:6B:39:59:CB
Authority key identifier: 5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D
Certificate issuer:       /CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
Certificate serial:       018F87ED84309014859D7F930540687E78EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
Manifest number:          0F87
Signing time:             Fri 17 May 2024 19:00:40 +0000
Manifest this update:     Fri 17 May 2024 19:00:40 +0000
Manifest next update:     Sat 18 May 2024 19:00:40 +0000
Files and hashes:         1: Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl (hash: tEXL5ri1jwWVhZStNmrvDfvJxBfjHfU181Is7MkLYX8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:84:30:90:14:85:9d:7f:93:05:40:68:7e:78:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5ea8790a08c8e0d84588d94d1a51bca9abe7581d
        Validity
            Not Before: May 17 19:00:40 2024 GMT
            Not After : May 18 19:00:40 2024 GMT
        Subject: CN=55c86a96b0d52e183f959622f6a994bd6b3959cb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:25:0b:88:bf:ff:02:2b:1b:35:b9:c6:53:fe:
                    e3:ea:f9:b1:a5:6f:28:1c:a2:7c:b3:6f:73:35:98:
                    9e:ef:f6:93:11:b4:dc:7e:11:e9:b9:86:84:f0:f7:
                    ad:06:8e:82:3f:04:93:da:15:5b:45:81:4a:81:db:
                    e5:24:05:75:47:a7:4a:96:b0:43:b8:8f:5c:ae:f1:
                    bd:94:d9:37:79:a4:db:21:2e:a9:de:6d:6c:8c:bf:
                    d3:c9:c8:85:86:e7:1a:9d:76:f8:7e:81:a4:e3:2a:
                    0f:96:d6:7a:65:e7:c1:5d:28:76:23:aa:6c:b5:ef:
                    1e:9e:71:ec:d4:0f:e8:5d:4c:a3:cf:43:86:88:f8:
                    e3:39:c6:2a:32:77:11:f6:1d:71:df:97:67:20:f5:
                    b3:ff:d7:bc:19:13:35:a3:00:05:18:9f:a8:a0:76:
                    74:87:e4:a8:f4:74:29:c0:d6:69:44:67:5a:57:19:
                    38:11:e5:87:51:96:db:6f:6d:37:aa:16:f1:e5:14:
                    32:97:ca:27:7f:43:0e:62:57:b9:ff:7a:fc:30:2c:
                    ab:3e:c7:f2:e9:df:c4:28:9d:6f:8f:06:f4:71:1c:
                    51:e9:23:a7:ab:cb:4b:ce:af:35:56:bd:79:90:05:
                    ed:2a:cc:11:fb:2c:d1:76:ce:2f:54:df:a9:68:d3:
                    1a:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:C8:6A:96:B0:D5:2E:18:3F:95:96:22:F6:A9:94:BD:6B:39:59:CB
            X509v3 Authority Key Identifier:
                keyid:5E:A8:79:0A:08:C8:E0:D8:45:88:D9:4D:1A:51:BC:A9:AB:E7:58:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xqh5CgjI4NhFiNlNGlG8qavnWB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/c06a23-0163-47a5-8608-30c0a111cd55/1/Xqh5CgjI4NhFiNlNGlG8qavnWB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:06:3b:c9:f0:64:ca:d5:eb:26:67:ba:55:b7:42:7c:a7:78:
         d9:f1:d9:97:dc:c0:ed:42:2c:bd:29:f1:df:b6:e9:19:e8:9e:
         b2:a4:54:2e:43:25:cf:77:50:6f:6c:6d:86:1f:bc:bb:54:2e:
         d8:9a:09:57:ce:c1:25:3d:d0:e5:a0:7a:12:c1:83:64:23:eb:
         f9:77:40:d8:9f:bb:c6:23:f3:e8:ce:aa:45:c6:84:63:c4:e8:
         60:e4:21:9c:e6:65:0f:af:6f:89:1c:2f:30:65:1c:f6:2b:7d:
         29:c8:79:48:9a:d9:9e:f3:8c:db:d9:ef:cc:20:8f:98:99:3b:
         74:63:ea:8f:d3:2a:3a:fb:07:0e:30:f0:f8:94:fb:13:76:70:
         43:42:c4:44:b2:46:d8:89:61:77:79:f3:e7:29:5c:f8:49:4d:
         d6:a6:89:26:c1:da:8a:fa:a3:ec:86:84:21:bf:1c:fd:6b:76:
         c8:d2:d9:50:40:7e:e9:9f:b6:21:15:a6:c4:36:19:bf:fc:be:
         c0:75:5a:e8:57:c0:4f:44:9c:da:72:a5:aa:19:2d:2f:40:61:
         18:1d:30:51:61:97:34:fc:af:c2:af:54:a0:c8:e2:e4:93:76:
         aa:41:9f:d2:66:91:0b:22:f4:90:3c:a0:b5:37:b2:b6:3b:15:
         e6:27:66:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7YQwkBSFnX+TBUBofnjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYTg3OTBhMDhjOGUwZDg0NTg4ZDk0ZDFhNTFiY2E5YWJl
NzU4MWQwHhcNMjQwNTE3MTkwMDQwWhcNMjQwNTE4MTkwMDQwWjAzMTEwLwYDVQQD
Eyg1NWM4NmE5NmIwZDUyZTE4M2Y5NTk2MjJmNmE5OTRiZDZiMzk1OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyULiL//AisbNbnGU/7j6vmxpW8o
HKJ8s29zNZie7/aTEbTcfhHpuYaE8PetBo6CPwST2hVbRYFKgdvlJAV1R6dKlrBD
uI9crvG9lNk3eaTbIS6p3m1sjL/TyciFhucanXb4foGk4yoPltZ6ZefBXSh2I6ps
te8ennHs1A/oXUyjz0OGiPjjOcYqMncR9h1x35dnIPWz/9e8GRM1owAFGJ+ooHZ0
h+So9HQpwNZpRGdaVxk4EeWHUZbbb203qhbx5RQyl8onf0MOYle5/3r8MCyrPsfy
6d/EKJ1vjwb0cRxR6SOnq8tLzq81Vr15kAXtKswR+yzRds4vVN+paNMa0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXIapaw1S4YP5WWIvaplL1rOVnLMB8GA1UdIwQY
MBaAFF6oeQoIyODYRYjZTRpRvKmr51gdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgt
MzBjMGExMTFjZDU1LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9jMDZhMjMtMDE2My00N2E1LTg2MDgtMzBjMGExMTFjZDU1
LzEvWHFoNUNnakk0TmhGaU5sTkdsRzhxYXZuV0IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACAY7yfBk
ytXrJme6VbdCfKd42fHZl9zA7UIsvSnx37bpGeiesqRULkMlz3dQb2xthh+8u1Qu
2JoJV87BJT3Q5aB6EsGDZCPr+XdA2J+7xiPz6M6qRcaEY8ToYOQhnOZlD69viRwv
MGUc9it9Kch5SJrZnvOM29nvzCCPmJk7dGPqj9MqOvsHDjDw+JT7E3ZwQ0LERLJG
2Ilhd3nz5ylc+ElN1qaJJsHaivqj7IaEIb8c/Wt2yNLZUEB+6Z+2IRWmxDYZv/y+
wHVa6FfAT0Sc2nKlqhktL0BhGB0wUWGXNPyvwq9UoMji5JN2qkGf0maRCyL0kDyg
tTeytjsV5idmrg==
-----END CERTIFICATE-----