Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
File:                     o7HPJ-q7mfazXewahDm21lPc4zo.mft (raw, json)
Hash identifier:          ReLoReWb0YGhcv0FbxGrg7PWjKOYhd6qt5O6aFKwFHk=
Subject key identifier:   96:25:42:85:1D:F4:0C:BF:E7:C2:A9:72:BC:51:A2:A1:CD:78:F3:A1
Authority key identifier: A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A
Certificate issuer:       /CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
Certificate serial:       018F87B648571F80BF290696326E150E5556
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 18:00:21 +0000
Manifest this update:     Fri 17 May 2024 18:00:21 +0000
Manifest next update:     Sat 18 May 2024 18:00:21 +0000
Files and hashes:         1: o7HPJ-q7mfazXewahDm21lPc4zo.crl (hash: MLh10mUvWe1MQBmbDyS8QmFvLUFJ+9S7hhjYVfNHkME=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:48:57:1f:80:bf:29:06:96:32:6e:15:0e:55:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3b1cf27eabb99f6b35dec1a8439b6d653dce33a
        Validity
            Not Before: May 17 18:00:21 2024 GMT
            Not After : May 18 18:00:21 2024 GMT
        Subject: CN=962542851df40cbfe7c2a972bc51a2a1cd78f3a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:96:03:02:88:c7:74:ef:98:4b:4f:60:b9:18:
                    e8:9c:2f:79:91:3c:3b:4e:fe:50:9f:c5:29:fe:0b:
                    f4:6c:62:62:8d:22:67:f6:25:ef:30:ad:b4:29:06:
                    79:8e:90:67:38:93:c7:3b:92:8a:d8:4d:61:43:da:
                    00:fc:4a:53:77:2f:2c:3f:b5:79:bc:f4:55:2a:6e:
                    09:10:49:90:9a:f3:9d:f7:fd:4b:2b:d6:5d:1f:ac:
                    dd:59:d6:47:0f:e1:91:10:43:56:26:18:3e:85:76:
                    39:f8:a0:f5:88:50:a5:62:a7:ce:06:56:8b:55:36:
                    39:17:db:63:49:cb:05:3b:8a:d5:de:7a:89:f1:e8:
                    cc:f1:1c:3c:ee:1c:50:10:2f:05:d6:44:4e:10:0f:
                    30:67:ad:b3:d2:84:d8:8b:3e:a7:8a:48:fd:bd:5b:
                    ec:11:f6:f2:ce:a8:52:f2:87:a4:5a:ba:bb:6d:5f:
                    cc:09:64:a8:10:d8:b6:6d:62:e1:64:23:ac:e2:b5:
                    c2:30:f7:8c:4b:6d:3b:95:1b:42:2f:c8:76:1c:8a:
                    8d:4a:ac:1f:34:aa:e5:eb:0f:eb:a5:00:fb:a6:54:
                    6d:30:9f:ac:2c:1a:14:64:75:e7:ce:c1:8c:c2:34:
                    78:18:e9:7f:41:d4:64:7e:b2:81:62:59:40:62:b9:
                    ce:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:25:42:85:1D:F4:0C:BF:E7:C2:A9:72:BC:51:A2:A1:CD:78:F3:A1
            X509v3 Authority Key Identifier:
                keyid:A3:B1:CF:27:EA:BB:99:F6:B3:5D:EC:1A:84:39:B6:D6:53:DC:E3:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o7HPJ-q7mfazXewahDm21lPc4zo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/416742-7dd6-4101-8c18-05786bfd6857/1/o7HPJ-q7mfazXewahDm21lPc4zo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:70:d4:aa:95:3a:3d:d3:26:10:5d:63:73:8c:90:5c:ea:3c:
         cd:be:40:09:25:f0:a1:2e:e8:2b:9f:db:3d:82:a9:93:de:e3:
         74:a9:19:4e:24:c3:50:b7:c4:44:52:c5:99:f2:32:eb:36:57:
         1c:ae:62:7a:23:c7:dd:08:82:86:c6:17:cd:14:70:8a:aa:0d:
         f4:c0:5c:4e:10:3a:c1:47:a3:b2:73:16:12:83:2c:59:ba:56:
         ba:9e:62:c1:9f:aa:0a:e6:bf:b0:ec:f3:fb:c3:5b:92:5e:0c:
         36:5b:37:4e:a1:f3:b5:1d:1e:5c:65:16:6f:51:63:3f:33:d2:
         0a:87:bd:08:f5:c7:3a:24:a8:7d:31:73:40:f4:af:de:ec:03:
         66:61:24:66:49:2f:e7:81:72:c1:0c:10:11:77:c9:68:17:da:
         04:fb:d0:be:8d:5a:ef:3e:0f:b5:db:37:1f:59:01:c5:0f:06:
         f9:d4:9b:be:5a:3d:a0:0b:8d:2d:06:ca:8b:4b:67:dc:be:dd:
         86:bc:41:e4:87:92:42:ff:db:f0:c6:f6:73:4f:e9:a5:e4:03:
         e6:70:31:6a:c0:41:5a:ff:23:d6:eb:e4:da:90:ba:83:ff:16:
         71:12:39:5d:20:c3:8f:81:f9:48:60:d2:11:b6:99:46:57:e9:
         06:83:7e:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtkhXH4C/KQaWMm4VDlVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYjFjZjI3ZWFiYjk5ZjZiMzVkZWMxYTg0MzliNmQ2NTNk
Y2UzM2EwHhcNMjQwNTE3MTgwMDIxWhcNMjQwNTE4MTgwMDIxWjAzMTEwLwYDVQQD
Eyg5NjI1NDI4NTFkZjQwY2JmZTdjMmE5NzJiYzUxYTJhMWNkNzhmM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZYDAojHdO+YS09guRjonC95kTw7
Tv5Qn8Up/gv0bGJijSJn9iXvMK20KQZ5jpBnOJPHO5KK2E1hQ9oA/EpTdy8sP7V5
vPRVKm4JEEmQmvOd9/1LK9ZdH6zdWdZHD+GREENWJhg+hXY5+KD1iFClYqfOBlaL
VTY5F9tjScsFO4rV3nqJ8ejM8Rw87hxQEC8F1kROEA8wZ62z0oTYiz6nikj9vVvs
EfbyzqhS8oekWrq7bV/MCWSoENi2bWLhZCOs4rXCMPeMS207lRtCL8h2HIqNSqwf
NKrl6w/rpQD7plRtMJ+sLBoUZHXnzsGMwjR4GOl/QdRkfrKBYllAYrnOAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJYlQoUd9Ay/58KpcrxRoqHNePOhMB8GA1UdIwQY
MBaAFKOxzyfqu5n2s13sGoQ5ttZT3OM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgt
MDU3ODZiZmQ2ODU3LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTY3NDItN2RkNi00MTAxLThjMTgtMDU3ODZiZmQ2ODU3
LzEvbzdIUEotcTdtZmF6WGV3YWhEbTIxbFBjNHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHXDUqpU6
PdMmEF1jc4yQXOo8zb5ACSXwoS7oK5/bPYKpk97jdKkZTiTDULfERFLFmfIy6zZX
HK5ieiPH3QiChsYXzRRwiqoN9MBcThA6wUejsnMWEoMsWbpWup5iwZ+qCua/sOzz
+8Nbkl4MNls3TqHztR0eXGUWb1FjPzPSCoe9CPXHOiSofTFzQPSv3uwDZmEkZkkv
54FywQwQEXfJaBfaBPvQvo1a7z4Ptds3H1kBxQ8G+dSbvlo9oAuNLQbKi0tn3L7d
hrxB5IeSQv/b8Mb2c0/ppeQD5nAxasBBWv8j1uvk2pC6g/8WcRI5XSDDj4H5SGDS
EbaZRlfpBoN+bQ==
-----END CERTIFICATE-----