Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
File:                     9QtjTgs8aefagY27mc3jjqhJj3E.mft (raw, json)
Hash identifier:          3hssppT5L869+1iLXa1tH0VTjUQKBYq1+hzY0tXh8iw=
Subject key identifier:   F7:A0:92:3E:25:76:C9:55:B1:F6:99:AC:F4:6F:DF:C2:6D:42:E4:F6
Authority key identifier: F5:0B:63:4E:0B:3C:69:E7:DA:81:8D:BB:99:CD:E3:8E:A8:49:8F:71
Certificate issuer:       /CN=f50b634e0b3c69e7da818dbb99cde38ea8498f71
Certificate serial:       018F362CD8F5B884D5363101825488D74365
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
Manifest number:          0646
Signing time:             Wed 01 May 2024 22:00:59 +0000
Manifest this update:     Wed 01 May 2024 22:00:59 +0000
Manifest next update:     Thu 02 May 2024 22:00:59 +0000
Files and hashes:         1: 9QtjTgs8aefagY27mc3jjqhJj3E.crl (hash: 5f4kEZPltG3rgI8jaHOsxbqMbS65mk9y3Eb7JN+bXLg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 14:46:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:36:2c:d8:f5:b8:84:d5:36:31:01:82:54:88:d7:43:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f50b634e0b3c69e7da818dbb99cde38ea8498f71
        Validity
            Not Before: May  1 22:00:59 2024 GMT
            Not After : May  2 22:00:59 2024 GMT
        Subject: CN=f7a0923e2576c955b1f699acf46fdfc26d42e4f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:02:aa:0e:99:a5:7a:7b:b1:88:64:90:6c:44:
                    f8:71:db:46:46:52:74:80:ca:45:c3:bf:53:f3:72:
                    bd:39:0c:7e:fd:9f:30:b6:59:e6:33:b0:de:b0:16:
                    3c:36:18:9e:74:6b:8e:5b:08:f9:57:2c:84:9b:2d:
                    24:09:90:94:34:ae:18:ac:a0:13:ad:84:5a:8a:2b:
                    03:72:35:14:21:73:12:30:4d:f8:c0:d9:c3:c2:53:
                    71:69:96:3a:a3:eb:60:76:91:4e:b0:35:a9:c3:5b:
                    77:73:ea:79:b5:2b:80:06:ed:83:a4:b5:dd:b1:3e:
                    15:13:32:33:11:bd:89:b3:2c:de:8d:ea:0c:8e:84:
                    07:96:d9:2a:81:b7:f4:e4:a2:4f:f7:b5:1b:63:0c:
                    eb:9a:94:7f:b0:33:f4:04:4b:12:96:22:98:a0:9e:
                    25:f0:36:47:13:49:0c:4d:42:cc:06:91:e6:c4:81:
                    26:cb:a6:a4:7a:4d:5d:f8:c9:f5:ad:3b:0a:f5:09:
                    c1:87:6b:4f:ad:4f:2c:e3:3a:b1:6d:e4:4b:3c:fc:
                    d0:7f:2e:ba:43:66:7b:99:eb:68:89:73:ff:9b:1f:
                    05:a8:47:9f:b0:cc:0d:05:a4:9a:9a:f3:68:a0:3c:
                    5f:b8:09:52:9d:c7:00:a0:ff:e4:63:5d:dc:68:1b:
                    4f:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:A0:92:3E:25:76:C9:55:B1:F6:99:AC:F4:6F:DF:C2:6D:42:E4:F6
            X509v3 Authority Key Identifier:
                keyid:F5:0B:63:4E:0B:3C:69:E7:DA:81:8D:BB:99:CD:E3:8E:A8:49:8F:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtjTgs8aefagY27mc3jjqhJj3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/a0bfd9-5fa7-448d-a514-8d1bac63efc6/1/9QtjTgs8aefagY27mc3jjqhJj3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         26:4a:af:e4:e0:c9:50:3a:f2:3b:09:ed:7a:1a:3d:b4:82:eb:
         8a:4d:f1:76:65:21:f0:30:60:f7:33:bc:f8:68:70:6f:20:c4:
         5f:9a:de:61:93:aa:30:78:3b:29:98:71:29:62:65:70:44:e3:
         c3:a4:68:b3:21:7d:f0:4e:78:ea:eb:a6:94:03:71:7a:30:e6:
         6c:51:10:2b:3f:1d:93:6e:b3:84:f6:00:e1:cd:82:c2:b0:de:
         43:ed:4a:95:d6:8b:27:35:fd:a8:9e:04:f2:cc:1a:2b:72:bb:
         32:43:a6:ab:17:b1:d6:af:fd:2f:76:6f:c1:52:e5:13:0e:f8:
         c7:8a:5a:c0:f4:f0:de:29:d5:c5:4d:3b:ab:3d:c7:39:b6:84:
         ef:e6:fc:b6:4b:15:ba:c7:92:45:d0:ad:0d:a9:c5:17:15:83:
         90:97:0b:fd:c3:a2:83:59:ed:f0:0c:39:e1:20:3e:f8:0f:ad:
         36:73:4b:33:d2:1a:84:a3:04:0b:cf:3b:ab:b4:df:55:5d:02:
         6f:21:d3:fd:fe:e9:2c:80:ca:8e:85:31:af:d1:c8:9a:a2:55:
         eb:d2:d0:a0:39:65:d7:e0:e4:20:18:6a:cf:cb:b0:ba:5b:58:
         00:d2:3c:97:f9:3f:03:8f:02:e8:c0:bc:13:1a:b9:27:20:ee:
         f4:6f:16:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY82LNj1uITVNjEBglSI10NlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2MzRlMGIzYzY5ZTdkYTgxOGRiYjk5Y2RlMzhlYTg0
OThmNzEwHhcNMjQwNTAxMjIwMDU5WhcNMjQwNTAyMjIwMDU5WjAzMTEwLwYDVQQD
EyhmN2EwOTIzZTI1NzZjOTU1YjFmNjk5YWNmNDZmZGZjMjZkNDJlNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QKqDpmlenuxiGSQbET4cdtGRlJ0
gMpFw79T83K9OQx+/Z8wtlnmM7DesBY8NhiedGuOWwj5VyyEmy0kCZCUNK4YrKAT
rYRaiisDcjUUIXMSME34wNnDwlNxaZY6o+tgdpFOsDWpw1t3c+p5tSuABu2DpLXd
sT4VEzIzEb2JsyzejeoMjoQHltkqgbf05KJP97UbYwzrmpR/sDP0BEsSliKYoJ4l
8DZHE0kMTULMBpHmxIEmy6akek1d+Mn1rTsK9QnBh2tPrU8s4zqxbeRLPPzQfy66
Q2Z7metoiXP/mx8FqEefsMwNBaSamvNooDxfuAlSnccAoP/kY13caBtPvQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPegkj4ldslVsfaZrPRv38JtQuT2MB8GA1UdIwQY
MBaAFPULY04LPGnn2oGNu5nN446oSY9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hMGJmZDktNWZhNy00NDhkLWE1MTQt
OGQxYmFjNjNlZmM2LzEvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hMGJmZDktNWZhNy00NDhkLWE1MTQtOGQxYmFjNjNlZmM2
LzEvOVF0alRnczhhZWZhZ1kyN21jM2pqcWhKajNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJkqv5ODJ
UDryOwnteho9tILrik3xdmUh8DBg9zO8+GhwbyDEX5reYZOqMHg7KZhxKWJlcETj
w6RosyF98E546uumlANxejDmbFEQKz8dk26zhPYA4c2CwrDeQ+1KldaLJzX9qJ4E
8swaK3K7MkOmqxex1q/9L3ZvwVLlEw74x4pawPTw3inVxU07qz3HObaE7+b8tksV
useSRdCtDanFFxWDkJcL/cOig1nt8Aw54SA++A+tNnNLM9IahKMEC887q7TfVV0C
byHT/f7pLIDKjoUxr9HImqJV69LQoDll1+DkIBhqz8uwultYANI8l/k/A48C6MC8
Exq5JyDu9G8WjA==
-----END CERTIFICATE-----