Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
File:                     WZypahnO8ifMM7NFhZaqRV0rePg.mft (raw, json)
Hash identifier:          h0gcrDcaE4EqXUytWJT8rJbJZS/pDdGt39bI1Ow+EZM=
Subject key identifier:   A9:19:72:06:CB:EA:72:5A:4A:B9:C2:52:2C:06:36:9F:28:A7:1F:4A
Authority key identifier: 59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8
Certificate issuer:       /CN=599ca96a19cef227cc33b3458596aa455d2b78f8
Certificate serial:       018F877F3D21CC183F5BF94B03A8FBA162E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
Manifest number:          D6
Signing time:             Fri 17 May 2024 17:00:13 +0000
Manifest this update:     Fri 17 May 2024 17:00:13 +0000
Manifest next update:     Sat 18 May 2024 17:00:13 +0000
Files and hashes:         1: WZypahnO8ifMM7NFhZaqRV0rePg.crl (hash: xbMHz4OUycconRH+DRU+nSC5jE5hNs9p4bwPBeiWnvw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:7f:3d:21:cc:18:3f:5b:f9:4b:03:a8:fb:a1:62:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=599ca96a19cef227cc33b3458596aa455d2b78f8
        Validity
            Not Before: May 17 17:00:13 2024 GMT
            Not After : May 18 17:00:13 2024 GMT
        Subject: CN=a9197206cbea725a4ab9c2522c06369f28a71f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3a:3c:b2:86:5a:e3:b3:4f:61:28:11:b4:63:
                    9e:0b:b8:82:aa:92:25:e9:ea:c9:4d:04:38:fe:e2:
                    2d:84:89:ca:a6:7e:6a:28:79:8f:24:c1:1c:e8:75:
                    02:99:80:ee:0d:e4:b3:21:6f:2f:e8:2d:1d:37:a4:
                    6b:7d:93:21:54:97:c4:20:8f:a6:80:f8:52:b7:b6:
                    36:09:24:75:f5:e4:fd:4d:58:8c:d3:d2:51:0b:18:
                    42:87:d2:03:b5:47:31:66:6b:b3:f4:2d:fb:9c:f5:
                    86:aa:b2:cc:78:33:f8:5c:91:fa:13:1b:b6:40:33:
                    35:d9:2c:16:18:d0:95:c2:0b:a8:f5:86:db:0a:8d:
                    d0:26:29:6f:e3:9f:52:0a:06:26:a9:a7:18:15:f3:
                    f5:88:55:ee:28:37:ad:db:7e:a9:7c:33:f7:73:da:
                    e8:1d:8b:91:25:50:54:12:eb:09:00:55:6c:88:e8:
                    08:ca:3e:88:20:36:1e:84:54:3a:fa:78:f0:84:53:
                    ab:d4:0f:53:1e:8b:00:d4:67:95:9a:7b:35:23:1f:
                    ad:93:00:5c:87:45:4d:4c:fd:47:28:6a:27:53:9d:
                    80:57:1f:fd:c4:c5:b7:fe:d2:82:bf:f7:21:67:0e:
                    68:ad:ed:67:c6:6c:a3:7c:2b:28:97:0e:39:59:83:
                    53:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:19:72:06:CB:EA:72:5A:4A:B9:C2:52:2C:06:36:9F:28:A7:1F:4A
            X509v3 Authority Key Identifier:
                keyid:59:9C:A9:6A:19:CE:F2:27:CC:33:B3:45:85:96:AA:45:5D:2B:78:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZypahnO8ifMM7NFhZaqRV0rePg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/af2dd5-3f6e-45d5-b10e-b55f70fb1142/1/WZypahnO8ifMM7NFhZaqRV0rePg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:50:cf:79:1a:25:b7:06:1f:f5:97:e8:65:4e:24:ae:22:e7:
         1d:1c:34:77:13:aa:94:ee:ba:c4:b2:56:52:e3:03:cf:b4:7f:
         f8:08:13:b8:8b:b1:a7:7b:30:fb:56:37:bd:a6:5d:9a:9a:b8:
         85:1d:93:38:a8:9d:72:6e:d9:b6:91:2f:3f:b4:2d:a2:ce:b9:
         0c:e6:2d:b8:a5:f2:bc:53:48:8f:bc:04:65:72:74:36:1f:80:
         4e:64:fc:48:59:bb:81:e6:ff:5d:6b:3c:66:19:c9:67:8c:1b:
         08:c2:f6:2e:c2:f0:9f:9a:c8:d3:76:4a:00:46:31:25:d9:ef:
         18:1c:c7:7c:63:51:96:ad:ed:98:bd:4b:45:86:56:e6:b6:88:
         e4:f1:70:fd:d2:c1:8b:ab:df:e8:3a:90:bb:66:92:f1:e8:36:
         fe:c4:82:12:e0:17:d8:2a:80:7a:07:47:48:00:3d:14:52:7b:
         ac:e0:57:0c:b6:bb:e3:eb:fe:b4:9b:26:ad:0c:da:0d:a8:9b:
         42:d6:72:2d:e3:fb:88:2b:63:44:b2:f8:81:8b:ab:d0:d3:b4:
         74:8d:b5:45:79:58:26:94:cc:96:13:e9:98:e8:c2:56:03:68:
         04:21:27:97:f4:bd:fc:c6:d0:3d:49:a8:f4:bc:87:8a:d8:fc:
         b9:be:98:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hfz0hzBg/W/lLA6j7oWLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OWNhOTZhMTljZWYyMjdjYzMzYjM0NTg1OTZhYTQ1NWQy
Yjc4ZjgwHhcNMjQwNTE3MTcwMDEzWhcNMjQwNTE4MTcwMDEzWjAzMTEwLwYDVQQD
EyhhOTE5NzIwNmNiZWE3MjVhNGFiOWMyNTIyYzA2MzY5ZjI4YTcxZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzo8soZa47NPYSgRtGOeC7iCqpIl
6erJTQQ4/uIthInKpn5qKHmPJMEc6HUCmYDuDeSzIW8v6C0dN6RrfZMhVJfEII+m
gPhSt7Y2CSR19eT9TViM09JRCxhCh9IDtUcxZmuz9C37nPWGqrLMeDP4XJH6Exu2
QDM12SwWGNCVwguo9YbbCo3QJilv459SCgYmqacYFfP1iFXuKDet236pfDP3c9ro
HYuRJVBUEusJAFVsiOgIyj6IIDYehFQ6+njwhFOr1A9THosA1GeVmns1Ix+tkwBc
h0VNTP1HKGonU52AVx/9xMW3/tKCv/chZw5ore1nxmyjfCsolw45WYNTCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkZcgbL6nJaSrnCUiwGNp8opx9KMB8GA1UdIwQY
MBaAFFmcqWoZzvInzDOzRYWWqkVdK3j4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUt
YjU1ZjcwZmIxMTQyLzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hZjJkZDUtM2Y2ZS00NWQ1LWIxMGUtYjU1ZjcwZmIxMTQy
LzEvV1p5cGFobk84aWZNTTdORmhaYXFSVjByZVBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXlDPeRol
twYf9ZfoZU4kriLnHRw0dxOqlO66xLJWUuMDz7R/+AgTuIuxp3sw+1Y3vaZdmpq4
hR2TOKidcm7ZtpEvP7Qtos65DOYtuKXyvFNIj7wEZXJ0Nh+ATmT8SFm7geb/XWs8
ZhnJZ4wbCML2LsLwn5rI03ZKAEYxJdnvGBzHfGNRlq3tmL1LRYZW5raI5PFw/dLB
i6vf6DqQu2aS8eg2/sSCEuAX2CqAegdHSAA9FFJ7rOBXDLa74+v+tJsmrQzaDaib
QtZyLeP7iCtjRLL4gYur0NO0dI21RXlYJpTMlhPpmOjCVgNoBCEnl/S9/MbQPUmo
9LyHitj8ub6Y5Q==
-----END CERTIFICATE-----