Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.mft
File:                     eiq2IdNR_j8HPogZQO680cht8-k.mft (raw, json)
Hash identifier:          cTVrqHzrUVkwNBpLOWIByiKawBJws1bsC31OKXLddVY=
Subject key identifier:   31:C4:30:68:ED:D9:F7:9E:55:6A:F5:51:E6:FC:78:BF:4A:8D:20:6E
Authority key identifier: 7A:2A:B6:21:D3:51:FE:3F:07:3E:88:19:40:EE:BC:D1:C8:6D:F3:E9
Certificate issuer:       /CN=7a2ab621d351fe3f073e881940eebcd1c86df3e9
Certificate serial:       018F87ED19EBD240A04E63C6598F5488C4E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eiq2IdNR_j8HPogZQO680cht8-k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 19:00:13 +0000
Manifest this update:     Fri 17 May 2024 19:00:13 +0000
Manifest next update:     Sat 18 May 2024 19:00:13 +0000
Files and hashes:         1: eiq2IdNR_j8HPogZQO680cht8-k.crl (hash: lIC1wWeNslfPyWY2npvk9RmKBdx9qVH7w7VDDR83Zzo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eiq2IdNR_j8HPogZQO680cht8-k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:19:eb:d2:40:a0:4e:63:c6:59:8f:54:88:c4:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7a2ab621d351fe3f073e881940eebcd1c86df3e9
        Validity
            Not Before: May 17 19:00:13 2024 GMT
            Not After : May 18 19:00:13 2024 GMT
        Subject: CN=31c43068edd9f79e556af551e6fc78bf4a8d206e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:88:1b:b3:37:87:02:4d:89:58:ba:c6:d1:47:
                    93:c0:7e:55:38:9a:fb:b5:59:5b:6f:1c:8c:47:4d:
                    6f:e3:53:07:d5:e6:fe:b9:66:0f:64:33:51:74:18:
                    98:99:eb:e7:3d:c1:a3:fd:10:ae:a1:88:df:91:d1:
                    b0:d7:02:6b:59:f7:bc:da:10:a6:06:b4:f7:6b:29:
                    b7:c2:79:ea:6d:bf:e7:7a:0c:e2:97:d7:65:4b:5d:
                    51:14:ee:cc:62:81:e4:bc:8e:27:17:87:17:22:a4:
                    8f:6f:74:7b:fb:47:32:c7:ee:15:7b:e0:c1:79:0c:
                    08:04:2b:96:5f:94:a9:d9:de:05:2c:b4:d9:1a:f4:
                    ce:00:ad:59:61:1e:67:3a:3e:45:2b:33:cd:b6:1f:
                    1a:df:2c:7b:03:12:63:d3:3e:71:6d:88:5f:6c:89:
                    28:75:32:70:e3:8f:28:32:9a:5a:87:6c:63:ed:0e:
                    b5:0c:21:48:f4:94:77:8c:8a:d6:fc:12:a8:a3:f6:
                    0d:2c:c1:3e:9b:d9:93:7b:ca:97:f7:5a:15:75:58:
                    5a:b2:64:20:1f:87:a1:82:b8:e7:a1:40:0d:1a:ba:
                    8e:58:c6:56:2e:d5:db:0d:1b:9b:5d:9e:26:ec:42:
                    a6:de:64:a9:5f:55:1a:3b:bb:2b:66:57:86:94:b0:
                    b8:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:C4:30:68:ED:D9:F7:9E:55:6A:F5:51:E6:FC:78:BF:4A:8D:20:6E
            X509v3 Authority Key Identifier:
                keyid:7A:2A:B6:21:D3:51:FE:3F:07:3E:88:19:40:EE:BC:D1:C8:6D:F3:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eiq2IdNR_j8HPogZQO680cht8-k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/8091a2-8a2d-458c-98a4-c6fcbac770f5/1/eiq2IdNR_j8HPogZQO680cht8-k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:be:dc:a1:2b:6c:80:cf:56:bf:ea:2c:88:a4:c5:c6:cf:ac:
         c3:e6:01:78:6d:bf:65:18:a3:e6:cc:92:3c:bf:6a:6b:92:9e:
         c0:5d:ef:2a:00:2f:da:57:e0:8b:46:6a:5e:1a:0c:78:12:8c:
         ee:42:ea:2b:ec:a8:9c:44:56:5b:90:ad:91:85:ca:17:ea:30:
         e1:6e:50:1f:41:33:83:66:eb:06:82:8a:04:99:d0:81:ee:63:
         27:20:b4:7c:1b:ff:6a:e0:b8:1e:94:c2:47:45:f7:1b:58:a0:
         17:b7:e5:95:4b:0c:23:b8:ca:cd:1a:9f:10:57:4d:b8:33:55:
         47:b3:d7:8b:c9:03:3e:67:75:fa:90:da:dd:db:d3:5c:a7:b1:
         90:71:c8:1d:49:2f:4b:ec:4b:28:a5:1d:e6:6d:99:6f:00:61:
         a7:af:58:4f:3b:21:ef:18:2b:02:72:23:4b:57:2f:de:f7:eb:
         38:88:eb:85:60:3f:d3:24:f7:2c:8f:88:79:ed:1a:84:77:83:
         41:15:21:a9:d3:ff:8e:63:c6:cf:47:b8:b2:81:b0:c4:db:74:
         c5:15:e2:56:a6:22:52:04:a0:b4:a6:4d:17:e6:7d:e8:37:3b:
         47:49:2e:b1:b7:d4:fa:97:b5:2e:00:95:61:e6:0e:b9:91:c5:
         52:ea:0c:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7Rnr0kCgTmPGWY9UiMTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMmFiNjIxZDM1MWZlM2YwNzNlODgxOTQwZWViY2QxYzg2
ZGYzZTkwHhcNMjQwNTE3MTkwMDEzWhcNMjQwNTE4MTkwMDEzWjAzMTEwLwYDVQQD
EygzMWM0MzA2OGVkZDlmNzllNTU2YWY1NTFlNmZjNzhiZjRhOGQyMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoogbszeHAk2JWLrG0UeTwH5VOJr7
tVlbbxyMR01v41MH1eb+uWYPZDNRdBiYmevnPcGj/RCuoYjfkdGw1wJrWfe82hCm
BrT3aym3wnnqbb/negzil9dlS11RFO7MYoHkvI4nF4cXIqSPb3R7+0cyx+4Ve+DB
eQwIBCuWX5Sp2d4FLLTZGvTOAK1ZYR5nOj5FKzPNth8a3yx7AxJj0z5xbYhfbIko
dTJw448oMppah2xj7Q61DCFI9JR3jIrW/BKoo/YNLME+m9mTe8qX91oVdVhasmQg
H4ehgrjnoUANGrqOWMZWLtXbDRubXZ4m7EKm3mSpX1UaO7srZleGlLC4VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDHEMGjt2feeVWr1Ueb8eL9KjSBuMB8GA1UdIwQY
MBaAFHoqtiHTUf4/Bz6IGUDuvNHIbfPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWlxMklkTlJfajhIUG9nWlFPNjgwY2h0OC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84MDkxYTItOGEyZC00NThjLTk4YTQt
YzZmY2JhYzc3MGY1LzEvZWlxMklkTlJfajhIUG9nWlFPNjgwY2h0OC1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi84MDkxYTItOGEyZC00NThjLTk4YTQtYzZmY2JhYzc3MGY1
LzEvZWlxMklkTlJfajhIUG9nWlFPNjgwY2h0OC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbb7coSts
gM9Wv+osiKTFxs+sw+YBeG2/ZRij5sySPL9qa5KewF3vKgAv2lfgi0ZqXhoMeBKM
7kLqK+yonERWW5CtkYXKF+ow4W5QH0Ezg2brBoKKBJnQge5jJyC0fBv/auC4HpTC
R0X3G1igF7fllUsMI7jKzRqfEFdNuDNVR7PXi8kDPmd1+pDa3dvTXKexkHHIHUkv
S+xLKKUd5m2ZbwBhp69YTzsh7xgrAnIjS1cv3vfrOIjrhWA/0yT3LI+Iee0ahHeD
QRUhqdP/jmPGz0e4soGwxNt0xRXiVqYiUgSgtKZNF+Z96Dc7R0kusbfU+pe1LgCV
YeYOuZHFUuoMWg==
-----END CERTIFICATE-----