Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
File:                     4WU0PZW9Tbww89ciSVQanUfnbZE.mft (raw, json)
Hash identifier:          T3heopdjyPjxN/wNrrtvwo+oq7ALPy9viM+vW6ZWtRE=
Subject key identifier:   AC:80:CD:D8:7C:38:62:06:54:9C:7B:1C:5D:6F:67:2D:27:F7:0E:54
Authority key identifier: E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91
Certificate issuer:       /CN=e165343d95bd4dbc30f3d72249541a9d47e76d91
Certificate serial:       018F497FA1209DDF46637AFEFE88C3E3A278
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
Manifest number:          0A5B
Signing time:             Sun 05 May 2024 16:04:12 +0000
Manifest this update:     Sun 05 May 2024 16:04:12 +0000
Manifest next update:     Mon 06 May 2024 16:04:12 +0000
Files and hashes:         1: 4WU0PZW9Tbww89ciSVQanUfnbZE.crl (hash: kq8FfOh30UJv/P/EGj5n4hVfFKlsbdgk31uzsm+RxMw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 16:04:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:49:7f:a1:20:9d:df:46:63:7a:fe:fe:88:c3:e3:a2:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e165343d95bd4dbc30f3d72249541a9d47e76d91
        Validity
            Not Before: May  5 16:04:12 2024 GMT
            Not After : May  6 16:04:12 2024 GMT
        Subject: CN=ac80cdd87c386206549c7b1c5d6f672d27f70e54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6c:08:66:db:fd:2b:e1:8e:df:26:fb:03:e6:
                    cc:9f:7b:67:d3:41:77:4a:f6:a4:e9:a8:60:93:e4:
                    2d:57:2d:f3:d3:a7:33:4d:f7:66:15:0c:bb:6b:87:
                    d1:11:01:81:3b:72:ca:57:4a:c8:99:a3:5e:f9:3b:
                    dc:17:45:85:09:f6:88:3b:1b:0f:d4:63:a2:5a:a3:
                    36:bf:b8:3d:25:f1:7e:26:c1:b6:0d:39:bf:f8:70:
                    35:4d:ff:0e:2a:f1:83:00:f9:5d:5f:7d:ca:e0:ab:
                    9d:56:36:52:a2:b7:09:01:23:17:94:e8:f9:f9:30:
                    65:50:6d:af:ab:bb:65:8b:b7:ce:3b:5d:23:fe:a0:
                    4b:98:80:c6:75:76:f3:0b:9b:e0:a6:95:91:0a:68:
                    8e:d8:65:b9:7a:b7:c2:24:b9:d0:d5:e5:4e:7b:d5:
                    54:fc:e0:e3:93:f3:4f:cc:9a:ad:57:fc:71:cd:1d:
                    78:6c:a3:c4:d4:2c:47:cf:bb:c0:1c:b4:36:03:ca:
                    dc:35:a1:d0:e6:ad:63:f1:02:54:72:6c:4b:63:29:
                    5b:54:62:f3:32:97:2c:2c:d7:53:b6:c9:de:84:d6:
                    68:31:35:9a:4f:4e:e7:12:65:66:3d:c4:32:1a:eb:
                    26:36:1f:5c:6e:90:c9:d2:44:19:6b:2a:25:11:e5:
                    8e:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:80:CD:D8:7C:38:62:06:54:9C:7B:1C:5D:6F:67:2D:27:F7:0E:54
            X509v3 Authority Key Identifier:
                keyid:E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:ea:db:47:dd:75:46:aa:2c:77:d2:69:b6:b1:bc:4f:10:f0:
         20:4c:4a:63:3e:db:72:5f:49:ee:09:7b:97:5f:99:12:6c:38:
         ae:43:29:41:25:d1:1c:f8:a6:87:71:07:5c:59:a2:73:38:88:
         93:7c:5c:76:9d:f5:4a:02:9a:9e:ed:16:7e:a6:22:e3:9f:d5:
         7e:b7:9b:b4:22:d3:f9:9a:5e:a2:ec:6b:fe:98:96:01:c1:a7:
         59:87:42:2b:ac:e6:83:fc:9a:c4:7a:dc:3a:fe:0d:4f:22:aa:
         ce:23:0c:0f:23:d3:9a:df:95:9d:e8:02:ae:7a:ef:e5:55:1f:
         8a:cc:c1:70:75:5f:36:ab:9e:20:d5:dc:ee:73:e4:ce:69:3a:
         fa:9c:99:77:d8:5a:1f:0b:72:5b:c1:2d:97:65:35:62:ea:9f:
         84:bc:04:60:5b:02:d5:0e:82:92:41:0e:30:44:c6:02:09:18:
         d7:24:23:8e:e3:e4:43:90:85:1c:43:c0:56:b1:35:3d:ed:d1:
         9f:0a:04:53:68:12:a7:74:a9:ac:22:42:4c:28:c5:c0:c5:9a:
         60:fe:0e:a0:a7:57:d4:bb:73:43:8e:81:91:3f:3e:5d:a5:17:
         bd:24:41:6a:c7:a5:ef:f5:18:00:2e:fd:08:38:46:3d:0c:fa:
         84:03:59:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Jf6Egnd9GY3r+/ojD46J4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNjUzNDNkOTViZDRkYmMzMGYzZDcyMjQ5NTQxYTlkNDdl
NzZkOTEwHhcNMjQwNTA1MTYwNDEyWhcNMjQwNTA2MTYwNDEyWjAzMTEwLwYDVQQD
EyhhYzgwY2RkODdjMzg2MjA2NTQ5YzdiMWM1ZDZmNjcyZDI3ZjcwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2wIZtv9K+GO3yb7A+bMn3tn00F3
Svak6ahgk+QtVy3z06czTfdmFQy7a4fREQGBO3LKV0rImaNe+TvcF0WFCfaIOxsP
1GOiWqM2v7g9JfF+JsG2DTm/+HA1Tf8OKvGDAPldX33K4KudVjZSorcJASMXlOj5
+TBlUG2vq7tli7fOO10j/qBLmIDGdXbzC5vgppWRCmiO2GW5erfCJLnQ1eVOe9VU
/ODjk/NPzJqtV/xxzR14bKPE1CxHz7vAHLQ2A8rcNaHQ5q1j8QJUcmxLYylbVGLz
MpcsLNdTtsnehNZoMTWaT07nEmVmPcQyGusmNh9cbpDJ0kQZayolEeWOFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKyAzdh8OGIGVJx7HF1vZy0n9w5UMB8GA1UdIwQY
MBaAFOFlND2VvU28MPPXIklUGp1H522RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTIt
NmUyYzA1M2Q5OTkzLzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTItNmUyYzA1M2Q5OTkz
LzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQurbR911
Rqosd9JptrG8TxDwIExKYz7bcl9J7gl7l1+ZEmw4rkMpQSXRHPimh3EHXFmicziI
k3xcdp31SgKanu0WfqYi45/VfrebtCLT+Zpeouxr/piWAcGnWYdCK6zmg/yaxHrc
Ov4NTyKqziMMDyPTmt+VnegCrnrv5VUfiszBcHVfNqueINXc7nPkzmk6+pyZd9ha
HwtyW8Etl2U1YuqfhLwEYFsC1Q6CkkEOMETGAgkY1yQjjuPkQ5CFHEPAVrE1Pe3R
nwoEU2gSp3SprCJCTCjFwMWaYP4OoKdX1LtzQ46BkT8+XaUXvSRBasel7/UYAC79
CDhGPQz6hANZ1A==
-----END CERTIFICATE-----