Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
File:                     ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft (raw, json)
Hash identifier:          Ijgr9EOYAO1weKb5uR61cQvr8FFE813Yj5BkQhkrlkM=
Subject key identifier:   82:14:D4:DC:DE:4D:5E:54:95:6B:78:51:18:C0:53:8B:56:78:93:C0
Authority key identifier: 22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0
Certificate issuer:       /CN=22dc6e4743ed5cc843032852896ef15f4892edb0
Certificate serial:       018F4A2184FA28DE37DC3828359FF84402F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
Manifest number:          075C
Signing time:             Sun 05 May 2024 19:01:01 +0000
Manifest this update:     Sun 05 May 2024 19:01:01 +0000
Manifest next update:     Mon 06 May 2024 19:01:01 +0000
Files and hashes:         1: ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl (hash: u/ldB19Qlzy3bWzIa0+ksFz06cYmSTjLKzXT11TARpM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4a:21:84:fa:28:de:37:dc:38:28:35:9f:f8:44:02:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22dc6e4743ed5cc843032852896ef15f4892edb0
        Validity
            Not Before: May  5 19:01:01 2024 GMT
            Not After : May  6 19:01:01 2024 GMT
        Subject: CN=8214d4dcde4d5e54956b785118c0538b567893c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:69:fe:b7:75:52:74:dc:4f:ba:a3:9d:d7:
                    20:f8:c8:65:17:36:5c:ec:c0:a7:8b:6d:d4:96:09:
                    84:5a:21:69:b6:37:95:1e:61:a4:4f:0a:f0:c0:51:
                    7f:cf:20:29:14:3a:86:7c:13:41:78:ee:49:90:fa:
                    80:f6:17:4c:e8:67:ae:5d:f9:96:c4:fe:9e:ec:96:
                    20:15:a8:6e:3d:49:1b:17:ee:b8:bb:e9:68:20:84:
                    dc:31:30:2f:8b:14:56:64:50:5b:04:cc:db:0a:96:
                    3e:3a:e8:f6:26:17:57:18:05:75:b8:1f:47:52:c3:
                    23:c5:16:f6:b8:9a:d1:c0:c8:28:35:a5:0a:45:9c:
                    a5:ab:fe:0b:98:00:66:35:1a:40:33:29:63:6b:65:
                    c6:df:88:66:b9:ef:fc:c7:be:a1:58:38:7f:88:4e:
                    9d:fb:b9:9f:4e:4f:ff:05:f2:4a:9c:c0:da:5d:d4:
                    21:64:de:5c:d3:33:b7:49:7d:04:23:30:fe:72:ad:
                    8f:74:19:e6:26:55:96:d2:44:7e:37:1d:a8:df:6c:
                    e9:67:54:9d:7d:c5:39:03:02:d4:ef:51:92:41:98:
                    80:22:8c:91:f5:0e:d2:6e:8f:e8:39:f0:3c:9a:b0:
                    5e:17:1c:1f:15:f0:3e:5b:35:47:b1:e2:d1:d4:ac:
                    3b:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:14:D4:DC:DE:4D:5E:54:95:6B:78:51:18:C0:53:8B:56:78:93:C0
            X509v3 Authority Key Identifier:
                keyid:22:DC:6E:47:43:ED:5C:C8:43:03:28:52:89:6E:F1:5F:48:92:ED:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItxuR0PtXMhDAyhSiW7xX0iS7bA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/daf850-f587-44b2-8de4-a8585ff93546/1/ItxuR0PtXMhDAyhSiW7xX0iS7bA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         56:e5:d2:54:f8:24:d4:ce:a0:99:0b:47:d9:0d:cc:37:28:8f:
         2a:e3:15:8a:2f:0c:4c:16:76:01:a6:e6:bb:4a:40:b5:dd:00:
         1a:d3:18:a4:29:4f:4b:93:a5:c7:a6:36:7f:e8:04:d6:68:da:
         dd:0d:b4:8c:ad:52:dd:3a:a5:6c:c8:28:12:f1:44:c9:47:40:
         74:ee:49:4c:d9:85:9b:d5:d3:84:ef:0f:c4:41:2d:13:a2:c2:
         63:dd:f0:14:df:b4:1a:d1:ef:5d:2f:2d:3e:0d:c6:c1:89:c0:
         97:57:4c:86:25:d6:77:fe:d8:a6:c5:48:13:f4:6e:6c:44:73:
         42:61:5b:80:8f:ce:b8:6d:12:39:a3:47:03:8c:fc:92:f1:63:
         bf:5e:d0:2d:cb:e8:84:5f:d7:ae:e0:6a:91:1f:6d:fc:d4:07:
         c1:62:6f:be:cf:d1:e6:20:fa:4a:96:7f:35:04:a6:45:ad:fd:
         d9:f0:e9:d7:80:c6:66:fa:69:8f:05:60:d9:dd:fe:7d:37:51:
         c6:dd:bb:60:82:e5:08:d4:ed:dd:0c:b4:7e:54:97:1c:96:a2:
         5d:bc:1f:17:46:a0:7c:43:94:9c:69:9e:6b:93:96:c7:aa:83:
         f4:81:f3:71:ce:f7:cd:e7:7a:73:75:03:88:c5:59:31:4f:11:
         f2:ea:41:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9KIYT6KN433DgoNZ/4RALzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZGM2ZTQ3NDNlZDVjYzg0MzAzMjg1Mjg5NmVmMTVmNDg5
MmVkYjAwHhcNMjQwNTA1MTkwMTAxWhcNMjQwNTA2MTkwMTAxWjAzMTEwLwYDVQQD
Eyg4MjE0ZDRkY2RlNGQ1ZTU0OTU2Yjc4NTExOGMwNTM4YjU2Nzg5M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukpp/rd1UnTcT7qjndcg+MhlFzZc
7MCni23UlgmEWiFptjeVHmGkTwrwwFF/zyApFDqGfBNBeO5JkPqA9hdM6GeuXfmW
xP6e7JYgFahuPUkbF+64u+loIITcMTAvixRWZFBbBMzbCpY+Ouj2JhdXGAV1uB9H
UsMjxRb2uJrRwMgoNaUKRZylq/4LmABmNRpAMylja2XG34hmue/8x76hWDh/iE6d
+7mfTk//BfJKnMDaXdQhZN5c0zO3SX0EIzD+cq2PdBnmJlWW0kR+Nx2o32zpZ1Sd
fcU5AwLU71GSQZiAIoyR9Q7Sbo/oOfA8mrBeFxwfFfA+WzVHseLR1Kw7KQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIIU1NzeTV5UlWt4URjAU4tWeJPAMB8GA1UdIwQY
MBaAFCLcbkdD7VzIQwMoUolu8V9Iku2wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQt
YTg1ODVmZjkzNTQ2LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9kYWY4NTAtZjU4Ny00NGIyLThkZTQtYTg1ODVmZjkzNTQ2
LzEvSXR4dVIwUHRYTWhEQXloU2lXN3hYMGlTN2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVuXSVPgk
1M6gmQtH2Q3MNyiPKuMVii8MTBZ2Aabmu0pAtd0AGtMYpClPS5Olx6Y2f+gE1mja
3Q20jK1S3TqlbMgoEvFEyUdAdO5JTNmFm9XThO8PxEEtE6LCY93wFN+0GtHvXS8t
Pg3GwYnAl1dMhiXWd/7YpsVIE/RubERzQmFbgI/OuG0SOaNHA4z8kvFjv17QLcvo
hF/XruBqkR9t/NQHwWJvvs/R5iD6SpZ/NQSmRa392fDp14DGZvppjwVg2d3+fTdR
xt27YILlCNTt3Qy0flSXHJaiXbwfF0agfEOUnGmea5OWx6qD9IHzcc73zed6c3UD
iMVZMU8R8upB9w==
-----END CERTIFICATE-----