Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
File:                     CeVm4OteXiEQflX8lg-x7iGHRHQ.mft (raw, json)
Hash identifier:          88NkWIgdY1TQs8Cfm20/60t20PmDPWJ8VjaqVSjKXEU=
Subject key identifier:   AB:98:06:5C:F7:61:95:96:BD:8D:85:6B:13:AB:CC:C1:D6:76:43:DA
Authority key identifier: 09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74
Certificate issuer:       /CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
Certificate serial:       018F3A0A41A737CC087E6152571A84C8FEDD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
Manifest number:          0F97
Signing time:             Thu 02 May 2024 16:01:41 +0000
Manifest this update:     Thu 02 May 2024 16:01:41 +0000
Manifest next update:     Fri 03 May 2024 16:01:41 +0000
Files and hashes:         1: CeVm4OteXiEQflX8lg-x7iGHRHQ.crl (hash: 4TJVejCtbcHS2FBoR1j6PCvAHDoAGXCtM6KDc0QwR5Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:01:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:0a:41:a7:37:cc:08:7e:61:52:57:1a:84:c8:fe:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=09e566e0eb5e5e21107e55fc960fb1ee21874474
        Validity
            Not Before: May  2 16:01:41 2024 GMT
            Not After : May  3 16:01:41 2024 GMT
        Subject: CN=ab98065cf7619596bd8d856b13abccc1d67643da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:11:5f:76:d7:d0:3a:5d:2c:1e:45:55:37:49:
                    d9:1d:21:6b:e9:d5:1b:e4:96:12:8a:0e:5f:13:9a:
                    48:88:fa:cc:6f:6a:6e:9e:e6:c4:9e:63:07:2c:9a:
                    d6:e9:1c:6d:ef:99:a5:c8:32:83:53:eb:0e:d9:be:
                    cd:f1:19:3f:ef:c2:2f:71:34:80:9d:f8:c1:d2:17:
                    8e:85:68:4e:33:31:db:c6:07:d8:51:b4:6a:d5:60:
                    b2:a8:83:eb:7f:38:f1:3a:d2:8d:25:4f:5f:51:e4:
                    b3:95:f1:f7:1a:7a:ba:17:f6:6b:a0:b8:a2:cc:d9:
                    97:a3:da:d7:63:6a:57:1b:fd:6f:bc:6f:f9:ad:37:
                    44:4e:48:45:79:26:10:8c:4a:0c:23:fb:6a:40:1e:
                    71:db:c3:f5:af:59:9d:41:f5:5c:50:43:f1:8f:7d:
                    aa:11:42:a7:10:86:5e:33:e5:e5:fa:b6:44:29:b3:
                    5a:49:26:27:20:d8:ef:da:eb:ce:74:13:89:db:be:
                    5d:e8:bd:f9:f1:c0:39:89:ba:a1:20:30:38:33:d3:
                    b1:d2:87:0a:69:20:db:20:63:dd:fc:e8:f6:75:9d:
                    b0:35:d6:dd:7d:a2:a5:4d:be:3f:1f:a9:18:43:7a:
                    e7:7b:2b:79:2d:2a:3f:53:ea:49:d6:01:d8:c1:1b:
                    23:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:98:06:5C:F7:61:95:96:BD:8D:85:6B:13:AB:CC:C1:D6:76:43:DA
            X509v3 Authority Key Identifier:
                keyid:09:E5:66:E0:EB:5E:5E:21:10:7E:55:FC:96:0F:B1:EE:21:87:44:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVm4OteXiEQflX8lg-x7iGHRHQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0008cd-e129-424c-b5af-0af1de8f1ff1/1/CeVm4OteXiEQflX8lg-x7iGHRHQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9c:32:95:94:db:b9:9e:78:82:63:4c:4e:45:56:e4:3d:a5:48:
         c0:33:6d:3e:53:70:bb:ca:d9:48:59:10:c4:53:30:82:b0:71:
         12:90:16:d6:31:89:08:b5:e2:07:86:c8:62:5e:3f:a2:19:e9:
         8e:55:cd:13:fc:dd:c2:50:75:14:21:04:14:f0:02:5b:80:b2:
         74:ca:2b:0d:a9:bd:ef:32:b4:cc:d3:e1:af:42:d0:4f:fc:b9:
         57:5e:c6:05:21:7a:4a:23:ac:73:73:e5:ef:16:ac:d8:8c:a7:
         50:29:99:29:a2:14:c8:ac:f8:77:6d:b2:8a:9b:93:be:5a:de:
         ed:f7:4c:ba:e1:3f:6d:e0:b4:c5:37:90:17:7f:77:67:c0:d8:
         91:b4:40:4d:b9:45:79:95:2b:a1:52:b5:8e:1b:0d:0c:84:e1:
         78:ce:b0:ac:63:d3:47:02:20:3b:03:1c:f5:32:ce:06:2d:0e:
         5f:79:87:c8:cd:42:4f:2d:49:1e:6a:45:52:fb:3f:33:6f:85:
         2a:6f:61:1c:58:2c:d5:e2:c1:6a:89:7e:aa:10:6e:5f:5c:57:
         80:b4:5f:8d:d8:ad:18:19:c1:2c:61:23:0b:f7:7e:4a:0a:0f:
         5a:bb:88:eb:34:23:9d:8d:dc:8d:ec:9b:b7:23:2c:af:d5:7c:
         55:ac:11:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY86CkGnN8wIfmFSVxqEyP7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU2NmUwZWI1ZTVlMjExMDdlNTVmYzk2MGZiMWVlMjE4
NzQ0NzQwHhcNMjQwNTAyMTYwMTQxWhcNMjQwNTAzMTYwMTQxWjAzMTEwLwYDVQQD
EyhhYjk4MDY1Y2Y3NjE5NTk2YmQ4ZDg1NmIxM2FiY2NjMWQ2NzY0M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBFfdtfQOl0sHkVVN0nZHSFr6dUb
5JYSig5fE5pIiPrMb2punubEnmMHLJrW6Rxt75mlyDKDU+sO2b7N8Rk/78IvcTSA
nfjB0heOhWhOMzHbxgfYUbRq1WCyqIPrfzjxOtKNJU9fUeSzlfH3Gnq6F/ZroLii
zNmXo9rXY2pXG/1vvG/5rTdETkhFeSYQjEoMI/tqQB5x28P1r1mdQfVcUEPxj32q
EUKnEIZeM+Xl+rZEKbNaSSYnINjv2uvOdBOJ275d6L358cA5ibqhIDA4M9Ox0ocK
aSDbIGPd/Oj2dZ2wNdbdfaKlTb4/H6kYQ3rneyt5LSo/U+pJ1gHYwRsj0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuYBlz3YZWWvY2FaxOrzMHWdkPaMB8GA1UdIwQY
MBaAFAnlZuDrXl4hEH5V/JYPse4hh0R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYt
MGFmMWRlOGYxZmYxLzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wMDA4Y2QtZTEyOS00MjRjLWI1YWYtMGFmMWRlOGYxZmYx
LzEvQ2VWbTRPdGVYaUVRZmxYOGxnLXg3aUdIUkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnDKVlNu5
nniCY0xORVbkPaVIwDNtPlNwu8rZSFkQxFMwgrBxEpAW1jGJCLXiB4bIYl4/ohnp
jlXNE/zdwlB1FCEEFPACW4CydMorDam97zK0zNPhr0LQT/y5V17GBSF6SiOsc3Pl
7xas2IynUCmZKaIUyKz4d22yipuTvlre7fdMuuE/beC0xTeQF393Z8DYkbRATblF
eZUroVK1jhsNDITheM6wrGPTRwIgOwMc9TLOBi0OX3mHyM1CTy1JHmpFUvs/M2+F
Km9hHFgs1eLBaol+qhBuX1xXgLRfjditGBnBLGEjC/d+SgoPWruI6zQjnY3cjeyb
tyMsr9V8VawRSg==
-----END CERTIFICATE-----