Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
File:                     zRvlrhITa5bNnXilwkykct6Ixlg.mft (raw, json)
Hash identifier:          wQuxxvG5NcgJaZltSlBgIWpu6mWIa2e+NzYZ3UT2HPE=
Subject key identifier:   55:F0:DA:A2:04:BB:4E:38:AA:40:2F:42:A3:95:8A:84:C1:C7:05:FE
Authority key identifier: CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58
Certificate issuer:       /CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
Certificate serial:       018F87ED5842A4205E5364A6F235F699D33E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
Manifest number:          03AB
Signing time:             Fri 17 May 2024 19:00:29 +0000
Manifest this update:     Fri 17 May 2024 19:00:29 +0000
Manifest next update:     Sat 18 May 2024 19:00:29 +0000
Files and hashes:         1: zRvlrhITa5bNnXilwkykct6Ixlg.crl (hash: bBIzQRoNohsNANMVdlgIMWpAOb82616Vwqp5Kk3Bfx0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:58:42:a4:20:5e:53:64:a6:f2:35:f6:99:d3:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd1be5ae12136b96cd9d78a5c24ca472de88c658
        Validity
            Not Before: May 17 19:00:29 2024 GMT
            Not After : May 18 19:00:29 2024 GMT
        Subject: CN=55f0daa204bb4e38aa402f42a3958a84c1c705fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:08:1f:8e:ac:d5:c4:fd:e5:f3:42:1d:e2:cb:
                    5f:c9:4f:e3:6f:09:7d:ee:09:d6:d2:6d:31:3c:28:
                    3e:86:49:79:26:c7:0c:e5:b1:70:9b:74:da:85:94:
                    23:e3:0d:83:29:08:ad:7c:bf:45:c9:5e:5c:b9:bc:
                    f0:79:89:9e:9a:71:6c:ae:e0:0f:a3:e1:37:30:3d:
                    bc:45:57:6f:05:b0:b4:0f:34:d1:ab:4d:20:3e:df:
                    83:13:17:df:31:ba:4a:07:2d:63:17:99:18:2f:09:
                    12:34:84:c4:07:b8:38:b9:5e:f2:d6:e5:67:0e:6e:
                    26:e6:f8:ee:8f:6b:04:ed:6d:8d:21:7f:9c:19:54:
                    09:28:3f:7f:b2:e8:ae:b1:b1:c0:5a:37:4c:3d:70:
                    16:38:50:0a:b7:88:f9:10:df:2d:a2:4f:85:85:38:
                    98:7d:f3:92:e6:d7:6d:a0:a4:3b:b2:55:07:10:5a:
                    ba:98:21:b7:35:f9:b4:c5:6b:54:96:55:1c:6c:0b:
                    26:62:12:ba:99:b7:ce:03:1f:81:35:5f:12:c8:1c:
                    a4:24:cd:5b:c0:d1:c4:51:f7:da:74:00:b0:3f:3b:
                    c6:a4:dc:6a:3c:a4:ee:02:c1:15:f1:c1:50:19:27:
                    c8:0f:dc:54:10:1a:49:ee:27:d4:76:e5:e2:9c:99:
                    f9:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F0:DA:A2:04:BB:4E:38:AA:40:2F:42:A3:95:8A:84:C1:C7:05:FE
            X509v3 Authority Key Identifier:
                keyid:CD:1B:E5:AE:12:13:6B:96:CD:9D:78:A5:C2:4C:A4:72:DE:88:C6:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRvlrhITa5bNnXilwkykct6Ixlg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/5b1129-21dd-4ea5-9648-5f16de5c8658/1/zRvlrhITa5bNnXilwkykct6Ixlg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:bb:b8:bd:6c:a0:77:71:a6:a2:04:04:e3:6e:7a:d6:bf:2d:
         ff:70:53:68:31:01:e0:69:1f:10:e4:10:10:65:e9:52:82:cf:
         3f:5c:53:96:05:41:36:be:a2:38:06:78:45:3f:56:73:27:3d:
         6f:0d:98:5d:39:64:47:c6:fe:cc:12:24:bb:c2:3f:50:64:47:
         59:af:28:d5:b0:9f:4d:6a:55:9d:da:d7:40:8c:10:06:63:9a:
         8b:6f:d2:34:a4:c3:05:dd:8f:4c:f7:26:3e:4a:ca:59:cc:24:
         1a:bf:f8:cd:1d:71:3a:78:db:49:b1:80:e2:ef:f2:16:e8:db:
         0b:98:6c:af:72:54:ee:45:16:d9:15:e3:69:2b:79:3e:dd:6e:
         02:07:26:4f:f2:2f:a8:b9:e3:61:78:a2:a8:f0:7c:ad:44:93:
         0c:42:d1:29:ad:61:75:9c:c7:6f:fc:0a:c5:05:b9:3e:05:b4:
         0b:a9:d7:8d:d4:7e:76:50:cb:f0:2d:8e:5f:cd:e4:f5:d8:e5:
         15:1c:11:37:a5:22:1c:2a:12:ec:45:4e:78:8e:0c:6c:68:4c:
         08:1f:36:e1:e0:a2:53:2c:bf:b1:d3:25:85:0e:11:b2:60:71:
         b1:57:3d:f6:71:39:5b:a3:66:98:c5:f6:d0:69:e1:44:cf:7c:
         a5:ac:1e:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7VhCpCBeU2Sm8jX2mdM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWJlNWFlMTIxMzZiOTZjZDlkNzhhNWMyNGNhNDcyZGU4
OGM2NTgwHhcNMjQwNTE3MTkwMDI5WhcNMjQwNTE4MTkwMDI5WjAzMTEwLwYDVQQD
Eyg1NWYwZGFhMjA0YmI0ZTM4YWE0MDJmNDJhMzk1OGE4NGMxYzcwNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQgfjqzVxP3l80Id4stfyU/jbwl9
7gnW0m0xPCg+hkl5JscM5bFwm3TahZQj4w2DKQitfL9FyV5cubzweYmemnFsruAP
o+E3MD28RVdvBbC0DzTRq00gPt+DExffMbpKBy1jF5kYLwkSNITEB7g4uV7y1uVn
Dm4m5vjuj2sE7W2NIX+cGVQJKD9/suiusbHAWjdMPXAWOFAKt4j5EN8tok+FhTiY
ffOS5tdtoKQ7slUHEFq6mCG3Nfm0xWtUllUcbAsmYhK6mbfOAx+BNV8SyBykJM1b
wNHEUffadACwPzvGpNxqPKTuAsEV8cFQGSfID9xUEBpJ7ifUduXinJn5yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXw2qIEu044qkAvQqOVioTBxwX+MB8GA1UdIwQY
MBaAFM0b5a4SE2uWzZ14pcJMpHLeiMZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgt
NWYxNmRlNWM4NjU4LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi81YjExMjktMjFkZC00ZWE1LTk2NDgtNWYxNmRlNWM4NjU4
LzEvelJ2bHJoSVRhNWJOblhpbHdreWtjdDZJeGxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlru4vWyg
d3GmogQE42561r8t/3BTaDEB4GkfEOQQEGXpUoLPP1xTlgVBNr6iOAZ4RT9Wcyc9
bw2YXTlkR8b+zBIku8I/UGRHWa8o1bCfTWpVndrXQIwQBmOai2/SNKTDBd2PTPcm
PkrKWcwkGr/4zR1xOnjbSbGA4u/yFujbC5hsr3JU7kUW2RXjaSt5Pt1uAgcmT/Iv
qLnjYXiiqPB8rUSTDELRKa1hdZzHb/wKxQW5PgW0C6nXjdR+dlDL8C2OX83k9djl
FRwRN6UiHCoS7EVOeI4MbGhMCB824eCiUyy/sdMlhQ4RsmBxsVc99nE5W6NmmMX2
0GnhRM98pawe1A==
-----END CERTIFICATE-----