Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
File:                     4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft (raw, json)
Hash identifier:          qZzCJu7lqzfkVCe4sntRfHnVq1KPDnBXUBjAhb3OVww=
Subject key identifier:   D7:8D:63:04:29:68:D8:FB:8B:D9:85:D8:25:F1:7A:67:F2:BE:6F:35
Authority key identifier: E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C
Certificate issuer:       /CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
Certificate serial:       018F3889B3259EF9CC1C6A854158DB5F2808
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
Manifest number:          0550
Signing time:             Thu 02 May 2024 09:01:39 +0000
Manifest this update:     Thu 02 May 2024 09:01:39 +0000
Manifest next update:     Fri 03 May 2024 09:01:39 +0000
Files and hashes:         1: 4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl (hash: laMDJVLER0qUz7FzNqarLy6mtC/i3aXSGLm6RRibOD8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 09:01:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:38:89:b3:25:9e:f9:cc:1c:6a:85:41:58:db:5f:28:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e00a6f2e633fcf3adef8725cc5be0ea7915dd40c
        Validity
            Not Before: May  2 09:01:39 2024 GMT
            Not After : May  3 09:01:39 2024 GMT
        Subject: CN=d78d63042968d8fb8bd985d825f17a67f2be6f35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e2:6d:d9:02:32:a7:cb:74:90:45:0c:c9:50:
                    e0:18:46:50:6b:12:bb:54:d4:49:42:54:06:48:01:
                    68:eb:7c:ce:53:71:ca:f7:9b:1c:dc:9e:36:34:b2:
                    72:7d:73:90:52:4d:68:d0:ab:f0:9f:ff:ff:3b:8c:
                    d6:7c:df:63:f6:ab:84:e8:ad:76:c0:2b:ef:21:3f:
                    dc:5e:a8:bb:3f:6b:96:d0:9b:27:8d:ad:07:a4:89:
                    91:7e:f7:0f:5f:91:9a:ed:62:07:e1:bc:bc:c4:6f:
                    81:fb:a5:b8:f2:3f:78:73:42:96:08:c1:0c:f7:d6:
                    68:38:07:81:2f:13:f1:bc:c0:12:2b:1f:00:ce:ee:
                    c6:84:a7:59:5c:83:fd:84:b8:be:30:9e:d5:10:01:
                    70:6f:5e:c5:66:23:c6:54:5c:9f:4a:b5:b6:cf:0a:
                    b8:2e:c5:d3:c0:c2:3a:89:54:4e:58:60:11:5e:cf:
                    7e:07:57:cd:1c:a5:7c:c3:f7:bf:40:b5:2b:fa:b9:
                    09:7c:f0:cd:c7:9d:64:c6:b0:b5:b0:b3:08:ef:73:
                    5b:53:0e:50:82:f7:4e:d2:57:74:ce:c4:19:34:40:
                    69:33:72:3b:94:61:f1:d3:9e:7e:4f:35:cd:86:87:
                    97:c7:78:09:a9:38:82:e8:f8:bf:19:85:75:f7:33:
                    7a:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:8D:63:04:29:68:D8:FB:8B:D9:85:D8:25:F1:7A:67:F2:BE:6F:35
            X509v3 Authority Key Identifier:
                keyid:E0:0A:6F:2E:63:3F:CF:3A:DE:F8:72:5C:C5:BE:0E:A7:91:5D:D4:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c0443e-9608-4196-9625-d096f1e25e97/1/4ApvLmM_zzre-HJcxb4Op5Fd1Aw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:23:c7:f2:cc:5e:8a:8c:dc:62:b4:84:39:03:34:60:9f:c6:
         6a:74:79:32:ba:b0:ac:97:c0:e9:25:fb:d5:93:6a:3e:2b:40:
         26:11:ea:50:51:0a:ab:d5:79:43:a8:ac:22:0b:01:08:02:61:
         0d:3d:96:47:85:60:13:15:42:70:32:b9:29:21:d6:1d:e3:93:
         43:4c:ae:58:9a:a4:ba:0e:c7:04:8f:af:14:88:5f:cf:2b:d9:
         15:e2:7c:cd:20:b5:c2:1d:57:03:f8:b2:47:18:b0:6d:2f:20:
         92:f2:b5:75:58:09:54:90:eb:fd:34:96:07:a9:fc:41:8a:9d:
         b5:b5:08:b4:2a:d7:fc:17:a0:16:50:f0:66:e0:13:9f:5f:94:
         93:dc:b7:d0:81:c6:d6:25:2a:d1:ee:4f:df:40:9f:6b:b1:eb:
         a0:7a:b0:8b:f6:da:66:84:aa:88:e4:f5:c4:ab:83:52:8a:b2:
         53:28:ec:0c:79:6d:db:05:f2:06:5e:76:17:e4:c1:5b:be:59:
         5a:b6:5b:9a:ef:1d:e5:18:43:b4:5b:42:a0:63:53:6b:77:05:
         aa:d7:ac:c2:6d:17:9a:fe:69:0a:9a:87:35:c0:10:29:36:2e:
         b1:80:f6:d7:6d:82:26:55:fe:32:52:0e:7a:91:b0:ec:c5:25:
         e6:9a:0b:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY84ibMlnvnMHGqFQVjbXygIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwMGE2ZjJlNjMzZmNmM2FkZWY4NzI1Y2M1YmUwZWE3OTE1
ZGQ0MGMwHhcNMjQwNTAyMDkwMTM5WhcNMjQwNTAzMDkwMTM5WjAzMTEwLwYDVQQD
EyhkNzhkNjMwNDI5NjhkOGZiOGJkOTg1ZDgyNWYxN2E2N2YyYmU2ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeJt2QIyp8t0kEUMyVDgGEZQaxK7
VNRJQlQGSAFo63zOU3HK95sc3J42NLJyfXOQUk1o0Kvwn///O4zWfN9j9quE6K12
wCvvIT/cXqi7P2uW0Jsnja0HpImRfvcPX5Ga7WIH4by8xG+B+6W48j94c0KWCMEM
99ZoOAeBLxPxvMASKx8Azu7GhKdZXIP9hLi+MJ7VEAFwb17FZiPGVFyfSrW2zwq4
LsXTwMI6iVROWGARXs9+B1fNHKV8w/e/QLUr+rkJfPDNx51kxrC1sLMI73NbUw5Q
gvdO0ld0zsQZNEBpM3I7lGHx055+TzXNhoeXx3gJqTiC6Pi/GYV19zN6KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNeNYwQpaNj7i9mF2CXxemfyvm81MB8GA1UdIwQY
MBaAFOAKby5jP8863vhyXMW+DqeRXdQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUt
ZDA5NmYxZTI1ZTk3LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jMDQ0M2UtOTYwOC00MTk2LTk2MjUtZDA5NmYxZTI1ZTk3
LzEvNEFwdkxtTV96enJlLUhKY3hiNE9wNUZkMUF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYSPH8sxe
iozcYrSEOQM0YJ/GanR5MrqwrJfA6SX71ZNqPitAJhHqUFEKq9V5Q6isIgsBCAJh
DT2WR4VgExVCcDK5KSHWHeOTQ0yuWJqkug7HBI+vFIhfzyvZFeJ8zSC1wh1XA/iy
RxiwbS8gkvK1dVgJVJDr/TSWB6n8QYqdtbUItCrX/BegFlDwZuATn1+Uk9y30IHG
1iUq0e5P30Cfa7HroHqwi/baZoSqiOT1xKuDUoqyUyjsDHlt2wXyBl52F+TBW75Z
WrZbmu8d5RhDtFtCoGNTa3cFqteswm0Xmv5pCpqHNcAQKTYusYD2122CJlX+MlIO
epGw7MUl5poLuQ==
-----END CERTIFICATE-----