Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
File:                     2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json)
Hash identifier:          0HkGospwNPTvv9i4d5lR3iLDGRUWXYb9tOXbXJGk+AQ=
Subject key identifier:   A7:3F:35:F1:C2:0B:66:CE:71:E4:D1:78:0A:15:74:51:6C:5D:85:5C
Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49
Certificate issuer:       /CN=d991d6890f91fb2cd77931b809bdb1eb05091349
Certificate serial:       018F7BB38747FCECAB6A8B1EBB482351689D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
Manifest number:          0C0D
Signing time:             Wed 15 May 2024 10:01:54 +0000
Manifest this update:     Wed 15 May 2024 10:01:54 +0000
Manifest next update:     Thu 16 May 2024 10:01:54 +0000
Files and hashes:         1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: 9JFJWCpDh4gDkq5I+NQEPAEslaONfys9dqPazdUaUl0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 16 May 2024 10:01:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:7b:b3:87:47:fc:ec:ab:6a:8b:1e:bb:48:23:51:68:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349
        Validity
            Not Before: May 15 10:01:54 2024 GMT
            Not After : May 16 10:01:54 2024 GMT
        Subject: CN=a73f35f1c20b66ce71e4d1780a1574516c5d855c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ec:a6:e9:64:21:1d:bb:51:73:82:92:38:9d:
                    9c:b6:96:4e:10:4a:be:0c:08:93:17:1a:a1:48:97:
                    41:be:eb:d5:65:29:04:d6:6e:16:7c:b4:3e:0c:1e:
                    18:d7:67:a4:95:29:95:01:f0:a7:6d:41:da:0f:d6:
                    31:67:cf:ea:23:90:66:46:ff:fc:e7:93:b0:c6:bb:
                    f3:ef:b5:5f:92:d1:e1:5c:fa:3b:dd:cb:da:60:01:
                    7a:2a:23:b0:0d:1d:28:2f:7c:4d:e6:c9:7a:22:c8:
                    3e:29:c8:0d:5a:ed:00:23:65:c8:c1:d3:a7:bf:9b:
                    01:53:58:a9:70:d8:9f:26:2a:b4:71:b7:6c:7b:2b:
                    ca:97:c1:76:14:db:15:9b:7a:b1:15:ae:b0:0c:78:
                    90:59:a3:2d:0d:15:39:d6:6c:b1:25:b4:7a:eb:e0:
                    74:71:d9:5a:fd:88:a2:14:87:15:fb:0a:7d:26:b5:
                    90:45:d2:e3:33:d1:52:c5:1c:1e:be:1f:0d:b3:0d:
                    5d:3b:9d:12:59:d7:e0:8d:c0:a4:33:02:dd:a5:9a:
                    a9:3e:20:ce:9a:cf:0a:41:ee:03:a4:52:80:2e:27:
                    d5:b3:f1:cd:e4:12:fb:5e:8b:e4:5c:9b:27:8b:93:
                    0e:a7:85:38:04:5c:a1:17:58:59:56:79:2d:76:d1:
                    36:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:3F:35:F1:C2:0B:66:CE:71:E4:D1:78:0A:15:74:51:6C:5D:85:5C
            X509v3 Authority Key Identifier:
                keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:63:94:f7:b5:67:30:ff:07:87:6f:98:6b:00:f5:5e:03:6c:
         75:44:f5:e5:60:f2:64:93:fa:be:9b:e4:78:42:49:34:80:1e:
         8c:81:da:07:38:50:58:23:b2:91:4f:10:7d:53:3e:6a:47:b9:
         88:e3:10:e9:15:3f:4a:1a:9a:77:82:96:b4:25:a7:1b:46:81:
         6d:9b:18:ca:bc:84:f3:2e:25:82:ca:f5:3c:1b:2e:f2:76:66:
         94:06:e7:1d:83:cd:0d:3f:d9:a1:a7:ed:de:53:94:9e:39:3c:
         44:d5:14:d3:fd:9d:e4:dd:ee:db:a2:a6:04:28:13:d9:6b:05:
         42:bf:4e:ac:b8:ff:aa:66:8c:68:50:75:7d:b2:9d:d2:f5:64:
         79:94:8f:f3:0b:3a:dc:f4:67:56:4b:2f:a6:60:49:4e:75:d7:
         5e:d3:11:c0:33:91:17:4b:25:74:87:89:89:d1:fa:bf:6b:8e:
         47:7e:03:41:19:ce:22:cd:93:ac:f8:b4:f6:01:f2:e6:b7:c2:
         5a:54:86:ec:c2:1f:7e:f9:ae:50:da:9c:bd:2f:05:00:99:58:
         b4:db:73:48:d0:eb:f3:f6:7f:8c:87:7c:a8:fc:ac:3e:31:7a:
         10:7f:a2:67:6a:0e:d5:4f:ab:8e:2c:4e:ec:a7:31:14:52:18:
         c1:bc:73:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY97s4dH/Oyraoseu0gjUWidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw
OTEzNDkwHhcNMjQwNTE1MTAwMTU0WhcNMjQwNTE2MTAwMTU0WjAzMTEwLwYDVQQD
EyhhNzNmMzVmMWMyMGI2NmNlNzFlNGQxNzgwYTE1NzQ1MTZjNWQ4NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+ym6WQhHbtRc4KSOJ2ctpZOEEq+
DAiTFxqhSJdBvuvVZSkE1m4WfLQ+DB4Y12eklSmVAfCnbUHaD9YxZ8/qI5BmRv/8
55Owxrvz77VfktHhXPo73cvaYAF6KiOwDR0oL3xN5sl6Isg+KcgNWu0AI2XIwdOn
v5sBU1ipcNifJiq0cbdseyvKl8F2FNsVm3qxFa6wDHiQWaMtDRU51myxJbR66+B0
cdla/YiiFIcV+wp9JrWQRdLjM9FSxRwevh8Nsw1dO50SWdfgjcCkMwLdpZqpPiDO
ms8KQe4DpFKALifVs/HN5BL7XovkXJsni5MOp4U4BFyhF1hZVnktdtE2TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKc/NfHCC2bOceTReAoVdFFsXYVcMB8GA1UdIwQY
MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt
YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx
LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARGOU97Vn
MP8Hh2+YawD1XgNsdUT15WDyZJP6vpvkeEJJNIAejIHaBzhQWCOykU8QfVM+ake5
iOMQ6RU/Shqad4KWtCWnG0aBbZsYyryE8y4lgsr1PBsu8nZmlAbnHYPNDT/Zoaft
3lOUnjk8RNUU0/2d5N3u26KmBCgT2WsFQr9OrLj/qmaMaFB1fbKd0vVkeZSP8ws6
3PRnVksvpmBJTnXXXtMRwDORF0sldIeJidH6v2uOR34DQRnOIs2TrPi09gHy5rfC
WlSG7MIffvmuUNqcvS8FAJlYtNtzSNDr8/Z/jId8qPysPjF6EH+iZ2oO1U+rjixO
7KcxFFIYwbxzpA==
-----END CERTIFICATE-----