Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
File:                     7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft (raw, json)
Hash identifier:          tfpoW3PearQPthHaw34/eVV0wmbhnXLy8G8zPRN9fz0=
Subject key identifier:   F5:CD:3E:30:2F:36:71:7B:F4:DA:D5:8F:97:4D:EC:23:9B:6C:3A:D1
Authority key identifier: EF:0F:20:53:3D:CC:79:95:A2:8C:F6:77:67:A0:41:69:86:67:C4:CD
Certificate issuer:       /CN=ef0f20533dcc7995a28cf67767a041698667c4cd
Certificate serial:       018F193571EFEE89A39C5667FDA679175E34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
Manifest number:          0686
Signing time:             Fri 26 Apr 2024 07:01:23 +0000
Manifest this update:     Fri 26 Apr 2024 07:01:23 +0000
Manifest next update:     Sat 27 Apr 2024 07:01:23 +0000
Files and hashes:         1: 7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl (hash: kPTwOEzHdPbS6ACPXefwmzIKQvNPkvXrDVmBfA1GaT8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 27 Apr 2024 07:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:19:35:71:ef:ee:89:a3:9c:56:67:fd:a6:79:17:5e:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef0f20533dcc7995a28cf67767a041698667c4cd
        Validity
            Not Before: Apr 26 07:01:23 2024 GMT
            Not After : Apr 27 07:01:23 2024 GMT
        Subject: CN=f5cd3e302f36717bf4dad58f974dec239b6c3ad1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:45:50:ed:50:04:1f:89:8f:f1:b3:cb:3e:82:
                    7d:31:14:2a:c8:5f:c5:f8:0f:9a:53:8d:04:51:50:
                    20:fb:1d:8e:d7:a4:a3:94:60:54:26:58:10:8b:5d:
                    8c:5a:ff:28:e1:da:4b:8a:7e:2e:fc:cf:d2:a0:86:
                    78:3c:34:2b:eb:ec:7b:14:92:ff:4a:ce:f6:f0:eb:
                    33:8f:52:f5:9e:ab:0a:0f:7e:11:71:da:d6:1c:66:
                    80:6e:23:ca:55:b2:f8:d8:64:a5:9c:1d:d7:48:b7:
                    48:ef:e0:4e:c7:c2:3c:b4:27:e8:1c:17:a4:33:73:
                    f4:05:d9:72:37:10:03:ea:74:2d:3d:e9:81:52:28:
                    de:2b:64:a1:9a:8b:23:f4:c0:a2:c6:8c:26:4e:94:
                    95:17:41:05:4c:a8:eb:63:46:d8:7b:ef:bd:c1:b8:
                    71:32:b7:fb:43:95:81:50:d5:3e:cc:7c:b6:35:ce:
                    bc:ec:38:f9:7f:ed:fa:93:4a:ce:77:1a:b3:23:c6:
                    04:25:30:6f:54:0d:0e:d7:c1:b0:67:79:af:cb:cb:
                    f3:c3:dd:84:3c:5f:ec:60:7c:c9:e4:dc:ba:a0:e5:
                    7a:24:6b:13:58:25:a6:9c:7d:e5:f9:43:e8:8c:8c:
                    3c:37:c7:43:94:ca:c6:fa:d2:2a:bf:f8:9a:7c:50:
                    34:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:CD:3E:30:2F:36:71:7B:F4:DA:D5:8F:97:4D:EC:23:9B:6C:3A:D1
            X509v3 Authority Key Identifier:
                keyid:EF:0F:20:53:3D:CC:79:95:A2:8C:F6:77:67:A0:41:69:86:67:C4:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ad883d-d243-4b1e-a32a-d14946e4f5cd/1/7w8gUz3MeZWijPZ3Z6BBaYZnxM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a2:be:64:33:f6:f3:98:e7:c6:b4:ff:e6:22:9c:b8:31:f8:63:
         4a:c9:25:5e:5b:00:72:52:81:99:43:18:31:91:08:03:36:13:
         12:22:ca:a1:38:db:e8:71:41:aa:99:c0:e5:7c:cf:8d:85:0f:
         70:e2:a1:e8:95:b0:93:59:c4:af:c0:53:45:8d:0e:97:c8:9a:
         79:e0:8a:7b:4b:6b:b0:9e:55:1a:8e:4d:08:0f:bb:7d:4b:76:
         46:07:de:17:ce:b9:c1:f6:5b:ae:73:f6:8d:be:f9:58:13:44:
         c1:fb:4c:62:5c:f3:a8:fc:ae:e8:e0:de:37:5f:9b:94:f2:f3:
         3b:4f:2d:a9:b1:db:70:94:fd:0f:38:b7:37:03:fb:75:54:bb:
         e5:53:10:5c:a5:08:db:fe:f1:8d:79:62:8b:f7:49:77:9d:d6:
         ea:1b:db:cb:63:0d:99:6b:16:34:49:05:db:ad:d3:10:36:ae:
         aa:73:95:01:55:6f:03:f9:c0:3a:a1:e0:5c:8d:ca:a8:35:24:
         03:c4:3c:d3:8e:81:da:b2:b0:95:cf:98:31:d6:4d:e9:80:75:
         31:dd:59:6d:ba:7a:db:7f:12:c4:3d:b7:05:45:38:27:96:a2:
         53:65:3b:a7:b7:df:01:2e:ca:4c:3e:43:41:24:9c:a0:2e:c9:
         9a:b9:1f:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8ZNXHv7omjnFZn/aZ5F140MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMGYyMDUzM2RjYzc5OTVhMjhjZjY3NzY3YTA0MTY5ODY2
N2M0Y2QwHhcNMjQwNDI2MDcwMTIzWhcNMjQwNDI3MDcwMTIzWjAzMTEwLwYDVQQD
EyhmNWNkM2UzMDJmMzY3MTdiZjRkYWQ1OGY5NzRkZWMyMzliNmMzYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUVQ7VAEH4mP8bPLPoJ9MRQqyF/F
+A+aU40EUVAg+x2O16SjlGBUJlgQi12MWv8o4dpLin4u/M/SoIZ4PDQr6+x7FJL/
Ss728Oszj1L1nqsKD34RcdrWHGaAbiPKVbL42GSlnB3XSLdI7+BOx8I8tCfoHBek
M3P0BdlyNxAD6nQtPemBUijeK2Shmosj9MCixowmTpSVF0EFTKjrY0bYe++9wbhx
Mrf7Q5WBUNU+zHy2Nc687Dj5f+36k0rOdxqzI8YEJTBvVA0O18GwZ3mvy8vzw92E
PF/sYHzJ5Ny6oOV6JGsTWCWmnH3l+UPojIw8N8dDlMrG+tIqv/iafFA0UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXNPjAvNnF79NrVj5dN7CObbDrRMB8GA1UdIwQY
MBaAFO8PIFM9zHmVooz2d2egQWmGZ8TNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9hZDg4M2QtZDI0My00YjFlLWEzMmEt
ZDE0OTQ2ZTRmNWNkLzEvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9hZDg4M2QtZDI0My00YjFlLWEzMmEtZDE0OTQ2ZTRmNWNk
LzEvN3c4Z1V6M01lWldpalBaM1o2QkJhWVpueE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAor5kM/bz
mOfGtP/mIpy4MfhjSsklXlsAclKBmUMYMZEIAzYTEiLKoTjb6HFBqpnA5XzPjYUP
cOKh6JWwk1nEr8BTRY0Ol8iaeeCKe0trsJ5VGo5NCA+7fUt2RgfeF865wfZbrnP2
jb75WBNEwftMYlzzqPyu6ODeN1+blPLzO08tqbHbcJT9Dzi3NwP7dVS75VMQXKUI
2/7xjXlii/dJd53W6hvby2MNmWsWNEkF263TEDauqnOVAVVvA/nAOqHgXI3KqDUk
A8Q8046B2rKwlc+YMdZN6YB1Md1Zbbp6238SxD23BUU4J5aiU2U7p7ffAS7KTD5D
QSScoC7JmrkfRA==
-----END CERTIFICATE-----