Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
File:                     ICNzDgbEv7_6ypBeUxJldCwXirQ.mft (raw, json)
Hash identifier:          9QTlFFnboMn7hJB5MTaOtqyUzMEAkba7HB2GNtGZf0c=
Subject key identifier:   AD:81:E3:FF:65:F8:28:A7:E8:29:FF:EC:66:91:13:24:A3:8A:90:4A
Authority key identifier: 20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4
Certificate issuer:       /CN=2023730e06c4bfbffaca905e531265742c178ab4
Certificate serial:       018F3BFAD990FA579D3E92675EAFE048AF13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
Manifest number:          0B25
Signing time:             Fri 03 May 2024 01:04:06 +0000
Manifest this update:     Fri 03 May 2024 01:04:06 +0000
Manifest next update:     Sat 04 May 2024 01:04:06 +0000
Files and hashes:         1: ICNzDgbEv7_6ypBeUxJldCwXirQ.crl (hash: 2Bv2ArP+hA5DNMlpwOZXmj28oEOV04RlXMIf7H0rDIQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 01:04:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3b:fa:d9:90:fa:57:9d:3e:92:67:5e:af:e0:48:af:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2023730e06c4bfbffaca905e531265742c178ab4
        Validity
            Not Before: May  3 01:04:06 2024 GMT
            Not After : May  4 01:04:06 2024 GMT
        Subject: CN=ad81e3ff65f828a7e829ffec66911324a38a904a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:aa:58:73:63:24:88:f7:d0:bd:5f:41:cc:4d:
                    7e:7e:3e:f1:17:a0:41:b8:0b:fd:26:2a:a2:5a:58:
                    8d:e2:8f:d1:33:78:15:d4:22:2f:47:15:d3:1d:48:
                    db:2f:36:a6:b8:e0:06:6f:1a:60:02:c4:9c:ba:b0:
                    69:9b:1b:aa:a7:73:7a:7f:55:23:8f:bc:5a:40:02:
                    1b:6b:c3:2a:6b:61:59:de:78:e9:d3:25:13:79:2d:
                    1b:57:1a:83:e2:13:b0:9a:bf:6d:aa:04:1e:6a:92:
                    4a:fb:ba:fe:38:0a:32:1e:eb:2d:5d:bb:33:cc:90:
                    5f:fc:9d:6d:3f:58:84:a7:5c:e7:a4:ba:ad:45:d1:
                    91:08:7a:31:7a:40:82:ab:2a:b3:cb:c4:1f:43:02:
                    9b:94:f9:f4:be:d4:92:5d:72:c1:79:f3:fb:12:56:
                    1d:56:98:fb:e1:a2:3c:dc:76:7e:5f:15:51:95:9b:
                    22:17:ed:d8:b9:a0:ed:99:a2:63:dc:cb:f9:2b:a5:
                    80:85:6d:77:35:30:27:ad:0a:ec:c6:27:4a:9e:17:
                    e8:0c:2d:3f:14:30:46:32:ac:39:76:69:b5:53:86:
                    88:cb:e5:7e:03:78:45:e6:a6:ca:39:a8:12:8f:2a:
                    6d:e5:d3:5b:1f:b5:18:d8:e4:34:60:1d:75:bc:32:
                    90:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:81:E3:FF:65:F8:28:A7:E8:29:FF:EC:66:91:13:24:A3:8A:90:4A
            X509v3 Authority Key Identifier:
                keyid:20:23:73:0E:06:C4:BF:BF:FA:CA:90:5E:53:12:65:74:2C:17:8A:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ICNzDgbEv7_6ypBeUxJldCwXirQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/45d7c1-c4f0-4835-b466-b0335ba3e0c2/1/ICNzDgbEv7_6ypBeUxJldCwXirQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:d9:e9:c8:39:48:71:f1:54:37:af:e0:83:7e:ec:c0:60:9c:
         96:92:a9:7f:a7:43:3e:f7:fc:bf:f7:ef:5d:dc:94:ae:28:66:
         97:19:99:7f:74:bb:1a:35:82:7f:6c:9f:e9:dc:f1:84:03:5a:
         48:14:0f:39:0a:6a:ad:0f:87:2c:8c:af:6d:d3:84:a6:0f:d1:
         09:02:f6:6a:53:1e:0b:50:73:b2:f0:56:2a:bb:f1:69:b4:bc:
         76:ae:1b:b5:44:11:5e:4e:6f:1e:a4:3d:8e:91:b3:a9:b7:d7:
         b7:21:01:57:d3:91:73:71:f7:a8:cc:14:50:7b:eb:51:29:5a:
         6f:b6:a1:24:5f:40:df:3a:84:20:4d:44:4a:0e:22:37:8e:3c:
         89:69:08:75:d1:42:15:b5:e5:15:52:7f:e6:fd:5a:00:e8:8c:
         73:96:52:57:97:56:6c:93:63:f8:1a:a8:cd:11:de:73:f7:36:
         04:74:89:cf:3c:b2:44:9b:6b:3a:00:7b:8a:a5:7a:a3:bd:0f:
         d1:22:04:6f:3a:b0:87:b4:7f:ee:21:77:12:63:19:2c:ce:0b:
         36:23:a5:44:2e:0d:3f:22:d0:9f:50:12:7b:85:96:6d:2d:72:
         59:a4:16:67:89:e7:1f:41:a0:ad:b0:a6:17:61:3c:43:e3:ba:
         a8:a2:b5:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY87+tmQ+ledPpJnXq/gSK8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMjM3MzBlMDZjNGJmYmZmYWNhOTA1ZTUzMTI2NTc0MmMx
NzhhYjQwHhcNMjQwNTAzMDEwNDA2WhcNMjQwNTA0MDEwNDA2WjAzMTEwLwYDVQQD
EyhhZDgxZTNmZjY1ZjgyOGE3ZTgyOWZmZWM2NjkxMTMyNGEzOGE5MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6pYc2MkiPfQvV9BzE1+fj7xF6BB
uAv9JiqiWliN4o/RM3gV1CIvRxXTHUjbLzamuOAGbxpgAsScurBpmxuqp3N6f1Uj
j7xaQAIba8Mqa2FZ3njp0yUTeS0bVxqD4hOwmr9tqgQeapJK+7r+OAoyHustXbsz
zJBf/J1tP1iEp1znpLqtRdGRCHoxekCCqyqzy8QfQwKblPn0vtSSXXLBefP7ElYd
Vpj74aI83HZ+XxVRlZsiF+3YuaDtmaJj3Mv5K6WAhW13NTAnrQrsxidKnhfoDC0/
FDBGMqw5dmm1U4aIy+V+A3hF5qbKOagSjypt5dNbH7UY2OQ0YB11vDKQrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2B4/9l+Cin6Cn/7GaREySjipBKMB8GA1UdIwQY
MBaAFCAjcw4GxL+/+sqQXlMSZXQsF4q0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYt
YjAzMzViYTNlMGMyLzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny80NWQ3YzEtYzRmMC00ODM1LWI0NjYtYjAzMzViYTNlMGMy
LzEvSUNOekRnYkV2N182eXBCZVV4SmxkQ3dYaXJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtnpyDlI
cfFUN6/gg37swGCclpKpf6dDPvf8v/fvXdyUrihmlxmZf3S7GjWCf2yf6dzxhANa
SBQPOQpqrQ+HLIyvbdOEpg/RCQL2alMeC1BzsvBWKrvxabS8dq4btUQRXk5vHqQ9
jpGzqbfXtyEBV9ORc3H3qMwUUHvrUSlab7ahJF9A3zqEIE1ESg4iN448iWkIddFC
FbXlFVJ/5v1aAOiMc5ZSV5dWbJNj+BqozRHec/c2BHSJzzyyRJtrOgB7iqV6o70P
0SIEbzqwh7R/7iF3EmMZLM4LNiOlRC4NPyLQn1ASe4WWbS1yWaQWZ4nnH0GgrbCm
F2E8Q+O6qKK1tg==
-----END CERTIFICATE-----