Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
File:                     QnqV1vkbZ2udcauK4RQZQY3jww4.mft (raw, json)
Hash identifier:          rH9TxkP7JVi7V0NJJnDQCUfyVuu5SMSJNoXRdLtFy2k=
Subject key identifier:   14:01:48:3B:EA:76:0C:75:86:94:CF:E9:B7:97:F9:5E:95:A4:97:32
Authority key identifier: 42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E
Certificate issuer:       /CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
Certificate serial:       018F87ED82636F4BDBF44BE1CAB9D51D71CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
Manifest number:          0CA7
Signing time:             Fri 17 May 2024 19:00:40 +0000
Manifest this update:     Fri 17 May 2024 19:00:40 +0000
Manifest next update:     Sat 18 May 2024 19:00:40 +0000
Files and hashes:         1: QnqV1vkbZ2udcauK4RQZQY3jww4.crl (hash: OK+srl8JPjHFvh8fPtO5lP1OC5y4Q1NmFMyYYPAt2iA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:82:63:6f:4b:db:f4:4b:e1:ca:b9:d5:1d:71:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=427a95d6f91b676b9d71ab8ae11419418de3c30e
        Validity
            Not Before: May 17 19:00:40 2024 GMT
            Not After : May 18 19:00:40 2024 GMT
        Subject: CN=1401483bea760c758694cfe9b797f95e95a49732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:f6:48:15:44:e0:79:9e:54:4b:4c:91:a9:3e:
                    23:34:47:3b:47:d5:fe:d3:f4:6b:d3:34:ef:2a:1c:
                    41:3f:5b:26:03:99:39:74:a4:0c:67:82:43:57:65:
                    98:21:a7:0c:e5:07:ee:2c:af:e3:7b:f7:44:86:06:
                    e7:fc:13:29:ec:ce:a6:92:73:d7:7c:5b:8c:ea:f0:
                    4e:ca:ee:2a:04:45:10:6e:30:1d:e0:d2:37:8c:98:
                    b9:a5:1f:4d:51:39:3d:75:92:45:29:3a:38:8f:1f:
                    17:58:05:60:70:5b:6d:2d:2e:de:cc:aa:56:56:34:
                    56:75:f0:16:ad:bb:11:a1:18:d0:d0:b8:ad:cb:35:
                    53:3b:dd:8b:48:39:3b:46:22:55:5a:52:b6:b1:6e:
                    e3:0e:71:2c:22:d9:89:80:e8:85:3d:5b:e0:b3:e5:
                    da:3e:a9:de:bd:e7:50:e7:f8:10:64:34:1e:ed:da:
                    2d:61:be:05:3a:be:53:d5:68:35:a3:a1:94:c1:43:
                    6f:16:bb:bb:2a:11:b6:37:21:47:33:4c:7b:d3:70:
                    eb:5e:de:bd:5b:e0:d1:ed:d3:51:42:b3:4d:a2:a7:
                    9d:b2:94:28:12:76:12:93:2d:08:80:4f:be:a1:84:
                    37:e5:8e:a5:75:14:c9:87:67:37:43:66:ad:a9:d1:
                    8d:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:01:48:3B:EA:76:0C:75:86:94:CF:E9:B7:97:F9:5E:95:A4:97:32
            X509v3 Authority Key Identifier:
                keyid:42:7A:95:D6:F9:1B:67:6B:9D:71:AB:8A:E1:14:19:41:8D:E3:C3:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnqV1vkbZ2udcauK4RQZQY3jww4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/64f999-d26f-4606-a326-ce7a51aa3314/1/QnqV1vkbZ2udcauK4RQZQY3jww4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2a:13:9d:72:57:97:92:70:90:95:c9:9f:e7:ec:7b:ee:40:5a:
         d3:16:70:ff:86:1f:7f:af:51:e0:74:89:d0:23:89:0d:55:11:
         23:72:1a:96:7a:b0:32:4b:b3:f3:06:d7:90:9e:cf:82:b9:15:
         a6:22:aa:84:ed:20:91:b8:55:fa:3c:b3:9b:46:12:6b:de:1e:
         b7:e0:cc:43:41:64:ac:9e:d3:ee:27:07:60:e8:6f:9b:0e:e3:
         85:02:13:57:fe:9b:be:05:4a:cf:a3:58:ad:38:f6:cf:3d:e7:
         f8:80:a6:ef:0f:97:f1:97:48:d8:2d:1f:6a:f7:60:ae:72:ed:
         49:67:4c:ec:bc:2c:7a:e0:80:7b:1f:e1:65:05:58:7f:4c:33:
         f0:2d:40:07:c7:ba:d5:15:07:b8:4c:5a:4e:04:0b:59:a7:40:
         a7:17:28:ad:0f:b6:31:5c:2b:d3:11:50:98:3f:cb:5a:0c:4c:
         0b:5c:8a:be:71:fe:ff:b4:e8:45:c7:f4:ad:62:04:ae:80:07:
         b6:68:10:b4:8a:c8:f3:b1:ec:05:8e:05:5b:33:08:b3:ac:e8:
         0a:d6:ba:33:8d:7e:1e:f2:82:55:ac:5d:3f:7c:7c:09:e9:3d:
         a7:dc:43:ad:62:89:11:3f:cf:52:d5:31:39:95:5f:30:b3:22:
         88:a5:ad:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7YJjb0vb9EvhyrnVHXHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2E5NWQ2ZjkxYjY3NmI5ZDcxYWI4YWUxMTQxOTQxOGRl
M2MzMGUwHhcNMjQwNTE3MTkwMDQwWhcNMjQwNTE4MTkwMDQwWjAzMTEwLwYDVQQD
EygxNDAxNDgzYmVhNzYwYzc1ODY5NGNmZTliNzk3Zjk1ZTk1YTQ5NzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfZIFUTgeZ5US0yRqT4jNEc7R9X+
0/Rr0zTvKhxBP1smA5k5dKQMZ4JDV2WYIacM5QfuLK/je/dEhgbn/BMp7M6mknPX
fFuM6vBOyu4qBEUQbjAd4NI3jJi5pR9NUTk9dZJFKTo4jx8XWAVgcFttLS7ezKpW
VjRWdfAWrbsRoRjQ0LityzVTO92LSDk7RiJVWlK2sW7jDnEsItmJgOiFPVvgs+Xa
PqnevedQ5/gQZDQe7dotYb4FOr5T1Wg1o6GUwUNvFru7KhG2NyFHM0x703DrXt69
W+DR7dNRQrNNoqedspQoEnYSky0IgE++oYQ35Y6ldRTJh2c3Q2atqdGNYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBQBSDvqdgx1hpTP6beX+V6VpJcyMB8GA1UdIwQY
MBaAFEJ6ldb5G2drnXGriuEUGUGN48MOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYt
Y2U3YTUxYWEzMzE0LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82NGY5OTktZDI2Zi00NjA2LWEzMjYtY2U3YTUxYWEzMzE0
LzEvUW5xVjF2a2JaMnVkY2F1SzRSUVpRWTNqd3c0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhOdcleX
knCQlcmf5+x77kBa0xZw/4Yff69R4HSJ0COJDVURI3IalnqwMkuz8wbXkJ7PgrkV
piKqhO0gkbhV+jyzm0YSa94et+DMQ0FkrJ7T7icHYOhvmw7jhQITV/6bvgVKz6NY
rTj2zz3n+ICm7w+X8ZdI2C0favdgrnLtSWdM7LwseuCAex/hZQVYf0wz8C1AB8e6
1RUHuExaTgQLWadApxcorQ+2MVwr0xFQmD/LWgxMC1yKvnH+/7ToRcf0rWIEroAH
tmgQtIrI87HsBY4FWzMIs6zoCta6M41+HvKCVaxdP3x8Cek9p9xDrWKJET/PUtUx
OZVfMLMiiKWtzw==
-----END CERTIFICATE-----