Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
File:                     Kf5mFpV0HYXP7c9v-890aZlZVp8.mft (raw, json)
Hash identifier:          C4UJ47BoexYH66jkvZpL2OXrpyYYNjpKZua/nZbsPZM=
Subject key identifier:   1D:FD:CC:2F:ED:EC:32:DC:22:F7:78:A4:57:06:1A:F7:32:92:69:40
Authority key identifier: 29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F
Certificate issuer:       /CN=29fe661695741d85cfedcf6ffbcf74699959569f
Certificate serial:       018F87492A83A8C250D068ED4B4FDA9A3D12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
Manifest number:          1176
Signing time:             Fri 17 May 2024 16:01:10 +0000
Manifest this update:     Fri 17 May 2024 16:01:10 +0000
Manifest next update:     Sat 18 May 2024 16:01:10 +0000
Files and hashes:         1: Kf5mFpV0HYXP7c9v-890aZlZVp8.crl (hash: KBiGVbLJSkQ74R5ClxNfioPLOUAlUxWIi/XKnKbIxKk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:2a:83:a8:c2:50:d0:68:ed:4b:4f:da:9a:3d:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=29fe661695741d85cfedcf6ffbcf74699959569f
        Validity
            Not Before: May 17 16:01:10 2024 GMT
            Not After : May 18 16:01:10 2024 GMT
        Subject: CN=1dfdcc2fedec32dc22f778a457061af732926940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d6:de:85:02:cc:9a:22:33:46:02:c0:cb:32:
                    1c:f0:90:ae:1d:23:74:08:7b:6a:b5:e6:3f:f6:71:
                    4e:2b:8c:63:cd:d7:f6:04:2e:bf:62:88:7d:0f:09:
                    2c:ad:71:30:5d:5b:f0:79:a8:e5:a7:b1:f9:4f:f3:
                    da:bc:d6:1b:bb:b1:af:b9:fd:0c:81:96:52:0a:47:
                    3c:88:08:f8:a8:f9:df:91:7c:ae:2a:38:af:db:21:
                    5d:25:f9:c9:80:3d:b8:9d:1a:00:9c:70:19:b3:5a:
                    b9:0c:05:9f:b5:cc:28:a4:66:41:c4:d3:b2:bd:5e:
                    85:17:19:5c:94:be:f5:27:78:ba:17:85:8f:22:bb:
                    55:84:12:ff:8b:41:d4:66:e9:27:01:c7:dd:05:5c:
                    c9:31:0e:e6:df:9b:4d:20:60:c6:74:5c:76:15:5f:
                    86:c9:2e:95:b7:72:45:5a:8c:35:70:99:ec:31:22:
                    4a:92:9e:7e:1a:b1:38:82:ab:54:bb:9b:60:73:a3:
                    28:7c:01:96:1b:8f:eb:25:8b:17:9b:a2:82:ba:f6:
                    01:6b:81:55:75:1b:d3:bf:0d:2e:0a:b4:45:95:eb:
                    cf:79:c5:da:2d:3f:59:b0:88:7c:65:2d:73:0c:a4:
                    33:59:5f:23:41:e8:c0:78:1f:3a:81:83:f9:96:6c:
                    6d:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:FD:CC:2F:ED:EC:32:DC:22:F7:78:A4:57:06:1A:F7:32:92:69:40
            X509v3 Authority Key Identifier:
                keyid:29:FE:66:16:95:74:1D:85:CF:ED:CF:6F:FB:CF:74:69:99:59:56:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kf5mFpV0HYXP7c9v-890aZlZVp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/51ecc9-5681-4b02-9db8-2e880a7a82ca/1/Kf5mFpV0HYXP7c9v-890aZlZVp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:a1:ac:1f:03:97:0a:55:0b:15:bb:34:70:52:aa:a6:83:2e:
         39:a3:87:1d:8e:3d:c0:3c:31:db:a0:c2:02:cd:d1:c6:c5:86:
         5c:05:f2:41:1f:dd:70:ed:bd:e2:9f:c5:ed:e7:50:22:96:02:
         e7:1c:65:6f:f5:e6:56:8e:2a:8b:95:17:96:bb:fb:62:c4:1f:
         dd:a0:6b:da:6b:7f:86:9e:15:23:29:05:1d:6d:3b:78:2b:fd:
         f4:8c:8f:54:2d:11:1b:bf:4c:1c:4d:4b:98:f6:c4:c3:13:11:
         f0:c7:64:60:1c:9c:e1:9f:15:40:f0:50:0d:fb:52:f1:80:1c:
         3c:c6:c4:f4:5e:a3:36:13:55:ef:5b:c3:b6:74:7b:00:3d:06:
         76:b2:93:fb:87:3f:38:9b:b7:64:21:39:6d:e5:23:51:f3:10:
         11:96:70:33:83:a8:93:9f:41:41:ed:8c:0a:e0:c9:b4:b6:c6:
         97:71:2f:eb:30:aa:3b:e2:3e:9c:04:05:9e:36:f8:1d:75:c7:
         be:ad:e8:5e:f1:78:9c:ab:20:88:72:e9:b7:9e:c3:ed:19:95:
         a8:23:43:5f:56:86:88:ed:17:ca:c2:2f:5c:51:6a:eb:78:2a:
         02:35:51:56:e2:84:20:a7:93:62:13:f4:a1:b1:90:fe:11:2f:
         cd:20:68:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSSqDqMJQ0GjtS0/amj0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZmU2NjE2OTU3NDFkODVjZmVkY2Y2ZmZiY2Y3NDY5OTk1
OTU2OWYwHhcNMjQwNTE3MTYwMTEwWhcNMjQwNTE4MTYwMTEwWjAzMTEwLwYDVQQD
EygxZGZkY2MyZmVkZWMzMmRjMjJmNzc4YTQ1NzA2MWFmNzMyOTI2OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9behQLMmiIzRgLAyzIc8JCuHSN0
CHtqteY/9nFOK4xjzdf2BC6/Yoh9DwksrXEwXVvweajlp7H5T/PavNYbu7Gvuf0M
gZZSCkc8iAj4qPnfkXyuKjiv2yFdJfnJgD24nRoAnHAZs1q5DAWftcwopGZBxNOy
vV6FFxlclL71J3i6F4WPIrtVhBL/i0HUZuknAcfdBVzJMQ7m35tNIGDGdFx2FV+G
yS6Vt3JFWow1cJnsMSJKkp5+GrE4gqtUu5tgc6MofAGWG4/rJYsXm6KCuvYBa4FV
dRvTvw0uCrRFlevPecXaLT9ZsIh8ZS1zDKQzWV8jQejAeB86gYP5lmxtlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB39zC/t7DLcIvd4pFcGGvcykmlAMB8GA1UdIwQY
MBaAFCn+ZhaVdB2Fz+3Pb/vPdGmZWVafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgt
MmU4ODBhN2E4MmNhLzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi81MWVjYzktNTY4MS00YjAyLTlkYjgtMmU4ODBhN2E4MmNh
LzEvS2Y1bUZwVjBIWVhQN2M5di04OTBhWmxaVnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHKGsHwOX
ClULFbs0cFKqpoMuOaOHHY49wDwx26DCAs3RxsWGXAXyQR/dcO294p/F7edQIpYC
5xxlb/XmVo4qi5UXlrv7YsQf3aBr2mt/hp4VIykFHW07eCv99IyPVC0RG79MHE1L
mPbEwxMR8MdkYByc4Z8VQPBQDftS8YAcPMbE9F6jNhNV71vDtnR7AD0GdrKT+4c/
OJu3ZCE5beUjUfMQEZZwM4Ook59BQe2MCuDJtLbGl3Ev6zCqO+I+nAQFnjb4HXXH
vq3oXvF4nKsgiHLpt57D7RmVqCNDX1aGiO0XysIvXFFq63gqAjVRVuKEIKeTYhP0
obGQ/hEvzSBodA==
-----END CERTIFICATE-----