Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
File:                     jR3ulkqib4m9ECJ21GVjP7guqig.mft (raw, json)
Hash identifier:          XgouRQD98HepeOjz6nCMfJtwyzNqTBgCgofp2YWEkE0=
Subject key identifier:   65:90:00:B7:D6:83:A7:C4:B8:A7:89:28:96:96:B1:48:23:13:76:90
Authority key identifier: 8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28
Certificate issuer:       /CN=8d1dee964aa26f89bd102276d465633fb82eaa28
Certificate serial:       018F87ED424A95550319DF54A5A5509CC874
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
Manifest number:          05D8
Signing time:             Fri 17 May 2024 19:00:24 +0000
Manifest this update:     Fri 17 May 2024 19:00:24 +0000
Manifest next update:     Sat 18 May 2024 19:00:24 +0000
Files and hashes:         1: jR3ulkqib4m9ECJ21GVjP7guqig.crl (hash: /d6ObZIMNA3lJUJrwYv8j32CUw4vDwt2ultKE22u6OY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:42:4a:95:55:03:19:df:54:a5:a5:50:9c:c8:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1dee964aa26f89bd102276d465633fb82eaa28
        Validity
            Not Before: May 17 19:00:24 2024 GMT
            Not After : May 18 19:00:24 2024 GMT
        Subject: CN=659000b7d683a7c4b8a789289696b14823137690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f3:c7:83:f4:03:33:53:7b:8a:60:42:37:57:
                    06:a5:43:73:53:01:c4:f8:d8:1a:0e:82:ba:01:df:
                    30:20:04:0b:c1:13:aa:ae:c2:43:00:f0:03:35:49:
                    9f:c0:c5:59:db:f8:d4:8f:4e:38:fa:2e:36:19:5a:
                    06:2c:9c:e3:03:5c:c7:ea:48:1a:69:79:ff:7c:83:
                    e1:9a:17:51:62:93:d6:4b:c2:fa:30:60:0a:00:68:
                    9d:5a:8e:cf:db:83:c3:31:50:17:e7:b3:68:59:c8:
                    1e:7c:eb:46:6a:f3:fb:0c:49:90:0a:3e:c7:4e:8e:
                    34:dc:6a:7c:bd:d1:32:3c:f3:18:6f:76:3e:85:a2:
                    20:b6:bb:74:01:37:5f:5c:df:ba:74:2c:76:ff:54:
                    ee:ce:03:f3:2c:f8:86:cc:02:c9:50:79:c2:69:1f:
                    a2:ad:17:b1:c9:97:97:37:d6:06:e5:39:18:d4:78:
                    c3:8f:62:a2:c8:fd:cc:bd:3e:c1:39:1f:4a:51:86:
                    70:43:4d:6c:a7:d4:fe:9c:84:55:0e:8e:cb:46:25:
                    61:b8:af:58:df:4c:e8:f6:b6:19:f9:62:4b:39:b4:
                    47:be:ce:73:6b:3f:74:32:a2:9b:cb:45:e8:e2:6a:
                    ba:8d:53:11:50:45:3c:1f:73:d7:25:cb:e3:45:fc:
                    77:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:90:00:B7:D6:83:A7:C4:B8:A7:89:28:96:96:B1:48:23:13:76:90
            X509v3 Authority Key Identifier:
                keyid:8D:1D:EE:96:4A:A2:6F:89:BD:10:22:76:D4:65:63:3F:B8:2E:AA:28

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jR3ulkqib4m9ECJ21GVjP7guqig.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/549363-1229-4114-a996-259420d32472/1/jR3ulkqib4m9ECJ21GVjP7guqig.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         94:fe:23:c8:c5:ef:66:b8:f2:7e:8d:1f:99:1a:1f:06:dc:8e:
         cc:11:d3:61:38:83:4a:c0:7f:9b:d4:de:58:fc:bf:3d:69:00:
         f5:eb:f8:61:b5:64:11:31:23:b9:73:1a:97:21:0f:d5:37:35:
         84:bb:84:5e:f1:ce:33:3f:68:23:8b:01:9d:d2:52:c3:52:d7:
         55:c0:d6:5d:3c:aa:45:50:04:8e:51:5d:22:bd:2d:2c:a4:71:
         17:55:46:63:e7:05:d1:4d:e0:6c:38:5a:e4:72:e5:9e:37:9c:
         6b:34:90:1c:d3:b6:9b:94:db:20:26:74:db:5e:63:92:4c:2f:
         d8:a8:ec:ed:cc:22:94:5f:04:0a:16:7f:71:a8:72:7e:6a:88:
         8d:e3:7b:c2:d2:c6:3b:52:ca:e2:89:5c:68:b0:44:da:35:30:
         f2:72:b2:d5:a9:cf:62:bc:b5:d1:91:ee:fc:fe:a9:12:84:2e:
         cc:3e:b8:68:bf:10:15:f2:38:ed:21:50:81:1f:05:c7:44:ee:
         57:4f:9e:89:e0:45:46:29:c8:b3:b9:71:88:2e:c4:5a:8c:44:
         27:16:91:7a:39:1f:fb:21:4c:b8:e1:70:ed:cf:fb:93:5a:4b:
         39:4d:01:53:d7:ff:63:5b:ad:5b:8f:4f:a8:14:10:46:a2:0f:
         55:7e:b8:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7UJKlVUDGd9UpaVQnMh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWRlZTk2NGFhMjZmODliZDEwMjI3NmQ0NjU2MzNmYjgy
ZWFhMjgwHhcNMjQwNTE3MTkwMDI0WhcNMjQwNTE4MTkwMDI0WjAzMTEwLwYDVQQD
Eyg2NTkwMDBiN2Q2ODNhN2M0YjhhNzg5Mjg5Njk2YjE0ODIzMTM3NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPPHg/QDM1N7imBCN1cGpUNzUwHE
+NgaDoK6Ad8wIAQLwROqrsJDAPADNUmfwMVZ2/jUj044+i42GVoGLJzjA1zH6kga
aXn/fIPhmhdRYpPWS8L6MGAKAGidWo7P24PDMVAX57NoWcgefOtGavP7DEmQCj7H
To403Gp8vdEyPPMYb3Y+haIgtrt0ATdfXN+6dCx2/1TuzgPzLPiGzALJUHnCaR+i
rRexyZeXN9YG5TkY1HjDj2KiyP3MvT7BOR9KUYZwQ01sp9T+nIRVDo7LRiVhuK9Y
30zo9rYZ+WJLObRHvs5zaz90MqKby0Xo4mq6jVMRUEU8H3PXJcvjRfx3zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGWQALfWg6fEuKeJKJaWsUgjE3aQMB8GA1UdIwQY
MBaAFI0d7pZKom+JvRAidtRlYz+4LqooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYt
MjU5NDIwZDMyNDcyLzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81NDkzNjMtMTIyOS00MTE0LWE5OTYtMjU5NDIwZDMyNDcy
LzEvalIzdWxrcWliNG05RUNKMjFHVmpQN2d1cWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlP4jyMXv
Zrjyfo0fmRofBtyOzBHTYTiDSsB/m9TeWPy/PWkA9ev4YbVkETEjuXMalyEP1Tc1
hLuEXvHOMz9oI4sBndJSw1LXVcDWXTyqRVAEjlFdIr0tLKRxF1VGY+cF0U3gbDha
5HLlnjecazSQHNO2m5TbICZ0215jkkwv2Kjs7cwilF8EChZ/cahyfmqIjeN7wtLG
O1LK4olcaLBE2jUw8nKy1anPYry10ZHu/P6pEoQuzD64aL8QFfI47SFQgR8Fx0Tu
V0+eieBFRinIs7lxiC7EWoxEJxaRejkf+yFMuOFw7c/7k1pLOU0BU9f/Y1utW49P
qBQQRqIPVX64PQ==
-----END CERTIFICATE-----