Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
File:                     bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft (raw, json)
Hash identifier:          V+H8Mqvczz1lCGz1ukmQY8s6Aciom5GoM6tntLVVbvY=
Subject key identifier:   3E:AB:72:E5:C9:ED:16:39:C7:8B:47:C6:5C:81:A3:7F:F8:51:B3:C9
Authority key identifier: 6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54
Certificate issuer:       /CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
Certificate serial:       018F8749604DB5B2D36E253DD569273C15E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
Manifest number:          05E2
Signing time:             Fri 17 May 2024 16:01:23 +0000
Manifest this update:     Fri 17 May 2024 16:01:23 +0000
Manifest next update:     Sat 18 May 2024 16:01:23 +0000
Files and hashes:         1: bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl (hash: KhcHP3i8HTAQrk08sMi6eyd9mXrh4R6wj10MJ8GJlIc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:60:4d:b5:b2:d3:6e:25:3d:d5:69:27:3c:15:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6d5700916f90983bd8e89cd05fe629ec183bfa54
        Validity
            Not Before: May 17 16:01:23 2024 GMT
            Not After : May 18 16:01:23 2024 GMT
        Subject: CN=3eab72e5c9ed1639c78b47c65c81a37ff851b3c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:64:56:d6:dd:a5:b2:d4:fe:19:7c:c1:1b:dd:
                    91:e1:b3:fa:74:df:53:10:f2:54:ce:15:ca:5f:f9:
                    3f:4f:9d:d6:35:d7:f5:8f:08:2c:c1:70:db:53:9e:
                    84:dd:c5:22:8a:ce:26:be:2a:f2:0e:95:64:ea:47:
                    15:38:7e:4c:e9:39:bb:ab:22:18:87:ae:4e:18:93:
                    59:45:9b:0c:32:21:b8:ff:71:54:c4:af:75:94:22:
                    a7:ee:6e:4c:7b:8a:de:10:56:13:74:ed:c8:a6:aa:
                    db:18:1e:b7:ea:6f:6a:a1:42:d9:a4:f8:2d:b4:b8:
                    0d:ad:a6:5e:d4:9a:da:48:7a:94:80:22:db:76:9e:
                    b8:0f:bc:31:7f:21:80:8d:77:33:fa:be:ed:ab:c9:
                    c1:0d:5c:ae:6e:ad:c7:36:07:cb:ab:8e:5a:84:d4:
                    46:11:df:ba:1d:7e:40:ad:cf:99:03:77:2b:90:b2:
                    61:06:c2:ac:bc:38:19:2b:d8:4b:4e:24:98:72:a7:
                    08:7a:fb:ec:d7:68:76:90:ee:83:aa:71:f9:2c:77:
                    47:2e:c1:94:13:2c:6e:1c:64:5b:1c:41:70:1b:1c:
                    83:49:22:db:95:f8:de:ae:23:5d:a8:30:5d:af:83:
                    c7:2d:88:55:55:eb:fe:1c:eb:03:6a:62:e5:e7:05:
                    0f:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:AB:72:E5:C9:ED:16:39:C7:8B:47:C6:5C:81:A3:7F:F8:51:B3:C9
            X509v3 Authority Key Identifier:
                keyid:6D:57:00:91:6F:90:98:3B:D8:E8:9C:D0:5F:E6:29:EC:18:3B:FA:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9bfdb6-08b7-4b1d-8a88-926b34814130/1/bVcAkW-QmDvY6JzQX-Yp7Bg7-lQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:c5:e6:17:35:cc:cc:6f:2a:d5:77:b0:bf:19:80:5c:b4:43:
         7c:38:22:85:3b:a0:8a:3a:a7:00:5b:1f:5d:38:ab:47:07:fc:
         0c:7e:cb:0e:03:70:76:e6:f5:65:17:ca:ca:a3:e3:56:2a:76:
         56:d8:a9:f0:a6:57:cd:99:e6:6d:62:b6:4b:32:33:99:4b:80:
         66:59:0e:8f:62:e4:a6:f3:df:50:d9:b0:17:05:1b:b9:6a:91:
         ba:44:72:2e:74:42:bf:82:20:95:88:13:57:c4:f0:f0:45:ac:
         eb:78:fe:4a:59:0d:fd:b6:78:e6:88:1b:d5:e1:3b:94:6a:66:
         26:c5:7b:9f:f7:38:8a:98:38:58:4f:3d:8a:17:64:11:d7:f2:
         39:65:43:97:1f:c9:f5:4e:23:bb:cf:93:53:a5:00:e1:df:d7:
         19:48:ca:31:1b:e5:d8:19:05:64:ac:1a:4e:72:eb:a7:be:b1:
         d1:8e:48:3e:8f:6c:2d:eb:4e:ce:ee:7b:bf:22:2f:59:1a:f5:
         d6:60:d8:53:b7:0c:bd:e2:5a:9f:db:41:52:05:0c:c2:20:44:
         3f:d3:06:40:9b:d8:17:6f:0b:17:37:59:fc:88:17:7b:bc:d0:
         34:b8:e8:5f:c3:d8:17:58:ce:50:9f:43:91:2c:d9:23:5d:0d:
         91:77:95:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSWBNtbLTbiU91WknPBXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNTcwMDkxNmY5MDk4M2JkOGU4OWNkMDVmZTYyOWVjMTgz
YmZhNTQwHhcNMjQwNTE3MTYwMTIzWhcNMjQwNTE4MTYwMTIzWjAzMTEwLwYDVQQD
EygzZWFiNzJlNWM5ZWQxNjM5Yzc4YjQ3YzY1YzgxYTM3ZmY4NTFiM2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGRW1t2lstT+GXzBG92R4bP6dN9T
EPJUzhXKX/k/T53WNdf1jwgswXDbU56E3cUiis4mviryDpVk6kcVOH5M6Tm7qyIY
h65OGJNZRZsMMiG4/3FUxK91lCKn7m5Me4reEFYTdO3IpqrbGB636m9qoULZpPgt
tLgNraZe1JraSHqUgCLbdp64D7wxfyGAjXcz+r7tq8nBDVyubq3HNgfLq45ahNRG
Ed+6HX5Arc+ZA3crkLJhBsKsvDgZK9hLTiSYcqcIevvs12h2kO6DqnH5LHdHLsGU
EyxuHGRbHEFwGxyDSSLblfjeriNdqDBdr4PHLYhVVev+HOsDamLl5wUPwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD6rcuXJ7RY5x4tHxlyBo3/4UbPJMB8GA1UdIwQY
MBaAFG1XAJFvkJg72Oic0F/mKewYO/pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgt
OTI2YjM0ODE0MTMwLzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85YmZkYjYtMDhiNy00YjFkLThhODgtOTI2YjM0ODE0MTMw
LzEvYlZjQWtXLVFtRHZZNkp6UVgtWXA3Qmc3LWxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFcXmFzXM
zG8q1XewvxmAXLRDfDgihTugijqnAFsfXTirRwf8DH7LDgNwdub1ZRfKyqPjVip2
Vtip8KZXzZnmbWK2SzIzmUuAZlkOj2LkpvPfUNmwFwUbuWqRukRyLnRCv4IglYgT
V8Tw8EWs63j+SlkN/bZ45ogb1eE7lGpmJsV7n/c4ipg4WE89ihdkEdfyOWVDlx/J
9U4ju8+TU6UA4d/XGUjKMRvl2BkFZKwaTnLrp76x0Y5IPo9sLetOzu57vyIvWRr1
1mDYU7cMveJan9tBUgUMwiBEP9MGQJvYF28LFzdZ/IgXe7zQNLjoX8PYF1jOUJ9D
kSzZI10NkXeVFQ==
-----END CERTIFICATE-----