Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
File:                     TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft (raw, json)
Hash identifier:          WOsiCw8H8oX2xzd6XcbJif0N8vrw7Ibp9i2QoIDG9+I=
Subject key identifier:   3A:B7:82:87:68:27:73:58:AD:28:3E:A6:90:ED:46:C3:02:38:EA:42
Authority key identifier: 4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34
Certificate issuer:       /CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
Certificate serial:       018F87B69C3D6ECD2EFE5DD715DB4C22C90C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 18:00:42 +0000
Manifest this update:     Fri 17 May 2024 18:00:42 +0000
Manifest next update:     Sat 18 May 2024 18:00:42 +0000
Files and hashes:         1: TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl (hash: KGCWGijgvIugGXAyXGo3ZqFzh+ibHp2M+yQrNC6SSlA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:9c:3d:6e:cd:2e:fe:5d:d7:15:db:4c:22:c9:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e489f66159f77bb58d2bbc7e4fc1dfd9ddcb034
        Validity
            Not Before: May 17 18:00:42 2024 GMT
            Not After : May 18 18:00:42 2024 GMT
        Subject: CN=3ab7828768277358ad283ea690ed46c30238ea42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:1f:2b:95:2c:ae:f3:bb:c6:d8:d0:e6:90:36:
                    63:4e:86:76:76:bb:6b:12:fd:3c:3b:89:5f:01:80:
                    83:d9:79:7b:b5:a9:ea:9f:db:08:04:dc:25:55:c2:
                    50:f1:eb:de:aa:22:b3:4d:2f:17:1f:d6:59:16:43:
                    bf:bf:ef:ae:75:53:d5:26:14:d1:6b:29:4a:a8:64:
                    73:07:57:ff:16:7d:b2:2c:3e:df:d7:d9:e4:ea:be:
                    bb:7d:8f:89:b6:7b:ed:37:dd:40:97:15:1a:ff:76:
                    8b:79:ba:ce:4e:3e:e2:2d:cd:e8:99:4f:0b:06:fb:
                    ec:f5:0e:c1:33:79:b9:f4:14:20:0c:db:3c:0e:97:
                    1d:9d:e1:7b:94:70:d3:79:2b:66:a1:55:f5:2a:61:
                    e9:db:ee:32:ef:38:91:37:4f:ff:4d:5b:82:60:43:
                    34:95:e5:05:b4:b9:25:ef:15:f7:04:34:a9:9b:93:
                    48:5f:c8:ac:7b:6b:ea:cb:3d:3e:fe:d0:36:96:08:
                    ac:c9:1c:48:36:c8:ce:6a:10:63:45:43:d1:cd:00:
                    ac:da:6e:bc:84:67:41:6f:f5:c6:fa:41:4d:e9:00:
                    4c:a4:7a:25:96:33:cf:80:be:53:3a:38:5e:bd:9d:
                    08:55:f9:04:21:e5:b5:91:aa:94:7c:f3:29:5b:da:
                    29:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B7:82:87:68:27:73:58:AD:28:3E:A6:90:ED:46:C3:02:38:EA:42
            X509v3 Authority Key Identifier:
                keyid:4E:48:9F:66:15:9F:77:BB:58:D2:BB:C7:E4:FC:1D:FD:9D:DC:B0:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/a58197-eb09-4415-a61d-abd61aa82426/1/TkifZhWfd7tY0rvH5Pwd_Z3csDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c0:33:95:82:a4:f8:03:45:74:55:e8:72:4d:33:b9:41:8f:bf:
         42:a8:d3:91:a5:2b:83:03:40:3d:07:c5:a4:c9:38:93:60:78:
         b3:30:d2:60:1b:ff:04:a5:47:94:a8:d1:42:bb:cb:e3:8b:62:
         20:77:e1:01:03:f4:b1:6e:c0:9e:58:dd:84:8e:5f:74:63:bd:
         bf:28:d9:f4:d7:24:8c:79:33:08:d9:30:4a:b9:e6:a3:2b:be:
         74:cf:db:4d:10:d0:df:fd:6c:88:c1:bc:53:0e:2e:8d:73:9d:
         3f:9f:a0:d7:3f:10:18:40:10:74:9d:83:de:ec:d2:12:3c:15:
         fa:db:58:32:a3:cc:50:90:4b:0f:3d:d2:92:fb:d0:07:ad:64:
         fa:8a:76:cb:8d:b8:c3:68:8c:95:0b:a9:13:4d:81:97:c1:8a:
         0d:39:6f:b2:3a:4c:49:30:f8:91:3d:5e:a1:b0:3f:66:47:80:
         05:e2:78:a7:52:84:87:3e:51:7b:c3:aa:c2:8a:ec:42:ce:cd:
         6f:70:b5:dd:ac:7c:3e:e8:74:6a:38:80:0f:02:32:62:c2:fb:
         20:3f:9d:30:dc:bc:e8:d5:23:be:c3:eb:ce:2a:26:75:d4:6b:
         eb:41:de:96:b3:fb:cf:50:22:78:15:27:bd:b1:b4:80:f4:ac:
         6e:3b:9c:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htpw9bs0u/l3XFdtMIskMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDg5ZjY2MTU5Zjc3YmI1OGQyYmJjN2U0ZmMxZGZkOWRk
Y2IwMzQwHhcNMjQwNTE3MTgwMDQyWhcNMjQwNTE4MTgwMDQyWjAzMTEwLwYDVQQD
EygzYWI3ODI4NzY4Mjc3MzU4YWQyODNlYTY5MGVkNDZjMzAyMzhlYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh8rlSyu87vG2NDmkDZjToZ2drtr
Ev08O4lfAYCD2Xl7tanqn9sIBNwlVcJQ8eveqiKzTS8XH9ZZFkO/v++udVPVJhTR
aylKqGRzB1f/Fn2yLD7f19nk6r67fY+JtnvtN91AlxUa/3aLebrOTj7iLc3omU8L
Bvvs9Q7BM3m59BQgDNs8DpcdneF7lHDTeStmoVX1KmHp2+4y7ziRN0//TVuCYEM0
leUFtLkl7xX3BDSpm5NIX8ise2vqyz0+/tA2lgisyRxINsjOahBjRUPRzQCs2m68
hGdBb/XG+kFN6QBMpHolljPPgL5TOjhevZ0IVfkEIeW1kaqUfPMpW9ophwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDq3godoJ3NYrSg+ppDtRsMCOOpCMB8GA1UdIwQY
MBaAFE5In2YVn3e7WNK7x+T8Hf2d3LA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQt
YWJkNjFhYTgyNDI2LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hNTgxOTctZWIwOS00NDE1LWE2MWQtYWJkNjFhYTgyNDI2
LzEvVGtpZlpoV2ZkN3RZMHJ2SDVQd2RfWjNjc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwDOVgqT4
A0V0VehyTTO5QY+/QqjTkaUrgwNAPQfFpMk4k2B4szDSYBv/BKVHlKjRQrvL44ti
IHfhAQP0sW7AnljdhI5fdGO9vyjZ9NckjHkzCNkwSrnmoyu+dM/bTRDQ3/1siMG8
Uw4ujXOdP5+g1z8QGEAQdJ2D3uzSEjwV+ttYMqPMUJBLDz3SkvvQB61k+op2y424
w2iMlQupE02Bl8GKDTlvsjpMSTD4kT1eobA/ZkeABeJ4p1KEhz5Re8OqworsQs7N
b3C13ax8Puh0ajiADwIyYsL7ID+dMNy86NUjvsPrziomddRr60HelrP7z1AieBUn
vbG0gPSsbjucew==
-----END CERTIFICATE-----