Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File:                     zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier:          gZzXreY+1wLAzybwtDFJoH9BXQarCmzpnuVuZOrtvxY=
Subject key identifier:   75:F5:06:D7:ED:D6:D9:9F:DC:C5:90:86:F2:DB:63:B0:90:5D:4F:AD
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer:       /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial:       018F87489D840D35AE5DF19D61C56C56FB00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number:          F1
Signing time:             Fri 17 May 2024 16:00:34 +0000
Manifest this update:     Fri 17 May 2024 16:00:34 +0000
Manifest next update:     Sat 18 May 2024 16:00:34 +0000
Files and hashes:         1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: jwtA4n25PTfVRrCIEvlHwIchiFzSvcBKwfMNuA3xhE4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:9d:84:0d:35:ae:5d:f1:9d:61:c5:6c:56:fb:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
        Validity
            Not Before: May 17 16:00:34 2024 GMT
            Not After : May 18 16:00:34 2024 GMT
        Subject: CN=75f506d7edd6d99fdcc59086f2db63b0905d4fad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:82:18:5a:8d:a1:88:53:77:1d:20:93:83:2c:
                    e0:b4:39:f9:89:f8:05:3e:57:53:06:7d:7c:3c:c4:
                    a5:7d:bf:d3:a9:eb:33:b5:d9:72:80:6d:80:f1:80:
                    f2:db:9a:12:00:36:94:b7:a3:5e:05:ee:62:81:eb:
                    8f:fb:e6:d8:70:1e:db:50:22:96:61:22:06:f1:9d:
                    f7:f7:5b:81:0a:02:72:e5:2e:7a:b4:53:03:31:dd:
                    8b:af:69:0b:98:62:ba:68:94:22:a5:2f:d0:3a:c3:
                    a1:a1:ca:bc:63:0a:46:a7:b4:29:a3:f6:63:57:8f:
                    6c:c1:1e:b9:aa:ed:b4:e2:4f:93:c6:f2:3d:e6:65:
                    2e:03:a6:f7:31:8b:1a:f5:cf:01:53:60:78:b8:51:
                    33:14:5f:0d:91:d9:f2:eb:da:7c:5c:64:b0:51:07:
                    56:e3:77:23:54:49:9a:98:67:3e:bb:e2:e6:60:b7:
                    f7:bc:ce:5d:e9:dc:8c:df:37:6e:79:a5:10:c4:06:
                    8c:ad:b0:b8:7e:ef:34:f0:ed:fd:93:3a:38:c1:23:
                    92:80:30:c1:0e:12:a2:09:ab:94:02:5f:4e:bb:a8:
                    d8:71:6b:54:3e:72:3e:80:c8:d5:df:6f:17:63:29:
                    14:a4:04:65:72:9e:87:fb:b3:f8:c7:ed:44:99:5f:
                    28:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:F5:06:D7:ED:D6:D9:9F:DC:C5:90:86:F2:DB:63:B0:90:5D:4F:AD
            X509v3 Authority Key Identifier:
                keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:b5:06:84:bf:bd:5f:85:9a:fd:30:ac:37:4c:11:bc:1d:89:
         7b:40:4e:5c:83:78:a5:27:82:b4:c6:9e:e2:b8:fa:89:2b:7a:
         85:a3:cd:ef:67:5e:32:8d:86:3d:71:6a:a5:ec:64:1e:c2:1a:
         28:11:d3:b2:40:22:62:af:a7:22:23:9f:79:78:03:20:ac:2e:
         ef:ed:35:17:02:1e:a5:fe:7d:19:dd:a3:5a:11:a8:94:d1:72:
         37:cb:65:b7:8c:91:ab:30:b5:0a:8c:d4:0f:ed:71:f4:d7:fe:
         59:57:71:4c:db:62:c8:f5:d0:d7:1e:d4:b9:e0:eb:b6:b7:7f:
         a2:7b:59:e2:5f:dc:14:b7:d8:44:62:e6:f2:ae:b8:10:2e:c6:
         bd:b0:14:81:05:84:27:1c:e5:0d:39:f0:a0:53:28:db:cc:68:
         11:7e:62:0f:31:df:bf:46:42:37:90:00:ea:b6:83:b3:78:73:
         f1:8f:c5:0b:42:a6:51:4c:4c:aa:60:13:ff:97:d3:6b:5d:ee:
         1d:23:41:3c:df:4e:24:e5:6a:c3:81:94:c9:19:df:59:80:e4:
         de:5e:45:2e:b7:c3:2c:57:9c:25:92:77:70:fd:18:64:f4:b3:
         a0:b2:5b:17:94:94:71:bb:e4:86:43:3a:04:1e:b3:61:1d:23:
         c6:4c:44:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSJ2EDTWuXfGdYcVsVvsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjQwNTE3MTYwMDM0WhcNMjQwNTE4MTYwMDM0WjAzMTEwLwYDVQQD
Eyg3NWY1MDZkN2VkZDZkOTlmZGNjNTkwODZmMmRiNjNiMDkwNWQ0ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4IYWo2hiFN3HSCTgyzgtDn5ifgF
PldTBn18PMSlfb/TqesztdlygG2A8YDy25oSADaUt6NeBe5igeuP++bYcB7bUCKW
YSIG8Z3391uBCgJy5S56tFMDMd2Lr2kLmGK6aJQipS/QOsOhocq8YwpGp7Qpo/Zj
V49swR65qu204k+TxvI95mUuA6b3MYsa9c8BU2B4uFEzFF8Nkdny69p8XGSwUQdW
43cjVEmamGc+u+LmYLf3vM5d6dyM3zdueaUQxAaMrbC4fu808O39kzo4wSOSgDDB
DhKiCauUAl9Ou6jYcWtUPnI+gMjV328XYykUpARlcp6H+7P4x+1EmV8ojwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHX1Btft1tmf3MWQhvLbY7CQXU+tMB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABrUGhL+9
X4Wa/TCsN0wRvB2Je0BOXIN4pSeCtMae4rj6iSt6haPN72deMo2GPXFqpexkHsIa
KBHTskAiYq+nIiOfeXgDIKwu7+01FwIepf59Gd2jWhGolNFyN8tlt4yRqzC1CozU
D+1x9Nf+WVdxTNtiyPXQ1x7UueDrtrd/ontZ4l/cFLfYRGLm8q64EC7GvbAUgQWE
JxzlDTnwoFMo28xoEX5iDzHfv0ZCN5AA6raDs3hz8Y/FC0KmUUxMqmAT/5fTa13u
HSNBPN9OJOVqw4GUyRnfWYDk3l5FLrfDLFecJZJ3cP0YZPSzoLJbF5SUcbvkhkM6
BB6zYR0jxkxEaQ==
-----END CERTIFICATE-----