Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
File:                     QHsur7H0zNuzzWzU10srM5eKC3A.mft (raw, json)
Hash identifier:          Y1p5/oeikiwBglm0KatnEw6oZjeLqHH6t7PAmKFDrVE=
Subject key identifier:   43:FA:75:55:AA:61:E1:0C:78:D1:92:41:87:5A:DB:76:EB:F3:E5:41
Authority key identifier: 40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70
Certificate issuer:       /CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
Certificate serial:       018F8749CC46578804005987604DDF207E9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
Manifest number:          1176
Signing time:             Fri 17 May 2024 16:01:51 +0000
Manifest this update:     Fri 17 May 2024 16:01:51 +0000
Manifest next update:     Sat 18 May 2024 16:01:51 +0000
Files and hashes:         1: QHsur7H0zNuzzWzU10srM5eKC3A.crl (hash: BkvlTi9rhh44HPJGYjG1lEqrEFfpBv9RqxfqjHoSv1Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:cc:46:57:88:04:00:59:87:60:4d:df:20:7e:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=407b2eafb1f4ccdbb3cd6cd4d74b2b33978a0b70
        Validity
            Not Before: May 17 16:01:51 2024 GMT
            Not After : May 18 16:01:51 2024 GMT
        Subject: CN=43fa7555aa61e10c78d19241875adb76ebf3e541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3a:90:1b:a5:3f:51:89:2c:8e:09:95:db:6f:
                    d5:00:3d:04:ef:62:37:af:4f:0c:ad:43:01:b0:61:
                    ec:99:3f:90:2b:3a:f2:3b:0f:2b:61:9d:6f:d8:1c:
                    60:c3:32:e0:ab:fc:93:6c:b5:29:e6:73:eb:81:a6:
                    d3:f7:33:a5:d3:bd:85:01:06:da:16:d9:f0:94:05:
                    82:b3:ae:20:07:bc:96:11:cf:b2:d8:69:08:48:3e:
                    28:31:ea:c7:08:10:be:98:a7:4d:3c:9f:29:b2:35:
                    cd:38:63:7f:90:47:20:27:20:a0:91:7d:ae:15:ba:
                    a8:10:48:08:69:10:62:f9:0f:26:63:fa:49:47:0d:
                    9e:da:2f:a2:d1:5e:8e:9c:63:40:51:75:90:c5:e8:
                    64:4b:61:e5:8d:fb:ac:c5:c0:34:8e:7f:6f:1c:85:
                    de:4c:f7:45:9d:7b:39:27:67:00:55:53:1e:35:17:
                    53:ba:df:81:02:69:16:36:0e:70:8e:c8:f7:fb:5d:
                    21:c7:8f:3f:14:45:96:81:cd:5f:99:72:6a:d0:85:
                    4c:8e:24:5d:61:49:35:b1:7f:2f:58:11:2a:91:e9:
                    6e:b2:f0:81:ac:ae:9f:3f:3c:15:03:d0:91:5b:23:
                    2a:2b:4c:cf:fb:82:5c:7a:0c:ef:14:99:e0:ba:ee:
                    1d:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:FA:75:55:AA:61:E1:0C:78:D1:92:41:87:5A:DB:76:EB:F3:E5:41
            X509v3 Authority Key Identifier:
                keyid:40:7B:2E:AF:B1:F4:CC:DB:B3:CD:6C:D4:D7:4B:2B:33:97:8A:0B:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHsur7H0zNuzzWzU10srM5eKC3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6aecc5-b85c-418b-afc8-c2e668c19727/1/QHsur7H0zNuzzWzU10srM5eKC3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:0e:93:21:b5:14:f4:76:d5:2f:ad:87:33:a4:d7:2b:9e:3d:
         33:6a:3f:2a:c7:51:89:f3:35:9a:a6:09:31:fb:8f:b0:36:1d:
         c1:f5:93:77:08:a5:86:ec:89:e1:ff:a1:dc:0a:4d:9c:e7:52:
         41:ec:a2:23:d5:95:cd:7c:d5:72:5b:d0:13:2c:4e:85:35:6b:
         40:6e:32:ba:e9:ed:c4:1b:a1:1c:92:7d:4f:50:75:ee:aa:99:
         44:c6:47:ab:a9:9c:af:d1:c2:41:6d:75:3b:2d:2f:66:d6:76:
         79:38:a0:09:51:45:e8:40:b0:f7:58:04:1c:6c:cd:a3:04:91:
         28:57:af:71:19:13:86:a6:97:c4:1b:7c:16:7b:d1:ac:85:cd:
         9a:6b:69:00:d4:c5:fa:5e:02:ed:44:40:1a:2e:9c:b6:b7:13:
         fe:4e:34:68:04:e9:63:44:25:2b:64:0d:ea:1c:f7:4a:48:72:
         80:7b:c5:4a:e0:aa:92:34:16:32:0e:9b:5c:1d:3a:da:10:49:
         6b:a4:18:4f:35:d2:6c:7f:36:96:e5:63:88:94:3e:ac:76:ff:
         9f:bd:a0:7a:9d:c1:16:93:30:ff:71:97:ba:63:77:f1:68:58:
         9b:ce:d2:10:b7:19:e6:c8:e0:5c:17:10:b9:bb:87:e9:b4:8e:
         80:35:59:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HScxGV4gEAFmHYE3fIH6dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2IyZWFmYjFmNGNjZGJiM2NkNmNkNGQ3NGIyYjMzOTc4
YTBiNzAwHhcNMjQwNTE3MTYwMTUxWhcNMjQwNTE4MTYwMTUxWjAzMTEwLwYDVQQD
Eyg0M2ZhNzU1NWFhNjFlMTBjNzhkMTkyNDE4NzVhZGI3NmViZjNlNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jqQG6U/UYksjgmV22/VAD0E72I3
r08MrUMBsGHsmT+QKzryOw8rYZ1v2BxgwzLgq/yTbLUp5nPrgabT9zOl072FAQba
FtnwlAWCs64gB7yWEc+y2GkISD4oMerHCBC+mKdNPJ8psjXNOGN/kEcgJyCgkX2u
FbqoEEgIaRBi+Q8mY/pJRw2e2i+i0V6OnGNAUXWQxehkS2HljfusxcA0jn9vHIXe
TPdFnXs5J2cAVVMeNRdTut+BAmkWNg5wjsj3+10hx48/FEWWgc1fmXJq0IVMjiRd
YUk1sX8vWBEqkelusvCBrK6fPzwVA9CRWyMqK0zP+4JcegzvFJnguu4dNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP6dVWqYeEMeNGSQYda23br8+VBMB8GA1UdIwQY
MBaAFEB7Lq+x9Mzbs81s1NdLKzOXigtwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgt
YzJlNjY4YzE5NzI3LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82YWVjYzUtYjg1Yy00MThiLWFmYzgtYzJlNjY4YzE5NzI3
LzEvUUhzdXI3SDB6TnV6eld6VTEwc3JNNWVLQzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQQ6TIbUU
9HbVL62HM6TXK549M2o/KsdRifM1mqYJMfuPsDYdwfWTdwilhuyJ4f+h3ApNnOdS
QeyiI9WVzXzVclvQEyxOhTVrQG4yuuntxBuhHJJ9T1B17qqZRMZHq6mcr9HCQW11
Oy0vZtZ2eTigCVFF6ECw91gEHGzNowSRKFevcRkThqaXxBt8FnvRrIXNmmtpANTF
+l4C7URAGi6ctrcT/k40aATpY0QlK2QN6hz3SkhygHvFSuCqkjQWMg6bXB062hBJ
a6QYTzXSbH82luVjiJQ+rHb/n72gep3BFpMw/3GXumN38WhYm87SELcZ5sjgXBcQ
ubuH6bSOgDVZzA==
-----END CERTIFICATE-----