Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft
File:                     1bFX6mgu908PHvZ_oekWDRfNLpM.mft (raw, json)
Hash identifier:          Nvy9GR1aLc20KMqMulRgnTRNMDMxckxXt+EDfrRa5hg=
Subject key identifier:   C1:74:2F:CD:C9:A5:5E:C1:22:B7:B2:D7:EE:D6:98:57:93:6E:38:1A
Authority key identifier: D5:B1:57:EA:68:2E:F7:4F:0F:1E:F6:7F:A1:E9:16:0D:17:CD:2E:93
Certificate issuer:       /CN=d5b157ea682ef74f0f1ef67fa1e9160d17cd2e93
Certificate serial:       01905BB821072763FA53A07B27B9EA4A733C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft
Manifest number:          11E8
Signing time:             Thu 27 Jun 2024 22:01:52 +0000
Manifest this update:     Thu 27 Jun 2024 22:01:52 +0000
Manifest next update:     Fri 28 Jun 2024 22:01:52 +0000
Files and hashes:         1: 1bFX6mgu908PHvZ_oekWDRfNLpM.crl (hash: tnNw0iTd/g3GCg0NMU4KSO2U/ASNfNlD/w7Eok5C/6Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 28 Jun 2024 20:47:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:5b:b8:21:07:27:63:fa:53:a0:7b:27:b9:ea:4a:73:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5b157ea682ef74f0f1ef67fa1e9160d17cd2e93
        Validity
            Not Before: Jun 27 22:01:52 2024 GMT
            Not After : Jun 28 22:01:52 2024 GMT
        Subject: CN=c1742fcdc9a55ec122b7b2d7eed69857936e381a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:90:a2:7c:b9:35:2f:93:c3:df:5c:33:a3:c8:
                    79:db:24:93:31:f7:a0:73:3a:da:fe:2e:aa:14:48:
                    7e:fe:9a:61:d9:2e:56:a8:79:03:0f:59:45:9a:57:
                    66:77:b6:83:c3:0f:d4:91:73:cc:70:92:77:0f:19:
                    07:2b:39:58:d4:9b:21:ac:cd:d9:7a:00:e0:b1:11:
                    95:73:ee:9f:e5:bf:d7:a1:7f:59:76:87:73:78:4a:
                    3c:db:f0:d4:18:a9:6e:ac:af:1e:cc:36:b4:ce:1f:
                    5c:98:36:e7:56:f3:63:5c:fc:15:4a:56:c3:3e:f6:
                    33:6a:15:73:46:b4:dc:0f:c0:e8:c9:6a:01:5d:8d:
                    70:d2:66:db:ef:93:e7:69:8e:bd:13:e9:5f:5b:90:
                    1d:13:c5:0d:39:93:33:81:0c:ad:fd:cf:e6:b6:cb:
                    9e:2d:a0:00:2b:26:6a:54:87:54:c7:40:14:a2:31:
                    b1:51:14:92:ef:37:c7:51:82:c6:ef:70:36:39:c0:
                    d2:b2:cd:46:0a:87:dd:51:83:1e:10:44:6f:0f:ed:
                    30:cf:65:3d:e4:2d:b7:38:75:a7:fe:4a:b6:7d:04:
                    d9:1c:a4:07:8f:c8:78:06:b3:d1:27:2d:a6:d9:42:
                    ae:95:21:29:95:b9:f9:3a:c7:a3:6b:76:c3:fc:33:
                    11:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:74:2F:CD:C9:A5:5E:C1:22:B7:B2:D7:EE:D6:98:57:93:6E:38:1A
            X509v3 Authority Key Identifier:
                keyid:D5:B1:57:EA:68:2E:F7:4F:0F:1E:F6:7F:A1:E9:16:0D:17:CD:2E:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1bFX6mgu908PHvZ_oekWDRfNLpM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/f76e8c-82b3-47d4-b4b6-021c9eec0077/1/1bFX6mgu908PHvZ_oekWDRfNLpM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:94:45:1c:09:1b:84:d5:37:55:c1:95:8a:c3:40:7f:07:b4:
         74:57:a6:62:2a:d7:81:18:ee:ab:38:30:f6:76:85:c2:69:13:
         b7:4a:af:12:da:0e:dd:84:14:c1:83:f4:26:71:d3:28:2b:ad:
         72:12:4f:b3:4e:83:56:d9:ee:78:a2:0d:f5:a3:7d:ce:32:f5:
         d5:b0:1b:43:ed:49:2d:95:6d:3b:db:d2:73:2a:73:08:1a:7b:
         7e:9e:86:33:3a:3a:b0:94:00:20:f4:02:ff:81:cd:73:fd:d3:
         ce:cb:cd:e8:8f:89:25:11:dc:a4:a1:93:52:87:2d:aa:23:c9:
         97:45:84:89:fb:5d:eb:34:e4:b8:70:d1:eb:75:50:72:35:66:
         59:f5:57:ee:70:3d:cb:a8:8b:8e:ff:0a:ad:26:36:2b:4c:88:
         2d:c1:04:70:02:07:b7:32:5c:30:c5:5f:ed:b2:5c:ee:b2:be:
         97:75:49:26:8c:cb:46:00:47:61:69:ff:e9:d3:f6:c3:41:41:
         16:9a:2a:59:bd:94:88:f6:5b:d1:0f:6e:71:7b:4c:44:fd:8f:
         e0:9a:4b:de:6a:5b:f6:54:dd:6b:4a:d1:89:83:0e:df:b7:7e:
         40:8b:67:17:72:09:fd:a7:bd:5d:61:19:27:1e:15:38:d8:75:
         d8:30:d1:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBbuCEHJ2P6U6B7J7nqSnM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjE1N2VhNjgyZWY3NGYwZjFlZjY3ZmExZTkxNjBkMTdj
ZDJlOTMwHhcNMjQwNjI3MjIwMTUyWhcNMjQwNjI4MjIwMTUyWjAzMTEwLwYDVQQD
EyhjMTc0MmZjZGM5YTU1ZWMxMjJiN2IyZDdlZWQ2OTg1NzkzNmUzODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZCifLk1L5PD31wzo8h52ySTMfeg
czra/i6qFEh+/pph2S5WqHkDD1lFmldmd7aDww/UkXPMcJJ3DxkHKzlY1JshrM3Z
egDgsRGVc+6f5b/XoX9ZdodzeEo82/DUGKlurK8ezDa0zh9cmDbnVvNjXPwVSlbD
PvYzahVzRrTcD8DoyWoBXY1w0mbb75PnaY69E+lfW5AdE8UNOZMzgQyt/c/mtsue
LaAAKyZqVIdUx0AUojGxURSS7zfHUYLG73A2OcDSss1GCofdUYMeEERvD+0wz2U9
5C23OHWn/kq2fQTZHKQHj8h4BrPRJy2m2UKulSEplbn5Oseja3bD/DMRbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMF0L83JpV7BIrey1+7WmFeTbjgaMB8GA1UdIwQY
MBaAFNWxV+poLvdPDx72f6HpFg0XzS6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mNzZlOGMtODJiMy00N2Q0LWI0YjYt
MDIxYzllZWMwMDc3LzEvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mNzZlOGMtODJiMy00N2Q0LWI0YjYtMDIxYzllZWMwMDc3
LzEvMWJGWDZtZ3U5MDhQSHZaX29la1dEUmZOTHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnZRFHAkb
hNU3VcGVisNAfwe0dFemYirXgRjuqzgw9naFwmkTt0qvEtoO3YQUwYP0JnHTKCut
chJPs06DVtnueKIN9aN9zjL11bAbQ+1JLZVtO9vScypzCBp7fp6GMzo6sJQAIPQC
/4HNc/3TzsvN6I+JJRHcpKGTUoctqiPJl0WEiftd6zTkuHDR63VQcjVmWfVX7nA9
y6iLjv8KrSY2K0yILcEEcAIHtzJcMMVf7bJc7rK+l3VJJozLRgBHYWn/6dP2w0FB
FpoqWb2UiPZb0Q9ucXtMRP2P4JpL3mpb9lTda0rRiYMO37d+QItnF3IJ/ae9XWEZ
Jx4VONh12DDRSw==
-----END CERTIFICATE-----