Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
File:                     xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft (raw, json)
Hash identifier:          LLjXnSMVTmBR5U3Cm01BIqzKs8DtAHe8Gwic1JVT+gg=
Subject key identifier:   8D:F4:97:CC:5C:39:CF:BD:D2:64:07:48:EE:10:77:02:D1:29:F4:6D
Authority key identifier: C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82
Certificate issuer:       /CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
Certificate serial:       018F87B6BF1653636C0D285600A5A462D88A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
Manifest number:          0EE9
Signing time:             Fri 17 May 2024 18:00:51 +0000
Manifest this update:     Fri 17 May 2024 18:00:51 +0000
Manifest next update:     Sat 18 May 2024 18:00:51 +0000
Files and hashes:         1: xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl (hash: oBKWWx1Q6kIDFMaWpz9d3DhgSbKBUeDVZKgS0JfOTog=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:bf:16:53:63:6c:0d:28:56:00:a5:a4:62:d8:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c413d7a3765ff9a22bbc2299e049691e2940cb82
        Validity
            Not Before: May 17 18:00:51 2024 GMT
            Not After : May 18 18:00:51 2024 GMT
        Subject: CN=8df497cc5c39cfbdd2640748ee107702d129f46d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9e:7e:4b:8c:85:a6:84:0e:88:c2:2f:ce:e7:
                    c4:0f:bb:a4:df:14:6f:28:ee:7b:df:e0:f5:82:07:
                    69:2f:ae:7a:31:e6:55:32:db:40:e7:31:31:84:64:
                    d4:7b:ea:7c:5c:71:ef:cc:9d:15:52:90:4d:27:43:
                    26:9e:6c:74:18:c4:7a:a9:f1:73:56:5a:68:45:fb:
                    00:7c:96:25:71:ad:78:27:3a:25:c9:b4:9a:f5:c9:
                    1f:a4:fc:0b:58:a0:3a:ff:3a:fc:b3:5c:75:ae:31:
                    4d:bc:bb:4c:1c:f7:d6:51:54:86:99:5c:85:cd:88:
                    77:f3:12:05:d4:66:46:14:f0:db:9e:c7:99:fb:23:
                    df:cb:22:d6:fa:80:a3:6d:9b:57:86:4f:d8:23:2e:
                    a1:9d:64:77:70:e5:f3:f6:10:8d:15:83:f1:75:e4:
                    6b:0b:d3:82:fe:44:8e:1c:19:a1:b2:0d:c5:32:cf:
                    16:9f:fa:89:c5:ea:97:ea:94:8e:11:5e:15:ab:ed:
                    a5:34:28:02:35:1c:88:2a:5b:40:25:67:80:7b:4e:
                    00:d2:38:44:23:50:0f:66:cd:4f:8c:a6:ff:4a:10:
                    fa:31:1c:50:bb:c1:28:6e:4b:df:2e:ad:40:bf:da:
                    f9:9c:3d:a4:c4:19:d4:c0:70:a4:dd:43:49:25:41:
                    33:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:F4:97:CC:5C:39:CF:BD:D2:64:07:48:EE:10:77:02:D1:29:F4:6D
            X509v3 Authority Key Identifier:
                keyid:C4:13:D7:A3:76:5F:F9:A2:2B:BC:22:99:E0:49:69:1E:29:40:CB:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/a7bc86-0955-468b-9eb5-e860be7e7c54/1/xBPXo3Zf-aIrvCKZ4ElpHilAy4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:5f:39:62:84:93:2f:e8:27:8d:29:25:73:f1:3b:0b:a7:46:
         72:93:a9:2f:a6:b7:2c:fe:0d:d8:a3:8b:a2:d1:4f:33:27:d8:
         c2:34:80:86:79:8a:8b:ed:59:cd:c7:4d:20:01:ea:f1:02:4e:
         cd:89:c2:75:ee:22:03:c9:83:fb:85:34:b2:48:e9:7e:32:4a:
         98:b0:28:e9:80:c7:c3:d1:74:ae:e2:08:81:06:3a:52:3a:b3:
         09:07:01:dc:82:b4:5c:e5:62:57:b3:ce:90:51:08:46:26:91:
         9f:26:63:67:23:55:d0:5c:fc:74:5e:17:0a:3a:16:be:37:fb:
         d6:00:ec:08:04:49:08:da:d7:d1:5a:f5:0c:e6:84:09:d8:51:
         97:ed:ed:1e:ce:ea:ec:fe:29:15:ab:54:7e:09:6a:f3:77:f3:
         c6:e8:03:f5:54:f2:9b:a2:1c:87:5a:97:99:96:80:fd:f0:ab:
         9f:72:32:f9:48:35:e4:a4:8f:5d:8c:41:54:bc:59:36:1e:15:
         80:5a:b8:cc:ec:ac:2d:ad:a2:e7:26:d7:b1:db:20:30:77:cb:
         23:58:15:a2:ac:2a:67:6e:52:1c:85:47:86:cc:fe:12:79:e3:
         2a:ee:f1:40:31:a8:45:74:ed:ff:87:f1:0b:72:1c:b7:7a:0e:
         57:d2:85:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htr8WU2NsDShWAKWkYtiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTNkN2EzNzY1ZmY5YTIyYmJjMjI5OWUwNDk2OTFlMjk0
MGNiODIwHhcNMjQwNTE3MTgwMDUxWhcNMjQwNTE4MTgwMDUxWjAzMTEwLwYDVQQD
Eyg4ZGY0OTdjYzVjMzljZmJkZDI2NDA3NDhlZTEwNzcwMmQxMjlmNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu55+S4yFpoQOiMIvzufED7uk3xRv
KO573+D1ggdpL656MeZVMttA5zExhGTUe+p8XHHvzJ0VUpBNJ0Mmnmx0GMR6qfFz
VlpoRfsAfJYlca14JzolybSa9ckfpPwLWKA6/zr8s1x1rjFNvLtMHPfWUVSGmVyF
zYh38xIF1GZGFPDbnseZ+yPfyyLW+oCjbZtXhk/YIy6hnWR3cOXz9hCNFYPxdeRr
C9OC/kSOHBmhsg3FMs8Wn/qJxeqX6pSOEV4Vq+2lNCgCNRyIKltAJWeAe04A0jhE
I1APZs1PjKb/ShD6MRxQu8EobkvfLq1Av9r5nD2kxBnUwHCk3UNJJUEz+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI30l8xcOc+90mQHSO4QdwLRKfRtMB8GA1UdIwQY
MBaAFMQT16N2X/miK7wimeBJaR4pQMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUt
ZTg2MGJlN2U3YzU0LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hN2JjODYtMDk1NS00NjhiLTllYjUtZTg2MGJlN2U3YzU0
LzEveEJQWG8zWmYtYUlydkNLWjRFbHBIaWxBeTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACF85YoST
L+gnjSklc/E7C6dGcpOpL6a3LP4N2KOLotFPMyfYwjSAhnmKi+1ZzcdNIAHq8QJO
zYnCde4iA8mD+4U0skjpfjJKmLAo6YDHw9F0ruIIgQY6UjqzCQcB3IK0XOViV7PO
kFEIRiaRnyZjZyNV0Fz8dF4XCjoWvjf71gDsCARJCNrX0Vr1DOaECdhRl+3tHs7q
7P4pFatUfglq83fzxugD9VTym6Ich1qXmZaA/fCrn3Iy+Ug15KSPXYxBVLxZNh4V
gFq4zOysLa2i5ybXsdsgMHfLI1gVoqwqZ25SHIVHhsz+EnnjKu7xQDGoRXTt/4fx
C3Ict3oOV9KFhg==
-----END CERTIFICATE-----