Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
File:                     iZFbtGEcVfYprTpMz-NXwECh3BI.mft (raw, json)
Hash identifier:          /M+70mGoHZW2q7XbMVgTQzlkX2g1iS0m+dDmXAy0qB8=
Subject key identifier:   E0:EC:78:DB:DE:27:10:F7:FB:5C:C3:D6:55:38:0E:DA:6C:AA:7A:7B
Authority key identifier: 89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12
Certificate issuer:       /CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
Certificate serial:       018F8891E9648BF01B92082E901EF75E17B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
Manifest number:          0144
Signing time:             Fri 17 May 2024 22:00:14 +0000
Manifest this update:     Fri 17 May 2024 22:00:14 +0000
Manifest next update:     Sat 18 May 2024 22:00:14 +0000
Files and hashes:         1: iZFbtGEcVfYprTpMz-NXwECh3BI.crl (hash: 7LdM4z1Vxomr/i1HFI1ZqdTLTJwwrXm8Z1D51LN1MaQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:91:e9:64:8b:f0:1b:92:08:2e:90:1e:f7:5e:17:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89915bb4611c55f629ad3a4ccfe357c040a1dc12
        Validity
            Not Before: May 17 22:00:14 2024 GMT
            Not After : May 18 22:00:14 2024 GMT
        Subject: CN=e0ec78dbde2710f7fb5cc3d655380eda6caa7a7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:64:6c:7b:33:48:a9:e6:ab:aa:5f:17:fd:db:
                    6c:e6:ce:4e:b2:5d:85:5c:88:0c:94:8b:9e:eb:d6:
                    71:5c:c9:cc:42:dd:3a:40:f3:6a:85:6c:77:59:f9:
                    a5:35:a0:1a:fd:ed:bb:cb:a5:70:f3:04:88:a9:db:
                    48:6b:9f:0e:db:2f:18:10:d0:18:54:21:ca:77:40:
                    7c:d3:c3:94:42:3f:8a:f7:4d:a6:1a:53:54:48:ef:
                    2f:68:3b:fc:67:d0:0f:1c:c7:5f:02:41:6e:01:22:
                    f8:f8:11:70:a8:db:9c:11:8e:a4:e4:53:48:45:2a:
                    c8:e3:f6:98:92:7d:e5:bd:50:5c:5d:ea:5b:37:3f:
                    98:fe:26:3e:51:ac:0e:73:fb:81:f9:b4:70:ce:7e:
                    cd:79:7a:24:ec:d7:23:63:dc:15:6d:36:da:8e:92:
                    81:76:ed:59:79:52:a1:8b:a1:b7:fc:09:01:24:f9:
                    2f:94:c1:b8:2b:8d:e5:f0:a6:f6:9d:fe:b4:4d:e4:
                    31:ec:43:99:58:07:c7:37:e9:20:1f:d6:55:71:d2:
                    93:f1:00:5a:d7:0d:95:32:88:13:4b:20:3b:d1:26:
                    73:dc:39:5e:e0:5f:5e:dd:60:5a:bd:54:1d:a7:0b:
                    34:a1:d4:1e:a9:1b:cb:44:a4:22:5e:e7:51:7f:25:
                    77:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:EC:78:DB:DE:27:10:F7:FB:5C:C3:D6:55:38:0E:DA:6C:AA:7A:7B
            X509v3 Authority Key Identifier:
                keyid:89:91:5B:B4:61:1C:55:F6:29:AD:3A:4C:CF:E3:57:C0:40:A1:DC:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iZFbtGEcVfYprTpMz-NXwECh3BI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/74ac9d-2a53-4ae5-ba72-62afcb9972d7/1/iZFbtGEcVfYprTpMz-NXwECh3BI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:3f:4b:1f:5d:f0:cb:9c:10:d7:26:c2:ba:3d:e1:62:0e:61:
         37:5d:35:27:dc:56:d5:04:0e:ff:ce:c8:09:e3:29:3a:e4:e1:
         23:56:7c:94:1e:ba:ab:58:0c:52:59:ae:d7:ec:30:28:69:5e:
         39:c7:a0:17:cf:bb:55:b7:b7:e5:51:5b:51:b2:2f:53:1e:cf:
         73:1f:61:45:c0:60:3c:da:4c:b2:cb:96:e4:f9:5e:21:09:f4:
         cb:37:db:20:e9:f8:98:c5:b8:17:3d:4b:3b:85:7a:e3:a8:b9:
         44:c9:5d:76:47:18:ae:57:44:f0:ea:1b:02:3d:0a:4b:96:d2:
         ab:08:24:f7:c7:61:c0:ce:13:42:27:0d:12:1d:f3:00:9a:ba:
         47:04:15:63:1a:92:97:77:47:ca:88:b2:92:6e:12:11:f7:86:
         5b:a9:14:59:c7:e5:27:5c:dd:38:77:99:c0:40:e0:15:d1:09:
         07:2b:84:67:ad:8d:03:0a:f0:9b:78:85:4d:cf:03:03:42:0f:
         a7:ca:17:42:ed:ac:db:c4:c0:14:76:e0:53:df:20:6e:48:8f:
         1a:14:1f:d3:c6:26:e6:24:aa:8f:6d:b1:c0:f9:e8:ff:b2:84:
         b9:5e:39:73:da:77:27:7c:46:fc:21:09:5e:60:0f:45:21:56:
         22:09:fd:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikelki/AbkggukB73XhewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5OTE1YmI0NjExYzU1ZjYyOWFkM2E0Y2NmZTM1N2MwNDBh
MWRjMTIwHhcNMjQwNTE3MjIwMDE0WhcNMjQwNTE4MjIwMDE0WjAzMTEwLwYDVQQD
EyhlMGVjNzhkYmRlMjcxMGY3ZmI1Y2MzZDY1NTM4MGVkYTZjYWE3YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWRsezNIqearql8X/dts5s5Osl2F
XIgMlIue69ZxXMnMQt06QPNqhWx3WfmlNaAa/e27y6Vw8wSIqdtIa58O2y8YENAY
VCHKd0B808OUQj+K902mGlNUSO8vaDv8Z9APHMdfAkFuASL4+BFwqNucEY6k5FNI
RSrI4/aYkn3lvVBcXepbNz+Y/iY+UawOc/uB+bRwzn7NeXok7NcjY9wVbTbajpKB
du1ZeVKhi6G3/AkBJPkvlMG4K43l8Kb2nf60TeQx7EOZWAfHN+kgH9ZVcdKT8QBa
1w2VMogTSyA70SZz3Dle4F9e3WBavVQdpws0odQeqRvLRKQiXudRfyV3FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFODseNveJxD3+1zD1lU4Dtpsqnp7MB8GA1UdIwQY
MBaAFImRW7RhHFX2Ka06TM/jV8BAodwSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzIt
NjJhZmNiOTk3MmQ3LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NGFjOWQtMmE1My00YWU1LWJhNzItNjJhZmNiOTk3MmQ3
LzEvaVpGYnRHRWNWZllwclRwTXotTlh3RUNoM0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFT9LH13w
y5wQ1ybCuj3hYg5hN101J9xW1QQO/87ICeMpOuThI1Z8lB66q1gMUlmu1+wwKGle
OcegF8+7Vbe35VFbUbIvUx7Pcx9hRcBgPNpMssuW5PleIQn0yzfbIOn4mMW4Fz1L
O4V646i5RMlddkcYrldE8OobAj0KS5bSqwgk98dhwM4TQicNEh3zAJq6RwQVYxqS
l3dHyoiykm4SEfeGW6kUWcflJ1zdOHeZwEDgFdEJByuEZ62NAwrwm3iFTc8DA0IP
p8oXQu2s28TAFHbgU98gbkiPGhQf08Ym5iSqj22xwPno/7KEuV45c9p3J3xG/CEJ
XmAPRSFWIgn9wA==
-----END CERTIFICATE-----