Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
File:                     898KdcnvaBuNIzZ9vo7a0FPzvZU.mft (raw, json)
Hash identifier:          Era6ezs8I2fHQVvLgdHAmpGRcl5/3eTu9nZJsJJrPh0=
Subject key identifier:   BB:7B:E9:B9:B8:8E:0F:90:6D:58:0F:63:63:9F:68:E4:3B:A7:DA:40
Authority key identifier: F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95
Certificate issuer:       /CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
Certificate serial:       018F4D5B30E9D347C04DB71AEA503D57C810
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
Manifest number:          1158
Signing time:             Mon 06 May 2024 10:02:52 +0000
Manifest this update:     Mon 06 May 2024 10:02:52 +0000
Manifest next update:     Tue 07 May 2024 10:02:52 +0000
Files and hashes:         1: 898KdcnvaBuNIzZ9vo7a0FPzvZU.crl (hash: Y61bCujxxSNC+635GgEPBWxtz3S/7NXmhR76oCY1ZtM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 10:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4d:5b:30:e9:d3:47:c0:4d:b7:1a:ea:50:3d:57:c8:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3df0a75c9ef681b8d23367dbe8edad053f3bd95
        Validity
            Not Before: May  6 10:02:52 2024 GMT
            Not After : May  7 10:02:52 2024 GMT
        Subject: CN=bb7be9b9b88e0f906d580f63639f68e43ba7da40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:1e:53:90:e2:c9:9e:35:d3:39:4f:9e:d3:80:
                    88:c0:28:a4:52:a3:ff:5e:55:ef:83:f1:40:c3:4b:
                    05:bf:9e:01:01:97:e5:7d:71:d3:fe:c7:8d:dd:38:
                    13:5c:87:41:c0:5d:aa:ad:10:c2:3e:e5:36:3c:ec:
                    19:89:17:f3:a8:96:38:7e:1c:c7:c5:09:c9:74:0d:
                    17:76:89:12:40:fd:57:2e:cf:c0:2d:41:56:a3:8c:
                    2a:32:b8:4e:14:f6:f6:9b:cd:ec:e0:88:c1:52:7b:
                    7d:f7:fa:58:e9:89:ed:42:ea:d9:62:21:7c:0a:bc:
                    06:d6:67:d2:cb:a5:cf:65:d2:bd:8d:3c:7b:a4:4c:
                    85:c8:ee:e9:43:16:fa:b5:92:43:48:df:48:73:3d:
                    93:84:0d:86:02:c0:54:85:3f:7c:3e:af:4a:89:6f:
                    1f:ea:9e:50:78:3c:43:a5:4a:d4:f5:5a:e6:a5:d8:
                    66:4e:7f:9d:9e:b7:57:bd:1f:62:b1:f7:82:76:60:
                    0b:6c:8e:93:44:01:66:c9:8a:3d:a4:67:2b:17:da:
                    b3:a7:ee:13:74:6c:53:71:78:57:95:3a:14:da:98:
                    07:5e:8c:05:08:ea:b8:ab:7a:49:eb:e1:ec:e5:20:
                    42:fb:fb:5c:e7:1d:c2:49:b2:30:59:ef:2e:f3:98:
                    5e:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:7B:E9:B9:B8:8E:0F:90:6D:58:0F:63:63:9F:68:E4:3B:A7:DA:40
            X509v3 Authority Key Identifier:
                keyid:F3:DF:0A:75:C9:EF:68:1B:8D:23:36:7D:BE:8E:DA:D0:53:F3:BD:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/898KdcnvaBuNIzZ9vo7a0FPzvZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4cb72b-3f82-46d2-bf25-ab8abcc69016/1/898KdcnvaBuNIzZ9vo7a0FPzvZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:75:75:13:a8:2d:65:e6:43:88:08:08:83:2a:2c:31:5c:d7:
         64:f0:2c:fd:7f:84:68:54:f5:9f:67:e6:18:91:19:ff:7b:b4:
         2c:15:a3:2e:6a:59:57:02:af:e4:6d:2a:2f:72:c1:06:48:37:
         f6:9c:06:92:77:d7:51:54:6e:95:9d:02:7d:9f:95:56:e3:66:
         e3:32:c4:6c:02:cf:0a:d5:2e:cf:dd:31:4b:86:d3:9a:57:90:
         2f:89:9b:c9:f5:c2:ba:d2:e9:42:4d:29:52:f2:fd:03:8d:eb:
         42:73:5b:27:a5:9f:47:46:d4:e5:10:a4:70:a3:94:28:e3:69:
         79:7a:c3:6c:5f:21:72:0a:4f:cb:c3:dc:01:94:2a:a7:f3:38:
         6e:54:42:08:d8:70:9a:c9:a3:18:f5:df:40:b6:12:04:69:9a:
         ca:b8:cc:9f:c7:ce:f2:b8:01:f8:2d:b0:2d:b6:1c:fb:54:44:
         41:b4:e7:78:86:34:4d:cb:06:13:60:a9:84:24:84:c4:00:b2:
         88:76:1e:77:5a:90:8a:87:bf:f9:e0:76:3e:04:99:a0:9d:d1:
         48:ea:46:e8:6c:6d:f1:79:8a:33:88:a7:c7:bf:8d:41:c0:c0:
         b4:ef:28:28:29:2e:9c:68:b6:4e:ad:71:b8:71:7a:6e:a2:04:
         79:ea:e5:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9NWzDp00fATbca6lA9V8gQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzZGYwYTc1YzllZjY4MWI4ZDIzMzY3ZGJlOGVkYWQwNTNm
M2JkOTUwHhcNMjQwNTA2MTAwMjUyWhcNMjQwNTA3MTAwMjUyWjAzMTEwLwYDVQQD
EyhiYjdiZTliOWI4OGUwZjkwNmQ1ODBmNjM2MzlmNjhlNDNiYTdkYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0R5TkOLJnjXTOU+e04CIwCikUqP/
XlXvg/FAw0sFv54BAZflfXHT/seN3TgTXIdBwF2qrRDCPuU2POwZiRfzqJY4fhzH
xQnJdA0XdokSQP1XLs/ALUFWo4wqMrhOFPb2m83s4IjBUnt99/pY6YntQurZYiF8
CrwG1mfSy6XPZdK9jTx7pEyFyO7pQxb6tZJDSN9Icz2ThA2GAsBUhT98Pq9KiW8f
6p5QeDxDpUrU9VrmpdhmTn+dnrdXvR9isfeCdmALbI6TRAFmyYo9pGcrF9qzp+4T
dGxTcXhXlToU2pgHXowFCOq4q3pJ6+Hs5SBC+/tc5x3CSbIwWe8u85hemQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLt76bm4jg+QbVgPY2OfaOQ7p9pAMB8GA1UdIwQY
MBaAFPPfCnXJ72gbjSM2fb6O2tBT872VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUt
YWI4YWJjYzY5MDE2LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80Y2I3MmItM2Y4Mi00NmQyLWJmMjUtYWI4YWJjYzY5MDE2
LzEvODk4S2RjbnZhQnVOSXpaOXZvN2EwRlB6dlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjnV1E6gt
ZeZDiAgIgyosMVzXZPAs/X+EaFT1n2fmGJEZ/3u0LBWjLmpZVwKv5G0qL3LBBkg3
9pwGknfXUVRulZ0CfZ+VVuNm4zLEbALPCtUuz90xS4bTmleQL4mbyfXCutLpQk0p
UvL9A43rQnNbJ6WfR0bU5RCkcKOUKONpeXrDbF8hcgpPy8PcAZQqp/M4blRCCNhw
msmjGPXfQLYSBGmayrjMn8fO8rgB+C2wLbYc+1REQbTneIY0TcsGE2CphCSExACy
iHYed1qQioe/+eB2PgSZoJ3RSOpG6Gxt8XmKM4inx7+NQcDAtO8oKCkunGi2Tq1x
uHF6bqIEeerllA==
-----END CERTIFICATE-----