Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
File:                     TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft (raw, json)
Hash identifier:          7ymLU7OOgssJy5tRV/vm7feTWpjWWy+1GLuYMZZTbC4=
Subject key identifier:   6C:C4:B1:00:EB:1B:2D:A6:53:B3:86:8A:50:4D:21:55:BB:B5:10:DC
Authority key identifier: 4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34
Certificate issuer:       /CN=4f01333f86ca97071a0f96126ba38e2252e70a34
Certificate serial:       018F8748AB22E8494ABE770174C6E70DD0EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
Manifest number:          0466
Signing time:             Fri 17 May 2024 16:00:37 +0000
Manifest this update:     Fri 17 May 2024 16:00:37 +0000
Manifest next update:     Sat 18 May 2024 16:00:37 +0000
Files and hashes:         1: TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl (hash: vqcJmg7liMK4aWY6g0JF63GXnK3ydAZlmGCFoGE9wyw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:ab:22:e8:49:4a:be:77:01:74:c6:e7:0d:d0:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4f01333f86ca97071a0f96126ba38e2252e70a34
        Validity
            Not Before: May 17 16:00:37 2024 GMT
            Not After : May 18 16:00:37 2024 GMT
        Subject: CN=6cc4b100eb1b2da653b3868a504d2155bbb510dc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:05:53:bd:6e:8d:98:45:33:4a:fd:16:cf:d8:
                    1d:01:98:0c:66:a3:f1:07:e2:e4:af:aa:f3:9a:98:
                    2d:a0:bb:16:12:da:35:bb:e2:e7:fb:cd:ad:3e:d3:
                    27:a8:a1:20:43:fa:b5:8a:55:08:a9:e0:10:ed:38:
                    06:e5:48:f1:7c:49:05:8e:3d:78:65:23:4f:64:67:
                    a1:ac:82:3b:fa:35:2b:fa:86:4d:d6:b0:35:43:d8:
                    18:7a:fa:f8:a7:94:e1:61:ac:de:63:6e:60:50:7c:
                    f2:47:29:61:ee:6d:24:ea:39:2b:a8:8b:48:2e:b6:
                    2d:51:26:a7:15:8b:1a:7e:14:f2:3f:5a:48:70:b1:
                    7d:42:60:70:e0:b2:b7:4c:48:59:26:03:3c:3d:e3:
                    70:29:17:dc:10:a1:a3:57:5a:67:e9:40:3f:49:fe:
                    f6:04:de:d3:04:d4:ff:64:c9:7b:d7:e3:48:cf:cd:
                    c3:12:b3:81:b9:af:d9:4d:82:49:19:f1:4d:51:96:
                    5f:8b:8a:61:9e:ae:ab:b9:27:4c:19:63:5f:7d:06:
                    a4:02:a3:d9:1f:f0:08:b7:38:4b:e3:e9:a2:d9:97:
                    f7:d7:6f:e6:f6:44:4b:5d:d1:bb:71:53:37:25:c7:
                    89:d3:1f:33:94:c0:a8:32:a2:b9:fb:66:6f:8a:c5:
                    0d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:C4:B1:00:EB:1B:2D:A6:53:B3:86:8A:50:4D:21:55:BB:B5:10:DC
            X509v3 Authority Key Identifier:
                keyid:4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:a3:d6:3a:df:d0:f2:6e:27:d0:81:ca:40:2b:bf:98:04:25:
         f6:1d:7f:80:c0:d9:51:d0:d1:51:27:8e:cb:4c:fd:a9:d1:07:
         83:2f:9e:d1:da:75:24:36:76:2e:11:cb:c3:c8:8b:ae:0b:52:
         bb:05:47:1b:4d:3d:02:e3:0b:13:25:b3:f9:c1:cc:7a:9c:de:
         a5:6a:58:4b:b1:14:15:8a:93:9c:1c:e2:04:dd:73:14:fb:19:
         70:bf:d4:3d:70:85:f3:22:b4:1e:93:61:a3:a2:57:be:d2:9d:
         29:51:61:3f:c3:d0:c3:15:e3:90:12:21:ad:46:6c:a0:c1:ae:
         de:64:17:57:7f:08:7d:31:ce:6b:9c:41:a8:a8:fa:78:52:b0:
         97:59:0f:85:49:91:37:93:fd:e5:08:bd:99:25:60:ad:b7:49:
         17:78:49:61:cc:c6:43:5b:21:96:12:3c:68:14:80:d5:bd:28:
         05:14:23:0d:81:f6:23:96:fa:d3:a4:d4:53:0b:54:5a:ea:4a:
         ea:2e:c3:d1:4f:a5:fa:25:cb:4a:7e:88:6f:81:ac:8c:98:fd:
         d5:cd:0c:42:84:f9:df:be:1d:2f:2f:78:15:fc:ee:19:0f:12:
         26:1f:92:24:c3:12:0c:a8:5a:43:0d:27:ce:a2:b4:16:7e:2e:
         06:8a:80:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSKsi6ElKvncBdMbnDdDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMDEzMzNmODZjYTk3MDcxYTBmOTYxMjZiYTM4ZTIyNTJl
NzBhMzQwHhcNMjQwNTE3MTYwMDM3WhcNMjQwNTE4MTYwMDM3WjAzMTEwLwYDVQQD
Eyg2Y2M0YjEwMGViMWIyZGE2NTNiMzg2OGE1MDRkMjE1NWJiYjUxMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwVTvW6NmEUzSv0Wz9gdAZgMZqPx
B+Lkr6rzmpgtoLsWEto1u+Ln+82tPtMnqKEgQ/q1ilUIqeAQ7TgG5UjxfEkFjj14
ZSNPZGehrII7+jUr+oZN1rA1Q9gYevr4p5ThYazeY25gUHzyRylh7m0k6jkrqItI
LrYtUSanFYsafhTyP1pIcLF9QmBw4LK3TEhZJgM8PeNwKRfcEKGjV1pn6UA/Sf72
BN7TBNT/ZMl71+NIz83DErOBua/ZTYJJGfFNUZZfi4phnq6ruSdMGWNffQakAqPZ
H/AItzhL4+mi2Zf312/m9kRLXdG7cVM3JceJ0x8zlMCoMqK5+2ZvisUN3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGzEsQDrGy2mU7OGilBNIVW7tRDcMB8GA1UdIwQY
MBaAFE8BMz+GypcHGg+WEmujjiJS5wo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzIt
YjQwNTY5MTZiMThiLzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzItYjQwNTY5MTZiMThi
LzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArqPWOt/Q
8m4n0IHKQCu/mAQl9h1/gMDZUdDRUSeOy0z9qdEHgy+e0dp1JDZ2LhHLw8iLrgtS
uwVHG009AuMLEyWz+cHMepzepWpYS7EUFYqTnBziBN1zFPsZcL/UPXCF8yK0HpNh
o6JXvtKdKVFhP8PQwxXjkBIhrUZsoMGu3mQXV38IfTHOa5xBqKj6eFKwl1kPhUmR
N5P95Qi9mSVgrbdJF3hJYczGQ1shlhI8aBSA1b0oBRQjDYH2I5b606TUUwtUWupK
6i7D0U+l+iXLSn6Ib4GsjJj91c0MQoT5374dLy94FfzuGQ8SJh+SJMMSDKhaQw0n
zqK0Fn4uBoqAwQ==
-----END CERTIFICATE-----