Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
File:                     ny8WbQXql29prtWORqQfflBSRHU.mft (raw, json)
Hash identifier:          y8cG6WXz/vpJYTgIEdbA9U1llRCD14tj7s96Y8Lv/ME=
Subject key identifier:   D6:2C:62:76:47:58:50:05:8C:5B:66:0D:41:CE:9C:F2:AA:EB:A9:04
Authority key identifier: 9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75
Certificate issuer:       /CN=9f2f166d05ea976f69aed58e46a41f7e50524475
Certificate serial:       018F88245D46644CFBFCB3C75AFA957DA86A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
Manifest number:          0EEF
Signing time:             Fri 17 May 2024 20:00:35 +0000
Manifest this update:     Fri 17 May 2024 20:00:35 +0000
Manifest next update:     Sat 18 May 2024 20:00:35 +0000
Files and hashes:         1: ny8WbQXql29prtWORqQfflBSRHU.crl (hash: UApZ3lkiGmelZKP29cI5bkXNmGhMe3VTsCjmxtIoHhA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:5d:46:64:4c:fb:fc:b3:c7:5a:fa:95:7d:a8:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f2f166d05ea976f69aed58e46a41f7e50524475
        Validity
            Not Before: May 17 20:00:35 2024 GMT
            Not After : May 18 20:00:35 2024 GMT
        Subject: CN=d62c6276475850058c5b660d41ce9cf2aaeba904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:f5:42:92:43:23:d8:36:49:a2:72:56:4b:8a:
                    50:63:c8:6b:37:bc:a9:d3:d3:5e:57:96:63:6a:97:
                    3f:2c:88:27:4e:06:5d:08:96:64:61:97:1f:09:b4:
                    5f:eb:1a:23:01:b4:22:d0:7b:24:4f:c9:a0:12:9e:
                    c3:79:09:9b:3a:0b:d9:0f:d0:e3:4f:9c:e7:d8:67:
                    2a:7c:ee:ff:12:12:cd:56:91:04:d4:cc:61:2b:a7:
                    cc:de:bb:40:18:9d:02:19:43:4c:e3:df:45:93:83:
                    8f:87:10:73:9b:45:b5:8e:06:f0:95:e9:1b:6e:59:
                    be:73:bc:88:49:59:ec:44:a8:a6:68:b0:76:8a:7c:
                    50:c4:94:71:5f:7f:45:34:d2:22:54:21:84:f1:ab:
                    8a:47:83:ba:36:45:34:dd:b7:2f:df:41:82:7d:52:
                    a3:29:16:88:91:eb:07:98:37:38:99:94:6c:ed:77:
                    b7:c8:bb:02:9a:33:33:49:bb:44:97:73:45:02:af:
                    07:93:89:12:1c:26:bd:86:a7:62:66:65:c3:20:ff:
                    34:96:c8:ff:e8:94:3e:49:78:22:70:2c:18:1a:dd:
                    68:46:81:3c:e6:4a:7a:69:d6:c3:e2:0d:7f:05:74:
                    32:c6:ae:07:83:94:04:c2:bc:44:b0:6c:9f:fd:44:
                    84:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:2C:62:76:47:58:50:05:8C:5B:66:0D:41:CE:9C:F2:AA:EB:A9:04
            X509v3 Authority Key Identifier:
                keyid:9F:2F:16:6D:05:EA:97:6F:69:AE:D5:8E:46:A4:1F:7E:50:52:44:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ny8WbQXql29prtWORqQfflBSRHU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/22efbb-3659-4a3d-bea4-962d4f0c29b0/1/ny8WbQXql29prtWORqQfflBSRHU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:71:43:3f:9b:6a:e7:15:51:7d:95:6b:6e:50:52:d8:d5:7a:
         e2:7f:79:51:41:4a:8e:7e:0c:28:93:74:f6:67:af:c6:eb:0b:
         04:0d:c5:19:37:e0:0f:ff:f9:84:90:fb:73:db:b1:aa:44:56:
         ad:4c:84:3a:da:0b:78:80:f4:0b:a8:4f:11:85:2d:28:ae:c3:
         d4:21:d4:92:ac:4f:52:f4:bd:4f:ab:36:13:18:f7:29:e5:60:
         fc:89:12:39:c8:bd:9e:67:bf:da:39:95:48:cb:3a:63:b0:3b:
         ad:fb:54:60:c5:31:a3:20:29:ad:8d:e9:7d:81:f5:7c:45:6b:
         16:21:13:94:a5:77:53:47:21:d7:4f:ee:3b:ee:bc:0d:25:08:
         c4:17:d1:29:3d:e3:bb:b2:67:94:52:48:34:21:bd:1b:c2:59:
         85:90:1a:4a:b0:a1:02:2d:2d:6e:f2:73:28:87:cb:c3:64:b1:
         79:43:8f:15:5b:a5:e6:6b:21:36:94:d4:50:2c:04:75:ee:1c:
         0f:f6:07:0d:d8:9c:db:2d:a1:bb:b4:a9:6a:b3:29:cc:3a:b9:
         71:42:fd:db:5e:6d:83:0e:ef:f3:4b:0d:b8:b8:b7:25:0e:54:
         10:6d:59:cc:d4:b9:aa:17:0c:bf:15:df:ea:5d:bf:8a:ba:1c:
         ae:6f:9b:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJF1GZEz7/LPHWvqVfahqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMmYxNjZkMDVlYTk3NmY2OWFlZDU4ZTQ2YTQxZjdlNTA1
MjQ0NzUwHhcNMjQwNTE3MjAwMDM1WhcNMjQwNTE4MjAwMDM1WjAzMTEwLwYDVQQD
EyhkNjJjNjI3NjQ3NTg1MDA1OGM1YjY2MGQ0MWNlOWNmMmFhZWJhOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPVCkkMj2DZJonJWS4pQY8hrN7yp
09NeV5Zjapc/LIgnTgZdCJZkYZcfCbRf6xojAbQi0HskT8mgEp7DeQmbOgvZD9Dj
T5zn2GcqfO7/EhLNVpEE1MxhK6fM3rtAGJ0CGUNM499Fk4OPhxBzm0W1jgbwlekb
blm+c7yISVnsRKimaLB2inxQxJRxX39FNNIiVCGE8auKR4O6NkU03bcv30GCfVKj
KRaIkesHmDc4mZRs7Xe3yLsCmjMzSbtEl3NFAq8Hk4kSHCa9hqdiZmXDIP80lsj/
6JQ+SXgicCwYGt1oRoE85kp6adbD4g1/BXQyxq4Hg5QEwrxEsGyf/USEMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNYsYnZHWFAFjFtmDUHOnPKq66kEMB8GA1UdIwQY
MBaAFJ8vFm0F6pdvaa7VjkakH35QUkR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQt
OTYyZDRmMGMyOWIwLzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMmVmYmItMzY1OS00YTNkLWJlYTQtOTYyZDRmMGMyOWIw
LzEvbnk4V2JRWHFsMjlwcnRXT1JxUWZmbEJTUkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu3FDP5tq
5xVRfZVrblBS2NV64n95UUFKjn4MKJN09mevxusLBA3FGTfgD//5hJD7c9uxqkRW
rUyEOtoLeID0C6hPEYUtKK7D1CHUkqxPUvS9T6s2Exj3KeVg/IkSOci9nme/2jmV
SMs6Y7A7rftUYMUxoyAprY3pfYH1fEVrFiETlKV3U0ch10/uO+68DSUIxBfRKT3j
u7JnlFJINCG9G8JZhZAaSrChAi0tbvJzKIfLw2SxeUOPFVul5mshNpTUUCwEde4c
D/YHDdic2y2hu7SparMpzDq5cUL9215tgw7v80sNuLi3JQ5UEG1ZzNS5qhcMvxXf
6l2/irocrm+bFw==
-----END CERTIFICATE-----