Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
File:                     fXrxi3mJleFLOBNhoGu2aEm36Fo.mft (raw, json)
Hash identifier:          GHFSozQ1Fx2AEHkA3HMteo03XtkKU7ga5pja2JH8rLs=
Subject key identifier:   CA:6F:DE:0D:FC:4D:92:FE:E1:B4:7C:96:DC:30:A3:DC:A4:15:9B:5B
Authority key identifier: 7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A
Certificate issuer:       /CN=7d7af18b798995e14b381361a06bb66849b7e85a
Certificate serial:       018F87ED79712647FB6EFBF352B7A6EDFE45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
Manifest number:          02A3
Signing time:             Fri 17 May 2024 19:00:38 +0000
Manifest this update:     Fri 17 May 2024 19:00:38 +0000
Manifest next update:     Sat 18 May 2024 19:00:38 +0000
Files and hashes:         1: fXrxi3mJleFLOBNhoGu2aEm36Fo.crl (hash: /kNzQg/Jws/euYmcRaOwvex53dd3RvtM/Qj/hX5eVbc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:79:71:26:47:fb:6e:fb:f3:52:b7:a6:ed:fe:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d7af18b798995e14b381361a06bb66849b7e85a
        Validity
            Not Before: May 17 19:00:38 2024 GMT
            Not After : May 18 19:00:38 2024 GMT
        Subject: CN=ca6fde0dfc4d92fee1b47c96dc30a3dca4159b5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:e1:74:fb:cf:72:59:71:4d:fc:59:b6:a6:0a:
                    85:e6:a0:c5:e2:af:67:8c:14:54:5e:03:ed:f0:a3:
                    6c:9c:25:46:5e:1d:e3:95:36:4b:7f:65:71:1c:1d:
                    15:f4:1a:85:ea:b7:b5:af:41:58:71:ef:46:5d:71:
                    e6:41:89:55:ff:71:4c:07:21:7a:7d:67:04:d1:da:
                    6b:a6:94:1a:78:66:52:1d:ea:a3:3d:ed:ae:6c:2d:
                    30:0b:fb:ff:25:6c:d6:06:30:16:be:56:fb:bd:5d:
                    a8:71:fd:68:96:c3:af:82:f3:03:bb:d6:1a:3b:36:
                    54:33:c0:d3:5b:8c:f2:88:1d:e1:a5:ee:b9:b5:92:
                    ed:2e:68:60:7d:02:71:03:50:27:23:01:fe:0d:95:
                    32:6e:9d:36:4c:d4:4b:c9:0d:97:5f:02:8f:9e:20:
                    f1:14:e9:90:e6:24:eb:b3:90:31:43:50:9f:23:25:
                    48:1a:66:91:42:35:88:d9:f6:cc:38:16:c8:bc:31:
                    0a:74:44:d0:8e:63:f5:55:77:b8:10:d2:72:bc:d8:
                    2e:c2:cc:d3:ca:5f:56:3e:00:35:f7:03:6a:e7:d7:
                    a0:c3:60:2d:d9:bd:71:3c:80:f4:ed:f3:70:ae:c8:
                    a5:ff:92:92:15:13:19:ac:8b:b3:27:d9:a4:46:20:
                    6e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:6F:DE:0D:FC:4D:92:FE:E1:B4:7C:96:DC:30:A3:DC:A4:15:9B:5B
            X509v3 Authority Key Identifier:
                keyid:7D:7A:F1:8B:79:89:95:E1:4B:38:13:61:A0:6B:B6:68:49:B7:E8:5A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fXrxi3mJleFLOBNhoGu2aEm36Fo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/78697d-b54e-4d7b-a8e0-7c6252c5f45d/1/fXrxi3mJleFLOBNhoGu2aEm36Fo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         be:1d:d4:05:9e:f9:db:63:99:22:99:6d:4b:95:0f:25:86:59:
         ae:91:4e:eb:91:0a:2e:9e:6e:9f:23:e4:85:e2:5f:b6:7d:06:
         8d:16:ed:e4:a8:34:36:ef:96:37:ee:13:21:0b:8c:e4:3d:fc:
         ea:2d:c1:02:2b:c4:e0:0f:d4:90:79:59:05:55:fa:02:e5:d5:
         17:d4:d6:fb:81:f5:52:36:55:97:f2:5f:85:80:70:26:d4:0d:
         fb:1b:f8:a6:a9:85:ec:12:ff:bf:ca:9d:d5:82:0b:31:80:0b:
         41:5e:37:8d:c3:fd:b6:b2:4d:0a:1b:8d:38:f0:37:6d:79:a9:
         ad:99:a2:34:f3:05:e0:40:05:a2:7b:9e:74:29:46:95:11:da:
         9c:52:c1:04:b8:ca:21:be:e4:02:5e:4a:5b:e5:19:ca:3b:89:
         c8:4f:70:27:dc:c1:c1:a5:b4:9d:9c:12:86:22:15:fa:1e:bc:
         f3:cb:f8:4a:fc:22:f3:1c:ac:9c:36:96:4e:b2:25:4f:2f:d8:
         77:68:a6:58:8f:60:5b:ad:38:7b:90:e3:d9:b0:db:6b:19:65:
         19:64:d9:bd:b2:9d:10:59:ec:ce:83:4d:31:79:0b:93:a4:71:
         57:0e:cd:76:cf:ce:8f:b7:11:9b:00:e7:2e:06:91:c9:ba:d4:
         6e:bd:89:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7XlxJkf7bvvzUrem7f5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkN2FmMThiNzk4OTk1ZTE0YjM4MTM2MWEwNmJiNjY4NDli
N2U4NWEwHhcNMjQwNTE3MTkwMDM4WhcNMjQwNTE4MTkwMDM4WjAzMTEwLwYDVQQD
EyhjYTZmZGUwZGZjNGQ5MmZlZTFiNDdjOTZkYzMwYTNkY2E0MTU5YjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+F0+89yWXFN/Fm2pgqF5qDF4q9n
jBRUXgPt8KNsnCVGXh3jlTZLf2VxHB0V9BqF6re1r0FYce9GXXHmQYlV/3FMByF6
fWcE0dprppQaeGZSHeqjPe2ubC0wC/v/JWzWBjAWvlb7vV2ocf1olsOvgvMDu9Ya
OzZUM8DTW4zyiB3hpe65tZLtLmhgfQJxA1AnIwH+DZUybp02TNRLyQ2XXwKPniDx
FOmQ5iTrs5AxQ1CfIyVIGmaRQjWI2fbMOBbIvDEKdETQjmP1VXe4ENJyvNguwszT
yl9WPgA19wNq59egw2At2b1xPID07fNwrsil/5KSFRMZrIuzJ9mkRiBuVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMpv3g38TZL+4bR8ltwwo9ykFZtbMB8GA1UdIwQY
MBaAFH168Yt5iZXhSzgTYaBrtmhJt+haMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAt
N2M2MjUyYzVmNDVkLzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83ODY5N2QtYjU0ZS00ZDdiLWE4ZTAtN2M2MjUyYzVmNDVk
LzEvZlhyeGkzbUpsZUZMT0JOaG9HdTJhRW0zNkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvh3UBZ75
22OZIpltS5UPJYZZrpFO65EKLp5unyPkheJftn0GjRbt5Kg0Nu+WN+4TIQuM5D38
6i3BAivE4A/UkHlZBVX6AuXVF9TW+4H1UjZVl/JfhYBwJtQN+xv4pqmF7BL/v8qd
1YILMYALQV43jcP9trJNChuNOPA3bXmprZmiNPMF4EAFonuedClGlRHanFLBBLjK
Ib7kAl5KW+UZyjuJyE9wJ9zBwaW0nZwShiIV+h6888v4Svwi8xysnDaWTrIlTy/Y
d2imWI9gW604e5Dj2bDbaxllGWTZvbKdEFnszoNNMXkLk6RxVw7Nds/Oj7cRmwDn
LgaRybrUbr2JGw==
-----END CERTIFICATE-----