Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
File:                     XVTR8F5RVk-oGdtyu47dOYeza74.mft (raw, json)
Hash identifier:          mv7HfN9TJtrT1obo+0xBc6C6qSRsPsuZ22rADgIxcgA=
Subject key identifier:   FF:7A:07:0D:CB:39:94:C8:69:1E:BC:88:9A:0F:24:43:51:55:C7:DE
Authority key identifier: 5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE
Certificate issuer:       /CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
Certificate serial:       018F88247595D47AACC84D1425F8EE9EC938
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
Manifest number:          10F8
Signing time:             Fri 17 May 2024 20:00:41 +0000
Manifest this update:     Fri 17 May 2024 20:00:41 +0000
Manifest next update:     Sat 18 May 2024 20:00:41 +0000
Files and hashes:         1: XVTR8F5RVk-oGdtyu47dOYeza74.crl (hash: kL1CYeKoQuQNn9Y2BNwmyS/9e3wTnFXOweRLdFcKEgs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:75:95:d4:7a:ac:c8:4d:14:25:f8:ee:9e:c9:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d54d1f05e51564fa819db72bb8edd3987b36bbe
        Validity
            Not Before: May 17 20:00:41 2024 GMT
            Not After : May 18 20:00:41 2024 GMT
        Subject: CN=ff7a070dcb3994c8691ebc889a0f24435155c7de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fd:ec:97:86:9c:35:13:26:2e:5a:ba:b8:21:
                    be:67:3b:22:87:e9:3a:db:08:fa:27:fe:e1:4f:de:
                    02:ca:52:b2:ec:6d:de:70:7c:5e:83:f5:f7:8e:45:
                    fb:c6:bd:53:5d:da:3f:02:aa:6d:e9:35:94:ff:e4:
                    c4:18:b3:8b:75:22:bf:b7:74:ac:f0:1c:80:4e:8f:
                    98:47:99:23:7e:79:5b:a8:b9:ea:95:e7:c6:fd:92:
                    4b:18:70:fb:a4:f6:b1:c3:0a:e2:39:ff:f1:a0:b6:
                    9f:cb:3f:47:0c:bb:a3:e1:42:66:1f:9b:da:e8:e4:
                    68:39:dc:03:47:df:80:de:02:dc:1b:fb:94:4e:4f:
                    8d:9d:fa:1f:db:6b:b5:ba:97:c0:73:b2:8c:6e:31:
                    ce:fa:06:83:60:44:d9:fa:ab:e9:70:35:30:a9:87:
                    f6:3a:87:7b:da:44:51:0a:0c:96:ad:ee:5b:a9:7b:
                    7e:84:9b:e3:73:82:88:b7:fc:c5:01:d1:57:ee:b9:
                    d5:e1:db:cc:07:ee:ea:da:24:12:bb:f2:8c:ba:36:
                    34:32:37:14:7a:e3:ed:d2:30:b8:86:0f:fe:44:16:
                    41:ac:c9:b9:e9:f0:6e:36:4d:fc:d2:32:6b:bc:eb:
                    90:d8:f2:3e:d6:f9:46:eb:57:15:cd:28:50:25:94:
                    17:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:7A:07:0D:CB:39:94:C8:69:1E:BC:88:9A:0F:24:43:51:55:C7:DE
            X509v3 Authority Key Identifier:
                keyid:5D:54:D1:F0:5E:51:56:4F:A8:19:DB:72:BB:8E:DD:39:87:B3:6B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVTR8F5RVk-oGdtyu47dOYeza74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2545a-6ae9-427f-83ae-ce3f8515a69b/1/XVTR8F5RVk-oGdtyu47dOYeza74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:6c:01:8f:95:2a:4d:de:5b:b8:08:4d:b0:3c:e4:f1:53:d5:
         b1:2c:ec:f0:9d:9d:eb:8b:ad:eb:fc:88:ab:6f:93:f8:0f:bb:
         12:ad:19:c1:f7:8d:c5:78:4c:e2:2f:43:71:00:17:94:de:38:
         55:6c:c8:6d:5a:a4:08:f2:db:55:5a:9d:41:99:42:cc:b7:98:
         4c:8c:c6:9e:84:ce:98:ff:ca:78:91:52:d6:35:31:fb:4d:50:
         1b:33:91:44:8a:e9:57:57:ef:51:58:c0:bd:71:64:b5:59:f6:
         c9:54:43:7c:43:31:ba:e2:7e:00:bd:a9:fe:b2:1b:f8:06:62:
         42:e1:c1:a1:3a:2a:50:cf:5f:61:fd:c9:f1:0f:fa:2b:6f:9e:
         f3:ea:0d:65:d0:bb:14:a5:68:80:79:e8:c3:de:01:6b:eb:48:
         f2:89:13:9b:17:42:4b:2f:e1:e2:da:b4:19:1d:25:a9:d2:4d:
         2d:d3:df:27:50:ff:9c:50:0d:7f:81:be:db:62:cd:b0:a5:e3:
         54:88:fc:17:e3:a5:e1:82:cd:27:8f:8e:2b:b3:a0:13:3a:28:
         ab:82:e0:80:82:45:08:f3:ac:ac:e0:3f:4b:57:8c:6b:5d:a9:
         2f:fd:f6:86:37:2e:fc:49:44:08:36:7a:09:f2:41:f7:2e:f5:
         45:8f:da:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJHWV1HqsyE0UJfjunsk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTRkMWYwNWU1MTU2NGZhODE5ZGI3MmJiOGVkZDM5ODdi
MzZiYmUwHhcNMjQwNTE3MjAwMDQxWhcNMjQwNTE4MjAwMDQxWjAzMTEwLwYDVQQD
EyhmZjdhMDcwZGNiMzk5NGM4NjkxZWJjODg5YTBmMjQ0MzUxNTVjN2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov3sl4acNRMmLlq6uCG+Zzsih+k6
2wj6J/7hT94CylKy7G3ecHxeg/X3jkX7xr1TXdo/Aqpt6TWU/+TEGLOLdSK/t3Ss
8ByATo+YR5kjfnlbqLnqlefG/ZJLGHD7pPaxwwriOf/xoLafyz9HDLuj4UJmH5va
6ORoOdwDR9+A3gLcG/uUTk+Nnfof22u1upfAc7KMbjHO+gaDYETZ+qvpcDUwqYf2
Ood72kRRCgyWre5bqXt+hJvjc4KIt/zFAdFX7rnV4dvMB+7q2iQSu/KMujY0MjcU
euPt0jC4hg/+RBZBrMm56fBuNk380jJrvOuQ2PI+1vlG61cVzShQJZQXuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP96Bw3LOZTIaR68iJoPJENRVcfeMB8GA1UdIwQY
MBaAFF1U0fBeUVZPqBnbcruO3TmHs2u+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUt
Y2UzZjg1MTVhNjliLzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjU0NWEtNmFlOS00MjdmLTgzYWUtY2UzZjg1MTVhNjli
LzEvWFZUUjhGNVJWay1vR2R0eXU0N2RPWWV6YTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWwBj5Uq
Td5buAhNsDzk8VPVsSzs8J2d64ut6/yIq2+T+A+7Eq0ZwfeNxXhM4i9DcQAXlN44
VWzIbVqkCPLbVVqdQZlCzLeYTIzGnoTOmP/KeJFS1jUx+01QGzORRIrpV1fvUVjA
vXFktVn2yVRDfEMxuuJ+AL2p/rIb+AZiQuHBoToqUM9fYf3J8Q/6K2+e8+oNZdC7
FKVogHnow94Ba+tI8okTmxdCSy/h4tq0GR0lqdJNLdPfJ1D/nFANf4G+22LNsKXj
VIj8F+Ol4YLNJ4+OK7OgEzooq4LggIJFCPOsrOA/S1eMa12pL/32hjcu/ElECDZ6
CfJB9y71RY/aPw==
-----END CERTIFICATE-----