Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
File:                     mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft (raw, json)
Hash identifier:          9+DnxOVjyv93c6Gn6AdpJM3JnBy9YDsUkeiyzEAnPT0=
Subject key identifier:   40:65:E8:09:E4:4B:3A:92:CB:7F:48:4B:F2:C7:D7:BF:92:C8:04:E8
Authority key identifier: 99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47
Certificate issuer:       /CN=9972148c7362c2c9399bb3af741592c42516c547
Certificate serial:       018F9428DBB3B16B508EADE1DE9022D44B70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
Manifest number:          0CBA
Signing time:             Mon 20 May 2024 04:00:56 +0000
Manifest this update:     Mon 20 May 2024 04:00:56 +0000
Manifest next update:     Tue 21 May 2024 04:00:56 +0000
Files and hashes:         1: mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl (hash: iYDEYigDJkOPi+iI7DExsVj6W8QlUx0eZyZfdudI9nw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 04:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:94:28:db:b3:b1:6b:50:8e:ad:e1:de:90:22:d4:4b:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9972148c7362c2c9399bb3af741592c42516c547
        Validity
            Not Before: May 20 04:00:56 2024 GMT
            Not After : May 21 04:00:56 2024 GMT
        Subject: CN=4065e809e44b3a92cb7f484bf2c7d7bf92c804e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ac:10:4a:b0:11:21:b1:af:c5:34:90:c7:bc:
                    d2:78:47:c4:6d:e1:77:81:fd:3d:85:46:76:ff:db:
                    b2:8f:63:40:22:e6:c0:94:c6:ce:19:15:c7:50:43:
                    32:24:bc:e3:12:b1:f3:12:ec:d2:2f:09:ba:8a:e0:
                    36:97:91:d9:bb:e5:ab:a7:1d:72:08:67:d4:e6:2c:
                    4b:ee:fd:12:1e:8f:cd:f1:f4:2e:1b:a8:d5:ef:c9:
                    a2:e4:2b:78:6a:e0:34:da:55:4a:bf:8c:c7:0a:e5:
                    97:70:50:99:e7:b6:1e:cb:07:55:82:d1:dd:9a:b8:
                    cd:56:ed:66:c1:5f:e7:3b:cb:8b:74:d7:f9:26:58:
                    5b:ef:c6:37:07:1f:a2:39:80:3c:74:d9:91:68:04:
                    d8:d9:90:c1:43:86:e9:29:ef:24:a2:59:9f:fb:c3:
                    50:36:bb:43:0f:30:3d:9a:e7:8b:7d:b8:4b:f3:20:
                    68:0e:71:51:e0:98:f2:10:ca:e4:53:94:0b:72:a1:
                    6b:43:0f:4b:47:13:8b:5d:72:8e:95:0f:7e:38:6c:
                    c9:02:a2:d5:a3:06:d3:18:c1:8f:db:c5:bd:5c:9b:
                    57:a4:77:66:2d:ab:16:cb:bb:78:90:35:aa:5a:5d:
                    f2:72:3b:37:1e:c5:54:30:9f:2b:d5:ff:90:ad:d5:
                    27:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:65:E8:09:E4:4B:3A:92:CB:7F:48:4B:F2:C7:D7:BF:92:C8:04:E8
            X509v3 Authority Key Identifier:
                keyid:99:72:14:8C:73:62:C2:C9:39:9B:B3:AF:74:15:92:C4:25:16:C5:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mXIUjHNiwsk5m7OvdBWSxCUWxUc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/587b7b-071c-430b-9eb2-6ec62690b19b/1/mXIUjHNiwsk5m7OvdBWSxCUWxUc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:50:0d:31:19:a4:06:b8:30:02:5b:64:7e:aa:b6:1c:3a:de:
         d1:e6:bb:dc:43:c2:65:64:3d:36:5e:f2:15:84:a6:68:6b:cf:
         34:37:22:4a:53:65:2d:f0:35:40:fa:ea:60:37:28:69:01:61:
         77:a2:f4:43:b2:af:a3:b9:04:3a:01:61:3d:c7:67:a9:57:95:
         6d:b1:32:96:55:42:3b:99:2e:cf:1e:39:5a:5f:ba:70:54:d0:
         1b:46:66:e7:be:13:21:74:9a:ab:15:9a:c4:2b:b0:58:c6:9b:
         e6:df:be:f7:58:5c:04:1c:10:03:6f:37:f7:21:26:b7:4c:e4:
         b2:c3:c3:5e:fb:8b:fe:1f:f8:5a:bc:ec:9f:c5:40:b9:c0:e8:
         43:6a:1c:8c:03:c4:45:d7:ad:0c:88:92:32:5e:dc:27:28:cd:
         56:d8:c7:57:2d:68:36:ad:44:42:f8:1a:bc:1a:aa:ec:63:a7:
         96:4f:9e:49:cc:11:0b:f1:9a:91:04:0d:06:f9:d4:ff:cd:7b:
         a6:07:9e:3a:27:9f:8a:ee:61:94:81:95:4d:56:2c:03:3a:4d:
         ae:c8:8c:6d:72:42:b4:ba:b1:93:ca:90:98:61:3d:f5:2c:df:
         8e:ff:03:82:9a:80:67:69:f5:18:58:37:a9:70:3d:e2:ee:4e:
         c0:57:51:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+UKNuzsWtQjq3h3pAi1EtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NzIxNDhjNzM2MmMyYzkzOTliYjNhZjc0MTU5MmM0MjUx
NmM1NDcwHhcNMjQwNTIwMDQwMDU2WhcNMjQwNTIxMDQwMDU2WjAzMTEwLwYDVQQD
Eyg0MDY1ZTgwOWU0NGIzYTkyY2I3ZjQ4NGJmMmM3ZDdiZjkyYzgwNGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqwQSrARIbGvxTSQx7zSeEfEbeF3
gf09hUZ2/9uyj2NAIubAlMbOGRXHUEMyJLzjErHzEuzSLwm6iuA2l5HZu+Wrpx1y
CGfU5ixL7v0SHo/N8fQuG6jV78mi5Ct4auA02lVKv4zHCuWXcFCZ57YeywdVgtHd
mrjNVu1mwV/nO8uLdNf5Jlhb78Y3Bx+iOYA8dNmRaATY2ZDBQ4bpKe8kolmf+8NQ
NrtDDzA9mueLfbhL8yBoDnFR4JjyEMrkU5QLcqFrQw9LRxOLXXKOlQ9+OGzJAqLV
owbTGMGP28W9XJtXpHdmLasWy7t4kDWqWl3ycjs3HsVUMJ8r1f+QrdUnwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBl6AnkSzqSy39IS/LH17+SyAToMB8GA1UdIwQY
MBaAFJlyFIxzYsLJOZuzr3QVksQlFsVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjIt
NmVjNjI2OTBiMTliLzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81ODdiN2ItMDcxYy00MzBiLTllYjItNmVjNjI2OTBiMTli
LzEvbVhJVWpITml3c2s1bTdPdmRCV1N4Q1VXeFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXVANMRmk
BrgwAltkfqq2HDre0ea73EPCZWQ9Nl7yFYSmaGvPNDciSlNlLfA1QPrqYDcoaQFh
d6L0Q7Kvo7kEOgFhPcdnqVeVbbEyllVCO5kuzx45Wl+6cFTQG0Zm574TIXSaqxWa
xCuwWMab5t++91hcBBwQA2839yEmt0zkssPDXvuL/h/4Wrzsn8VAucDoQ2ocjAPE
RdetDIiSMl7cJyjNVtjHVy1oNq1EQvgavBqq7GOnlk+eScwRC/GakQQNBvnU/817
pgeeOiefiu5hlIGVTVYsAzpNrsiMbXJCtLqxk8qQmGE99Szfjv8DgpqAZ2n1GFg3
qXA94u5OwFdRXw==
-----END CERTIFICATE-----