Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
File:                     K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft (raw, json)
Hash identifier:          rogIILgq0fZoOwTxh/eWQ+GwZrIzVNTOx3csG9omtxs=
Subject key identifier:   AC:E1:6C:10:F4:C9:70:F2:56:19:BB:BD:A4:46:96:BE:61:0E:2B:20
Authority key identifier: 2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F
Certificate issuer:       /CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
Certificate serial:       018F874A6A9EF0B4F0958A4A7D69922A56BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
Manifest number:          0291
Signing time:             Fri 17 May 2024 16:02:32 +0000
Manifest this update:     Fri 17 May 2024 16:02:32 +0000
Manifest next update:     Sat 18 May 2024 16:02:32 +0000
Files and hashes:         1: K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl (hash: DsMVoNhwRgrRJARwSH8cxmCj5+POj96zABgnSaBp9cU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:6a:9e:f0:b4:f0:95:8a:4a:7d:69:92:2a:56:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
        Validity
            Not Before: May 17 16:02:32 2024 GMT
            Not After : May 18 16:02:32 2024 GMT
        Subject: CN=ace16c10f4c970f25619bbbda44696be610e2b20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:61:2f:0a:0b:f4:fa:1d:84:73:54:9d:59:3e:
                    1f:e5:f3:c9:77:ac:6d:61:39:6c:73:14:62:b7:af:
                    0c:21:76:f8:67:df:a8:54:c4:44:38:e1:d3:c0:3e:
                    8e:41:1d:0e:83:61:b5:8a:15:82:4c:eb:cc:95:36:
                    a4:bf:21:09:c1:21:23:96:4a:d1:80:3d:4f:3a:88:
                    b9:0b:6c:3a:0e:dd:f3:4b:a4:4c:c9:97:c0:49:3c:
                    6f:a4:bc:47:6b:ba:36:a2:2c:bb:58:41:5f:fe:ea:
                    fc:f8:be:70:75:5d:64:60:70:00:9a:12:ce:ec:7b:
                    72:08:86:8f:a8:56:e0:b7:04:18:fc:f5:10:19:cf:
                    76:1b:7b:f7:ca:0c:0a:d9:7d:86:ba:8e:df:6b:2f:
                    02:8f:90:6f:8d:ca:b6:e9:f1:3e:01:61:00:e1:bd:
                    82:76:b5:28:2b:ac:54:d4:ea:14:ba:a7:ea:c8:28:
                    83:ce:5d:74:f4:4d:72:30:00:2a:d5:6e:27:fd:2b:
                    ee:bd:66:58:b1:34:7c:02:9a:7c:41:1e:3f:6a:61:
                    d6:27:c6:74:42:cc:47:10:d6:71:36:e8:e9:bb:e4:
                    ff:92:06:73:c1:0f:9b:33:2f:c8:70:c1:72:89:a0:
                    ff:1f:a4:a1:86:36:af:95:bc:4d:31:87:8d:3f:8c:
                    9e:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:E1:6C:10:F4:C9:70:F2:56:19:BB:BD:A4:46:96:BE:61:0E:2B:20
            X509v3 Authority Key Identifier:
                keyid:2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:c6:ea:8a:8e:1d:82:9c:1b:9f:17:d3:1a:73:a1:90:4c:11:
         4a:14:a1:b6:12:93:c1:5b:5d:88:2f:0f:b1:b3:d5:7f:12:6b:
         ba:5e:9a:a9:77:f7:93:dd:d1:16:52:09:a2:53:07:2d:a8:a7:
         7a:d0:0e:16:1f:b0:c3:5e:3d:d5:ff:98:fe:9a:3b:94:da:bd:
         2d:03:79:26:1a:a0:72:9c:b3:7e:b5:fe:c7:f4:2c:50:29:41:
         84:00:e1:95:d2:f6:17:1d:5d:41:fc:6d:bd:3a:7f:86:2c:c5:
         19:57:5f:2b:4f:4b:7f:6d:ec:1a:58:50:26:09:a7:eb:27:96:
         5b:73:27:be:62:01:e5:68:51:0a:c0:40:c3:c6:aa:cf:c6:8e:
         ec:22:2e:6d:c9:cc:46:b8:3e:d3:e4:e4:68:66:f2:21:61:47:
         72:b3:94:d6:0b:1a:32:df:1c:0e:bb:7b:bc:e0:ad:6b:9b:26:
         5a:ec:9d:b4:68:a1:7f:8e:8d:0b:ab:02:9b:91:4f:1a:64:d4:
         7d:b8:09:4d:78:58:eb:3e:c6:a0:b3:7c:8d:49:68:a3:1c:9d:
         a9:81:6b:df:a3:6d:5e:a1:0c:cb:2b:bd:61:89:2c:2d:b0:e9:
         2a:02:90:04:6f:f0:d9:58:42:68:3c:66:df:8e:64:6f:27:ea:
         db:d1:2c:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSmqe8LTwlYpKfWmSKla/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNTdiMGRiMDAxNmZlNjI1MDk1ZGYwYzZlNTdmZTA3ZjFj
ZjI4OWYwHhcNMjQwNTE3MTYwMjMyWhcNMjQwNTE4MTYwMjMyWjAzMTEwLwYDVQQD
EyhhY2UxNmMxMGY0Yzk3MGYyNTYxOWJiYmRhNDQ2OTZiZTYxMGUyYjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2EvCgv0+h2Ec1SdWT4f5fPJd6xt
YTlscxRit68MIXb4Z9+oVMREOOHTwD6OQR0Og2G1ihWCTOvMlTakvyEJwSEjlkrR
gD1POoi5C2w6Dt3zS6RMyZfASTxvpLxHa7o2oiy7WEFf/ur8+L5wdV1kYHAAmhLO
7HtyCIaPqFbgtwQY/PUQGc92G3v3ygwK2X2Guo7fay8Cj5Bvjcq26fE+AWEA4b2C
drUoK6xU1OoUuqfqyCiDzl109E1yMAAq1W4n/SvuvWZYsTR8App8QR4/amHWJ8Z0
QsxHENZxNujpu+T/kgZzwQ+bMy/IcMFyiaD/H6ShhjavlbxNMYeNP4yeywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzhbBD0yXDyVhm7vaRGlr5hDisgMB8GA1UdIwQY
MBaAFCtXsNsAFv5iUJXfDG5X/gfxzyifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgt
ZjQ0ZjM1YjdhOTVkLzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgtZjQ0ZjM1YjdhOTVk
LzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl8bqio4d
gpwbnxfTGnOhkEwRShShthKTwVtdiC8PsbPVfxJrul6aqXf3k93RFlIJolMHLain
etAOFh+ww1491f+Y/po7lNq9LQN5JhqgcpyzfrX+x/QsUClBhADhldL2Fx1dQfxt
vTp/hizFGVdfK09Lf23sGlhQJgmn6yeWW3MnvmIB5WhRCsBAw8aqz8aO7CIubcnM
Rrg+0+TkaGbyIWFHcrOU1gsaMt8cDrt7vOCta5smWuydtGihf46NC6sCm5FPGmTU
fbgJTXhY6z7GoLN8jUlooxydqYFr36NtXqEMyyu9YYksLbDpKgKQBG/w2VhCaDxm
345kbyfq29EsKQ==
-----END CERTIFICATE-----