Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
File:                     KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft (raw, json)
Hash identifier:          vXVbtbiU8FeLZU2PalF2WqmX4Aygfmvgw1T+IZ7XMSY=
Subject key identifier:   83:FB:C7:3D:2A:F2:9A:4E:81:1E:29:29:C2:AB:B1:82:12:32:79:1D
Authority key identifier: 28:BB:B5:4E:37:82:6C:03:90:B0:43:79:27:9F:8E:06:CF:F3:A2:34
Certificate issuer:       /CN=28bbb54e37826c0390b04379279f8e06cff3a234
Certificate serial:       0190765241D5A0099F9AE8A5654791009D61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
Manifest number:          010B
Signing time:             Wed 03 Jul 2024 02:00:20 +0000
Manifest this update:     Wed 03 Jul 2024 02:00:20 +0000
Manifest next update:     Thu 04 Jul 2024 02:00:20 +0000
Files and hashes:         1: KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl (hash: VFlE0SCDEHL+/ttIdrRQZtBRSDassc/fNoU7itI1Qsg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 03 Jul 2024 23:00:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:76:52:41:d5:a0:09:9f:9a:e8:a5:65:47:91:00:9d:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28bbb54e37826c0390b04379279f8e06cff3a234
        Validity
            Not Before: Jul  3 02:00:20 2024 GMT
            Not After : Jul  4 02:00:20 2024 GMT
        Subject: CN=83fbc73d2af29a4e811e2929c2abb1821232791d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:7a:00:c2:6c:09:30:0a:34:4b:86:31:f7:89:
                    1e:72:d7:51:b4:5c:81:86:56:2d:98:af:0b:78:e5:
                    25:76:40:79:69:f8:cd:46:5e:8c:09:5b:57:7e:ca:
                    d2:cc:52:92:7e:6c:b0:50:9f:f3:ec:64:2a:1a:de:
                    07:7f:6e:9c:b5:fd:f2:ca:bd:d7:47:de:ae:76:a1:
                    ec:76:af:b1:3c:f1:b1:78:13:c5:eb:08:1a:ed:09:
                    5a:f7:7e:45:68:0a:61:eb:2d:8c:40:45:00:e7:a5:
                    10:18:32:de:72:fb:f4:7a:e3:ce:21:44:6c:89:4f:
                    8c:e1:5f:ab:e1:41:19:c2:a9:21:43:aa:01:fb:6f:
                    bf:c5:3d:76:7a:7a:ee:31:cf:7e:38:97:8e:fe:1a:
                    0d:dc:00:51:1b:36:7f:ef:05:c1:d7:1e:d5:5a:13:
                    f9:f1:3c:24:e8:8c:17:53:89:ee:c4:2b:6a:3d:30:
                    2b:74:40:16:fa:2a:c7:4c:f7:6f:f4:1b:ae:03:a4:
                    ff:8a:f3:4f:13:13:33:1a:69:0a:eb:8b:8c:a0:e2:
                    48:6e:fa:be:1b:d9:c5:90:99:d0:fb:3b:ba:80:c2:
                    ba:0b:2a:62:d6:69:68:c7:f5:f0:67:96:80:27:71:
                    ae:37:23:9c:b7:42:3c:ea:1c:45:12:d1:db:6d:71:
                    ef:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:FB:C7:3D:2A:F2:9A:4E:81:1E:29:29:C2:AB:B1:82:12:32:79:1D
            X509v3 Authority Key Identifier:
                keyid:28:BB:B5:4E:37:82:6C:03:90:B0:43:79:27:9F:8E:06:CF:F3:A2:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLu1TjeCbAOQsEN5J5-OBs_zojQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/fe7296-ec8c-4163-a554-78c017762f9f/1/KLu1TjeCbAOQsEN5J5-OBs_zojQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         11:59:eb:2b:3d:2d:82:80:32:54:dd:aa:7e:41:d2:db:3d:73:
         2a:cf:b1:7b:2d:61:00:80:fd:9c:15:10:88:ae:0c:80:1d:e3:
         0b:28:1b:69:45:40:2a:79:8c:ec:c3:80:61:47:4a:2c:63:4a:
         1b:a6:44:ad:25:a8:5a:0d:6c:42:fa:98:41:78:95:79:82:88:
         9f:c4:59:f1:b5:22:01:07:07:1e:f9:ba:60:e8:6e:c0:b0:7a:
         09:74:99:1e:b7:8f:e7:f1:61:d5:a8:ff:e0:85:3b:19:e4:a9:
         2c:c4:9b:7b:54:8d:7b:c1:ba:3c:cd:a8:70:11:9f:12:6d:f8:
         aa:08:c7:53:52:00:56:6d:97:62:33:55:26:c8:0c:a3:c2:47:
         79:aa:08:e7:03:77:fa:cb:33:37:7f:03:5a:57:92:aa:f8:57:
         5b:f6:f9:d2:41:d3:54:d0:9e:3b:5a:de:60:5a:ff:cb:15:76:
         7b:7c:74:de:5b:08:27:65:6e:85:f4:ef:e8:f1:b5:34:b3:ce:
         d6:b5:5d:2b:fa:c6:2a:58:bd:2c:d8:25:b8:39:be:5d:1b:c8:
         37:fe:54:10:c5:48:87:13:39:a3:4c:ab:a0:48:d2:c1:7d:d3:
         0b:bb:fc:fb:e6:2d:ae:ee:4b:72:61:ab:80:3f:6d:db:43:cd:
         4a:fa:e0:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZB2UkHVoAmfmuilZUeRAJ1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YmJiNTRlMzc4MjZjMDM5MGIwNDM3OTI3OWY4ZTA2Y2Zm
M2EyMzQwHhcNMjQwNzAzMDIwMDIwWhcNMjQwNzA0MDIwMDIwWjAzMTEwLwYDVQQD
Eyg4M2ZiYzczZDJhZjI5YTRlODExZTI5MjljMmFiYjE4MjEyMzI3OTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXoAwmwJMAo0S4Yx94kectdRtFyB
hlYtmK8LeOUldkB5afjNRl6MCVtXfsrSzFKSfmywUJ/z7GQqGt4Hf26ctf3yyr3X
R96udqHsdq+xPPGxeBPF6wga7Qla935FaAph6y2MQEUA56UQGDLecvv0euPOIURs
iU+M4V+r4UEZwqkhQ6oB+2+/xT12enruMc9+OJeO/hoN3ABRGzZ/7wXB1x7VWhP5
8Twk6IwXU4nuxCtqPTArdEAW+irHTPdv9BuuA6T/ivNPExMzGmkK64uMoOJIbvq+
G9nFkJnQ+zu6gMK6Cypi1mlox/XwZ5aAJ3GuNyOct0I86hxFEtHbbXHvbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIP7xz0q8ppOgR4pKcKrsYISMnkdMB8GA1UdIwQY
MBaAFCi7tU43gmwDkLBDeSefjgbP86I0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9mZTcyOTYtZWM4Yy00MTYzLWE1NTQt
NzhjMDE3NzYyZjlmLzEvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9mZTcyOTYtZWM4Yy00MTYzLWE1NTQtNzhjMDE3NzYyZjlm
LzEvS0x1MVRqZUNiQU9Rc0VONUo1LU9Cc196b2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEVnrKz0t
goAyVN2qfkHS2z1zKs+xey1hAID9nBUQiK4MgB3jCygbaUVAKnmM7MOAYUdKLGNK
G6ZErSWoWg1sQvqYQXiVeYKIn8RZ8bUiAQcHHvm6YOhuwLB6CXSZHreP5/Fh1aj/
4IU7GeSpLMSbe1SNe8G6PM2ocBGfEm34qgjHU1IAVm2XYjNVJsgMo8JHeaoI5wN3
+sszN38DWleSqvhXW/b50kHTVNCeO1reYFr/yxV2e3x03lsIJ2VuhfTv6PG1NLPO
1rVdK/rGKli9LNgluDm+XRvIN/5UEMVIhxM5o0yroEjSwX3TC7v8++Ytru5LcmGr
gD9t20PNSvrg/Q==
-----END CERTIFICATE-----