Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          0eN+CwIf5NqzHfbIyX3g0GrWtCvBsDIMVWMOza7zxaI=
Subject key identifier:   AE:18:2B:7E:F4:5A:66:3B:5E:60:77:3E:FB:9A:B0:37:D2:E1:7A:6B
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       018F8749688C48F0A6F13EA1C5C972B63D29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          0858
Signing time:             Fri 17 May 2024 16:01:25 +0000
Manifest this update:     Fri 17 May 2024 16:01:25 +0000
Manifest next update:     Sat 18 May 2024 16:01:25 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: 6JAhydag0CUwPhCoTpi854lw6NRft6HRYd7E5ArY/LI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:68:8c:48:f0:a6:f1:3e:a1:c5:c9:72:b6:3d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: May 17 16:01:25 2024 GMT
            Not After : May 18 16:01:25 2024 GMT
        Subject: CN=ae182b7ef45a663b5e60773efb9ab037d2e17a6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:bb:fe:89:05:09:3e:9e:cb:73:1c:4e:d3:09:
                    bf:07:f5:98:c7:07:4a:2d:87:1b:75:4b:52:ae:4e:
                    5a:19:d6:3b:a9:cd:10:66:d2:0d:1c:a4:03:03:ca:
                    49:c2:f0:54:93:2d:37:ba:92:d8:48:a3:a3:d0:46:
                    3d:2a:56:2d:13:52:34:e2:13:ad:8b:b5:b5:f7:be:
                    bc:c0:8e:53:54:44:a2:87:4f:b2:54:6e:69:83:8e:
                    14:af:e6:84:59:46:c5:f7:09:f0:2a:64:c2:75:d5:
                    58:c6:08:8f:f6:ad:1b:91:1c:73:b6:10:25:71:fb:
                    1b:4b:32:70:50:72:8f:ee:44:a8:79:6e:fe:fc:72:
                    53:70:05:67:7d:57:3e:99:6b:30:82:1c:ff:76:ba:
                    c1:66:3e:ef:2f:4f:93:cc:10:b9:26:53:c5:5c:61:
                    58:e9:92:70:7e:8e:37:9d:1d:bc:bf:de:3b:c5:52:
                    26:16:66:5e:44:fc:ae:76:ac:97:7c:0e:0d:44:45:
                    69:a3:b8:0b:29:b0:05:85:af:02:47:e2:6a:d4:73:
                    94:6f:33:92:c1:64:bd:75:e5:86:ff:a3:f7:d8:1f:
                    e4:6f:08:9e:a1:cf:99:4c:fc:ca:76:fd:bd:22:8a:
                    49:e9:57:c5:f2:59:6c:c9:f3:44:ad:31:62:fa:c9:
                    8d:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:18:2B:7E:F4:5A:66:3B:5E:60:77:3E:FB:9A:B0:37:D2:E1:7A:6B
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5d:2a:90:96:89:04:5a:46:1d:4b:ec:82:37:d8:20:b9:a3:0e:
         41:c1:a9:26:61:2d:57:96:7b:0d:75:94:ec:e6:0f:dd:6a:f0:
         40:2a:8e:1e:c4:1c:a5:00:6b:9b:e6:f8:14:02:ae:15:79:2e:
         e6:3e:57:d2:e3:69:79:ba:c3:84:1f:db:e2:65:02:ea:9b:60:
         13:24:ae:f6:dd:59:18:e7:3d:60:e3:5a:6e:0c:4a:b6:14:7f:
         33:bc:1a:7c:ee:8b:40:f1:67:46:b8:05:ab:80:89:9e:16:28:
         56:02:bf:c3:b7:f0:db:f2:8d:c8:d2:b2:50:c7:fe:18:47:36:
         e4:6d:f5:1f:61:0c:f2:12:e0:8b:de:dd:a5:c8:2d:ed:36:e2:
         27:fa:90:1e:e7:e4:3e:42:63:21:74:ff:dd:1c:b3:03:e1:53:
         f2:fb:4a:ec:bb:b4:80:6d:a7:98:c3:aa:cd:2d:4c:15:6a:8d:
         38:4c:7a:a9:0c:ec:0d:e9:db:46:e3:55:29:21:44:ac:9e:e2:
         80:1a:22:a8:78:1a:d8:61:98:e3:5a:bc:6d:b9:0c:99:b7:75:
         df:18:ef:5a:9e:fc:91:22:d2:01:08:b2:eb:71:20:fc:f7:a5:
         e4:ea:c7:86:59:dd:f8:78:ec:b1:2a:06:e0:b9:75:71:3f:92:
         6b:e6:93:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSWiMSPCm8T6hxclytj0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjQwNTE3MTYwMTI1WhcNMjQwNTE4MTYwMTI1WjAzMTEwLwYDVQQD
EyhhZTE4MmI3ZWY0NWE2NjNiNWU2MDc3M2VmYjlhYjAzN2QyZTE3YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17v+iQUJPp7LcxxO0wm/B/WYxwdK
LYcbdUtSrk5aGdY7qc0QZtINHKQDA8pJwvBUky03upLYSKOj0EY9KlYtE1I04hOt
i7W19768wI5TVESih0+yVG5pg44Ur+aEWUbF9wnwKmTCddVYxgiP9q0bkRxzthAl
cfsbSzJwUHKP7kSoeW7+/HJTcAVnfVc+mWswghz/drrBZj7vL0+TzBC5JlPFXGFY
6ZJwfo43nR28v947xVImFmZeRPyudqyXfA4NREVpo7gLKbAFha8CR+Jq1HOUbzOS
wWS9deWG/6P32B/kbwieoc+ZTPzKdv29IopJ6VfF8llsyfNErTFi+smNQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4YK370WmY7XmB3PvuasDfS4XprMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXSqQlokE
WkYdS+yCN9gguaMOQcGpJmEtV5Z7DXWU7OYP3WrwQCqOHsQcpQBrm+b4FAKuFXku
5j5X0uNpebrDhB/b4mUC6ptgEySu9t1ZGOc9YONabgxKthR/M7wafO6LQPFnRrgF
q4CJnhYoVgK/w7fw2/KNyNKyUMf+GEc25G31H2EM8hLgi97dpcgt7TbiJ/qQHufk
PkJjIXT/3RyzA+FT8vtK7Lu0gG2nmMOqzS1MFWqNOEx6qQzsDenbRuNVKSFErJ7i
gBoiqHga2GGY41q8bbkMmbd13xjvWp78kSLSAQiy63Eg/Pel5OrHhlnd+HjssSoG
4Ll1cT+Sa+aTMw==
-----END CERTIFICATE-----