Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
File:                     oHEAJhaNhq-46ZnPsqjonFct0vk.mft (raw, json)
Hash identifier:          vWhRua3bHCUCWcjad7pb8IVIxM1hZaP9UfDsyRKXPLI=
Subject key identifier:   D1:D9:A0:F3:E9:F0:67:38:EE:18:0B:02:49:76:37:C3:EF:4F:D2:B4
Authority key identifier: A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9
Certificate issuer:       /CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
Certificate serial:       018F87B65E05F4B735648361D3C5BD40177C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
Manifest number:          0EC3
Signing time:             Fri 17 May 2024 18:00:26 +0000
Manifest this update:     Fri 17 May 2024 18:00:26 +0000
Manifest next update:     Sat 18 May 2024 18:00:26 +0000
Files and hashes:         1: oHEAJhaNhq-46ZnPsqjonFct0vk.crl (hash: chyjVBDL1gEhhDcVKjKKJUadZH1kVbn3/CvHe7mRnpA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:5e:05:f4:b7:35:64:83:61:d3:c5:bd:40:17:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0710026168d86afb8e999cfb2a8e89c572dd2f9
        Validity
            Not Before: May 17 18:00:26 2024 GMT
            Not After : May 18 18:00:26 2024 GMT
        Subject: CN=d1d9a0f3e9f06738ee180b02497637c3ef4fd2b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ff:aa:d9:97:2e:87:bc:00:47:59:ef:df:b7:
                    1b:77:fc:56:8a:68:e0:78:1b:37:89:4a:3b:10:9b:
                    7f:d8:c6:8c:66:92:a8:b9:52:c8:a3:db:9c:44:6a:
                    5d:37:9a:ff:5a:a3:3d:4e:14:f3:be:bd:c8:66:95:
                    e3:2e:7a:5f:d8:db:12:ce:3b:e2:5a:0e:54:89:32:
                    aa:c5:90:6f:74:93:f4:78:7c:cc:43:46:ed:72:ab:
                    7a:63:5d:62:b6:68:e0:79:7a:ef:13:e4:fa:a6:e6:
                    40:e9:c8:ec:62:2a:5f:b4:0a:bf:b8:86:33:b3:20:
                    9b:c2:a7:39:ac:b0:4b:ed:d6:eb:33:dc:0d:20:e6:
                    9c:1f:c9:6f:81:01:9e:98:71:a4:73:55:ab:ee:f6:
                    40:29:2c:f3:6f:fd:5b:18:59:28:27:62:25:cb:59:
                    d8:4e:ef:aa:c9:5e:d5:d8:56:eb:68:47:ae:94:29:
                    30:81:e3:db:97:9d:42:bc:1c:9e:61:f4:d7:87:a9:
                    c5:c8:e4:a3:24:c3:1c:7b:96:fb:45:60:f8:66:0a:
                    dc:6f:66:0a:ac:0c:76:55:fc:e1:66:68:f2:ee:15:
                    a0:f2:cd:18:a0:15:6e:14:30:c0:78:5a:a5:0a:b1:
                    3c:73:dc:1a:b1:84:22:a0:ed:aa:a2:61:39:39:d1:
                    b6:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:D9:A0:F3:E9:F0:67:38:EE:18:0B:02:49:76:37:C3:EF:4F:D2:B4
            X509v3 Authority Key Identifier:
                keyid:A0:71:00:26:16:8D:86:AF:B8:E9:99:CF:B2:A8:E8:9C:57:2D:D2:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oHEAJhaNhq-46ZnPsqjonFct0vk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/577212-08b0-43ed-89c6-a9a6bf65e63a/1/oHEAJhaNhq-46ZnPsqjonFct0vk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:a2:a6:a1:bd:d3:e2:3a:38:65:a7:bd:84:e7:18:2f:cb:35:
         0c:c5:c5:eb:fb:ea:7f:76:08:11:90:c9:18:a8:f4:96:ed:01:
         35:b1:da:a7:6f:ce:fa:db:02:87:2e:2a:a5:4e:32:31:23:c5:
         85:e2:cc:75:47:e1:d5:01:96:d2:71:01:44:f0:55:f8:73:56:
         c3:b8:b2:2e:de:cd:6c:c6:63:e7:55:52:9c:7b:a2:22:01:53:
         64:40:80:72:14:ab:aa:fa:d0:77:e1:2b:0f:18:44:ba:f7:70:
         54:5b:11:6e:78:99:2a:ff:61:e7:fd:c3:34:b1:38:ea:43:8e:
         95:d2:15:7f:41:c8:f7:e5:73:ea:e6:5a:90:f6:4d:d6:66:17:
         fc:f8:df:2b:26:a2:1d:56:68:e9:5c:ca:62:64:3e:96:f8:ef:
         3e:d3:21:01:5d:de:da:60:18:3c:0d:95:79:dd:20:5f:98:c4:
         72:cc:82:d7:cc:7b:d3:4f:ef:43:f4:80:fb:bf:e7:51:ca:58:
         ae:13:40:bc:d9:ad:37:60:47:37:81:bc:9a:f8:51:cf:19:a6:
         dd:40:d5:be:e7:dd:75:f7:90:30:cf:8e:b6:6c:6e:3b:b8:5c:
         2e:e6:7c:4a:68:13:51:5e:9b:cd:d1:5b:f2:1b:fc:af:e4:e9:
         97:f6:20:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htl4F9Lc1ZINh08W9QBd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNzEwMDI2MTY4ZDg2YWZiOGU5OTljZmIyYThlODljNTcy
ZGQyZjkwHhcNMjQwNTE3MTgwMDI2WhcNMjQwNTE4MTgwMDI2WjAzMTEwLwYDVQQD
EyhkMWQ5YTBmM2U5ZjA2NzM4ZWUxODBiMDI0OTc2MzdjM2VmNGZkMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf+q2Zcuh7wAR1nv37cbd/xWimjg
eBs3iUo7EJt/2MaMZpKouVLIo9ucRGpdN5r/WqM9ThTzvr3IZpXjLnpf2NsSzjvi
Wg5UiTKqxZBvdJP0eHzMQ0btcqt6Y11itmjgeXrvE+T6puZA6cjsYipftAq/uIYz
syCbwqc5rLBL7dbrM9wNIOacH8lvgQGemHGkc1Wr7vZAKSzzb/1bGFkoJ2Ily1nY
Tu+qyV7V2FbraEeulCkwgePbl51CvByeYfTXh6nFyOSjJMMce5b7RWD4Zgrcb2YK
rAx2VfzhZmjy7hWg8s0YoBVuFDDAeFqlCrE8c9wasYQioO2qomE5OdG22QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNHZoPPp8Gc47hgLAkl2N8PvT9K0MB8GA1UdIwQY
MBaAFKBxACYWjYavuOmZz7Ko6JxXLdL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYt
YTlhNmJmNjVlNjNhLzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81NzcyMTItMDhiMC00M2VkLTg5YzYtYTlhNmJmNjVlNjNh
LzEvb0hFQUpoYU5ocS00NlpuUHNxam9uRmN0MHZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoaKmob3T
4jo4Zae9hOcYL8s1DMXF6/vqf3YIEZDJGKj0lu0BNbHap2/O+tsChy4qpU4yMSPF
heLMdUfh1QGW0nEBRPBV+HNWw7iyLt7NbMZj51VSnHuiIgFTZECAchSrqvrQd+Er
DxhEuvdwVFsRbniZKv9h5/3DNLE46kOOldIVf0HI9+Vz6uZakPZN1mYX/PjfKyai
HVZo6VzKYmQ+lvjvPtMhAV3e2mAYPA2Ved0gX5jEcsyC18x700/vQ/SA+7/nUcpY
rhNAvNmtN2BHN4G8mvhRzxmm3UDVvufddfeQMM+OtmxuO7hcLuZ8SmgTUV6bzdFb
8hv8r+Tpl/YgJw==
-----END CERTIFICATE-----