Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
File:                     idSzdf1Mr9XfusQG3SWmHSLdNso.mft (raw, json)
Hash identifier:          6y2npv6zT34hPCvFS/JhOlnQ333EzQI7RYEO4gYOC/0=
Subject key identifier:   61:E2:28:0F:57:8E:22:2E:88:01:C2:8A:FD:EC:D8:24:41:1A:7E:4C
Authority key identifier: 89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA
Certificate issuer:       /CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
Certificate serial:       018F874A1ED83F086DBEF629EE98D1062999
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
Manifest number:          0CF5
Signing time:             Fri 17 May 2024 16:02:12 +0000
Manifest this update:     Fri 17 May 2024 16:02:12 +0000
Manifest next update:     Sat 18 May 2024 16:02:12 +0000
Files and hashes:         1: idSzdf1Mr9XfusQG3SWmHSLdNso.crl (hash: onHhKK2ZZE9vZ6X87e1Rx8n45mXQabCX7JKsStNnfBM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:1e:d8:3f:08:6d:be:f6:29:ee:98:d1:06:29:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89d4b375fd4cafd5dfbac406dd25a61d22dd36ca
        Validity
            Not Before: May 17 16:02:12 2024 GMT
            Not After : May 18 16:02:12 2024 GMT
        Subject: CN=61e2280f578e222e8801c28afdecd824411a7e4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f5:09:64:53:9d:61:cb:1c:ed:07:46:0e:6c:
                    2e:0d:1f:06:8c:e5:84:85:33:2a:51:05:14:21:85:
                    7e:5b:17:17:9b:92:8c:bb:95:dd:f7:81:12:b5:53:
                    e0:59:4b:71:fd:ac:22:0a:68:44:20:70:e8:60:f2:
                    46:7e:ce:22:3b:33:54:df:25:78:47:ab:ce:aa:10:
                    29:8a:dc:d0:f3:56:be:19:15:ba:4d:ac:5d:41:fd:
                    49:7b:ea:68:5a:c3:85:f5:e3:ac:c8:ba:d5:c0:27:
                    6b:03:c6:e7:75:94:93:bb:c9:04:bc:83:e5:6a:1f:
                    ef:10:52:26:bc:8f:0e:aa:3d:12:a8:a5:07:28:1e:
                    4b:70:ed:a9:69:54:63:82:89:15:a2:36:a6:33:0e:
                    91:ad:65:5b:7c:a7:af:be:99:f8:68:09:04:f6:0b:
                    0c:e7:f0:af:3f:de:ef:32:24:6d:e9:7d:a8:06:3d:
                    0b:b0:a5:37:ce:1c:a0:b4:e4:87:6a:75:a3:ce:64:
                    a2:6d:83:34:c2:fc:86:cb:ff:35:50:19:e0:ea:84:
                    0b:92:ca:55:91:f7:22:09:a2:b9:bc:2d:4a:e0:12:
                    72:f2:3f:d3:96:12:71:0d:e8:ee:32:16:e8:c2:27:
                    e0:df:14:74:4c:80:f0:51:ab:a6:a7:15:06:57:1d:
                    ce:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E2:28:0F:57:8E:22:2E:88:01:C2:8A:FD:EC:D8:24:41:1A:7E:4C
            X509v3 Authority Key Identifier:
                keyid:89:D4:B3:75:FD:4C:AF:D5:DF:BA:C4:06:DD:25:A6:1D:22:DD:36:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idSzdf1Mr9XfusQG3SWmHSLdNso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/bcad8d-8e55-4a81-b393-274251252077/1/idSzdf1Mr9XfusQG3SWmHSLdNso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         41:9d:52:d8:52:9e:3a:04:76:92:4e:5b:b7:0f:4e:5f:e0:53:
         c5:ab:25:86:62:ec:be:e7:50:da:07:cc:a9:26:68:a7:d6:58:
         89:3a:8d:8d:6f:cd:f0:75:c7:a3:67:d4:94:29:78:fb:fe:25:
         1f:f4:8f:59:ed:55:8c:64:28:03:45:07:c7:d7:2f:c8:13:e3:
         00:01:dd:4c:75:f1:80:d7:44:9d:45:5c:b2:49:7c:f9:5a:e9:
         57:ea:ee:0d:f7:87:66:17:a7:dc:7b:e8:1d:38:43:05:23:6e:
         62:0a:22:31:e1:d4:40:07:b7:06:6a:dc:73:9b:02:53:89:2c:
         13:f9:a8:f9:3b:70:b9:bb:1a:7f:db:56:f2:a5:b5:97:2f:fd:
         8d:cc:63:f0:b8:44:05:79:cf:7c:49:f1:fe:50:8b:78:46:b7:
         95:47:1b:78:d7:b6:2d:0c:5e:bc:2d:27:0e:ac:7a:e7:a8:b6:
         27:3e:7c:71:e7:90:b8:d1:59:4b:f2:9c:91:36:53:9c:d9:1e:
         bb:af:02:c9:ab:b3:c3:55:cb:a6:bb:1a:52:8c:b8:b1:1f:77:
         30:33:6d:78:23:02:04:7c:9c:00:45:a3:7c:a7:c9:8b:91:bc:
         d0:74:8c:66:75:45:2c:f8:45:9a:b5:55:e7:31:cd:78:d6:14:
         ef:e1:f6:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSh7YPwhtvvYp7pjRBimZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZDRiMzc1ZmQ0Y2FmZDVkZmJhYzQwNmRkMjVhNjFkMjJk
ZDM2Y2EwHhcNMjQwNTE3MTYwMjEyWhcNMjQwNTE4MTYwMjEyWjAzMTEwLwYDVQQD
Eyg2MWUyMjgwZjU3OGUyMjJlODgwMWMyOGFmZGVjZDgyNDQxMWE3ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/UJZFOdYcsc7QdGDmwuDR8GjOWE
hTMqUQUUIYV+WxcXm5KMu5Xd94EStVPgWUtx/awiCmhEIHDoYPJGfs4iOzNU3yV4
R6vOqhApitzQ81a+GRW6TaxdQf1Je+poWsOF9eOsyLrVwCdrA8bndZSTu8kEvIPl
ah/vEFImvI8Oqj0SqKUHKB5LcO2paVRjgokVojamMw6RrWVbfKevvpn4aAkE9gsM
5/CvP97vMiRt6X2oBj0LsKU3zhygtOSHanWjzmSibYM0wvyGy/81UBng6oQLkspV
kfciCaK5vC1K4BJy8j/TlhJxDejuMhbowifg3xR0TIDwUaumpxUGVx3OFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHiKA9XjiIuiAHCiv3s2CRBGn5MMB8GA1UdIwQY
MBaAFInUs3X9TK/V37rEBt0lph0i3TbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMt
Mjc0MjUxMjUyMDc3LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9iY2FkOGQtOGU1NS00YTgxLWIzOTMtMjc0MjUxMjUyMDc3
LzEvaWRTemRmMU1yOVhmdXNRRzNTV21IU0xkTnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZ1S2FKe
OgR2kk5btw9OX+BTxaslhmLsvudQ2gfMqSZop9ZYiTqNjW/N8HXHo2fUlCl4+/4l
H/SPWe1VjGQoA0UHx9cvyBPjAAHdTHXxgNdEnUVcskl8+VrpV+ruDfeHZhen3Hvo
HThDBSNuYgoiMeHUQAe3Bmrcc5sCU4ksE/mo+Ttwubsaf9tW8qW1ly/9jcxj8LhE
BXnPfEnx/lCLeEa3lUcbeNe2LQxevC0nDqx656i2Jz58ceeQuNFZS/KckTZTnNke
u68Cyauzw1XLprsaUoy4sR93MDNteCMCBHycAEWjfKfJi5G80HSMZnVFLPhFmrVV
5zHNeNYU7+H2pA==
-----END CERTIFICATE-----