Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
File:                     zTf5VqTOlOsexk52R7Q828uPxEk.mft (raw, json)
Hash identifier:          prtp7/4mnBAPA3nfUh1T6cxmQVAbWb2R+cQRMwMkYoA=
Subject key identifier:   C0:62:C4:AA:B3:E2:22:33:E8:1F:93:9C:92:24:7E:00:C2:23:D8:2B
Authority key identifier: CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49
Certificate issuer:       /CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
Certificate serial:       018F87B685312020E7F43108ACC5655D13B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
Manifest number:          1131
Signing time:             Fri 17 May 2024 18:00:36 +0000
Manifest this update:     Fri 17 May 2024 18:00:36 +0000
Manifest next update:     Sat 18 May 2024 18:00:36 +0000
Files and hashes:         1: zTf5VqTOlOsexk52R7Q828uPxEk.crl (hash: bzQQF0Fa0/GPVbbXyxMNL3MQ3DJIzrlCJASDqCpDTo0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:85:31:20:20:e7:f4:31:08:ac:c5:65:5d:13:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd37f956a4ce94eb1ec64e7647b43cdbcb8fc449
        Validity
            Not Before: May 17 18:00:36 2024 GMT
            Not After : May 18 18:00:36 2024 GMT
        Subject: CN=c062c4aab3e22233e81f939c92247e00c223d82b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:5b:1f:b6:80:bb:23:b6:1b:7b:73:09:63:d5:
                    42:71:82:55:ac:cc:b7:0c:9d:ec:d0:db:cb:0c:4b:
                    77:84:24:34:36:c1:14:a3:1d:13:4e:9a:0f:bf:33:
                    7b:a1:e8:12:67:75:40:28:c6:54:de:5e:8c:3a:42:
                    bc:64:3e:84:6f:6f:fd:c9:69:54:ae:17:40:b0:2f:
                    49:39:bc:5a:0f:90:e8:7c:1a:60:1d:c3:00:f9:d1:
                    d7:f5:99:20:f4:a6:17:96:22:10:50:20:80:18:e4:
                    62:00:38:44:97:d6:1a:b3:8b:0e:f4:b7:f8:4a:1b:
                    05:bb:e0:08:c3:11:19:a0:73:76:bf:c9:36:ce:f3:
                    47:89:13:99:3f:de:5a:4e:20:df:ed:0e:a4:e6:bb:
                    13:e5:57:c1:86:85:8f:27:bc:3e:38:92:b8:ec:5f:
                    23:4f:97:f7:ca:bd:da:7c:6c:aa:44:ba:6d:88:1d:
                    e2:11:61:fe:f0:56:db:cc:6d:6c:71:c3:f2:10:3a:
                    ba:b4:e6:83:bc:5d:30:f8:01:8d:1f:3a:a0:85:31:
                    54:d7:29:d6:2a:cc:5e:3b:6e:91:62:e5:1a:a1:65:
                    e6:70:9c:44:44:b0:9b:3b:84:9a:28:5f:f2:38:1f:
                    48:ab:67:39:be:ca:c1:5b:b4:24:55:83:63:78:a5:
                    18:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:62:C4:AA:B3:E2:22:33:E8:1F:93:9C:92:24:7E:00:C2:23:D8:2B
            X509v3 Authority Key Identifier:
                keyid:CD:37:F9:56:A4:CE:94:EB:1E:C6:4E:76:47:B4:3C:DB:CB:8F:C4:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTf5VqTOlOsexk52R7Q828uPxEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/2943c1-36b6-4303-bc27-bbe12bd38e04/1/zTf5VqTOlOsexk52R7Q828uPxEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b4:77:ff:03:19:b5:ff:d7:39:24:6f:a1:28:2d:90:0b:1e:33:
         ac:fa:ec:51:10:23:e8:90:ee:06:43:44:95:96:d7:83:3a:d0:
         2d:eb:6c:fc:a2:ec:23:14:2b:0f:ca:37:2d:84:5c:35:3e:43:
         f2:a4:bc:ed:42:3e:ee:41:0d:c3:46:e2:e8:2e:7a:b2:f0:3d:
         7d:2d:2e:49:6d:35:67:d7:9d:7d:12:a0:26:81:c9:16:d4:dd:
         8c:0f:51:0c:ce:b7:68:f2:84:98:2f:64:78:f8:04:95:9e:12:
         bc:8a:a5:0b:51:1f:0a:5e:de:be:cf:18:52:9f:b6:d6:21:87:
         1d:85:5f:8c:5a:a7:3c:b6:52:d8:4b:18:67:0f:e4:c0:71:3d:
         9d:bc:b5:f1:60:c1:14:f2:3c:37:d0:fe:29:a0:04:10:f5:18:
         d2:1d:a9:58:60:8f:d6:9f:36:f3:83:58:c3:76:cb:7a:b1:fb:
         c8:0b:f6:4e:b6:c6:dd:b0:0d:43:58:04:ca:44:51:32:7b:1f:
         88:f3:61:eb:e8:69:bf:94:f0:c4:e3:34:14:65:56:ee:08:ae:
         21:85:69:4c:f4:f3:c2:06:b1:8d:ff:40:62:02:ed:7e:66:22:
         a5:f5:2f:b2:bd:c0:1f:5e:d2:68:65:7d:e3:8a:18:17:3f:ff:
         03:c3:de:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtoUxICDn9DEIrMVlXROwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMzdmOTU2YTRjZTk0ZWIxZWM2NGU3NjQ3YjQzY2RiY2I4
ZmM0NDkwHhcNMjQwNTE3MTgwMDM2WhcNMjQwNTE4MTgwMDM2WjAzMTEwLwYDVQQD
EyhjMDYyYzRhYWIzZTIyMjMzZTgxZjkzOWM5MjI0N2UwMGMyMjNkODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FsftoC7I7Ybe3MJY9VCcYJVrMy3
DJ3s0NvLDEt3hCQ0NsEUox0TTpoPvzN7oegSZ3VAKMZU3l6MOkK8ZD6Eb2/9yWlU
rhdAsC9JObxaD5DofBpgHcMA+dHX9Zkg9KYXliIQUCCAGORiADhEl9Yas4sO9Lf4
ShsFu+AIwxEZoHN2v8k2zvNHiROZP95aTiDf7Q6k5rsT5VfBhoWPJ7w+OJK47F8j
T5f3yr3afGyqRLptiB3iEWH+8FbbzG1sccPyEDq6tOaDvF0w+AGNHzqghTFU1ynW
KsxeO26RYuUaoWXmcJxERLCbO4SaKF/yOB9Iq2c5vsrBW7QkVYNjeKUYLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBixKqz4iIz6B+TnJIkfgDCI9grMB8GA1UdIwQY
MBaAFM03+VakzpTrHsZOdke0PNvLj8RJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjct
YmJlMTJiZDM4ZTA0LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yOTQzYzEtMzZiNi00MzAzLWJjMjctYmJlMTJiZDM4ZTA0
LzEvelRmNVZxVE9sT3NleGs1MlI3UTgyOHVQeEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtHf/Axm1
/9c5JG+hKC2QCx4zrPrsURAj6JDuBkNElZbXgzrQLets/KLsIxQrD8o3LYRcNT5D
8qS87UI+7kENw0bi6C56svA9fS0uSW01Z9edfRKgJoHJFtTdjA9RDM63aPKEmC9k
ePgElZ4SvIqlC1EfCl7evs8YUp+21iGHHYVfjFqnPLZS2EsYZw/kwHE9nby18WDB
FPI8N9D+KaAEEPUY0h2pWGCP1p8284NYw3bLerH7yAv2TrbG3bANQ1gEykRRMnsf
iPNh6+hpv5TwxOM0FGVW7giuIYVpTPTzwgaxjf9AYgLtfmYipfUvsr3AH17SaGV9
44oYFz//A8Peug==
-----END CERTIFICATE-----