Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
File:                     IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft (raw, json)
Hash identifier:          LmWeZb9YY/X8o2S15lH2I6iMK+yfGuCpnQhcbnjPHjI=
Subject key identifier:   D8:91:59:15:FE:A9:2A:95:25:ED:4C:F5:3A:F2:99:EE:7B:55:52:2F
Authority key identifier: 22:E2:F3:53:47:57:D9:39:08:DA:41:79:9D:C2:61:35:06:14:AE:46
Certificate issuer:       /CN=22e2f3534757d93908da41799dc261350614ae46
Certificate serial:       018F8749B0D3E98BA34ABF0BA40727E4DB6E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
Manifest number:          020D
Signing time:             Fri 17 May 2024 16:01:44 +0000
Manifest this update:     Fri 17 May 2024 16:01:44 +0000
Manifest next update:     Sat 18 May 2024 16:01:44 +0000
Files and hashes:         1: IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl (hash: QnqVpGUUjT/XD9nLmxy4yhc0weYTukq1UHVJXuXIxLM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:b0:d3:e9:8b:a3:4a:bf:0b:a4:07:27:e4:db:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22e2f3534757d93908da41799dc261350614ae46
        Validity
            Not Before: May 17 16:01:44 2024 GMT
            Not After : May 18 16:01:44 2024 GMT
        Subject: CN=d8915915fea92a9525ed4cf53af299ee7b55522f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:ee:9f:58:19:9e:01:10:44:8e:03:4c:79:46:
                    04:bc:55:ac:9b:e4:aa:fb:1f:87:e5:a0:b4:e8:2d:
                    84:16:3e:88:0b:20:ca:34:74:a1:29:c3:93:9c:6c:
                    7b:fb:1f:aa:cf:07:71:04:10:4c:03:35:60:00:df:
                    65:9f:c0:cb:2c:6e:9f:55:4a:0d:b0:67:72:17:57:
                    57:b1:13:60:00:14:68:9e:bf:91:1c:04:4b:23:76:
                    58:d2:a9:6d:c9:16:09:f5:22:99:24:c2:bd:65:6e:
                    4c:aa:93:3f:35:7a:12:3b:17:18:a7:c6:e9:e7:05:
                    99:e7:a8:a5:38:63:3f:6c:8a:49:66:82:69:f1:a8:
                    1f:7a:79:bc:ad:74:79:82:d8:1c:66:a2:de:e3:b6:
                    d5:e5:ab:7f:a0:14:59:61:57:a6:a1:df:17:69:ce:
                    9e:ac:96:9e:e8:ff:db:b0:55:27:40:49:64:7e:02:
                    fc:89:74:67:fc:52:07:ea:20:89:ac:c3:06:73:ef:
                    cc:98:0e:52:e4:d0:4c:fc:6e:58:22:fe:7c:ff:eb:
                    cd:c1:51:23:3d:7c:a2:05:9b:d9:a3:e5:5b:99:30:
                    d5:a9:1a:27:a5:b4:d8:59:3d:a8:01:15:c5:4a:77:
                    d4:60:66:5b:7a:cd:ec:52:be:68:f0:42:41:10:63:
                    0c:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:91:59:15:FE:A9:2A:95:25:ED:4C:F5:3A:F2:99:EE:7B:55:52:2F
            X509v3 Authority Key Identifier:
                keyid:22:E2:F3:53:47:57:D9:39:08:DA:41:79:9D:C2:61:35:06:14:AE:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IuLzU0dX2TkI2kF5ncJhNQYUrkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3b2455-fff3-4bda-9878-29cec2795cb3/1/IuLzU0dX2TkI2kF5ncJhNQYUrkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2e:27:2f:d9:5c:11:3f:5a:2c:a8:92:7c:56:ca:bb:c3:0a:b4:
         eb:9b:56:48:cb:c3:09:0b:16:a0:0e:bd:9f:91:d4:5f:d2:20:
         52:8c:25:14:43:59:2f:35:f0:1b:f0:ef:98:c6:a3:60:bd:44:
         71:53:cc:3f:47:6e:d7:e0:81:68:f1:ef:78:96:24:93:44:c1:
         73:15:66:36:7e:c5:87:73:8a:71:d6:11:1a:ae:9b:dc:eb:14:
         fa:e6:84:84:4d:89:3f:d3:44:61:39:ad:97:07:34:d3:64:f4:
         30:6e:c1:21:91:b1:21:63:ae:8d:32:f9:4a:e5:e7:5c:e3:c8:
         8d:b2:88:2e:8f:12:b9:79:a4:70:02:29:b6:c1:ff:df:b5:e2:
         25:b0:ed:36:29:7b:90:d8:53:95:f5:f8:d3:23:ef:c9:8f:32:
         d4:34:4e:2c:aa:f5:62:08:ce:15:a2:1a:75:4a:b7:6b:c5:ac:
         ce:fb:c3:2e:96:88:9e:8f:4d:fa:ad:d7:ba:43:13:6f:71:a9:
         74:12:a2:9b:0c:3a:24:da:6f:f7:fc:48:2d:b1:69:76:de:f5:
         19:51:00:46:c4:a0:81:5b:1a:ea:cb:58:05:94:e4:34:ab:3b:
         3b:1b:28:ae:27:50:47:9b:35:52:3e:a4:65:d8:68:94:8f:63:
         5e:0c:79:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSbDT6YujSr8LpAcn5NtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZTJmMzUzNDc1N2Q5MzkwOGRhNDE3OTlkYzI2MTM1MDYx
NGFlNDYwHhcNMjQwNTE3MTYwMTQ0WhcNMjQwNTE4MTYwMTQ0WjAzMTEwLwYDVQQD
EyhkODkxNTkxNWZlYTkyYTk1MjVlZDRjZjUzYWYyOTllZTdiNTU1MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+6fWBmeARBEjgNMeUYEvFWsm+Sq
+x+H5aC06C2EFj6ICyDKNHShKcOTnGx7+x+qzwdxBBBMAzVgAN9ln8DLLG6fVUoN
sGdyF1dXsRNgABRonr+RHARLI3ZY0qltyRYJ9SKZJMK9ZW5MqpM/NXoSOxcYp8bp
5wWZ56ilOGM/bIpJZoJp8agfenm8rXR5gtgcZqLe47bV5at/oBRZYVemod8Xac6e
rJae6P/bsFUnQElkfgL8iXRn/FIH6iCJrMMGc+/MmA5S5NBM/G5YIv58/+vNwVEj
PXyiBZvZo+VbmTDVqRonpbTYWT2oARXFSnfUYGZbes3sUr5o8EJBEGMM/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiRWRX+qSqVJe1M9Tryme57VVIvMB8GA1UdIwQY
MBaAFCLi81NHV9k5CNpBeZ3CYTUGFK5GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYjI0NTUtZmZmMy00YmRhLTk4Nzgt
MjljZWMyNzk1Y2IzLzEvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYjI0NTUtZmZmMy00YmRhLTk4NzgtMjljZWMyNzk1Y2Iz
LzEvSXVMelUwZFgyVGtJMmtGNW5jSmhOUVlVcmtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALicv2VwR
P1osqJJ8Vsq7wwq065tWSMvDCQsWoA69n5HUX9IgUowlFENZLzXwG/DvmMajYL1E
cVPMP0du1+CBaPHveJYkk0TBcxVmNn7Fh3OKcdYRGq6b3OsU+uaEhE2JP9NEYTmt
lwc002T0MG7BIZGxIWOujTL5SuXnXOPIjbKILo8SuXmkcAIptsH/37XiJbDtNil7
kNhTlfX40yPvyY8y1DROLKr1YgjOFaIadUq3a8WszvvDLpaIno9N+q3XukMTb3Gp
dBKimww6JNpv9/xILbFpdt71GVEARsSggVsa6stYBZTkNKs7OxsoridQR5s1Uj6k
ZdholI9jXgx5mQ==
-----END CERTIFICATE-----