Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
File:                     yjzk270E4HrOGTf4ChWvc5m4Aw4.mft (raw, json)
Hash identifier:          Ml4WdbtbI7ps+1kgkF7CDufl3YG57Ya7vLHmmnw+bu0=
Subject key identifier:   F3:5A:F5:7A:22:F1:52:9A:48:1C:B6:B1:78:A9:24:6A:43:90:0A:21
Authority key identifier: CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E
Certificate issuer:       /CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
Certificate serial:       018F885B64DAF3F29159D8A9A94E721FEE0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
Manifest number:          010F
Signing time:             Fri 17 May 2024 21:00:41 +0000
Manifest this update:     Fri 17 May 2024 21:00:41 +0000
Manifest next update:     Sat 18 May 2024 21:00:41 +0000
Files and hashes:         1: yjzk270E4HrOGTf4ChWvc5m4Aw4.crl (hash: lb4BAi5PpPqabyMm6F0wx5FzLdP8Elkws5Fht7BUXTs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:5b:64:da:f3:f2:91:59:d8:a9:a9:4e:72:1f:ee:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca3ce4dbbd04e07ace1937f80a15af7399b8030e
        Validity
            Not Before: May 17 21:00:41 2024 GMT
            Not After : May 18 21:00:41 2024 GMT
        Subject: CN=f35af57a22f1529a481cb6b178a9246a43900a21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b6:52:63:aa:fd:4a:63:5b:02:2e:44:62:97:
                    c3:ac:9b:87:74:51:20:b9:c8:3f:ee:d4:33:01:5a:
                    a9:0f:ce:d2:a0:43:0a:c3:d8:ed:50:b7:10:1b:72:
                    f3:4f:dc:b3:dc:3c:db:3b:73:13:4b:17:27:b5:bc:
                    ec:cc:b7:d9:ea:5c:b1:88:34:32:25:84:1c:be:bc:
                    5f:6e:34:79:02:b6:17:40:be:3c:e6:e7:73:52:86:
                    08:92:30:92:3e:fa:b7:09:5e:47:30:d2:28:90:16:
                    4e:b3:5b:b9:b1:d5:31:1a:a1:f2:2f:09:c2:98:01:
                    b7:2e:24:2c:ac:fe:60:4c:4f:33:ac:29:e2:90:e5:
                    82:7b:f6:4d:07:a3:f8:98:a4:7f:7d:c2:12:5a:05:
                    bc:6c:6c:2c:5e:1f:8f:0b:76:a0:62:ff:69:cc:c1:
                    49:f5:b6:04:79:88:fe:a5:2f:aa:8f:3f:b4:b7:93:
                    73:ae:90:1f:65:db:e8:c4:43:9c:7d:4c:ff:80:24:
                    80:3e:3d:74:26:16:bd:74:cf:7b:e3:39:c4:98:c5:
                    0b:4b:d3:1b:71:e4:8b:24:1a:21:33:dd:9f:67:98:
                    15:f8:bd:b4:1b:c9:83:46:01:79:95:0e:f9:4f:bb:
                    e1:9d:e1:73:b2:a5:de:93:29:41:5b:93:2e:ac:fe:
                    71:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:5A:F5:7A:22:F1:52:9A:48:1C:B6:B1:78:A9:24:6A:43:90:0A:21
            X509v3 Authority Key Identifier:
                keyid:CA:3C:E4:DB:BD:04:E0:7A:CE:19:37:F8:0A:15:AF:73:99:B8:03:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjzk270E4HrOGTf4ChWvc5m4Aw4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a5d9a3-c454-4b7e-800d-617cd3df395b/1/yjzk270E4HrOGTf4ChWvc5m4Aw4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:4a:59:ee:5f:a7:6d:20:0a:e8:8c:ad:67:63:68:07:e3:b3:
         57:29:4a:38:4b:85:86:08:ff:7a:7d:54:c6:4b:cd:c7:ce:40:
         66:97:76:d5:4e:d0:84:62:c6:1a:58:06:28:b0:82:95:71:b6:
         9c:30:d0:ef:af:22:52:e1:e1:38:ec:8e:55:3e:34:dc:45:12:
         01:2f:dc:72:ac:59:45:a5:d4:3b:0f:3b:bb:bc:d1:2e:d3:eb:
         6b:a6:34:29:a3:aa:da:f4:c1:8b:78:c6:58:67:7c:d1:a9:1b:
         42:14:90:ad:c7:b4:e5:d9:72:18:ef:fa:06:b2:d8:e9:58:d2:
         a7:38:15:15:12:1b:22:16:70:da:7d:58:62:04:c8:da:8c:35:
         2e:f8:7d:ac:6d:22:ed:9f:62:1f:8a:a5:fd:95:e4:a4:31:9b:
         7e:e6:a5:85:13:28:42:4d:10:19:8e:e3:81:8d:7f:9a:fc:38:
         46:05:2b:35:9f:5d:70:af:80:5b:90:98:0f:e2:5a:b7:20:97:
         5c:9e:9b:29:5a:22:f9:75:d9:58:1a:39:e1:f7:d0:61:bf:8e:
         85:93:4a:dc:7c:66:78:c3:71:4b:18:e2:90:63:20:44:4c:e3:
         4a:89:d2:40:f9:43:c6:c5:e3:ad:c2:24:4a:f0:78:8d:22:73:
         0c:c4:03:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IW2Ta8/KRWdipqU5yH+4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhM2NlNGRiYmQwNGUwN2FjZTE5MzdmODBhMTVhZjczOTli
ODAzMGUwHhcNMjQwNTE3MjEwMDQxWhcNMjQwNTE4MjEwMDQxWjAzMTEwLwYDVQQD
EyhmMzVhZjU3YTIyZjE1MjlhNDgxY2I2YjE3OGE5MjQ2YTQzOTAwYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7ZSY6r9SmNbAi5EYpfDrJuHdFEg
ucg/7tQzAVqpD87SoEMKw9jtULcQG3LzT9yz3DzbO3MTSxcntbzszLfZ6lyxiDQy
JYQcvrxfbjR5ArYXQL485udzUoYIkjCSPvq3CV5HMNIokBZOs1u5sdUxGqHyLwnC
mAG3LiQsrP5gTE8zrCnikOWCe/ZNB6P4mKR/fcISWgW8bGwsXh+PC3agYv9pzMFJ
9bYEeYj+pS+qjz+0t5NzrpAfZdvoxEOcfUz/gCSAPj10Jha9dM974znEmMULS9Mb
ceSLJBohM92fZ5gV+L20G8mDRgF5lQ75T7vhneFzsqXekylBW5MurP5x+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPNa9Xoi8VKaSBy2sXipJGpDkAohMB8GA1UdIwQY
MBaAFMo85Nu9BOB6zhk3+AoVr3OZuAMOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQt
NjE3Y2QzZGYzOTViLzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9hNWQ5YTMtYzQ1NC00YjdlLTgwMGQtNjE3Y2QzZGYzOTVi
LzEveWp6azI3MEU0SHJPR1RmNENoV3ZjNW00QXc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0pZ7l+n
bSAK6IytZ2NoB+OzVylKOEuFhgj/en1UxkvNx85AZpd21U7QhGLGGlgGKLCClXG2
nDDQ768iUuHhOOyOVT403EUSAS/ccqxZRaXUOw87u7zRLtPra6Y0KaOq2vTBi3jG
WGd80akbQhSQrce05dlyGO/6BrLY6VjSpzgVFRIbIhZw2n1YYgTI2ow1Lvh9rG0i
7Z9iH4ql/ZXkpDGbfualhRMoQk0QGY7jgY1/mvw4RgUrNZ9dcK+AW5CYD+JatyCX
XJ6bKVoi+XXZWBo54ffQYb+OhZNK3HxmeMNxSxjikGMgREzjSonSQPlDxsXjrcIk
SvB4jSJzDMQDwA==
-----END CERTIFICATE-----