Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
File:                     Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft (raw, json)
Hash identifier:          A4qypzY5pRNIA2/O/QHA7/S+7D4eqtN7ljc0qLzdFVc=
Subject key identifier:   DF:C5:96:7E:DC:75:C6:71:5B:03:6E:90:AF:DC:45:CE:62:AF:B5:0E
Authority key identifier: 67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39
Certificate issuer:       /CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
Certificate serial:       018F8748CB3B8CD0D8ABC8E17A5EE033C69C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
Manifest number:          0271
Signing time:             Fri 17 May 2024 16:00:45 +0000
Manifest this update:     Fri 17 May 2024 16:00:45 +0000
Manifest next update:     Sat 18 May 2024 16:00:45 +0000
Files and hashes:         1: Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl (hash: JlGfmAyZ6ksUa9rJXAguhFfTEfqCaK/5ypp0ZRkFd4o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:cb:3b:8c:d0:d8:ab:c8:e1:7a:5e:e0:33:c6:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67aba9afa37d9bce407fe23c7919892d9d9c0939
        Validity
            Not Before: May 17 16:00:45 2024 GMT
            Not After : May 18 16:00:45 2024 GMT
        Subject: CN=dfc5967edc75c6715b036e90afdc45ce62afb50e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a0:53:ab:1b:b6:a4:5b:33:f3:57:ec:dc:d6:
                    dc:16:92:1e:3f:aa:ad:77:5d:10:72:7a:26:d6:4b:
                    e2:0a:21:1e:ee:c2:4a:8a:dd:3e:07:61:5c:65:9f:
                    7a:fa:29:ce:64:4b:80:61:4d:82:77:58:2a:a5:99:
                    c7:f9:6a:f3:30:85:0e:91:e5:21:0f:28:59:00:af:
                    c6:e3:58:f9:65:14:e6:d5:99:f9:fd:3f:e1:b8:44:
                    6c:fa:ae:4f:33:3c:d7:88:18:91:40:42:9a:9f:3c:
                    55:12:e6:4b:34:68:17:41:85:ce:05:bd:44:97:bb:
                    4f:e7:a8:a1:a2:c9:ab:d6:24:09:e6:98:29:34:2d:
                    57:6a:38:cb:3f:c7:73:26:0c:4a:61:2a:0b:89:32:
                    3e:f5:a4:6b:5d:39:3f:ad:14:3e:b4:43:b4:cd:b3:
                    22:67:20:1e:3d:b9:ae:f5:97:cf:90:6b:b4:9c:37:
                    e2:91:af:82:73:39:5e:a4:b1:1c:e7:ea:ce:06:54:
                    be:2c:79:f4:a1:b0:19:69:51:61:ce:38:a1:76:7a:
                    14:c1:6a:9d:6e:c0:3c:a9:51:af:f7:47:d7:0a:13:
                    af:de:01:df:9b:80:22:a2:a3:8f:00:4f:d2:b9:c6:
                    dc:c6:4b:ee:ce:77:2f:e7:a0:d5:b5:ac:3d:3d:fe:
                    41:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:C5:96:7E:DC:75:C6:71:5B:03:6E:90:AF:DC:45:CE:62:AF:B5:0E
            X509v3 Authority Key Identifier:
                keyid:67:AB:A9:AF:A3:7D:9B:CE:40:7F:E2:3C:79:19:89:2D:9D:9C:09:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6upr6N9m85Af-I8eRmJLZ2cCTk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8f50aa-5456-4159-8840-b01d8f295c19/1/Z6upr6N9m85Af-I8eRmJLZ2cCTk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:c0:31:8b:4b:b2:b8:4b:de:8b:dd:1c:0a:83:96:e9:72:95:
         d8:37:9f:ed:03:5e:44:c5:ea:16:0c:b9:7c:52:2e:a0:f3:a8:
         c6:92:09:ba:06:5f:66:20:bf:15:c1:e1:b5:1c:34:23:1b:2a:
         d8:ec:ab:b6:4b:01:98:a2:b6:79:bd:7b:36:8e:93:c8:5a:1c:
         f3:97:22:2b:e4:40:19:ef:03:9b:0a:a3:16:34:3d:f4:7f:35:
         46:0f:72:6a:11:d2:7c:c5:56:23:5e:b3:20:e6:fd:98:ee:e4:
         f2:4c:b8:5a:0c:e7:96:7b:4a:94:5e:6e:ca:56:02:7d:c9:e2:
         bb:b5:c8:26:27:0c:bc:2c:11:e3:43:82:01:a7:70:3c:7f:6f:
         fb:7b:5e:50:a9:af:c0:a6:82:ae:e0:01:c5:44:f6:b1:33:0d:
         02:9f:16:1d:a2:cf:19:7f:07:54:52:c2:90:aa:44:bc:2c:b4:
         77:04:f2:05:67:1f:f6:30:4b:a8:a9:12:f7:47:6e:d4:86:9f:
         10:03:60:7e:d2:e7:ce:65:41:b6:54:36:48:85:25:89:7e:ea:
         e9:54:97:9c:ba:fc:52:d2:a7:98:7d:2b:24:ea:40:4d:c2:69:
         23:74:d0:70:0d:dd:21:83:6f:67:1c:92:87:fc:06:cc:44:37:
         8e:f3:86:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSMs7jNDYq8jhel7gM8acMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YWJhOWFmYTM3ZDliY2U0MDdmZTIzYzc5MTk4OTJkOWQ5
YzA5MzkwHhcNMjQwNTE3MTYwMDQ1WhcNMjQwNTE4MTYwMDQ1WjAzMTEwLwYDVQQD
EyhkZmM1OTY3ZWRjNzVjNjcxNWIwMzZlOTBhZmRjNDVjZTYyYWZiNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqBTqxu2pFsz81fs3NbcFpIeP6qt
d10Qcnom1kviCiEe7sJKit0+B2FcZZ96+inOZEuAYU2Cd1gqpZnH+WrzMIUOkeUh
DyhZAK/G41j5ZRTm1Zn5/T/huERs+q5PMzzXiBiRQEKanzxVEuZLNGgXQYXOBb1E
l7tP56ihosmr1iQJ5pgpNC1XajjLP8dzJgxKYSoLiTI+9aRrXTk/rRQ+tEO0zbMi
ZyAePbmu9ZfPkGu0nDfika+CczlepLEc5+rOBlS+LHn0obAZaVFhzjihdnoUwWqd
bsA8qVGv90fXChOv3gHfm4AioqOPAE/Sucbcxkvuzncv56DVtaw9Pf5BlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/Fln7cdcZxWwNukK/cRc5ir7UOMB8GA1UdIwQY
MBaAFGerqa+jfZvOQH/iPHkZiS2dnAk5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAt
YjAxZDhmMjk1YzE5LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84ZjUwYWEtNTQ1Ni00MTU5LTg4NDAtYjAxZDhmMjk1YzE5
LzEvWjZ1cHI2TjltODVBZi1JOGVSbUpMWjJjQ1RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8Axi0uy
uEvei90cCoOW6XKV2Def7QNeRMXqFgy5fFIuoPOoxpIJugZfZiC/FcHhtRw0Ixsq
2OyrtksBmKK2eb17No6TyFoc85ciK+RAGe8DmwqjFjQ99H81Rg9yahHSfMVWI16z
IOb9mO7k8ky4WgznlntKlF5uylYCfcniu7XIJicMvCwR40OCAadwPH9v+3teUKmv
wKaCruABxUT2sTMNAp8WHaLPGX8HVFLCkKpEvCy0dwTyBWcf9jBLqKkS90du1Iaf
EANgftLnzmVBtlQ2SIUliX7q6VSXnLr8UtKnmH0rJOpATcJpI3TQcA3dIYNvZxyS
h/wGzEQ3jvOG9g==
-----END CERTIFICATE-----