Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
File:                     NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft (raw, json)
Hash identifier:          8WajOd+ul+Hnof1ec0880Q5eZHy4lt+WorOTGkAjhGk=
Subject key identifier:   91:3A:7B:66:5A:F8:A0:78:15:C1:F8:0E:15:6E:F1:DC:B9:18:DD:45
Authority key identifier: 35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05
Certificate issuer:       /CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
Certificate serial:       018F86A3FCC7F86AD4DDBDB573DC5D0695D2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
Manifest number:          0524
Signing time:             Fri 17 May 2024 13:00:45 +0000
Manifest this update:     Fri 17 May 2024 13:00:45 +0000
Manifest next update:     Sat 18 May 2024 13:00:45 +0000
Files and hashes:         1: NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl (hash: aQR6u4exwN0hmVXof9pdP8YeCQOjY6zu+k25Mbo6Omk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:fc:c7:f8:6a:d4:dd:bd:b5:73:dc:5d:06:95:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35a555e146be4ae5f7ccfe5a3c12d3f2a2543b05
        Validity
            Not Before: May 17 13:00:45 2024 GMT
            Not After : May 18 13:00:45 2024 GMT
        Subject: CN=913a7b665af8a07815c1f80e156ef1dcb918dd45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:36:9e:31:f1:26:4d:e2:28:98:00:57:1d:17:
                    01:e4:7d:42:35:dc:21:c7:7e:4c:1e:85:b1:10:1b:
                    cb:71:48:20:92:29:e2:72:72:77:8f:a8:9e:cf:de:
                    9f:6d:40:fd:d1:c3:49:2f:54:1a:8c:4b:eb:ef:f9:
                    8c:af:31:41:13:33:f0:7b:85:8c:f2:2f:cd:86:ff:
                    70:ac:49:92:d5:2d:4a:71:d3:4a:17:a6:3e:06:64:
                    a7:e3:d7:32:27:5b:56:4a:87:23:3a:90:96:34:5c:
                    7c:ec:f4:8a:c9:06:3c:b5:fa:9f:74:b1:11:65:56:
                    f9:b2:00:4f:b0:b9:26:10:91:64:27:b3:2f:d7:29:
                    fc:da:7e:9d:85:57:1c:66:3f:2f:b7:7e:0a:6f:41:
                    3e:19:f3:51:08:81:34:9a:6b:1e:20:73:a6:2c:dc:
                    3a:96:a7:f5:f5:6d:fc:6c:c5:72:c6:86:07:af:63:
                    5b:40:b1:1e:c1:4a:d8:3a:a4:e6:8e:18:f6:72:37:
                    61:46:39:90:04:d2:cc:a8:c2:0f:ad:e5:19:ac:78:
                    45:10:e2:96:30:10:6b:32:4c:6d:5e:d9:0c:d1:30:
                    5e:9f:c1:5b:93:4c:2a:0e:65:63:3a:2d:45:f9:4e:
                    dc:01:c0:8f:f8:34:b5:d3:0f:de:57:ab:e4:6e:bf:
                    cf:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:3A:7B:66:5A:F8:A0:78:15:C1:F8:0E:15:6E:F1:DC:B9:18:DD:45
            X509v3 Authority Key Identifier:
                keyid:35:A5:55:E1:46:BE:4A:E5:F7:CC:FE:5A:3C:12:D3:F2:A2:54:3B:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/549744-bdde-42e8-87a8-051cd30cbcf1/1/NaVV4Ua-SuX3zP5aPBLT8qJUOwU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:4c:d3:45:6c:5b:50:60:50:9f:89:cc:27:25:85:6d:4d:f3:
         47:0b:72:44:21:3d:7d:29:09:d7:9a:f4:28:48:db:72:87:68:
         c8:a6:fe:de:c2:f5:df:e7:ff:d4:c4:f5:6d:da:fe:d9:bc:22:
         c5:06:d6:c6:8d:e5:a7:2b:41:ef:3b:90:7b:c0:9b:a3:94:07:
         2e:ea:05:1d:6f:2e:27:09:24:45:e3:62:5f:19:8c:6b:a8:b6:
         33:75:b2:0a:8f:23:7a:57:81:63:10:56:4b:75:02:9e:14:c7:
         f3:f8:7e:4b:7a:9f:0e:1d:94:f7:7d:09:a6:26:5e:01:65:43:
         71:9a:c0:1f:9f:0d:ff:bd:30:01:82:16:27:f3:b3:78:43:b6:
         87:ba:e4:51:aa:93:3d:cf:f5:9c:0c:5c:67:6a:4c:86:24:d3:
         8a:af:61:f7:70:63:89:57:3f:2f:d2:68:86:70:28:d9:20:80:
         a2:30:05:d2:8a:17:60:56:e1:f3:55:bf:1c:d2:a7:77:68:ca:
         14:fa:1b:d4:30:3e:45:ce:c2:fc:cd:89:a6:09:39:3f:5f:f7:
         de:26:9d:c1:ff:4c:65:8b:26:2e:4e:13:96:d9:9e:e2:bb:ab:
         da:3a:50:92:82:24:3a:dc:9f:63:50:cc:47:5b:95:75:bb:fb:
         56:69:17:98
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go/zH+GrU3b21c9xdBpXSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YTU1NWUxNDZiZTRhZTVmN2NjZmU1YTNjMTJkM2YyYTI1
NDNiMDUwHhcNMjQwNTE3MTMwMDQ1WhcNMjQwNTE4MTMwMDQ1WjAzMTEwLwYDVQQD
Eyg5MTNhN2I2NjVhZjhhMDc4MTVjMWY4MGUxNTZlZjFkY2I5MThkZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujaeMfEmTeIomABXHRcB5H1CNdwh
x35MHoWxEBvLcUggkinicnJ3j6iez96fbUD90cNJL1QajEvr7/mMrzFBEzPwe4WM
8i/Nhv9wrEmS1S1KcdNKF6Y+BmSn49cyJ1tWSocjOpCWNFx87PSKyQY8tfqfdLER
ZVb5sgBPsLkmEJFkJ7Mv1yn82n6dhVccZj8vt34Kb0E+GfNRCIE0mmseIHOmLNw6
lqf19W38bMVyxoYHr2NbQLEewUrYOqTmjhj2cjdhRjmQBNLMqMIPreUZrHhFEOKW
MBBrMkxtXtkM0TBen8Fbk0wqDmVjOi1F+U7cAcCP+DS10w/eV6vkbr/PcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJE6e2Za+KB4FcH4DhVu8dy5GN1FMB8GA1UdIwQY
MBaAFDWlVeFGvkrl98z+WjwS0/KiVDsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgt
MDUxY2QzMGNiY2YxLzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC81NDk3NDQtYmRkZS00MmU4LTg3YTgtMDUxY2QzMGNiY2Yx
LzEvTmFWVjRVYS1TdVgzelA1YVBCTFQ4cUpVT3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkzTRWxb
UGBQn4nMJyWFbU3zRwtyRCE9fSkJ15r0KEjbcodoyKb+3sL13+f/1MT1bdr+2bwi
xQbWxo3lpytB7zuQe8Cbo5QHLuoFHW8uJwkkReNiXxmMa6i2M3WyCo8jeleBYxBW
S3UCnhTH8/h+S3qfDh2U930JpiZeAWVDcZrAH58N/70wAYIWJ/OzeEO2h7rkUaqT
Pc/1nAxcZ2pMhiTTiq9h93BjiVc/L9JohnAo2SCAojAF0ooXYFbh81W/HNKnd2jK
FPob1DA+Rc7C/M2Jpgk5P1/33iadwf9MZYsmLk4Tltme4rur2jpQkoIkOtyfY1DM
R1uVdbv7VmkXmA==
-----END CERTIFICATE-----