Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.mft
File:                     mHUtGGZ9v_hCL5fh44kOmTgdCdQ.mft (raw, json)
Hash identifier:          DSaAt/ZtUnG5WSGpIGg80h+Zn0dXzxT4XeJp6osfdz8=
Subject key identifier:   C8:31:AA:E7:8A:AC:66:C8:20:86:E2:2C:87:E6:4B:77:EF:33:16:D7
Authority key identifier: 98:75:2D:18:66:7D:BF:F8:42:2F:97:E1:E3:89:0E:99:38:1D:09:D4
Certificate issuer:       /CN=98752d18667dbff8422f97e1e3890e99381d09d4
Certificate serial:       018F979729A4F66DEED90F97B97EF2BB4970
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.mft
Manifest number:          0215
Signing time:             Mon 20 May 2024 20:00:17 +0000
Manifest this update:     Mon 20 May 2024 20:00:17 +0000
Manifest next update:     Tue 21 May 2024 20:00:17 +0000
Files and hashes:         1: mHUtGGZ9v_hCL5fh44kOmTgdCdQ.crl (hash: EfDkYvFB03d+ANdIa5c6Qy9kZ+RB/jcsyL6bSX4WUC8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 16:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:97:97:29:a4:f6:6d:ee:d9:0f:97:b9:7e:f2:bb:49:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98752d18667dbff8422f97e1e3890e99381d09d4
        Validity
            Not Before: May 20 20:00:17 2024 GMT
            Not After : May 21 20:00:17 2024 GMT
        Subject: CN=c831aae78aac66c82086e22c87e64b77ef3316d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e3:86:55:aa:41:9d:aa:f0:7c:e0:a6:77:e3:
                    f8:a3:b2:4d:61:91:53:ce:ed:71:ca:de:be:82:9c:
                    69:c5:9d:91:a2:be:e8:37:6b:ef:d0:df:92:83:c3:
                    29:80:51:c8:7e:cb:88:38:27:93:e4:94:a8:e6:09:
                    91:59:8c:85:3f:e9:39:52:29:14:23:4c:7e:39:9f:
                    51:30:c7:06:67:2d:3a:e1:00:0c:8e:02:c1:28:56:
                    76:1d:20:0b:cf:66:c1:55:87:30:bd:6f:17:dc:4d:
                    b6:56:0f:d2:75:ba:29:e2:e5:65:9f:34:f2:cf:bf:
                    d2:8a:cb:90:b3:ec:24:0c:c8:aa:08:e2:73:f1:29:
                    a4:3f:4a:32:53:3d:d1:87:13:7c:8d:e0:5e:b1:77:
                    f8:1e:5b:78:12:e2:30:d4:b0:f7:e3:34:0a:95:29:
                    bb:a8:1f:c9:ff:15:55:41:9f:59:44:15:de:a0:a4:
                    5b:9e:9b:3e:63:e7:cc:25:25:28:8b:5f:90:0d:29:
                    0a:a3:26:17:dc:2b:0c:7b:2a:08:95:3b:21:f7:b2:
                    0f:6e:09:6e:02:77:30:3b:f6:be:96:9d:18:c5:fb:
                    e5:b8:83:ae:28:68:a3:5e:dd:05:56:ab:03:43:7f:
                    40:85:24:7c:5a:1b:50:3a:c9:a8:4b:ea:87:ce:2b:
                    ec:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:31:AA:E7:8A:AC:66:C8:20:86:E2:2C:87:E6:4B:77:EF:33:16:D7
            X509v3 Authority Key Identifier:
                keyid:98:75:2D:18:66:7D:BF:F8:42:2F:97:E1:E3:89:0E:99:38:1D:09:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/bdc9d1-e59e-4d1e-ba85-190afa2c1361/1/mHUtGGZ9v_hCL5fh44kOmTgdCdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:44:db:65:47:46:41:0a:78:44:ae:51:f1:ae:42:02:77:e7:
         f7:d3:18:91:49:ec:22:fd:08:70:fb:47:7a:89:17:e0:a1:dc:
         af:39:bd:33:dd:09:d0:48:e1:10:43:2d:a4:ca:de:19:3a:a8:
         1a:c7:27:7b:97:52:3d:88:38:be:e5:ad:6b:59:9b:1f:3f:c3:
         2e:9d:e1:93:b3:6f:61:fd:a1:f5:0e:81:09:a6:43:ff:08:49:
         82:23:14:b2:12:86:41:83:42:f3:ca:c8:5f:d9:79:4d:de:f0:
         e7:d0:6b:b8:08:0c:8e:37:f3:bd:db:99:41:61:4e:cd:36:61:
         b4:5b:53:7e:1e:fc:1b:00:c7:41:d1:5e:53:a1:0d:4a:03:7e:
         fc:04:b1:44:e7:e1:f0:3e:67:d2:80:65:ec:ee:c9:a8:09:25:
         a2:fc:ad:67:bd:20:6a:9e:78:86:ab:04:7a:17:4d:f0:71:59:
         0e:95:e4:05:62:f9:69:8c:67:ca:56:f9:11:07:f7:fe:00:2b:
         8d:c8:8c:75:3f:86:8f:c8:72:19:45:b5:80:02:58:f6:e7:49:
         da:08:fe:25:68:c2:2d:5a:6d:4d:ec:cd:0d:0f:66:58:4a:84:
         1c:7d:3f:09:9e:e7:c3:8d:a0:b4:80:6c:ab:af:2c:e9:3e:bb:
         e7:9b:f1:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Xlymk9m3u2Q+XuX7yu0lwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NzUyZDE4NjY3ZGJmZjg0MjJmOTdlMWUzODkwZTk5Mzgx
ZDA5ZDQwHhcNMjQwNTIwMjAwMDE3WhcNMjQwNTIxMjAwMDE3WjAzMTEwLwYDVQQD
EyhjODMxYWFlNzhhYWM2NmM4MjA4NmUyMmM4N2U2NGI3N2VmMzMxNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquOGVapBnarwfOCmd+P4o7JNYZFT
zu1xyt6+gpxpxZ2Ror7oN2vv0N+Sg8MpgFHIfsuIOCeT5JSo5gmRWYyFP+k5UikU
I0x+OZ9RMMcGZy064QAMjgLBKFZ2HSALz2bBVYcwvW8X3E22Vg/Sdbop4uVlnzTy
z7/SisuQs+wkDMiqCOJz8SmkP0oyUz3RhxN8jeBesXf4Hlt4EuIw1LD34zQKlSm7
qB/J/xVVQZ9ZRBXeoKRbnps+Y+fMJSUoi1+QDSkKoyYX3CsMeyoIlTsh97IPbglu
AncwO/a+lp0YxfvluIOuKGijXt0FVqsDQ39AhSR8WhtQOsmoS+qHzivszwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMgxqueKrGbIIIbiLIfmS3fvMxbXMB8GA1UdIwQY
MBaAFJh1LRhmfb/4Qi+X4eOJDpk4HQnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUhVdEdHWjl2X2hDTDVmaDQ0a09tVGdkQ2RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iZGM5ZDEtZTU5ZS00ZDFlLWJhODUt
MTkwYWZhMmMxMzYxLzEvbUhVdEdHWjl2X2hDTDVmaDQ0a09tVGdkQ2RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9iZGM5ZDEtZTU5ZS00ZDFlLWJhODUtMTkwYWZhMmMxMzYx
LzEvbUhVdEdHWjl2X2hDTDVmaDQ0a09tVGdkQ2RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeETbZUdG
QQp4RK5R8a5CAnfn99MYkUnsIv0IcPtHeokX4KHcrzm9M90J0EjhEEMtpMreGTqo
Gscne5dSPYg4vuWta1mbHz/DLp3hk7NvYf2h9Q6BCaZD/whJgiMUshKGQYNC88rI
X9l5Td7w59BruAgMjjfzvduZQWFOzTZhtFtTfh78GwDHQdFeU6ENSgN+/ASxROfh
8D5n0oBl7O7JqAklovytZ70gap54hqsEehdN8HFZDpXkBWL5aYxnylb5EQf3/gAr
jciMdT+Gj8hyGUW1gAJY9udJ2gj+JWjCLVptTezNDQ9mWEqEHH0/CZ7nw42gtIBs
q68s6T6755vxyg==
-----END CERTIFICATE-----