Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
File:                     bIlKsevTD7N84imjdNPjE52QUY8.mft (raw, json)
Hash identifier:          9amRem9/ITd9iuRrDFurG7Dq8OeKB2X8KMbd96segEc=
Subject key identifier:   FE:A6:2C:78:5F:57:82:A3:E0:7E:1E:40:7F:48:46:A4:89:51:35:EC
Authority key identifier: 6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F
Certificate issuer:       /CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
Certificate serial:       018F88248FA2FB3F0976FA368557820D839D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
Manifest number:          01B8
Signing time:             Fri 17 May 2024 20:00:48 +0000
Manifest this update:     Fri 17 May 2024 20:00:48 +0000
Manifest next update:     Sat 18 May 2024 20:00:48 +0000
Files and hashes:         1: bIlKsevTD7N84imjdNPjE52QUY8.crl (hash: g9scSr+5QmTm6rF4/pmNNOZ1S3cc6s9w1XsIBuBYxfI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:8f:a2:fb:3f:09:76:fa:36:85:57:82:0d:83:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c894ab1ebd30fb37ce229a374d3e3139d90518f
        Validity
            Not Before: May 17 20:00:48 2024 GMT
            Not After : May 18 20:00:48 2024 GMT
        Subject: CN=fea62c785f5782a3e07e1e407f4846a4895135ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f1:bc:97:3b:a8:2c:0a:2a:ba:39:59:7b:44:
                    52:04:88:96:0c:de:65:c3:3f:b5:34:32:f3:57:4e:
                    5a:3f:12:38:f9:fc:9f:da:b7:6c:f2:11:31:71:32:
                    a6:31:ef:81:e9:90:5e:0c:91:43:49:5a:ca:b4:9e:
                    a9:37:c4:0f:56:e9:a4:ae:65:9a:ca:d3:d5:c0:25:
                    46:2a:8b:b6:af:ec:d5:8d:9a:71:ea:73:42:10:b8:
                    52:5a:62:73:f1:a0:1e:79:17:57:c4:ef:0e:58:24:
                    ed:08:3c:86:44:56:44:47:00:45:2f:26:70:aa:d0:
                    4e:c0:05:aa:0a:54:e7:9a:94:07:2e:89:b2:0a:5d:
                    70:08:88:b4:57:2f:80:c7:3c:07:2d:df:6a:8f:4e:
                    9e:13:c6:38:73:21:94:d0:6b:06:df:78:d5:ab:f0:
                    14:ad:dd:eb:2a:3d:70:04:f6:34:8b:8e:4d:7a:0a:
                    ad:2b:bc:d3:5b:9c:23:fb:0a:c2:29:79:83:03:4a:
                    d9:4a:a1:1c:bd:04:2f:6f:20:4a:3f:af:ba:1c:27:
                    e9:77:e1:41:98:29:ed:a2:3e:63:5d:76:e8:91:e1:
                    ea:dc:40:3b:b5:31:d5:84:03:f6:8f:5d:a8:08:26:
                    4c:c8:02:4c:57:ab:22:7b:58:4f:30:ea:9b:92:5f:
                    56:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:A6:2C:78:5F:57:82:A3:E0:7E:1E:40:7F:48:46:A4:89:51:35:EC
            X509v3 Authority Key Identifier:
                keyid:6C:89:4A:B1:EB:D3:0F:B3:7C:E2:29:A3:74:D3:E3:13:9D:90:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bIlKsevTD7N84imjdNPjE52QUY8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5faf76-1bc2-4721-9498-a1ae59e16873/1/bIlKsevTD7N84imjdNPjE52QUY8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:d3:d6:3d:1d:44:0f:30:d4:1e:47:d7:70:0f:4f:93:89:e6:
         40:89:c5:65:cc:29:5c:1d:78:50:48:24:ec:3a:17:a0:eb:fa:
         f2:a3:d3:85:f5:c3:08:19:b3:cc:3e:9b:37:b2:37:c8:12:22:
         b2:33:09:99:e6:01:78:91:b2:ec:98:a9:38:74:46:87:df:87:
         de:2f:b1:16:fd:73:6c:49:09:97:63:a1:f3:94:83:e4:be:37:
         77:7b:34:d1:06:52:52:47:0f:1d:23:5c:8c:ac:c1:07:5a:a8:
         db:7c:ab:9d:4e:f1:5d:a6:36:28:dc:35:6c:9a:a9:00:17:86:
         ac:63:63:e7:ba:33:cd:21:21:98:8e:a1:7b:19:68:6d:c4:d5:
         63:8c:22:25:ad:c5:4b:41:18:50:a1:98:9a:ec:97:a9:5a:18:
         26:77:36:06:72:1d:34:35:28:b1:b6:d1:7e:45:d7:f3:38:38:
         12:94:01:31:a6:9a:4f:22:8c:b0:c3:45:2b:be:2b:bb:a0:cb:
         67:9c:00:27:77:2e:a0:72:8d:cb:f7:13:46:f0:b8:51:f6:e7:
         2e:82:85:21:f0:81:c3:1c:d4:f6:9c:03:b2:62:d8:95:04:0a:
         59:00:34:d3:7f:37:1c:97:63:c9:00:41:74:d9:c9:e2:13:0f:
         fe:7e:d5:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJI+i+z8Jdvo2hVeCDYOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjODk0YWIxZWJkMzBmYjM3Y2UyMjlhMzc0ZDNlMzEzOWQ5
MDUxOGYwHhcNMjQwNTE3MjAwMDQ4WhcNMjQwNTE4MjAwMDQ4WjAzMTEwLwYDVQQD
EyhmZWE2MmM3ODVmNTc4MmEzZTA3ZTFlNDA3ZjQ4NDZhNDg5NTEzNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvG8lzuoLAoqujlZe0RSBIiWDN5l
wz+1NDLzV05aPxI4+fyf2rds8hExcTKmMe+B6ZBeDJFDSVrKtJ6pN8QPVumkrmWa
ytPVwCVGKou2r+zVjZpx6nNCELhSWmJz8aAeeRdXxO8OWCTtCDyGRFZERwBFLyZw
qtBOwAWqClTnmpQHLomyCl1wCIi0Vy+AxzwHLd9qj06eE8Y4cyGU0GsG33jVq/AU
rd3rKj1wBPY0i45NegqtK7zTW5wj+wrCKXmDA0rZSqEcvQQvbyBKP6+6HCfpd+FB
mCntoj5jXXbokeHq3EA7tTHVhAP2j12oCCZMyAJMV6sie1hPMOqbkl9WFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP6mLHhfV4Kj4H4eQH9IRqSJUTXsMB8GA1UdIwQY
MBaAFGyJSrHr0w+zfOIpo3TT4xOdkFGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgt
YTFhZTU5ZTE2ODczLzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZmFmNzYtMWJjMi00NzIxLTk0OTgtYTFhZTU5ZTE2ODcz
LzEvYklsS3NldlREN044NGltamROUGpFNTJRVVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNPWPR1E
DzDUHkfXcA9Pk4nmQInFZcwpXB14UEgk7DoXoOv68qPThfXDCBmzzD6bN7I3yBIi
sjMJmeYBeJGy7JipOHRGh9+H3i+xFv1zbEkJl2Oh85SD5L43d3s00QZSUkcPHSNc
jKzBB1qo23yrnU7xXaY2KNw1bJqpABeGrGNj57ozzSEhmI6hexlobcTVY4wiJa3F
S0EYUKGYmuyXqVoYJnc2BnIdNDUosbbRfkXX8zg4EpQBMaaaTyKMsMNFK74ru6DL
Z5wAJ3cuoHKNy/cTRvC4UfbnLoKFIfCBwxzU9pwDsmLYlQQKWQA00383HJdjyQBB
dNnJ4hMP/n7VhA==
-----END CERTIFICATE-----