Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
File:                     z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json)
Hash identifier:          Kr+HJvOL37y7TxcmqXEkuvtIwq4d7Yic04yXkWINBqw=
Subject key identifier:   18:F1:90:34:0F:86:50:80:C0:FF:26:55:14:64:00:5E:40:AE:22:6E
Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C
Certificate issuer:       /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
Certificate serial:       018F87B67B123E55D7B1C6B15CE0CDDA22DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 18:00:34 +0000
Manifest this update:     Fri 17 May 2024 18:00:34 +0000
Manifest next update:     Sat 18 May 2024 18:00:34 +0000
Files and hashes:         1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: DxJ8fdmyIqlSoDo94X4g7trZBVeP9Ht2shBlmeswRaw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:7b:12:3e:55:d7:b1:c6:b1:5c:e0:cd:da:22:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c
        Validity
            Not Before: May 17 18:00:34 2024 GMT
            Not After : May 18 18:00:34 2024 GMT
        Subject: CN=18f190340f865080c0ff26551464005e40ae226e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:95:ee:48:fd:9d:f0:b0:42:af:c1:97:cc:fc:
                    ec:07:a0:ef:80:ee:5e:f8:be:d8:3b:c3:02:aa:2b:
                    bd:f8:53:e1:2a:ee:e9:34:a7:fb:4c:48:18:49:39:
                    56:c8:6a:be:b3:48:a6:90:b7:20:88:0b:b3:ef:6c:
                    49:10:8d:8d:db:53:e8:00:95:bf:2b:1d:bc:f4:21:
                    c1:6d:4c:34:7e:d1:58:d0:59:95:32:5e:b1:15:58:
                    81:97:83:e4:91:15:cb:eb:e1:7d:d1:d1:ae:3a:57:
                    75:25:c8:ce:b8:55:40:13:5b:06:0a:36:e3:20:85:
                    7b:e0:d8:84:71:85:ea:83:9a:9c:f5:80:fa:08:e1:
                    16:b1:e7:63:77:61:a4:b0:62:8b:3d:eb:db:f8:78:
                    b2:b3:3f:de:77:f1:8c:ab:5a:2b:77:d9:4f:4e:4d:
                    d3:2a:7b:10:ad:e1:d6:51:f3:75:63:54:72:73:27:
                    72:90:00:ca:d3:ce:2d:cc:ec:58:07:fb:bc:3b:b9:
                    eb:da:f1:2c:e9:8c:6c:20:6c:b2:02:a4:45:cc:7d:
                    b4:f0:82:4c:cc:37:1e:fc:58:0d:bd:b9:67:b3:fa:
                    d3:33:df:6c:de:63:b1:8f:01:51:08:ad:06:65:0d:
                    92:b0:2b:1f:7e:e6:47:df:4d:6e:0f:7f:f9:28:64:
                    41:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:F1:90:34:0F:86:50:80:C0:FF:26:55:14:64:00:5E:40:AE:22:6E
            X509v3 Authority Key Identifier:
                keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         97:66:b9:0f:09:c3:1d:48:ec:0a:e1:59:e6:77:e8:5b:4b:1e:
         5c:7d:0a:ec:e7:9c:37:f5:1d:25:4c:36:b6:44:0f:ff:e3:10:
         2d:48:49:2e:c6:92:aa:74:5f:4c:99:39:9d:6d:18:da:17:04:
         00:e9:75:b8:e6:35:d9:5c:58:67:96:54:93:e6:0f:09:49:e4:
         af:f1:41:93:18:e9:ef:0d:0e:4f:4c:6f:dc:2a:4a:3a:dc:80:
         00:59:75:b6:11:b9:db:86:e5:64:b3:98:02:c3:b6:94:df:cc:
         1f:59:46:e7:03:52:9a:b3:bc:85:e0:bc:b1:50:2b:23:f4:67:
         44:bb:62:4f:91:f6:a9:7c:25:79:4c:4f:ea:76:17:50:4d:60:
         c3:2c:02:26:39:9e:94:a0:80:88:d5:16:0a:c0:5e:11:de:e2:
         60:ef:74:fb:43:91:a8:f8:37:dc:d0:94:c2:6c:63:8a:dd:43:
         8a:6f:f1:11:af:2d:30:87:ea:94:11:f6:42:0b:de:05:c4:27:
         64:5c:ae:9b:31:69:ff:47:37:d7:28:0c:dd:29:a0:4c:64:a7:
         b0:79:12:87:33:7a:b0:99:08:94:9e:32:9a:ef:db:a8:30:0e:
         36:3e:64:2b:f4:2a:c3:f1:01:3b:4c:80:64:64:04:aa:73:af:
         74:be:c9:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtnsSPlXXscaxXODN2iLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy
YmEzMWMwHhcNMjQwNTE3MTgwMDM0WhcNMjQwNTE4MTgwMDM0WjAzMTEwLwYDVQQD
EygxOGYxOTAzNDBmODY1MDgwYzBmZjI2NTUxNDY0MDA1ZTQwYWUyMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15XuSP2d8LBCr8GXzPzsB6DvgO5e
+L7YO8MCqiu9+FPhKu7pNKf7TEgYSTlWyGq+s0imkLcgiAuz72xJEI2N21PoAJW/
Kx289CHBbUw0ftFY0FmVMl6xFViBl4PkkRXL6+F90dGuOld1JcjOuFVAE1sGCjbj
IIV74NiEcYXqg5qc9YD6COEWsedjd2GksGKLPevb+Hiysz/ed/GMq1ord9lPTk3T
KnsQreHWUfN1Y1RycydykADK084tzOxYB/u8O7nr2vEs6YxsIGyyAqRFzH208IJM
zDce/FgNvblns/rTM99s3mOxjwFRCK0GZQ2SsCsffuZH301uD3/5KGRBDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBjxkDQPhlCAwP8mVRRkAF5AriJuMB8GA1UdIwQY
MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt
N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw
LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl2a5DwnD
HUjsCuFZ5nfoW0seXH0K7OecN/UdJUw2tkQP/+MQLUhJLsaSqnRfTJk5nW0Y2hcE
AOl1uOY12VxYZ5ZUk+YPCUnkr/FBkxjp7w0OT0xv3CpKOtyAAFl1thG524blZLOY
AsO2lN/MH1lG5wNSmrO8heC8sVArI/RnRLtiT5H2qXwleUxP6nYXUE1gwywCJjme
lKCAiNUWCsBeEd7iYO90+0ORqPg33NCUwmxjit1Dim/xEa8tMIfqlBH2QgveBcQn
ZFyumzFp/0c31ygM3SmgTGSnsHkShzN6sJkIlJ4ymu/bqDAONj5kK/Qqw/EBO0yA
ZGQEqnOvdL7JyQ==
-----END CERTIFICATE-----