Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
File:                     zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json)
Hash identifier:          Sn73i/Wb3oQb4xFPchw4kQdVyVJuiaK0Pyu17jFdxn4=
Subject key identifier:   1D:D7:B5:89:A5:A8:B1:62:C6:4C:72:21:13:9D:0E:BD:E5:1C:55:6A
Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57
Certificate issuer:       /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
Certificate serial:       018F8824907E7926AA3EFD8250DA6511FAD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
Manifest number:          05B1
Signing time:             Fri 17 May 2024 20:00:48 +0000
Manifest this update:     Fri 17 May 2024 20:00:48 +0000
Manifest next update:     Sat 18 May 2024 20:00:48 +0000
Files and hashes:         1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: MO85Oe90JNB17IfuiGqcBW5NjYL7oY80iWVmUGXn714=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:90:7e:79:26:aa:3e:fd:82:50:da:65:11:fa:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57
        Validity
            Not Before: May 17 20:00:48 2024 GMT
            Not After : May 18 20:00:48 2024 GMT
        Subject: CN=1dd7b589a5a8b162c64c7221139d0ebde51c556a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a5:6a:e0:ed:fc:e9:94:9a:ad:2f:1a:d5:a7:
                    8f:fa:17:59:74:9d:88:c7:77:8c:34:67:e2:0c:86:
                    e9:a3:52:07:bf:e4:8e:c4:66:c5:9c:4a:fd:15:8b:
                    a3:58:ff:5a:1f:0a:19:fc:09:46:b1:0f:df:08:70:
                    3e:70:59:7b:fc:60:e9:7c:09:5e:d3:f0:75:c6:4e:
                    03:61:e6:06:e1:e3:71:84:fa:b8:7f:86:d3:0e:c5:
                    bc:6d:ed:99:1b:ab:bd:fd:e4:e1:66:fc:f8:4d:c7:
                    95:64:7d:30:80:f3:1d:ed:13:9d:8e:cb:00:b6:17:
                    7f:47:8e:d1:8d:8b:ca:42:35:92:e2:7a:ac:d9:a0:
                    68:70:aa:0e:77:89:7f:f1:a0:2e:9f:26:d4:3f:3a:
                    b9:a9:3f:13:90:6d:3e:ea:e6:99:55:e0:22:c2:2f:
                    ba:3a:7a:69:f6:ff:86:76:b5:4f:59:20:df:18:29:
                    95:e9:f5:0f:ad:d4:8b:da:41:0f:f7:11:14:7d:5d:
                    73:9c:24:02:b5:8a:97:02:87:73:6d:6d:f4:b8:b8:
                    55:d9:d0:30:66:f3:13:89:7b:a5:4d:51:33:b8:fd:
                    d7:d7:2e:b1:aa:11:47:bf:79:ae:ef:8c:43:ea:fb:
                    28:5e:28:3c:66:fc:01:3e:67:1b:15:94:d7:52:04:
                    96:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:D7:B5:89:A5:A8:B1:62:C6:4C:72:21:13:9D:0E:BD:E5:1C:55:6A
            X509v3 Authority Key Identifier:
                keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:38:e6:d8:0b:39:3e:aa:54:de:24:5d:51:7b:ec:2b:3c:30:
         16:91:fb:3a:fe:2c:63:bb:53:32:d3:b0:b5:d5:8a:86:32:f6:
         84:ab:27:e7:f4:1e:1f:82:5f:81:61:59:ec:5b:59:63:3a:90:
         b1:b0:33:f6:c7:ba:24:88:6d:41:ca:3a:1a:82:5a:66:fb:34:
         7a:63:09:6d:99:56:76:48:9f:c3:a2:fe:b7:b4:bd:0b:6f:a4:
         be:78:d5:80:c6:d7:a6:4d:7b:29:a5:7d:e8:a4:dd:3e:c9:e3:
         3a:36:9f:5b:54:36:b1:56:dd:8f:cf:ba:99:07:0c:1b:ee:da:
         4d:df:f6:2a:0a:ca:bf:1b:f5:45:8a:9b:dd:f8:29:b1:59:57:
         83:7e:94:f2:c9:fd:f6:6b:19:99:50:0a:1c:39:46:c1:4f:23:
         0d:a4:50:a4:bb:f6:38:8e:0f:f2:02:4d:43:ec:42:bf:9e:29:
         ee:4d:89:3f:cd:bc:a5:3e:6d:dc:17:46:0f:42:aa:a8:96:17:
         e7:ad:96:1b:17:dc:76:57:93:31:b8:08:12:87:d4:f4:81:70:
         10:2e:5c:74:07:70:75:9f:31:20:39:ff:8e:fb:05:08:d5:99:
         d5:63:35:2f:05:80:92:32:05:a8:ee:bf:6d:69:36:5c:5c:78:
         d0:b6:0d:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJJB+eSaqPv2CUNplEfrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0
YjFjNTcwHhcNMjQwNTE3MjAwMDQ4WhcNMjQwNTE4MjAwMDQ4WjAzMTEwLwYDVQQD
EygxZGQ3YjU4OWE1YThiMTYyYzY0YzcyMjExMzlkMGViZGU1MWM1NTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqVq4O386ZSarS8a1aeP+hdZdJ2I
x3eMNGfiDIbpo1IHv+SOxGbFnEr9FYujWP9aHwoZ/AlGsQ/fCHA+cFl7/GDpfAle
0/B1xk4DYeYG4eNxhPq4f4bTDsW8be2ZG6u9/eThZvz4TceVZH0wgPMd7ROdjssA
thd/R47RjYvKQjWS4nqs2aBocKoOd4l/8aAunybUPzq5qT8TkG0+6uaZVeAiwi+6
Onpp9v+GdrVPWSDfGCmV6fUPrdSL2kEP9xEUfV1znCQCtYqXAodzbW30uLhV2dAw
ZvMTiXulTVEzuP3X1y6xqhFHv3mu74xD6vsoXig8ZvwBPmcbFZTXUgSWdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB3XtYmlqLFixkxyIROdDr3lHFVqMB8GA1UdIwQY
MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt
ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj
LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzjm2As5
PqpU3iRdUXvsKzwwFpH7Ov4sY7tTMtOwtdWKhjL2hKsn5/QeH4JfgWFZ7FtZYzqQ
sbAz9se6JIhtQco6GoJaZvs0emMJbZlWdkifw6L+t7S9C2+kvnjVgMbXpk17KaV9
6KTdPsnjOjafW1Q2sVbdj8+6mQcMG+7aTd/2KgrKvxv1RYqb3fgpsVlXg36U8sn9
9msZmVAKHDlGwU8jDaRQpLv2OI4P8gJNQ+xCv54p7k2JP828pT5t3BdGD0KqqJYX
562WGxfcdleTMbgIEofU9IFwEC5cdAdwdZ8xIDn/jvsFCNWZ1WM1LwWAkjIFqO6/
bWk2XFx40LYNKQ==
-----END CERTIFICATE-----