Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
File:                     tY6n73bYACz8pmxSD3ybYIo5XZU.mft (raw, json)
Hash identifier:          +QZG2wc4/6LBFXJvOc5mPAzIvk/cfGZPAN2mKpVVUK0=
Subject key identifier:   F5:AD:9D:54:B7:60:60:5B:8A:9E:55:1F:11:A0:78:5A:19:64:8A:ED
Authority key identifier: B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95
Certificate issuer:       /CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
Certificate serial:       018F889243420F099605F98C2B6DC767E635
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
Manifest number:          0109
Signing time:             Fri 17 May 2024 22:00:37 +0000
Manifest this update:     Fri 17 May 2024 22:00:37 +0000
Manifest next update:     Sat 18 May 2024 22:00:37 +0000
Files and hashes:         1: tY6n73bYACz8pmxSD3ybYIo5XZU.crl (hash: f+uDhkxrgSxFa+ULPCAYdBABltf4k5goUmisyAOCtMI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:43:42:0f:09:96:05:f9:8c:2b:6d:c7:67:e6:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b58ea7ef76d8002cfca66c520f7c9b608a395d95
        Validity
            Not Before: May 17 22:00:37 2024 GMT
            Not After : May 18 22:00:37 2024 GMT
        Subject: CN=f5ad9d54b760605b8a9e551f11a0785a19648aed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:ac:73:3c:d6:77:13:05:57:47:17:d5:e0:51:
                    70:88:5f:69:64:bd:db:44:b5:a1:e5:4e:d8:36:40:
                    17:ca:b6:5b:93:b5:a1:f2:49:da:4f:3a:50:4b:47:
                    c5:a0:f8:fe:5f:51:f4:6b:23:57:de:77:71:9e:01:
                    3c:70:bc:93:3b:63:85:21:86:c6:5e:52:b8:58:09:
                    fd:4d:bc:38:19:6c:e0:4b:b3:c8:64:76:26:ea:94:
                    e8:19:b6:3a:6e:f7:c0:97:d8:74:15:a3:3f:dc:60:
                    2d:ac:ab:b6:50:ec:c9:8d:b4:da:a0:76:d2:16:41:
                    ac:5f:82:10:aa:e5:77:47:a3:a5:f2:82:a3:3f:6e:
                    57:5c:35:30:89:8c:2c:b5:fa:c4:8b:3e:d4:53:5d:
                    2e:ba:cd:31:3e:8e:06:dc:56:ca:7d:ba:55:72:4b:
                    c7:5e:c3:21:f0:30:02:e3:6b:c7:8a:ff:6d:0a:d2:
                    71:ce:be:79:61:21:d3:5c:6a:67:f7:aa:c5:b8:c7:
                    4f:80:f9:46:70:7d:e6:20:f5:75:54:63:89:fb:c0:
                    4f:43:eb:07:99:08:28:b5:5b:8b:f7:e6:1c:fb:ae:
                    8b:43:39:94:91:14:ff:6a:79:df:19:0d:11:7e:74:
                    0c:98:9e:90:4e:a5:b4:83:35:ab:78:ee:69:91:7d:
                    f3:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:AD:9D:54:B7:60:60:5B:8A:9E:55:1F:11:A0:78:5A:19:64:8A:ED
            X509v3 Authority Key Identifier:
                keyid:B5:8E:A7:EF:76:D8:00:2C:FC:A6:6C:52:0F:7C:9B:60:8A:39:5D:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tY6n73bYACz8pmxSD3ybYIo5XZU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4d95ba-99fc-493e-a5c4-6b9ff2cfa07f/1/tY6n73bYACz8pmxSD3ybYIo5XZU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         78:3b:8f:13:bd:0b:08:50:1f:91:74:7f:41:72:ed:38:41:e7:
         3d:28:72:18:58:68:31:cb:dd:b3:da:38:64:ce:d7:19:d5:1e:
         c3:90:9f:ef:18:e0:86:61:3e:e9:f9:ad:e6:b2:df:4b:ba:fd:
         c9:72:e6:99:fa:ce:41:5f:aa:41:27:f1:84:f3:06:5d:d5:41:
         cb:9c:b1:ef:68:24:52:76:a8:aa:ca:09:c6:e9:6f:bc:c0:58:
         da:2b:64:81:ea:8d:ad:79:40:9b:a3:b3:a6:06:cd:5e:c9:49:
         cc:71:30:8f:11:cf:55:53:66:68:fd:cc:95:32:8d:2f:89:a3:
         83:35:d4:ae:e7:c8:95:1e:e0:c6:38:42:fb:7f:3c:93:28:e1:
         8f:26:41:cd:d6:e3:74:78:69:a7:00:ea:71:1f:e8:8e:62:e6:
         5c:54:d4:b4:c8:b6:5a:7f:51:33:a1:12:28:f5:a3:9f:32:8f:
         58:22:41:ec:ae:bd:5a:0e:a1:8c:ca:51:44:73:23:84:7f:bc:
         86:67:11:11:e0:5e:df:1b:63:13:c6:44:2f:7b:48:f7:08:7d:
         ac:e6:c2:b5:d2:00:cc:e4:1f:55:0d:fa:3a:13:cf:d5:6d:95:
         e2:51:ab:59:09:f6:5f:d9:53:2d:42:3d:3b:72:fd:f6:4a:c0:
         be:c1:7c:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IkkNCDwmWBfmMK23HZ+Y1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OGVhN2VmNzZkODAwMmNmY2E2NmM1MjBmN2M5YjYwOGEz
OTVkOTUwHhcNMjQwNTE3MjIwMDM3WhcNMjQwNTE4MjIwMDM3WjAzMTEwLwYDVQQD
EyhmNWFkOWQ1NGI3NjA2MDViOGE5ZTU1MWYxMWEwNzg1YTE5NjQ4YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KxzPNZ3EwVXRxfV4FFwiF9pZL3b
RLWh5U7YNkAXyrZbk7Wh8knaTzpQS0fFoPj+X1H0ayNX3ndxngE8cLyTO2OFIYbG
XlK4WAn9Tbw4GWzgS7PIZHYm6pToGbY6bvfAl9h0FaM/3GAtrKu2UOzJjbTaoHbS
FkGsX4IQquV3R6Ol8oKjP25XXDUwiYwstfrEiz7UU10uus0xPo4G3FbKfbpVckvH
XsMh8DAC42vHiv9tCtJxzr55YSHTXGpn96rFuMdPgPlGcH3mIPV1VGOJ+8BPQ+sH
mQgotVuL9+Yc+66LQzmUkRT/annfGQ0RfnQMmJ6QTqW0gzWreO5pkX3z1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPWtnVS3YGBbip5VHxGgeFoZZIrtMB8GA1UdIwQY
MBaAFLWOp+922AAs/KZsUg98m2CKOV2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQt
NmI5ZmYyY2ZhMDdmLzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS80ZDk1YmEtOTlmYy00OTNlLWE1YzQtNmI5ZmYyY2ZhMDdm
LzEvdFk2bjczYllBQ3o4cG14U0QzeWJZSW81WFpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDuPE70L
CFAfkXR/QXLtOEHnPShyGFhoMcvds9o4ZM7XGdUew5Cf7xjghmE+6fmt5rLfS7r9
yXLmmfrOQV+qQSfxhPMGXdVBy5yx72gkUnaoqsoJxulvvMBY2itkgeqNrXlAm6Oz
pgbNXslJzHEwjxHPVVNmaP3MlTKNL4mjgzXUrufIlR7gxjhC+388kyjhjyZBzdbj
dHhppwDqcR/ojmLmXFTUtMi2Wn9RM6ESKPWjnzKPWCJB7K69Wg6hjMpRRHMjhH+8
hmcREeBe3xtjE8ZEL3tI9wh9rObCtdIAzOQfVQ36OhPP1W2V4lGrWQn2X9lTLUI9
O3L99krAvsF8rw==
-----END CERTIFICATE-----