Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
File:                     xAqOocjcM7gpD-vTTkU4vZWXROg.mft (raw, json)
Hash identifier:          v3DRwNfYjVVZvc8cjZ2VF9+FapNdmndLJe0udv8i+uw=
Subject key identifier:   57:DF:7D:9A:B9:B8:66:DE:B3:00:27:00:07:39:A1:4A:82:BE:26:25
Authority key identifier: C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8
Certificate issuer:       /CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
Certificate serial:       018F87B661BC82075E871AF255EDE9EC877F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
Manifest number:          1108
Signing time:             Fri 17 May 2024 18:00:27 +0000
Manifest this update:     Fri 17 May 2024 18:00:27 +0000
Manifest next update:     Sat 18 May 2024 18:00:27 +0000
Files and hashes:         1: xAqOocjcM7gpD-vTTkU4vZWXROg.crl (hash: yDYcuDSAVmfY7/v651i0J7uGHVMRtOuRxcPrhVAJ6tg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:61:bc:82:07:5e:87:1a:f2:55:ed:e9:ec:87:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c40a8ea1c8dc33b8290febd34e4538bd959744e8
        Validity
            Not Before: May 17 18:00:27 2024 GMT
            Not After : May 18 18:00:27 2024 GMT
        Subject: CN=57df7d9ab9b866deb30027000739a14a82be2625
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:9f:fb:ae:f7:1b:4a:a6:f3:4c:5e:81:41:76:
                    6c:04:3e:50:70:d7:ce:e6:d9:38:37:1f:e1:bd:3b:
                    98:ee:c6:2e:17:9f:eb:ce:bd:40:32:e6:c0:20:04:
                    e2:29:d1:87:1d:ca:ca:a0:d0:03:f4:da:aa:2f:4d:
                    b8:b0:84:12:2c:8a:7f:70:fc:66:69:f7:75:bc:43:
                    3a:58:31:2e:7e:e1:a6:b4:06:df:ee:4f:ed:0b:69:
                    28:35:d9:6a:a3:20:e5:bd:27:67:0d:5a:df:21:8c:
                    72:f2:41:53:aa:39:19:8c:ef:4f:a4:45:d7:bb:77:
                    86:eb:15:89:a0:a1:01:b8:45:42:46:af:3d:7d:9b:
                    cb:a0:20:d1:60:a8:e6:2b:82:30:ba:52:4d:bc:64:
                    52:39:0a:b8:02:22:4c:ad:52:aa:6b:28:eb:59:5c:
                    9d:67:16:4b:4b:5a:00:03:05:e2:ee:04:ec:ab:67:
                    f7:09:dd:ba:b0:b6:1b:30:2a:17:3b:23:b0:e3:f9:
                    62:f9:47:fb:25:9a:dd:09:73:70:d0:e4:51:e6:b4:
                    b5:f4:43:f7:b4:19:54:23:25:07:86:78:a1:03:ac:
                    76:42:15:9b:9d:8d:4b:e5:10:48:57:61:d9:02:0c:
                    d7:1a:35:75:48:2e:a3:8e:20:2c:6b:b7:36:07:91:
                    16:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:DF:7D:9A:B9:B8:66:DE:B3:00:27:00:07:39:A1:4A:82:BE:26:25
            X509v3 Authority Key Identifier:
                keyid:C4:0A:8E:A1:C8:DC:33:B8:29:0F:EB:D3:4E:45:38:BD:95:97:44:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xAqOocjcM7gpD-vTTkU4vZWXROg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e98bf7-c5c8-4561-97e8-e13160ac3e23/1/xAqOocjcM7gpD-vTTkU4vZWXROg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:b7:e0:5c:7f:4e:d9:ab:12:04:78:c6:5e:48:a6:13:19:8a:
         89:14:68:9a:9c:77:9b:d8:34:1f:77:7e:ea:d2:27:52:9e:cd:
         cc:9c:42:bf:04:f9:78:ce:f0:55:40:2f:f7:9f:76:fe:8a:83:
         c5:f4:d6:0b:3e:5e:cb:1c:54:e5:25:a8:94:8a:d6:44:30:fe:
         11:12:d4:f0:d7:79:f2:18:97:ea:1f:75:02:58:52:1e:c5:eb:
         1b:0b:be:4b:86:51:3e:0d:f1:b0:02:91:6f:74:62:b4:bf:27:
         8e:c2:a0:14:09:42:0a:b3:16:ca:44:d0:c1:6b:f5:e4:37:aa:
         38:21:88:5e:aa:c6:cb:e6:f7:ec:6e:54:3a:6d:6f:ff:d4:f5:
         7d:07:bc:a9:fa:00:12:88:7a:27:81:30:c7:92:6a:6c:5c:fa:
         06:a0:1b:7c:92:d2:68:43:89:14:ea:76:00:68:de:4a:4f:cf:
         37:6d:ac:27:bd:18:1f:c7:3b:54:8f:00:ac:15:de:fa:94:6d:
         a4:39:1e:be:73:c0:11:b9:1c:3a:74:c7:18:8e:f9:f2:75:3c:
         83:ab:e5:d0:e8:6b:31:dc:24:8a:36:81:85:4d:bb:bf:5e:0a:
         c9:68:df:95:b2:58:0f:6e:9d:03:6b:3b:1c:96:6f:98:8d:3c:
         99:e7:26:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtmG8ggdehxryVe3p7Id/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MGE4ZWExYzhkYzMzYjgyOTBmZWJkMzRlNDUzOGJkOTU5
NzQ0ZTgwHhcNMjQwNTE3MTgwMDI3WhcNMjQwNTE4MTgwMDI3WjAzMTEwLwYDVQQD
Eyg1N2RmN2Q5YWI5Yjg2NmRlYjMwMDI3MDAwNzM5YTE0YTgyYmUyNjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05/7rvcbSqbzTF6BQXZsBD5QcNfO
5tk4Nx/hvTuY7sYuF5/rzr1AMubAIATiKdGHHcrKoNAD9NqqL024sIQSLIp/cPxm
afd1vEM6WDEufuGmtAbf7k/tC2koNdlqoyDlvSdnDVrfIYxy8kFTqjkZjO9PpEXX
u3eG6xWJoKEBuEVCRq89fZvLoCDRYKjmK4IwulJNvGRSOQq4AiJMrVKqayjrWVyd
ZxZLS1oAAwXi7gTsq2f3Cd26sLYbMCoXOyOw4/li+Uf7JZrdCXNw0ORR5rS19EP3
tBlUIyUHhnihA6x2QhWbnY1L5RBIV2HZAgzXGjV1SC6jjiAsa7c2B5EWRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFfffZq5uGbeswAnAAc5oUqCviYlMB8GA1UdIwQY
MBaAFMQKjqHI3DO4KQ/r005FOL2Vl0ToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgt
ZTEzMTYwYWMzZTIzLzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOThiZjctYzVjOC00NTYxLTk3ZTgtZTEzMTYwYWMzZTIz
LzEveEFxT29jamNNN2dwRC12VFRrVTR2WldYUk9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi7fgXH9O
2asSBHjGXkimExmKiRRompx3m9g0H3d+6tInUp7NzJxCvwT5eM7wVUAv9592/oqD
xfTWCz5eyxxU5SWolIrWRDD+ERLU8Nd58hiX6h91AlhSHsXrGwu+S4ZRPg3xsAKR
b3RitL8njsKgFAlCCrMWykTQwWv15DeqOCGIXqrGy+b37G5UOm1v/9T1fQe8qfoA
Eoh6J4Ewx5JqbFz6BqAbfJLSaEOJFOp2AGjeSk/PN22sJ70YH8c7VI8ArBXe+pRt
pDkevnPAEbkcOnTHGI758nU8g6vl0OhrMdwkijaBhU27v14KyWjflbJYD26dA2s7
HJZvmI08mecm3g==
-----END CERTIFICATE-----