Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
File:                     uglQnQRuXLar5boZqxurpUPTffg.mft (raw, json)
Hash identifier:          wQPsTOqDxbHXxmhl+CEZtoXgjUpsfB9ZFodZNum5Bu0=
Subject key identifier:   76:95:6D:D0:6F:94:20:AF:4E:EB:70:0F:83:1F:E9:9B:F1:80:A3:D7
Authority key identifier: BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8
Certificate issuer:       /CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
Certificate serial:       018F8749D2930CA5C9E78F44BEC3E101CD9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
Manifest number:          04FD
Signing time:             Fri 17 May 2024 16:01:53 +0000
Manifest this update:     Fri 17 May 2024 16:01:53 +0000
Manifest next update:     Sat 18 May 2024 16:01:53 +0000
Files and hashes:         1: uglQnQRuXLar5boZqxurpUPTffg.crl (hash: 9PJrtQIlUpzZ43OMX2A1MBTukoruMjsoTrb7L2VVM/w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:d2:93:0c:a5:c9:e7:8f:44:be:c3:e1:01:cd:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba09509d046e5cb6abe5ba19ab1baba543d37df8
        Validity
            Not Before: May 17 16:01:53 2024 GMT
            Not After : May 18 16:01:53 2024 GMT
        Subject: CN=76956dd06f9420af4eeb700f831fe99bf180a3d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:43:09:fd:5e:f1:f5:b1:c4:26:5f:3a:b0:c8:
                    38:e8:0a:0c:30:60:70:06:5d:92:a1:85:10:89:9d:
                    24:fe:3c:d4:41:ac:e5:99:c1:f4:d3:3a:1b:4b:63:
                    dd:ed:9b:0f:32:db:1b:55:72:79:05:5b:7e:02:2f:
                    c0:41:cf:46:0a:68:e5:e0:cc:f3:6c:4e:a2:bd:20:
                    f3:18:f3:ce:6f:52:da:4f:7c:c1:2c:72:14:8a:a3:
                    47:da:79:38:e3:8f:07:fd:9e:de:62:1c:8b:24:36:
                    ed:09:2d:bb:01:fe:e3:bd:21:f6:30:c1:b6:dd:d8:
                    e9:14:6f:80:a5:da:2e:56:34:11:1e:e3:37:f4:2a:
                    1e:0c:de:e5:30:04:65:a6:47:12:be:15:df:d9:c7:
                    b1:df:a5:d3:f0:7c:ac:03:75:9f:7d:e5:f2:d9:2b:
                    49:72:f2:e0:e6:6c:c9:3e:b6:69:a4:68:67:24:30:
                    dc:23:6c:1e:62:73:03:52:e8:a0:3f:08:d2:87:5c:
                    e4:73:0f:a8:b8:aa:7d:bf:8e:0b:04:7f:ce:21:ae:
                    6f:31:9a:f8:f0:06:71:1a:e7:fd:5c:c7:fe:01:91:
                    ed:59:1e:f7:af:00:78:fc:30:62:7c:03:2e:0f:ca:
                    ff:7e:ed:72:50:44:3e:40:c4:7a:73:8d:8f:3f:d3:
                    ba:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:95:6D:D0:6F:94:20:AF:4E:EB:70:0F:83:1F:E9:9B:F1:80:A3:D7
            X509v3 Authority Key Identifier:
                keyid:BA:09:50:9D:04:6E:5C:B6:AB:E5:BA:19:AB:1B:AB:A5:43:D3:7D:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uglQnQRuXLar5boZqxurpUPTffg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/92dfa6-58f5-4fbf-afe4-d7e42200a49e/1/uglQnQRuXLar5boZqxurpUPTffg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:33:a3:60:71:4f:26:06:ad:5b:f1:75:40:41:36:6d:95:1d:
         e0:ae:d9:63:fd:42:51:93:05:1b:36:26:19:2f:44:b9:fe:39:
         69:23:37:e5:83:3f:18:b1:8e:b5:2b:51:00:8d:31:ef:03:08:
         ec:30:30:8e:c5:21:b5:45:c0:49:6f:1a:6d:1d:f9:6a:de:af:
         2d:84:24:fc:c8:5f:fe:99:31:8d:16:34:57:61:73:6e:c3:c9:
         6a:b7:10:ec:85:3f:ab:47:04:c4:6d:b1:17:c5:ae:16:a3:85:
         a0:84:a2:70:68:22:2b:12:4a:c6:1f:81:ab:77:9f:51:fd:55:
         65:e9:e9:17:3f:ca:7f:f5:58:d4:77:10:b0:88:61:10:54:29:
         fa:5a:0f:c7:78:3b:8d:94:fa:61:ef:e2:55:c6:46:0f:1a:d8:
         9d:00:23:15:cb:f3:28:7c:97:b4:65:a1:9c:25:2c:c9:0e:77:
         61:37:36:9b:27:49:17:85:9d:71:c1:d3:1f:1a:31:6b:3a:9d:
         b8:ba:8e:2e:04:c5:7a:c5:56:2a:0e:a2:1c:2d:27:d0:12:e7:
         d2:2e:a6:e4:b7:34:16:8d:cf:52:97:90:7d:a9:49:be:ba:4a:
         6b:b1:17:45:f9:4e:c5:01:7c:87:40:1d:cd:20:ec:76:99:e2:
         a7:d9:43:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSdKTDKXJ549EvsPhAc2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMDk1MDlkMDQ2ZTVjYjZhYmU1YmExOWFiMWJhYmE1NDNk
MzdkZjgwHhcNMjQwNTE3MTYwMTUzWhcNMjQwNTE4MTYwMTUzWjAzMTEwLwYDVQQD
Eyg3Njk1NmRkMDZmOTQyMGFmNGVlYjcwMGY4MzFmZTk5YmYxODBhM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokMJ/V7x9bHEJl86sMg46AoMMGBw
Bl2SoYUQiZ0k/jzUQazlmcH00zobS2Pd7ZsPMtsbVXJ5BVt+Ai/AQc9GCmjl4Mzz
bE6ivSDzGPPOb1LaT3zBLHIUiqNH2nk4448H/Z7eYhyLJDbtCS27Af7jvSH2MMG2
3djpFG+ApdouVjQRHuM39CoeDN7lMARlpkcSvhXf2cex36XT8HysA3WffeXy2StJ
cvLg5mzJPrZppGhnJDDcI2weYnMDUuigPwjSh1zkcw+ouKp9v44LBH/OIa5vMZr4
8AZxGuf9XMf+AZHtWR73rwB4/DBifAMuD8r/fu1yUEQ+QMR6c42PP9O6iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHaVbdBvlCCvTutwD4Mf6ZvxgKPXMB8GA1UdIwQY
MBaAFLoJUJ0Ebly2q+W6Gasbq6VD0334MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQt
ZDdlNDIyMDBhNDllLzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC85MmRmYTYtNThmNS00ZmJmLWFmZTQtZDdlNDIyMDBhNDll
LzEvdWdsUW5RUnVYTGFyNWJvWnF4dXJwVVBUZmZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARTOjYHFP
JgatW/F1QEE2bZUd4K7ZY/1CUZMFGzYmGS9Euf45aSM35YM/GLGOtStRAI0x7wMI
7DAwjsUhtUXASW8abR35at6vLYQk/Mhf/pkxjRY0V2FzbsPJarcQ7IU/q0cExG2x
F8WuFqOFoISicGgiKxJKxh+Bq3efUf1VZenpFz/Kf/VY1HcQsIhhEFQp+loPx3g7
jZT6Ye/iVcZGDxrYnQAjFcvzKHyXtGWhnCUsyQ53YTc2mydJF4WdccHTHxoxazqd
uLqOLgTFesVWKg6iHC0n0BLn0i6m5Lc0Fo3PUpeQfalJvrpKa7EXRflOxQF8h0Ad
zSDsdpnip9lDYg==
-----END CERTIFICATE-----