Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
File:                     Q5_i1RcHd00tDCv50SrQercmQqI.mft (raw, json)
Hash identifier:          GaCaxcuNbTa7WGGLqPU5cQZYL2jPzcd7uWBhj9LvGWE=
Subject key identifier:   67:5B:57:F6:1E:85:D6:BB:A6:7C:D6:CB:35:A8:33:AA:A8:1D:0F:26
Authority key identifier: 43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2
Certificate issuer:       /CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
Certificate serial:       018F889283CA48EB8F77242638A79E5273EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
Manifest number:          09DD
Signing time:             Fri 17 May 2024 22:00:54 +0000
Manifest this update:     Fri 17 May 2024 22:00:54 +0000
Manifest next update:     Sat 18 May 2024 22:00:54 +0000
Files and hashes:         1: Q5_i1RcHd00tDCv50SrQercmQqI.crl (hash: Pk0+3h1iuA8QZISbTo2MXkrcFssFz/LCXr5UNKCxb+o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:83:ca:48:eb:8f:77:24:26:38:a7:9e:52:73:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=439fe2d51707774d2d0c2bf9d12ad07ab72642a2
        Validity
            Not Before: May 17 22:00:54 2024 GMT
            Not After : May 18 22:00:54 2024 GMT
        Subject: CN=675b57f61e85d6bba67cd6cb35a833aaa81d0f26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3a:53:7d:70:ab:10:30:14:f3:de:97:3e:30:
                    65:80:3f:9a:fa:fd:c6:d6:3c:69:c6:3d:3c:1b:a7:
                    22:22:8c:ba:e5:a7:d8:12:34:b4:59:60:2b:2f:8f:
                    0c:68:27:09:34:3d:c5:9a:83:00:9d:79:2b:60:70:
                    62:11:75:de:92:8c:1f:e8:c0:80:4c:1a:84:da:ba:
                    29:63:c7:b7:9c:df:88:a1:2a:7c:dc:de:68:ba:62:
                    6a:ac:15:05:19:1b:50:11:58:c3:f0:52:d1:67:b5:
                    c5:dc:38:8a:c1:ff:ff:1a:43:9b:f5:ad:81:ae:1b:
                    59:86:97:85:ee:1e:f3:63:31:07:33:3e:c2:81:4f:
                    8e:5b:4a:39:85:56:80:00:55:63:1a:03:4a:3a:a9:
                    53:59:9d:9a:36:a4:cc:b1:6f:46:05:4b:24:24:8f:
                    78:55:7d:8c:ce:dd:d9:e2:2d:50:77:d9:2f:e9:7b:
                    83:f9:45:3f:f8:fa:84:ae:45:ff:b9:23:08:db:54:
                    63:8b:f1:93:eb:27:6b:07:89:15:3e:c1:27:36:1b:
                    85:67:0c:cb:e4:36:00:f8:c4:47:6f:5a:3e:a3:be:
                    29:d6:1c:5f:88:16:9e:a7:95:4a:e7:dd:0a:f2:49:
                    0a:0b:eb:57:3b:43:d2:5a:07:ad:24:ef:aa:38:3f:
                    49:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:5B:57:F6:1E:85:D6:BB:A6:7C:D6:CB:35:A8:33:AA:A8:1D:0F:26
            X509v3 Authority Key Identifier:
                keyid:43:9F:E2:D5:17:07:77:4D:2D:0C:2B:F9:D1:2A:D0:7A:B7:26:42:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5_i1RcHd00tDCv50SrQercmQqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/2408e1-e42f-4915-a715-a1d6d91cde68/1/Q5_i1RcHd00tDCv50SrQercmQqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c4:0a:b7:76:46:0d:bd:18:28:5f:00:eb:37:c6:6c:9b:21:a9:
         02:fc:f5:3d:87:92:64:03:f8:18:ef:17:03:1f:9a:07:ab:52:
         20:2f:49:67:23:ea:8a:d7:aa:94:bb:65:65:1b:63:da:04:9c:
         17:39:1c:32:42:1b:31:3f:38:d8:4e:66:dc:8e:67:89:5e:ab:
         22:04:ad:4a:09:52:33:dd:6e:76:0c:e5:5e:53:82:d3:77:bd:
         51:76:88:94:29:c6:69:e8:74:52:c6:29:fc:7c:bb:c2:ea:b8:
         87:ec:c0:55:52:0c:8d:5f:be:ff:38:b0:53:aa:ab:25:51:f3:
         f7:3a:d1:c3:27:00:df:8b:ea:d5:1d:83:c7:d8:33:6a:6d:2f:
         93:ec:3b:5f:fd:c1:81:19:e5:31:ed:cf:5e:d0:47:b2:09:c6:
         24:71:e4:9d:ec:f1:8b:13:ee:fc:36:1a:63:8f:ff:c8:76:60:
         a8:24:52:dd:ea:fe:62:1e:92:f8:6d:e7:80:bc:6b:ac:77:ca:
         6a:be:37:d0:f6:a7:18:14:4e:c2:c3:5f:6e:e1:d7:3e:7c:4d:
         37:df:45:3f:85:8d:40:2f:0d:82:dc:95:d6:71:bf:62:9a:8e:
         db:cb:64:7c:fc:d4:4a:09:7f:ea:70:af:dd:e8:38:67:1f:44:
         89:e2:5d:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IkoPKSOuPdyQmOKeeUnPvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOWZlMmQ1MTcwNzc3NGQyZDBjMmJmOWQxMmFkMDdhYjcy
NjQyYTIwHhcNMjQwNTE3MjIwMDU0WhcNMjQwNTE4MjIwMDU0WjAzMTEwLwYDVQQD
Eyg2NzViNTdmNjFlODVkNmJiYTY3Y2Q2Y2IzNWE4MzNhYWE4MWQwZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DpTfXCrEDAU896XPjBlgD+a+v3G
1jxpxj08G6ciIoy65afYEjS0WWArL48MaCcJND3FmoMAnXkrYHBiEXXekowf6MCA
TBqE2ropY8e3nN+IoSp83N5oumJqrBUFGRtQEVjD8FLRZ7XF3DiKwf//GkOb9a2B
rhtZhpeF7h7zYzEHMz7CgU+OW0o5hVaAAFVjGgNKOqlTWZ2aNqTMsW9GBUskJI94
VX2Mzt3Z4i1Qd9kv6XuD+UU/+PqErkX/uSMI21Rji/GT6ydrB4kVPsEnNhuFZwzL
5DYA+MRHb1o+o74p1hxfiBaep5VK590K8kkKC+tXO0PSWgetJO+qOD9JOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdbV/Yehda7pnzWyzWoM6qoHQ8mMB8GA1UdIwQY
MBaAFEOf4tUXB3dNLQwr+dEq0Hq3JkKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUt
YTFkNmQ5MWNkZTY4LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yNDA4ZTEtZTQyZi00OTE1LWE3MTUtYTFkNmQ5MWNkZTY4
LzEvUTVfaTFSY0hkMDB0REN2NTBTclFlcmNtUXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxAq3dkYN
vRgoXwDrN8ZsmyGpAvz1PYeSZAP4GO8XAx+aB6tSIC9JZyPqiteqlLtlZRtj2gSc
FzkcMkIbMT842E5m3I5niV6rIgStSglSM91udgzlXlOC03e9UXaIlCnGaeh0UsYp
/Hy7wuq4h+zAVVIMjV++/ziwU6qrJVHz9zrRwycA34vq1R2Dx9gzam0vk+w7X/3B
gRnlMe3PXtBHsgnGJHHknezxixPu/DYaY4//yHZgqCRS3er+Yh6S+G3ngLxrrHfK
ar430PanGBROwsNfbuHXPnxNN99FP4WNQC8NgtyV1nG/YpqO28tkfPzUSgl/6nCv
3eg4Zx9EieJd8g==
-----END CERTIFICATE-----