Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
File:                     XYxMrtvxY99oiGrDtz8OTLQX4V4.mft (raw, json)
Hash identifier:          WeC1tKQiO9qp4EzSVBzfM02XqhKWM8+/OaSgYjgbBoQ=
Subject key identifier:   B4:55:25:16:03:EB:3B:4F:6B:2A:2A:A3:35:1D:1B:F0:1E:6B:BC:FF
Authority key identifier: 5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E
Certificate issuer:       /CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
Certificate serial:       018F96BD02509B1685A82484BA390FF2D91A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
Manifest number:          07BD
Signing time:             Mon 20 May 2024 16:02:00 +0000
Manifest this update:     Mon 20 May 2024 16:02:00 +0000
Manifest next update:     Tue 21 May 2024 16:02:00 +0000
Files and hashes:         1: XYxMrtvxY99oiGrDtz8OTLQX4V4.crl (hash: 5VgLNsN8PU3BuuJ4Ql88BUa6HwsBjm9+y7pnYWO6u+c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:96:bd:02:50:9b:16:85:a8:24:84:ba:39:0f:f2:d9:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d8c4caedbf163df68886ac3b73f0e4cb417e15e
        Validity
            Not Before: May 20 16:02:00 2024 GMT
            Not After : May 21 16:02:00 2024 GMT
        Subject: CN=b455251603eb3b4f6b2a2aa3351d1bf01e6bbcff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7d:74:a6:86:4d:4d:10:f9:de:86:5f:a1:db:
                    59:fa:79:50:48:4b:fb:58:7c:a1:40:8d:c7:2e:71:
                    0d:af:94:91:1d:a4:58:6d:60:8f:e7:06:bf:50:a9:
                    48:78:d7:cb:cf:37:ea:87:db:8f:10:1d:83:7a:fa:
                    42:3b:4d:90:c7:7c:b6:31:cc:be:b7:b9:6e:aa:f7:
                    8c:a3:db:9b:58:79:3b:83:6a:ed:37:16:fa:86:7a:
                    c9:5c:7f:ba:ff:25:e7:21:b0:17:39:6e:67:1a:1c:
                    3f:ff:60:fc:38:cf:c1:f6:aa:c6:e1:96:98:b5:26:
                    96:a9:4f:6e:d7:ae:99:cf:fb:e7:87:a9:e3:f2:73:
                    e0:11:ff:e0:66:af:a2:e0:a2:bb:06:c6:1d:fe:73:
                    fe:c0:b8:b2:d9:d8:75:70:92:7c:32:46:54:12:87:
                    a9:02:91:25:04:61:50:b4:d2:2a:2e:4c:09:7d:9b:
                    59:57:32:42:66:f7:2a:5f:47:8b:da:c3:09:7a:8b:
                    40:41:1f:fc:c6:d8:0b:c0:b5:90:17:00:1b:98:ab:
                    13:9b:2c:65:25:7f:8b:32:9c:4b:a8:b3:a8:2f:33:
                    de:8b:e7:7a:52:27:60:8e:e7:0e:4e:c7:39:8c:1e:
                    1c:18:99:16:66:03:80:25:f7:49:66:7a:a3:0a:a2:
                    24:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:55:25:16:03:EB:3B:4F:6B:2A:2A:A3:35:1D:1B:F0:1E:6B:BC:FF
            X509v3 Authority Key Identifier:
                keyid:5D:8C:4C:AE:DB:F1:63:DF:68:88:6A:C3:B7:3F:0E:4C:B4:17:E1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYxMrtvxY99oiGrDtz8OTLQX4V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/8d5433-6c2d-44f5-b6e0-fd6c470295d4/1/XYxMrtvxY99oiGrDtz8OTLQX4V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:21:ca:52:ed:42:f7:c0:ee:b8:39:7d:35:9f:f4:4b:cb:22:
         97:66:a6:e6:4f:79:e7:5c:a4:36:75:c0:e3:3a:e3:58:5b:8b:
         7d:76:c9:a1:9b:08:6b:db:ad:35:e3:42:eb:c6:9c:b6:39:84:
         34:c6:3b:d7:41:6c:ed:1e:f6:61:4b:9c:b8:ee:95:97:15:b1:
         a0:c5:8b:b1:f6:ba:d4:73:8f:f1:c5:92:21:4c:99:07:bd:37:
         8d:84:5b:89:7c:90:a0:67:57:43:44:59:71:19:e5:fb:25:4f:
         63:04:37:e3:93:52:80:f1:37:92:1a:fb:36:3d:29:6f:eb:54:
         ec:25:88:7f:9b:2d:66:01:45:e4:c7:45:c4:34:86:e0:7f:2f:
         8e:2c:41:a5:0c:03:02:35:0d:f8:ca:5b:be:42:90:46:58:47:
         de:7b:27:eb:6e:23:b8:6c:bf:34:eb:87:ed:9c:59:aa:33:20:
         72:24:7c:bc:e4:e0:51:80:02:58:c4:cc:6b:01:9f:85:dc:d3:
         65:11:d3:a2:3b:37:ef:c9:ed:6a:1b:a4:4c:26:6a:28:bd:59:
         ac:ef:8f:d8:e8:52:6a:24:b9:88:2f:70:67:ca:c5:d6:69:dd:
         78:95:f4:7a:38:28:e3:da:ae:fc:1f:a4:ea:77:d2:4a:3f:75:
         a8:31:36:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+WvQJQmxaFqCSEujkP8tkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGM0Y2FlZGJmMTYzZGY2ODg4NmFjM2I3M2YwZTRjYjQx
N2UxNWUwHhcNMjQwNTIwMTYwMjAwWhcNMjQwNTIxMTYwMjAwWjAzMTEwLwYDVQQD
EyhiNDU1MjUxNjAzZWIzYjRmNmIyYTJhYTMzNTFkMWJmMDFlNmJiY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxn10poZNTRD53oZfodtZ+nlQSEv7
WHyhQI3HLnENr5SRHaRYbWCP5wa/UKlIeNfLzzfqh9uPEB2DevpCO02Qx3y2Mcy+
t7luqveMo9ubWHk7g2rtNxb6hnrJXH+6/yXnIbAXOW5nGhw//2D8OM/B9qrG4ZaY
tSaWqU9u166Zz/vnh6nj8nPgEf/gZq+i4KK7BsYd/nP+wLiy2dh1cJJ8MkZUEoep
ApElBGFQtNIqLkwJfZtZVzJCZvcqX0eL2sMJeotAQR/8xtgLwLWQFwAbmKsTmyxl
JX+LMpxLqLOoLzPei+d6UidgjucOTsc5jB4cGJkWZgOAJfdJZnqjCqIk1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRVJRYD6ztPayoqozUdG/Aea7z/MB8GA1UdIwQY
MBaAFF2MTK7b8WPfaIhqw7c/Dky0F+FeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAt
ZmQ2YzQ3MDI5NWQ0LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi84ZDU0MzMtNmMyZC00NGY1LWI2ZTAtZmQ2YzQ3MDI5NWQ0
LzEvWFl4TXJ0dnhZOTlvaUdyRHR6OE9UTFFYNFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQiHKUu1C
98DuuDl9NZ/0S8sil2am5k9551ykNnXA4zrjWFuLfXbJoZsIa9utNeNC68actjmE
NMY710Fs7R72YUucuO6VlxWxoMWLsfa61HOP8cWSIUyZB703jYRbiXyQoGdXQ0RZ
cRnl+yVPYwQ345NSgPE3khr7Nj0pb+tU7CWIf5stZgFF5MdFxDSG4H8vjixBpQwD
AjUN+MpbvkKQRlhH3nsn624juGy/NOuH7ZxZqjMgciR8vOTgUYACWMTMawGfhdzT
ZRHTojs378ntahukTCZqKL1ZrO+P2OhSaiS5iC9wZ8rF1mndeJX0ejgo49qu/B+k
6nfSSj91qDE2Cw==
-----END CERTIFICATE-----