Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.mft
File:                     VtFg2vlmDA45ix44Sf4NQIImY_M.mft (raw, json)
Hash identifier:          LPCUvt6peWNnXoABAhToOTwAV2bmpJL0b4PucgCyifg=
Subject key identifier:   DB:E8:67:DA:6B:63:C0:CA:52:A1:95:8B:69:E7:7C:B1:4D:E2:78:44
Authority key identifier: 56:D1:60:DA:F9:66:0C:0E:39:8B:1E:38:49:FE:0D:40:82:26:63:F3
Certificate issuer:       /CN=56d160daf9660c0e398b1e3849fe0d40822663f3
Certificate serial:       0191FA109CB4C8EC3FBE655BFC2B6EFAEE12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VtFg2vlmDA45ix44Sf4NQIImY_M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.mft
Manifest number:          CD
Signing time:             Mon 16 Sep 2024 09:01:18 +0000
Manifest this update:     Mon 16 Sep 2024 09:01:18 +0000
Manifest next update:     Tue 17 Sep 2024 09:01:18 +0000
Files and hashes:         1: VtFg2vlmDA45ix44Sf4NQIImY_M.crl (hash: jEOkTGjjDjIEJfa+LnHczQwU09+UvFxBV6AL6QI7+Wk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VtFg2vlmDA45ix44Sf4NQIImY_M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 09:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:10:9c:b4:c8:ec:3f:be:65:5b:fc:2b:6e:fa:ee:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=56d160daf9660c0e398b1e3849fe0d40822663f3
        Validity
            Not Before: Sep 16 09:01:18 2024 GMT
            Not After : Sep 17 09:01:18 2024 GMT
        Subject: CN=dbe867da6b63c0ca52a1958b69e77cb14de27844
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b0:da:8d:33:6c:4d:8a:a5:3a:35:e5:04:69:
                    0e:6d:90:f5:cc:ea:66:23:74:f7:e5:df:1b:74:3b:
                    00:21:ca:1d:01:b5:86:1f:ec:b5:c2:21:9d:21:59:
                    b3:3a:bc:b5:29:57:cd:16:ab:4f:4d:44:67:96:8b:
                    93:58:89:cf:3c:43:af:6f:1e:e6:a3:05:4b:39:8e:
                    f1:ac:47:64:b2:25:28:16:97:19:d4:93:8a:db:dd:
                    2c:f9:dd:8e:1d:28:b4:d9:68:a5:f8:56:76:91:e4:
                    c2:a3:42:e7:df:ae:97:35:9a:0e:bb:e8:be:e2:d1:
                    fb:b9:a9:21:3c:0b:2f:8c:36:d8:5c:dc:ae:9a:b0:
                    f0:23:1f:c9:55:35:09:cb:f3:ba:f9:e3:d6:e2:5c:
                    b7:91:6c:06:ed:18:fd:ef:ce:b5:79:0f:3a:9c:f2:
                    2b:46:4d:e1:aa:6f:05:8d:85:81:33:31:2d:b0:7b:
                    65:24:14:f3:91:f6:2d:45:11:f2:a4:0a:0e:4e:42:
                    cb:b7:e4:c3:bc:b4:78:23:90:1a:45:fa:52:9a:2c:
                    14:87:87:b3:7e:1e:e7:e9:d5:02:65:49:50:dd:81:
                    d7:df:98:fa:e6:7b:9e:3a:53:e3:72:27:0b:ea:4f:
                    e6:ce:ee:95:1b:42:13:3a:e6:29:ed:67:0a:31:03:
                    ed:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:E8:67:DA:6B:63:C0:CA:52:A1:95:8B:69:E7:7C:B1:4D:E2:78:44
            X509v3 Authority Key Identifier:
                keyid:56:D1:60:DA:F9:66:0C:0E:39:8B:1E:38:49:FE:0D:40:82:26:63:F3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtFg2vlmDA45ix44Sf4NQIImY_M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/40e24d-1208-42d3-b399-9de8d5cb0c7d/1/VtFg2vlmDA45ix44Sf4NQIImY_M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         88:72:e3:6c:e7:55:b4:d8:eb:d5:4a:86:a9:08:04:34:7a:67:
         0e:4f:b0:97:3c:78:7b:1a:3a:08:e4:bc:e6:55:5b:76:ec:e8:
         1e:f4:85:22:7f:03:22:1f:24:36:17:7e:47:c7:75:eb:81:9c:
         bc:86:03:3c:03:82:3a:ee:71:98:63:95:09:d4:a0:2b:63:8c:
         3a:d6:af:28:ea:48:5e:dc:23:b5:ac:ad:7a:1b:7e:43:be:68:
         5c:ac:ff:20:89:d6:45:70:b7:bb:fb:27:2e:90:92:6c:d8:31:
         82:94:a1:f8:07:c4:39:de:f8:e3:99:eb:2e:bd:08:37:df:d3:
         ba:d1:8d:49:71:3b:8d:d0:83:f6:92:97:24:c4:a1:af:3f:16:
         8f:b0:44:26:8f:2f:34:6f:b8:1a:8c:48:32:1b:a2:d5:60:13:
         39:13:c6:22:93:4c:5d:7e:06:9e:ef:d8:3a:bf:36:54:67:8e:
         b8:0f:a7:23:d4:07:20:b9:fe:86:ea:49:d8:93:7e:ac:b1:40:
         42:c7:10:3b:e3:66:17:e8:f9:50:6c:44:03:65:d5:26:8b:70:
         45:fc:26:d6:a5:dc:16:d1:0c:57:e7:45:a0:01:fa:4d:d7:0c:
         dc:c5:16:ef:bf:b1:a6:74:22:7d:77:08:f6:3f:9c:c3:a2:e3:
         6b:1c:05:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6EJy0yOw/vmVb/Ctu+u4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZDE2MGRhZjk2NjBjMGUzOThiMWUzODQ5ZmUwZDQwODIy
NjYzZjMwHhcNMjQwOTE2MDkwMTE4WhcNMjQwOTE3MDkwMTE4WjAzMTEwLwYDVQQD
EyhkYmU4NjdkYTZiNjNjMGNhNTJhMTk1OGI2OWU3N2NiMTRkZTI3ODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLDajTNsTYqlOjXlBGkObZD1zOpm
I3T35d8bdDsAIcodAbWGH+y1wiGdIVmzOry1KVfNFqtPTURnlouTWInPPEOvbx7m
owVLOY7xrEdksiUoFpcZ1JOK290s+d2OHSi02Wil+FZ2keTCo0Ln366XNZoOu+i+
4tH7uakhPAsvjDbYXNyumrDwIx/JVTUJy/O6+ePW4ly3kWwG7Rj97861eQ86nPIr
Rk3hqm8FjYWBMzEtsHtlJBTzkfYtRRHypAoOTkLLt+TDvLR4I5AaRfpSmiwUh4ez
fh7n6dUCZUlQ3YHX35j65nueOlPjcicL6k/mzu6VG0ITOuYp7WcKMQPtMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNvoZ9prY8DKUqGVi2nnfLFN4nhEMB8GA1UdIwQY
MBaAFFbRYNr5ZgwOOYseOEn+DUCCJmPzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnRGZzJ2bG1EQTQ1aXg0NFNmNE5RSUltWV9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS80MGUyNGQtMTIwOC00MmQzLWIzOTkt
OWRlOGQ1Y2IwYzdkLzEvVnRGZzJ2bG1EQTQ1aXg0NFNmNE5RSUltWV9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS80MGUyNGQtMTIwOC00MmQzLWIzOTktOWRlOGQ1Y2IwYzdk
LzEvVnRGZzJ2bG1EQTQ1aXg0NFNmNE5RSUltWV9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiHLjbOdV
tNjr1UqGqQgENHpnDk+wlzx4exo6COS85lVbduzoHvSFIn8DIh8kNhd+R8d164Gc
vIYDPAOCOu5xmGOVCdSgK2OMOtavKOpIXtwjtayteht+Q75oXKz/IInWRXC3u/sn
LpCSbNgxgpSh+AfEOd7445nrLr0IN9/TutGNSXE7jdCD9pKXJMShrz8Wj7BEJo8v
NG+4GoxIMhui1WATORPGIpNMXX4Gnu/YOr82VGeOuA+nI9QHILn+hupJ2JN+rLFA
QscQO+NmF+j5UGxEA2XVJotwRfwm1qXcFtEMV+dFoAH6TdcM3MUW77+xpnQifXcI
9j+cw6LjaxwFqg==
-----END CERTIFICATE-----