Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
File:                     r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json)
Hash identifier:          hfGCfdOJE9Ly5N+Ic6dOtMAEAiwvD66oFRYYUZ/VWMg=
Subject key identifier:   ED:5D:0E:47:CC:2B:40:AE:B6:6F:33:D7:D1:8F:A9:DE:7E:64:01:33
Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30
Certificate issuer:       /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
Certificate serial:       018F8749E9C959EFF2AC23447DD9974E6400
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
Manifest number:          0A0D
Signing time:             Fri 17 May 2024 16:01:59 +0000
Manifest this update:     Fri 17 May 2024 16:01:59 +0000
Manifest next update:     Sat 18 May 2024 16:01:59 +0000
Files and hashes:         1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: v2Ea2OP5VilWAeJQj8HHtRoSjG8pSNM1AE7kprajj3Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:e9:c9:59:ef:f2:ac:23:44:7d:d9:97:4e:64:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330
        Validity
            Not Before: May 17 16:01:59 2024 GMT
            Not After : May 18 16:01:59 2024 GMT
        Subject: CN=ed5d0e47cc2b40aeb66f33d7d18fa9de7e640133
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3e:8b:15:b3:da:80:0a:5b:ff:7d:f1:69:e3:
                    57:51:95:5c:8c:85:48:e6:7b:ee:57:9c:e8:d2:dc:
                    d3:eb:81:be:72:df:34:53:ce:40:a6:7f:df:66:6e:
                    cc:08:cd:33:d8:96:2d:07:8b:30:18:b6:b5:d2:e6:
                    05:7f:d3:8b:bd:02:dc:c3:51:d1:f4:36:a5:0e:78:
                    dd:46:da:3c:0e:59:85:d7:b2:42:a8:0f:06:20:5d:
                    5d:16:90:7f:60:95:6f:fc:23:80:96:71:ff:5f:ac:
                    ef:03:19:07:c1:e8:25:77:0a:ac:4c:05:fd:55:9f:
                    b0:97:72:8b:9d:6a:5f:b4:98:b0:0a:0c:7a:2e:9d:
                    69:dc:f3:b0:42:aa:b6:66:29:a7:cd:e6:20:8f:3c:
                    49:cf:fd:cc:e3:9f:77:2f:49:7a:9a:0f:51:93:96:
                    44:ad:b5:b0:73:56:c0:bd:6b:ff:80:a7:95:96:a9:
                    33:ec:64:a3:35:23:cf:27:73:b0:6e:ef:70:31:7c:
                    df:d3:e6:77:53:a5:b8:f5:d1:3a:fc:36:60:8a:c9:
                    61:7c:9e:38:91:7c:b2:2a:23:ef:76:04:8b:2d:76:
                    4c:1c:ea:24:b7:b8:54:2f:cc:35:1d:b2:8f:f6:d8:
                    c1:c6:0d:d3:2b:a2:08:78:38:89:95:a1:d3:e4:73:
                    33:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:5D:0E:47:CC:2B:40:AE:B6:6F:33:D7:D1:8F:A9:DE:7E:64:01:33
            X509v3 Authority Key Identifier:
                keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:79:66:0b:d8:67:71:34:00:36:ba:60:a6:c2:8e:ad:26:2b:
         97:37:64:92:2d:8d:cd:75:21:9e:ed:34:6a:32:89:db:ce:d8:
         e7:3b:a0:56:8e:e7:e7:73:5b:20:ac:8a:35:5b:2d:c8:ec:80:
         3f:3e:75:82:cb:cb:34:af:e7:29:26:02:b2:c9:4f:48:cd:a3:
         6d:bf:18:71:c7:ae:bb:6a:a3:43:44:c5:fa:64:a7:7b:1f:8c:
         80:98:ec:79:97:a7:af:ac:ae:00:e4:d5:d1:e6:7a:cc:84:09:
         94:43:38:61:c3:60:ff:2a:14:58:e6:61:8c:bd:5d:01:8e:db:
         ce:e8:66:ad:41:c1:07:37:7d:b5:af:ef:b5:b0:8e:15:d1:9f:
         54:56:10:15:8e:f8:4e:22:7f:81:48:d2:95:24:7a:51:1e:f7:
         b3:93:70:95:b1:e6:ef:fb:81:6c:0d:7c:ad:5e:6c:8c:0c:42:
         5a:4f:f0:15:fd:3c:b3:c0:ad:fb:19:93:76:fb:b7:74:4a:22:
         f0:85:26:a1:99:c1:bc:eb:eb:25:f1:c3:14:8b:4a:8e:a8:b6:
         73:58:46:49:46:ed:2b:d1:02:5b:67:32:19:e4:6c:6f:fb:26:
         81:19:0a:8e:18:cf:2b:3b:7b:d0:3a:b5:6d:4b:44:55:7e:07:
         76:0e:c0:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSenJWe/yrCNEfdmXTmQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx
OTgzMzAwHhcNMjQwNTE3MTYwMTU5WhcNMjQwNTE4MTYwMTU5WjAzMTEwLwYDVQQD
EyhlZDVkMGU0N2NjMmI0MGFlYjY2ZjMzZDdkMThmYTlkZTdlNjQwMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj6LFbPagApb/33xaeNXUZVcjIVI
5nvuV5zo0tzT64G+ct80U85Apn/fZm7MCM0z2JYtB4swGLa10uYFf9OLvQLcw1HR
9DalDnjdRto8DlmF17JCqA8GIF1dFpB/YJVv/COAlnH/X6zvAxkHwegldwqsTAX9
VZ+wl3KLnWpftJiwCgx6Lp1p3POwQqq2ZimnzeYgjzxJz/3M4593L0l6mg9Rk5ZE
rbWwc1bAvWv/gKeVlqkz7GSjNSPPJ3Owbu9wMXzf0+Z3U6W49dE6/DZgislhfJ44
kXyyKiPvdgSLLXZMHOokt7hUL8w1HbKP9tjBxg3TK6IIeDiJlaHT5HMzSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO1dDkfMK0Cutm8z19GPqd5+ZAEzMB8GA1UdIwQY
MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt
ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi
LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj3lmC9hn
cTQANrpgpsKOrSYrlzdkki2NzXUhnu00ajKJ287Y5zugVo7n53NbIKyKNVstyOyA
Pz51gsvLNK/nKSYCsslPSM2jbb8Ycceuu2qjQ0TF+mSnex+MgJjseZenr6yuAOTV
0eZ6zIQJlEM4YcNg/yoUWOZhjL1dAY7bzuhmrUHBBzd9ta/vtbCOFdGfVFYQFY74
TiJ/gUjSlSR6UR73s5NwlbHm7/uBbA18rV5sjAxCWk/wFf08s8Ct+xmTdvu3dEoi
8IUmoZnBvOvrJfHDFItKjqi2c1hGSUbtK9ECW2cyGeRsb/smgRkKjhjPKzt70Dq1
bUtEVX4Hdg7AiA==
-----END CERTIFICATE-----