Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File:                     23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier:          zUurwXF0Tez3PFh6AVZFY9wpt6GDbcYVDdfwP10MRzE=
Subject key identifier:   A4:1D:E4:D6:F2:CE:5A:50:5E:4A:A1:A4:E8:9B:55:72:8E:6F:A9:F7
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer:       /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial:       018F889253CF44B683BC039B29396A983319
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number:          01BA
Signing time:             Fri 17 May 2024 22:00:42 +0000
Manifest this update:     Fri 17 May 2024 22:00:42 +0000
Manifest next update:     Sat 18 May 2024 22:00:42 +0000
Files and hashes:         1: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: cDz+U/L6emtvPNA63uZIqHj+TnVz4XsvH+oC8cP9chc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:53:cf:44:b6:83:bc:03:9b:29:39:6a:98:33:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
        Validity
            Not Before: May 17 22:00:42 2024 GMT
            Not After : May 18 22:00:42 2024 GMT
        Subject: CN=a41de4d6f2ce5a505e4aa1a4e89b55728e6fa9f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:48:78:e6:fc:f9:54:bc:62:5b:10:95:04:2e:
                    ce:1d:fd:20:35:c4:ca:d3:de:29:8b:74:34:62:8f:
                    db:75:45:1a:8e:7a:f6:e6:2a:04:33:7f:2f:73:7b:
                    7d:21:95:e7:84:e6:d1:b1:c8:22:89:0a:14:4f:13:
                    46:58:c0:4b:8e:de:b8:3c:b4:b5:39:1b:11:54:a0:
                    6e:58:99:0a:7c:0f:4c:89:40:5e:a7:aa:d4:9b:e8:
                    34:1e:dd:ea:93:03:5f:16:5e:52:9d:f4:da:32:5e:
                    ff:bb:35:36:90:40:de:b2:40:4f:5d:86:9a:53:4d:
                    3e:cc:96:26:c6:9c:fa:b8:f5:7a:47:2f:fd:f0:7e:
                    66:db:72:34:0f:76:4d:60:a4:d7:33:2a:70:97:86:
                    12:e8:82:50:ac:d0:10:ca:db:89:c5:9c:82:db:02:
                    66:62:3a:b1:67:85:63:e7:0e:6d:1a:4f:53:9d:89:
                    c8:cc:6c:b0:ab:49:fb:a3:79:8f:f9:ff:c2:be:b2:
                    e9:0e:bc:f6:15:a9:ec:59:fb:39:93:9e:57:bb:16:
                    67:fe:7c:dc:5f:4a:34:20:b8:44:ca:a2:bc:c1:b2:
                    77:3a:bc:25:4e:17:7f:43:53:64:11:14:75:19:86:
                    c2:85:11:32:e6:c9:1d:89:43:08:e2:7c:a6:6e:10:
                    57:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:1D:E4:D6:F2:CE:5A:50:5E:4A:A1:A4:E8:9B:55:72:8E:6F:A9:F7
            X509v3 Authority Key Identifier:
                keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:b7:d5:71:08:71:42:ae:5e:1a:f1:98:22:ce:4e:91:16:58:
         2c:3f:e7:c7:0f:e5:ed:64:b4:4d:bd:ca:cf:47:eb:5f:1c:1e:
         af:3c:a7:7e:a4:93:99:c3:85:92:28:fb:c9:e7:76:6a:ef:33:
         1e:a1:e3:90:ff:86:75:a1:4d:aa:fa:93:58:42:70:d9:c3:83:
         94:7b:70:19:7d:c8:8d:6d:4c:87:fb:fa:98:3f:9d:b5:70:6e:
         74:84:d5:0a:2c:ce:0d:b4:1b:62:05:85:6b:c1:fc:fb:8f:39:
         54:13:9e:e5:8d:d6:46:f2:29:e4:8f:d4:1c:22:72:95:27:f5:
         7f:b6:8d:1e:ad:5b:76:d0:87:6f:9e:a6:43:14:2a:3c:1f:ab:
         bf:e9:0d:0e:d6:34:72:1c:30:bf:64:fd:3f:c0:94:69:37:43:
         ce:7d:03:3f:f6:87:d2:3b:8e:a5:18:7a:db:06:e9:63:37:6d:
         ff:ea:9f:f6:5a:e1:9c:47:78:33:24:09:eb:a7:94:ae:a7:cc:
         59:d1:24:ba:58:e1:91:09:78:34:2e:27:7d:42:7e:f5:40:53:
         ad:8d:35:f4:2b:e8:f2:9c:22:58:35:a3:b4:a4:a9:84:03:3f:
         ab:f1:11:47:f0:47:4a:79:0a:14:16:c7:26:b0:77:f3:6e:fb:
         05:7f:7e:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IklPPRLaDvAObKTlqmDMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjQwNTE3MjIwMDQyWhcNMjQwNTE4MjIwMDQyWjAzMTEwLwYDVQQD
EyhhNDFkZTRkNmYyY2U1YTUwNWU0YWExYTRlODliNTU3MjhlNmZhOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEh45vz5VLxiWxCVBC7OHf0gNcTK
094pi3Q0Yo/bdUUajnr25ioEM38vc3t9IZXnhObRscgiiQoUTxNGWMBLjt64PLS1
ORsRVKBuWJkKfA9MiUBep6rUm+g0Ht3qkwNfFl5SnfTaMl7/uzU2kEDeskBPXYaa
U00+zJYmxpz6uPV6Ry/98H5m23I0D3ZNYKTXMypwl4YS6IJQrNAQytuJxZyC2wJm
YjqxZ4Vj5w5tGk9TnYnIzGywq0n7o3mP+f/CvrLpDrz2FansWfs5k55XuxZn/nzc
X0o0ILhEyqK8wbJ3OrwlThd/Q1NkERR1GYbChREy5skdiUMI4nymbhBXoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKQd5NbyzlpQXkqhpOibVXKOb6n3MB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELfVcQhx
Qq5eGvGYIs5OkRZYLD/nxw/l7WS0Tb3Kz0frXxwerzynfqSTmcOFkij7yed2au8z
HqHjkP+GdaFNqvqTWEJw2cODlHtwGX3IjW1Mh/v6mD+dtXBudITVCizODbQbYgWF
a8H8+485VBOe5Y3WRvIp5I/UHCJylSf1f7aNHq1bdtCHb56mQxQqPB+rv+kNDtY0
chwwv2T9P8CUaTdDzn0DP/aH0juOpRh62wbpYzdt/+qf9lrhnEd4MyQJ66eUrqfM
WdEkuljhkQl4NC4nfUJ+9UBTrY019Cvo8pwiWDWjtKSphAM/q/ERR/BHSnkKFBbH
JrB38277BX9+dw==
-----END CERTIFICATE-----