Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
File:                     0IpNevM5v1JVcjk3VdHPszzdta0.mft (raw, json)
Hash identifier:          T6T0NKPZMI2odWeH/VuFefXw4EzJBSvdlLikB5vdkRI=
Subject key identifier:   76:26:2C:94:8A:63:B7:52:48:CB:D1:8B:09:F7:77:BD:E5:7B:80:80
Authority key identifier: D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD
Certificate issuer:       /CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
Certificate serial:       018F430D499540404B0090D4B4CA4CF0CFA0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
Manifest number:          1151
Signing time:             Sat 04 May 2024 10:01:35 +0000
Manifest this update:     Sat 04 May 2024 10:01:35 +0000
Manifest next update:     Sun 05 May 2024 10:01:35 +0000
Files and hashes:         1: 0IpNevM5v1JVcjk3VdHPszzdta0.crl (hash: Q11rWTpf0fTCUwxdUuRqe9qvl8pYeExfJndEgQVv+64=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:43:0d:49:95:40:40:4b:00:90:d4:b4:ca:4c:f0:cf:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d08a4d7af339bf525572393755d1cfb33cddb5ad
        Validity
            Not Before: May  4 10:01:35 2024 GMT
            Not After : May  5 10:01:35 2024 GMT
        Subject: CN=76262c948a63b75248cbd18b09f777bde57b8080
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b5:10:4b:30:fa:82:ae:36:25:d8:48:8e:c9:
                    13:6f:5d:ce:92:3e:fc:db:2a:18:dd:fb:f4:21:9f:
                    65:97:16:c0:00:dd:4b:a9:f5:5d:13:78:ef:6f:5d:
                    fe:a0:9b:f3:5d:c7:8d:db:88:3f:ca:a1:3f:9a:65:
                    b1:a4:54:0d:42:3f:27:f3:7c:18:6f:c0:d5:b6:8a:
                    bd:40:d5:4f:e0:a4:bf:c9:44:3a:67:6c:1f:1d:82:
                    4c:64:a9:ad:b8:cc:25:5d:3a:cd:0e:18:ee:e5:3c:
                    43:00:f9:9f:07:25:e2:d3:ba:f3:2b:5a:07:c6:24:
                    17:a5:1d:be:a0:4b:bb:0b:a9:0e:92:60:41:52:04:
                    21:dd:00:9e:12:8d:c8:7b:30:fb:92:25:8b:ff:9b:
                    25:be:d6:69:74:4f:59:46:6c:f2:f8:cf:c2:ba:14:
                    40:9d:78:39:e9:50:18:96:66:7c:b2:11:95:52:d8:
                    e8:d3:92:64:a7:30:1e:3f:3a:eb:18:4e:20:c4:38:
                    57:68:2d:75:95:4a:86:3f:a9:13:f3:6c:41:d9:32:
                    9a:a0:21:d9:1c:27:e4:d6:00:2c:00:5b:aa:d7:e5:
                    93:5e:e9:3f:62:a7:9c:91:57:1f:85:66:88:89:80:
                    52:19:bc:2d:b1:55:e0:b1:0f:c8:81:d6:71:ce:3e:
                    a0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:26:2C:94:8A:63:B7:52:48:CB:D1:8B:09:F7:77:BD:E5:7B:80:80
            X509v3 Authority Key Identifier:
                keyid:D0:8A:4D:7A:F3:39:BF:52:55:72:39:37:55:D1:CF:B3:3C:DD:B5:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IpNevM5v1JVcjk3VdHPszzdta0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/15fb8a-9261-462d-a5ac-d5a1ea9edb08/1/0IpNevM5v1JVcjk3VdHPszzdta0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b2:7f:d3:44:04:52:89:e7:7e:53:3a:88:57:74:1a:da:a9:19:
         77:0d:f1:03:72:35:db:7e:94:7b:7e:ee:b1:5a:f6:29:c0:6f:
         53:69:f5:c4:7f:21:99:0a:1a:af:63:dd:fa:4e:5a:8d:3b:7a:
         5c:70:15:e6:85:ed:a9:99:88:7d:41:f4:be:9b:0f:14:6e:03:
         58:b0:8f:0e:f3:83:e5:0f:4e:7e:32:60:2f:10:39:a1:53:11:
         a7:9d:08:ae:2b:62:2e:95:8e:4e:f3:79:30:97:a2:e7:c0:4b:
         0e:b6:5c:73:dc:c2:d8:98:d6:9b:0e:be:af:a9:23:d1:22:7d:
         bb:e7:7e:4f:17:94:8f:20:21:8f:3d:6e:71:4d:50:e9:d3:9e:
         5c:6f:09:9a:2b:2b:92:c1:7b:d0:0d:4b:b5:14:c3:a8:f7:c6:
         b9:14:fb:bd:6a:f9:84:38:21:ba:59:27:35:5b:e4:ea:c4:fe:
         3d:b4:29:00:46:17:cb:4b:49:7b:a7:a4:a6:53:25:65:57:81:
         46:52:04:9a:53:7d:33:43:13:0b:f0:7e:05:cd:62:25:9d:04:
         45:73:82:5d:f4:fb:b7:66:e8:a5:fe:60:b7:12:ed:df:e0:82:
         1d:de:49:b2:15:71:9c:a5:6d:d4:a0:b2:54:48:0d:d9:c7:73:
         ca:cc:0c:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9DDUmVQEBLAJDUtMpM8M+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGE0ZDdhZjMzOWJmNTI1NTcyMzkzNzU1ZDFjZmIzM2Nk
ZGI1YWQwHhcNMjQwNTA0MTAwMTM1WhcNMjQwNTA1MTAwMTM1WjAzMTEwLwYDVQQD
Eyg3NjI2MmM5NDhhNjNiNzUyNDhjYmQxOGIwOWY3NzdiZGU1N2I4MDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprUQSzD6gq42JdhIjskTb13Okj78
2yoY3fv0IZ9llxbAAN1LqfVdE3jvb13+oJvzXceN24g/yqE/mmWxpFQNQj8n83wY
b8DVtoq9QNVP4KS/yUQ6Z2wfHYJMZKmtuMwlXTrNDhju5TxDAPmfByXi07rzK1oH
xiQXpR2+oEu7C6kOkmBBUgQh3QCeEo3IezD7kiWL/5slvtZpdE9ZRmzy+M/CuhRA
nXg56VAYlmZ8shGVUtjo05JkpzAePzrrGE4gxDhXaC11lUqGP6kT82xB2TKaoCHZ
HCfk1gAsAFuq1+WTXuk/YqeckVcfhWaIiYBSGbwtsVXgsQ/IgdZxzj6g2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHYmLJSKY7dSSMvRiwn3d73le4CAMB8GA1UdIwQY
MBaAFNCKTXrzOb9SVXI5N1XRz7M83bWtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMt
ZDVhMWVhOWVkYjA4LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xNWZiOGEtOTI2MS00NjJkLWE1YWMtZDVhMWVhOWVkYjA4
LzEvMElwTmV2TTV2MUpWY2prM1ZkSFBzenpkdGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsn/TRARS
ied+UzqIV3Qa2qkZdw3xA3I1236Ue37usVr2KcBvU2n1xH8hmQoar2Pd+k5ajTt6
XHAV5oXtqZmIfUH0vpsPFG4DWLCPDvOD5Q9OfjJgLxA5oVMRp50IritiLpWOTvN5
MJei58BLDrZcc9zC2JjWmw6+r6kj0SJ9u+d+TxeUjyAhjz1ucU1Q6dOeXG8Jmisr
ksF70A1LtRTDqPfGuRT7vWr5hDghulknNVvk6sT+PbQpAEYXy0tJe6ekplMlZVeB
RlIEmlN9M0MTC/B+Bc1iJZ0ERXOCXfT7t2bopf5gtxLt3+CCHd5JshVxnKVt1KCy
VEgN2cdzyswMwQ==
-----END CERTIFICATE-----