Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
File:                     nGCyJ8t1doofV4Vuw1M8loSCYZw.mft (raw, json)
Hash identifier:          XhxXpXFsXwVdXwEHKvAXlM1Im8pUBY8UXXgygb5wid4=
Subject key identifier:   3F:0D:C3:5A:CD:17:D4:59:3C:BD:A6:5F:EB:6C:C7:F3:EC:66:E0:65
Authority key identifier: 9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C
Certificate issuer:       /CN=9c60b227cb75768a1f57856ec3533c968482619c
Certificate serial:       018F87B61C959445D4D78FE0BE5F079A17C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
Manifest number:          102A
Signing time:             Fri 17 May 2024 18:00:09 +0000
Manifest this update:     Fri 17 May 2024 18:00:09 +0000
Manifest next update:     Sat 18 May 2024 18:00:09 +0000
Files and hashes:         1: nGCyJ8t1doofV4Vuw1M8loSCYZw.crl (hash: hvZoUQxlOtaNz2sqKZbnvsIEjFaYREyFWa5TmBcdCTI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:1c:95:94:45:d4:d7:8f:e0:be:5f:07:9a:17:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c60b227cb75768a1f57856ec3533c968482619c
        Validity
            Not Before: May 17 18:00:09 2024 GMT
            Not After : May 18 18:00:09 2024 GMT
        Subject: CN=3f0dc35acd17d4593cbda65feb6cc7f3ec66e065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:40:91:80:84:a8:11:09:68:7f:3d:26:07:ae:
                    bb:cc:15:00:6f:ce:be:ac:99:22:69:49:53:60:01:
                    df:e7:67:17:e1:f1:52:23:7a:10:ff:e2:27:85:ef:
                    c3:14:5b:ad:94:23:a5:e7:68:0a:e1:48:39:a6:68:
                    a7:62:d2:ba:51:26:52:a2:2c:b9:a6:ba:3f:e6:ed:
                    3c:d4:c0:e7:65:cd:53:97:f8:d0:db:f3:6e:ea:7d:
                    14:32:69:8b:b5:db:b9:6e:62:8c:a5:36:df:aa:d3:
                    60:b8:e5:21:2c:79:8f:f5:91:e3:96:f1:aa:02:f7:
                    38:90:0a:06:b0:be:93:29:2a:f7:ca:09:f3:d8:b7:
                    bf:d0:8a:0c:f0:5e:57:17:ec:7e:8a:76:a5:8e:d5:
                    e2:22:ca:b6:b5:f5:bd:ba:71:01:8c:93:33:c9:7e:
                    05:0d:2c:f8:44:07:46:63:91:8e:93:19:4b:01:98:
                    f3:17:51:c7:1d:3d:ce:7e:bf:46:d1:5f:91:35:5b:
                    61:a0:32:a9:14:22:c4:2a:eb:58:3a:af:32:ca:ac:
                    8e:a2:f6:51:cd:72:99:48:77:20:2a:ed:9b:d9:ae:
                    6b:9a:02:05:f0:3b:a5:5f:e0:18:e0:07:45:74:0b:
                    46:dc:2f:7b:08:e1:33:c8:64:a0:90:4e:a3:16:e5:
                    bc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:0D:C3:5A:CD:17:D4:59:3C:BD:A6:5F:EB:6C:C7:F3:EC:66:E0:65
            X509v3 Authority Key Identifier:
                keyid:9C:60:B2:27:CB:75:76:8A:1F:57:85:6E:C3:53:3C:96:84:82:61:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nGCyJ8t1doofV4Vuw1M8loSCYZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/11c99f-4fd5-4522-85c4-8918a28c4f7c/1/nGCyJ8t1doofV4Vuw1M8loSCYZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4a:b0:ea:cd:ba:a1:82:13:d2:46:69:7a:5c:9d:59:4e:65:4f:
         c6:99:ed:d5:65:15:d0:64:35:51:07:27:0d:94:62:83:2e:ea:
         72:4f:fa:73:c1:13:f8:48:e4:f8:bf:3d:03:ac:1e:6b:7f:fe:
         7d:e9:5a:30:51:d8:10:e7:10:23:52:e3:c3:87:71:2b:27:d6:
         0b:ef:47:26:c4:e3:c6:dc:7d:f8:6c:11:ee:2a:97:cf:e9:45:
         3a:d4:3d:37:46:b2:11:60:8e:b7:ab:c0:30:c9:b0:92:49:91:
         64:90:b3:bc:a8:5a:e4:03:33:55:a4:96:92:9a:0d:88:d3:fe:
         c6:f6:e4:4e:57:dc:e3:1e:5b:18:1b:db:d4:e2:e5:6c:f3:a9:
         d2:31:35:5a:28:18:e0:a3:57:2c:5b:90:37:28:82:39:84:9b:
         af:2d:63:c0:12:20:4d:eb:98:fd:3b:33:5d:25:29:55:7c:cf:
         1c:99:a1:e5:7c:4b:6a:45:ce:10:79:dd:57:bb:b2:fd:f6:ab:
         ef:2a:12:3f:93:fd:ff:99:78:fe:72:9a:a2:da:b4:9d:d7:b7:
         de:e9:e2:45:9a:a8:63:1e:ee:38:43:d7:02:c9:93:04:8e:7a:
         06:d3:08:b4:88:19:86:35:44:79:5e:d5:51:a4:d7:35:57:09:
         c7:51:c2:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HthyVlEXU14/gvl8HmhfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNjBiMjI3Y2I3NTc2OGExZjU3ODU2ZWMzNTMzYzk2ODQ4
MjYxOWMwHhcNMjQwNTE3MTgwMDA5WhcNMjQwNTE4MTgwMDA5WjAzMTEwLwYDVQQD
EygzZjBkYzM1YWNkMTdkNDU5M2NiZGE2NWZlYjZjYzdmM2VjNjZlMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqECRgISoEQlofz0mB667zBUAb86+
rJkiaUlTYAHf52cX4fFSI3oQ/+Inhe/DFFutlCOl52gK4Ug5pminYtK6USZSoiy5
pro/5u081MDnZc1Tl/jQ2/Nu6n0UMmmLtdu5bmKMpTbfqtNguOUhLHmP9ZHjlvGq
Avc4kAoGsL6TKSr3ygnz2Le/0IoM8F5XF+x+inaljtXiIsq2tfW9unEBjJMzyX4F
DSz4RAdGY5GOkxlLAZjzF1HHHT3Ofr9G0V+RNVthoDKpFCLEKutYOq8yyqyOovZR
zXKZSHcgKu2b2a5rmgIF8DulX+AY4AdFdAtG3C97COEzyGSgkE6jFuW8MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8Nw1rNF9RZPL2mX+tsx/PsZuBlMB8GA1UdIwQY
MBaAFJxgsifLdXaKH1eFbsNTPJaEgmGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQt
ODkxOGEyOGM0ZjdjLzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8xMWM5OWYtNGZkNS00NTIyLTg1YzQtODkxOGEyOGM0Zjdj
LzEvbkdDeUo4dDFkb29mVjRWdXcxTThsb1NDWVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASrDqzbqh
ghPSRml6XJ1ZTmVPxpnt1WUV0GQ1UQcnDZRigy7qck/6c8ET+Ejk+L89A6wea3/+
felaMFHYEOcQI1Ljw4dxKyfWC+9HJsTjxtx9+GwR7iqXz+lFOtQ9N0ayEWCOt6vA
MMmwkkmRZJCzvKha5AMzVaSWkpoNiNP+xvbkTlfc4x5bGBvb1OLlbPOp0jE1WigY
4KNXLFuQNyiCOYSbry1jwBIgTeuY/TszXSUpVXzPHJmh5XxLakXOEHndV7uy/far
7yoSP5P9/5l4/nKaotq0nde33uniRZqoYx7uOEPXAsmTBI56BtMItIgZhjVEeV7V
UaTXNVcJx1HCeA==
-----END CERTIFICATE-----