Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
File:                     D8lnTtVfCnZcpdocb6-k3SXioXg.mft (raw, json)
Hash identifier:          39dOOBo1WtDHD0kPX+r20y7orQDA3/vvT8XLIfAnJow=
Subject key identifier:   54:C9:E7:9E:8E:13:B0:DB:92:14:D7:8F:AA:62:40:72:6D:DE:A8:9A
Authority key identifier: 0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78
Certificate issuer:       /CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
Certificate serial:       018F8823F3D478D1C2D11B81ADC49D405B05
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
Manifest number:          025D
Signing time:             Fri 17 May 2024 20:00:08 +0000
Manifest this update:     Fri 17 May 2024 20:00:08 +0000
Manifest next update:     Sat 18 May 2024 20:00:08 +0000
Files and hashes:         1: D8lnTtVfCnZcpdocb6-k3SXioXg.crl (hash: BaJR3sD2V4kVChykhWXCMxeB5JeQQ0pU+thxrFu7zp0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:23:f3:d4:78:d1:c2:d1:1b:81:ad:c4:9d:40:5b:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0fc9674ed55f0a765ca5da1c6fafa4dd25e2a178
        Validity
            Not Before: May 17 20:00:08 2024 GMT
            Not After : May 18 20:00:08 2024 GMT
        Subject: CN=54c9e79e8e13b0db9214d78faa6240726ddea89a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:89:06:2a:84:6e:15:b5:9d:36:5c:be:9c:a9:
                    5d:72:38:86:b1:4b:00:09:11:48:b0:8d:bf:aa:ba:
                    40:ff:50:69:c3:0b:07:d9:2c:31:44:99:a7:e5:ca:
                    b9:b5:bd:b1:99:5e:4d:12:e9:c1:23:07:0c:8f:f1:
                    0d:d8:da:d5:52:cf:02:6a:27:a5:f5:3e:d1:9e:72:
                    3a:62:ba:5d:c6:9c:b9:d1:a5:be:1f:13:96:d7:3b:
                    e9:e6:93:92:94:77:e6:a0:ff:29:13:30:b8:82:0e:
                    41:b5:aa:42:00:d6:f6:f4:e9:0f:a3:3f:df:38:a0:
                    dc:7c:e1:00:64:67:a0:fe:d3:e5:e4:7e:9f:91:a3:
                    9b:c5:7e:08:7e:55:ce:35:7b:35:1d:8f:1e:2d:5e:
                    15:c5:4e:23:c2:e0:82:08:85:09:61:39:1c:62:b1:
                    d1:ea:e3:37:12:e4:32:ee:18:e5:ae:cd:23:fc:81:
                    ca:da:26:b1:6c:d9:69:1d:81:86:30:46:bb:6f:c0:
                    a4:f2:20:20:33:f2:7c:90:25:17:c0:fc:c7:a4:a0:
                    55:ca:1f:09:2d:e4:e0:7c:db:75:5c:fe:85:54:56:
                    47:ed:59:d3:5a:5b:03:29:44:41:5f:15:11:20:6f:
                    9f:d3:e7:03:c2:b9:5b:07:cf:5c:db:9d:f5:29:35:
                    cd:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:C9:E7:9E:8E:13:B0:DB:92:14:D7:8F:AA:62:40:72:6D:DE:A8:9A
            X509v3 Authority Key Identifier:
                keyid:0F:C9:67:4E:D5:5F:0A:76:5C:A5:DA:1C:6F:AF:A4:DD:25:E2:A1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D8lnTtVfCnZcpdocb6-k3SXioXg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/8ab2a3-088e-4e0c-be9a-4a946c52fbc2/1/D8lnTtVfCnZcpdocb6-k3SXioXg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:a0:76:ad:94:80:da:9e:91:64:6f:f3:ce:a1:76:c6:30:aa:
         44:fd:8e:29:8b:49:64:75:f4:23:ed:55:33:55:99:df:3c:26:
         a8:ae:1a:a9:91:6f:26:0e:fb:e6:96:bb:b0:32:9b:96:8e:20:
         3a:35:67:49:25:e3:33:2a:52:a8:25:dc:56:d5:a2:42:87:70:
         ec:3a:8b:80:1f:86:e4:6a:ab:e4:3d:0f:df:e3:b0:52:98:c5:
         71:dc:95:db:e6:c1:7a:eb:02:c2:85:ab:20:17:a3:33:fc:92:
         89:75:81:76:5d:37:64:0d:54:c7:d3:ae:7a:1b:29:a7:23:97:
         0d:13:3b:0c:23:eb:a0:99:0c:f6:af:40:96:a9:c9:7e:ef:5a:
         3d:ca:8b:44:00:1d:11:b2:dd:e7:fd:51:b2:7d:e3:04:5b:c2:
         9d:81:75:4b:51:ff:b7:f4:42:c7:37:05:36:89:2f:57:80:ed:
         e6:28:f9:16:47:31:41:16:44:40:9b:1b:2b:24:a9:1a:b1:13:
         08:56:57:a3:f0:09:3e:dd:76:0f:ca:a5:e3:55:4f:7e:66:5a:
         87:23:31:fc:b0:7c:05:6d:d3:65:5a:af:55:08:85:ce:b6:b4:
         10:8d:81:18:18:6e:3d:47:ad:3d:ca:14:3a:7b:8d:91:9e:b0:
         7e:f2:94:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+II/PUeNHC0RuBrcSdQFsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYzk2NzRlZDU1ZjBhNzY1Y2E1ZGExYzZmYWZhNGRkMjVl
MmExNzgwHhcNMjQwNTE3MjAwMDA4WhcNMjQwNTE4MjAwMDA4WjAzMTEwLwYDVQQD
Eyg1NGM5ZTc5ZThlMTNiMGRiOTIxNGQ3OGZhYTYyNDA3MjZkZGVhODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYkGKoRuFbWdNly+nKldcjiGsUsA
CRFIsI2/qrpA/1BpwwsH2SwxRJmn5cq5tb2xmV5NEunBIwcMj/EN2NrVUs8Caiel
9T7RnnI6Yrpdxpy50aW+HxOW1zvp5pOSlHfmoP8pEzC4gg5BtapCANb29OkPoz/f
OKDcfOEAZGeg/tPl5H6fkaObxX4IflXONXs1HY8eLV4VxU4jwuCCCIUJYTkcYrHR
6uM3EuQy7hjlrs0j/IHK2iaxbNlpHYGGMEa7b8Ck8iAgM/J8kCUXwPzHpKBVyh8J
LeTgfNt1XP6FVFZH7VnTWlsDKURBXxURIG+f0+cDwrlbB89c2531KTXNAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTJ556OE7DbkhTXj6piQHJt3qiaMB8GA1UdIwQY
MBaAFA/JZ07VXwp2XKXaHG+vpN0l4qF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEt
NGE5NDZjNTJmYmMyLzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC84YWIyYTMtMDg4ZS00ZTBjLWJlOWEtNGE5NDZjNTJmYmMy
LzEvRDhsblR0VmZDblpjcGRvY2I2LWszU1hpb1hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfqB2rZSA
2p6RZG/zzqF2xjCqRP2OKYtJZHX0I+1VM1WZ3zwmqK4aqZFvJg775pa7sDKblo4g
OjVnSSXjMypSqCXcVtWiQodw7DqLgB+G5Gqr5D0P3+OwUpjFcdyV2+bBeusCwoWr
IBejM/ySiXWBdl03ZA1Ux9OuehsppyOXDRM7DCProJkM9q9AlqnJfu9aPcqLRAAd
EbLd5/1Rsn3jBFvCnYF1S1H/t/RCxzcFNokvV4Dt5ij5FkcxQRZEQJsbKySpGrET
CFZXo/AJPt12D8ql41VPfmZahyMx/LB8BW3TZVqvVQiFzra0EI2BGBhuPUetPcoU
OnuNkZ6wfvKUDw==
-----END CERTIFICATE-----