Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
File:                     aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft (raw, json)
Hash identifier:          3ntjq1XPXiYzWE19V83Yfzzg2E+SpL+CTtdFI4EUmF8=
Subject key identifier:   CC:6F:D6:17:23:45:FB:DE:64:E3:9E:5B:F5:91:AE:89:7C:52:1C:C7
Authority key identifier: 68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2
Certificate issuer:       /CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
Certificate serial:       018F8749F6E749C1A9CE5EFEB4F29F51EDB0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
Manifest number:          115C
Signing time:             Fri 17 May 2024 16:02:02 +0000
Manifest this update:     Fri 17 May 2024 16:02:02 +0000
Manifest next update:     Sat 18 May 2024 16:02:02 +0000
Files and hashes:         1: aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl (hash: XZEsDbfpqODN/KoXIvN4cIUMtvhIH8ViBkjXPPmPni4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:f6:e7:49:c1:a9:ce:5e:fe:b4:f2:9f:51:ed:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68e1e6ea527dc385a79a3e08827dbf690c91c4c2
        Validity
            Not Before: May 17 16:02:02 2024 GMT
            Not After : May 18 16:02:02 2024 GMT
        Subject: CN=cc6fd6172345fbde64e39e5bf591ae897c521cc7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:a1:7b:63:5c:22:f7:c0:76:43:98:f7:f3:59:
                    4a:34:a9:5b:06:28:4f:84:3b:8a:0c:7e:0c:b9:cf:
                    c8:b3:c7:21:8a:a6:eb:fa:ca:52:e4:ed:89:02:bf:
                    94:58:ef:45:3b:ef:6f:40:4e:47:40:5a:33:93:d6:
                    a2:23:b6:17:c7:c5:bf:d2:69:17:fa:28:4c:76:51:
                    bc:91:9e:94:d9:6e:8c:0b:fa:1c:ab:3c:88:db:5b:
                    b8:ef:47:b3:23:4f:91:19:09:c2:c3:46:40:fd:4f:
                    50:9d:d0:46:fd:b4:a6:62:d9:58:45:6a:74:e1:fe:
                    da:66:b1:19:49:7c:18:4e:bd:29:17:20:e4:bc:46:
                    41:85:c9:1d:f3:6c:97:13:f2:2d:d1:ca:da:f0:bd:
                    07:f6:dc:a1:91:f7:dd:3f:0d:74:70:b2:fc:ff:94:
                    58:ad:ea:a2:08:c1:09:b1:b8:59:3e:99:9e:28:a4:
                    67:a7:8f:ad:da:a9:5b:28:02:5f:e0:9c:88:ed:f3:
                    7e:1d:3b:37:b7:d7:bb:20:1a:de:3f:c4:c2:f4:c6:
                    2f:17:9f:ed:8b:62:0a:fa:e0:72:1b:ae:de:e1:aa:
                    f1:32:39:57:1e:9c:3e:1b:dd:0a:50:90:c7:28:91:
                    0c:23:4c:a3:ef:8e:3f:b9:b0:d4:33:7f:20:54:eb:
                    7b:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:6F:D6:17:23:45:FB:DE:64:E3:9E:5B:F5:91:AE:89:7C:52:1C:C7
            X509v3 Authority Key Identifier:
                keyid:68:E1:E6:EA:52:7D:C3:85:A7:9A:3E:08:82:7D:BF:69:0C:91:C4:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9331c9-e164-4d2e-b839-17d097ff89c2/1/aOHm6lJ9w4Wnmj4Ign2_aQyRxMI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:ca:27:b9:2b:64:46:52:b1:41:11:12:39:5e:2f:8f:f1:03:
         fa:c9:c8:18:00:cf:85:d8:3d:13:6c:7c:ff:35:ba:3a:0f:dc:
         c5:ca:76:a8:58:b9:94:55:74:3f:ad:74:3e:38:79:44:42:b5:
         c7:60:bf:fa:ae:9e:13:b5:a1:70:e0:54:0c:9f:32:11:96:09:
         d1:5c:4a:05:ff:fc:f6:55:8b:e2:fd:bc:d7:37:ac:16:a4:1e:
         ba:c3:04:65:1f:81:e9:aa:a5:54:51:1c:b6:ea:ad:68:c7:5d:
         76:fe:e9:92:70:95:ce:98:fc:e1:1f:33:c8:3d:f0:ad:03:95:
         7d:e3:27:52:35:c7:01:67:ce:92:ae:21:5b:e7:f4:aa:c3:37:
         26:f7:66:36:f3:0b:90:cf:ef:44:b6:7d:a4:6f:b4:da:f7:82:
         79:fc:28:60:2a:cb:4a:67:b4:08:ef:f9:d8:69:ce:b3:90:3a:
         cb:06:2b:35:11:27:8b:bb:83:fb:79:a1:5b:29:1f:63:d7:db:
         e0:9f:22:d4:6e:95:e0:8f:4f:3e:bf:55:02:9f:a4:e8:ab:44:
         e3:37:0a:52:50:f8:dc:73:6e:d6:23:51:56:78:e9:1a:c0:eb:
         4b:cb:a5:b8:8c:85:f0:01:8e:a7:da:6a:32:fc:b3:3f:a4:13:
         fb:f4:b7:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSfbnScGpzl7+tPKfUe2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZTFlNmVhNTI3ZGMzODVhNzlhM2UwODgyN2RiZjY5MGM5
MWM0YzIwHhcNMjQwNTE3MTYwMjAyWhcNMjQwNTE4MTYwMjAyWjAzMTEwLwYDVQQD
EyhjYzZmZDYxNzIzNDVmYmRlNjRlMzllNWJmNTkxYWU4OTdjNTIxY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6F7Y1wi98B2Q5j381lKNKlbBihP
hDuKDH4Muc/Is8chiqbr+spS5O2JAr+UWO9FO+9vQE5HQFozk9aiI7YXx8W/0mkX
+ihMdlG8kZ6U2W6MC/ocqzyI21u470ezI0+RGQnCw0ZA/U9QndBG/bSmYtlYRWp0
4f7aZrEZSXwYTr0pFyDkvEZBhckd82yXE/It0cra8L0H9tyhkffdPw10cLL8/5RY
reqiCMEJsbhZPpmeKKRnp4+t2qlbKAJf4JyI7fN+HTs3t9e7IBreP8TC9MYvF5/t
i2IK+uByG67e4arxMjlXHpw+G90KUJDHKJEMI0yj744/ubDUM38gVOt7DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMxv1hcjRfveZOOeW/WRrol8UhzHMB8GA1UdIwQY
MBaAFGjh5upSfcOFp5o+CIJ9v2kMkcTCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4Mzkt
MTdkMDk3ZmY4OWMyLzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85MzMxYzktZTE2NC00ZDJlLWI4MzktMTdkMDk3ZmY4OWMy
LzEvYU9IbTZsSjl3NFdubWo0SWduMl9hUXlSeE1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZconuStk
RlKxQRESOV4vj/ED+snIGADPhdg9E2x8/zW6Og/cxcp2qFi5lFV0P610Pjh5REK1
x2C/+q6eE7WhcOBUDJ8yEZYJ0VxKBf/89lWL4v281zesFqQeusMEZR+B6aqlVFEc
tuqtaMdddv7pknCVzpj84R8zyD3wrQOVfeMnUjXHAWfOkq4hW+f0qsM3JvdmNvML
kM/vRLZ9pG+02veCefwoYCrLSme0CO/52GnOs5A6ywYrNREni7uD+3mhWykfY9fb
4J8i1G6V4I9PPr9VAp+k6KtE4zcKUlD43HNu1iNRVnjpGsDrS8uluIyF8AGOp9pq
MvyzP6QT+/S3Eg==
-----END CERTIFICATE-----