Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
File:                     TnxZtb-73klP0T13jm8i3adJYsE.mft (raw, json)
Hash identifier:          UelucladXzL85gcRS8CmoBoqvkyAweDmhM8b113r5iQ=
Subject key identifier:   60:82:85:7A:4F:B3:29:6A:66:E1:38:D7:8A:F7:4B:C0:13:08:BA:0E
Authority key identifier: 4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1
Certificate issuer:       /CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
Certificate serial:       018F893764BF0F348A9EA7B0E372BDFD6024
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
Manifest number:          04BB
Signing time:             Sat 18 May 2024 01:00:59 +0000
Manifest this update:     Sat 18 May 2024 01:00:59 +0000
Manifest next update:     Sun 19 May 2024 01:00:59 +0000
Files and hashes:         1: TnxZtb-73klP0T13jm8i3adJYsE.crl (hash: zFP0IwSq2IdV9zJP1ziASTlfknu980lmIwyyO2Iyj1s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:37:64:bf:0f:34:8a:9e:a7:b0:e3:72:bd:fd:60:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e7c59b5bfbbde494fd13d778e6f22dda74962c1
        Validity
            Not Before: May 18 01:00:59 2024 GMT
            Not After : May 19 01:00:59 2024 GMT
        Subject: CN=6082857a4fb3296a66e138d78af74bc01308ba0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:00:59:64:80:b6:59:35:f0:d6:9f:f5:62:21:
                    5c:ec:57:bf:96:b4:e9:86:fa:ed:56:55:b8:6f:9b:
                    89:96:5b:cd:7f:b4:06:45:72:0f:05:24:98:f0:f8:
                    2a:ad:a2:fa:fb:27:4d:29:19:31:c9:e1:2f:69:d9:
                    bb:d0:66:2f:38:07:a5:17:71:cb:af:af:ef:13:14:
                    da:51:b7:43:d7:11:b3:c1:84:ab:f3:ba:cb:9e:44:
                    09:c0:0c:c4:76:f7:27:d3:7a:3d:64:31:ae:aa:73:
                    d8:a3:62:40:74:d0:e8:6f:56:65:63:ac:eb:c5:6e:
                    08:82:39:d1:0c:69:16:74:53:2f:05:5b:e3:08:a2:
                    ce:43:84:ea:a3:12:bd:66:96:b5:93:8f:87:58:ae:
                    e4:61:6c:46:b2:25:fd:e2:31:ab:ac:5e:9c:fd:7c:
                    c3:18:7c:ac:0e:00:42:21:40:d4:33:25:3d:3c:80:
                    9c:03:28:11:c6:ed:35:29:63:6a:c7:8f:a1:95:b1:
                    53:bb:20:1c:49:bd:22:78:54:59:9c:b4:6a:93:53:
                    e7:47:b5:a4:fd:0d:75:56:5e:85:bf:15:b6:4b:5f:
                    60:9a:75:86:bb:7a:b6:18:18:0f:7f:d0:0e:fa:d2:
                    36:44:08:f8:9e:f5:2a:62:5a:74:e7:15:22:47:21:
                    51:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:82:85:7A:4F:B3:29:6A:66:E1:38:D7:8A:F7:4B:C0:13:08:BA:0E
            X509v3 Authority Key Identifier:
                keyid:4E:7C:59:B5:BF:BB:DE:49:4F:D1:3D:77:8E:6F:22:DD:A7:49:62:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TnxZtb-73klP0T13jm8i3adJYsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f30602-5fa2-4ab8-99e7-c07f6c5a0aa7/1/TnxZtb-73klP0T13jm8i3adJYsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8b:ca:6f:28:0f:36:4d:b5:bc:46:89:d1:79:a8:a1:57:74:e3:
         6e:38:98:09:24:21:9f:d2:f8:03:af:59:04:29:c2:8d:f0:28:
         ea:f8:45:b9:e5:c9:3b:91:44:f2:3d:e0:dc:ec:1a:c5:a4:fd:
         9c:c5:2f:8c:8c:40:dd:ee:38:c1:67:33:ac:75:94:59:54:8e:
         ca:84:ce:18:38:27:7f:c6:08:11:ca:0f:80:28:1a:c3:4c:fe:
         06:bb:2f:64:7e:89:20:56:88:4a:b0:11:cc:9f:df:ea:4d:c4:
         f2:40:33:05:16:42:30:a6:11:65:52:5a:bb:a1:af:b3:6b:73:
         37:15:d5:39:3e:d7:13:b3:66:bd:16:93:c2:3f:a8:04:9f:8c:
         8a:46:3c:39:f3:60:da:f7:c3:30:24:f7:79:c5:a1:ca:6f:96:
         05:e5:ef:34:f2:90:b2:ea:7f:95:89:09:75:71:fc:49:8a:df:
         d4:a4:72:29:a9:fe:4b:9a:ed:d7:98:8d:16:62:e2:c5:23:87:
         1a:ef:cc:23:06:b6:ad:33:f7:63:2a:6a:48:9c:5c:b6:25:d6:
         1f:1c:6b:a6:3a:6c:54:8a:18:b8:81:cf:46:be:37:fe:82:56:
         29:04:0c:db:85:e5:8c:6a:28:c4:2d:cf:85:9b:35:a4:78:4a:
         5e:53:95:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JN2S/DzSKnqew43K9/WAkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlN2M1OWI1YmZiYmRlNDk0ZmQxM2Q3NzhlNmYyMmRkYTc0
OTYyYzEwHhcNMjQwNTE4MDEwMDU5WhcNMjQwNTE5MDEwMDU5WjAzMTEwLwYDVQQD
Eyg2MDgyODU3YTRmYjMyOTZhNjZlMTM4ZDc4YWY3NGJjMDEzMDhiYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ABZZIC2WTXw1p/1YiFc7Fe/lrTp
hvrtVlW4b5uJllvNf7QGRXIPBSSY8PgqraL6+ydNKRkxyeEvadm70GYvOAelF3HL
r6/vExTaUbdD1xGzwYSr87rLnkQJwAzEdvcn03o9ZDGuqnPYo2JAdNDob1ZlY6zr
xW4IgjnRDGkWdFMvBVvjCKLOQ4TqoxK9Zpa1k4+HWK7kYWxGsiX94jGrrF6c/XzD
GHysDgBCIUDUMyU9PICcAygRxu01KWNqx4+hlbFTuyAcSb0ieFRZnLRqk1PnR7Wk
/Q11Vl6FvxW2S19gmnWGu3q2GBgPf9AO+tI2RAj4nvUqYlp05xUiRyFR+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCChXpPsylqZuE414r3S8ATCLoOMB8GA1UdIwQY
MBaAFE58WbW/u95JT9E9d45vIt2nSWLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTct
YzA3ZjZjNWEwYWE3LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMzA2MDItNWZhMi00YWI4LTk5ZTctYzA3ZjZjNWEwYWE3
LzEvVG54WnRiLTcza2xQMFQxM2ptOGkzYWRKWXNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi8pvKA82
TbW8RonReaihV3TjbjiYCSQhn9L4A69ZBCnCjfAo6vhFueXJO5FE8j3g3OwaxaT9
nMUvjIxA3e44wWczrHWUWVSOyoTOGDgnf8YIEcoPgCgaw0z+BrsvZH6JIFaISrAR
zJ/f6k3E8kAzBRZCMKYRZVJau6Gvs2tzNxXVOT7XE7NmvRaTwj+oBJ+MikY8OfNg
2vfDMCT3ecWhym+WBeXvNPKQsup/lYkJdXH8SYrf1KRyKan+S5rt15iNFmLixSOH
Gu/MIwa2rTP3YypqSJxctiXWHxxrpjpsVIoYuIHPRr43/oJWKQQM24XljGooxC3P
hZs1pHhKXlOVHg==
-----END CERTIFICATE-----