Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
File:                     R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft (raw, json)
Hash identifier:          Qgcj/mmuBB7wmE6Gw/z1gjiUOhIc+sqwbRd3ghmRWZQ=
Subject key identifier:   90:02:68:AD:EB:9E:BF:E3:3E:35:C6:E5:6B:65:D3:17:1B:15:03:B7
Authority key identifier: 47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA
Certificate issuer:       /CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
Certificate serial:       01901DEC6594CF7082FA034372E9E8203952
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
Manifest number:          11C2
Signing time:             Sat 15 Jun 2024 22:02:30 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:30 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:30 +0000
Files and hashes:         1: R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl (hash: +vq+CNOZe6X09UdNSCFcvCOpzWBhF0vYA3Qb6RmxK6I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:65:94:cf:70:82:fa:03:43:72:e9:e8:20:39:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47c68ed50bb53dcae857e4c85bcafd513f2774da
        Validity
            Not Before: Jun 15 22:02:30 2024 GMT
            Not After : Jun 16 22:02:30 2024 GMT
        Subject: CN=900268adeb9ebfe33e35c6e56b65d3171b1503b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:ad:1e:ff:e7:82:ab:8e:e1:b4:17:82:f7:fc:
                    a4:cb:80:57:5a:e1:6c:07:b4:c3:42:f6:b1:12:e1:
                    f0:6d:b5:0e:65:90:ec:e1:9b:85:33:45:12:32:ea:
                    f8:fd:67:c0:25:ab:77:7e:77:17:81:df:51:6e:da:
                    98:52:2b:0d:5d:9d:c4:03:f6:5a:67:29:08:05:f3:
                    a8:e4:8a:5d:2f:10:82:27:8d:34:d3:43:09:45:4e:
                    7a:c1:72:16:3c:06:6e:89:e1:2a:13:0f:e8:fa:bb:
                    25:66:f0:f6:c5:d5:62:8d:f1:02:80:14:dd:0e:65:
                    de:6a:e1:2d:ae:4a:f8:16:90:d6:7e:ca:86:f1:a2:
                    3d:66:8c:d7:f9:e0:d1:ff:42:4b:a1:7a:3d:56:43:
                    12:66:ae:8c:ea:48:1a:ce:fa:02:d0:b8:39:07:a4:
                    89:dc:d3:9f:82:1a:7d:61:e8:7a:4b:dd:b2:96:3e:
                    33:64:44:1b:5a:2a:3c:ee:46:c1:66:4d:e1:bb:b8:
                    0c:a2:83:76:21:40:87:f7:f3:cd:fc:4a:9d:15:a8:
                    90:b9:51:9b:c6:3f:84:6b:67:0c:08:61:e3:f1:8c:
                    8a:e8:96:61:55:79:c1:77:59:27:0d:8d:3f:45:ba:
                    04:95:01:59:21:f0:a9:99:09:4f:75:a3:75:3a:d1:
                    7a:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:02:68:AD:EB:9E:BF:E3:3E:35:C6:E5:6B:65:D3:17:1B:15:03:B7
            X509v3 Authority Key Identifier:
                keyid:47:C6:8E:D5:0B:B5:3D:CA:E8:57:E4:C8:5B:CA:FD:51:3F:27:74:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R8aO1Qu1PcroV-TIW8r9UT8ndNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ffca18-9d76-409c-a0ec-7c4504982030/1/R8aO1Qu1PcroV-TIW8r9UT8ndNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:03:6c:7e:94:c6:3c:64:ce:c5:30:d0:51:5d:d3:45:bd:46:
         cd:d6:e7:60:4d:a6:fe:d9:e5:66:99:54:f7:47:9e:7e:2b:fc:
         87:9f:01:7f:00:9d:3b:a9:1b:ca:e2:6f:d3:77:df:0e:fa:75:
         fa:40:30:6f:06:8b:19:f8:34:56:d1:0a:16:7e:5c:c9:65:ff:
         3d:f6:7c:a4:b7:92:84:9d:8c:77:f1:b2:13:52:20:0f:a5:3c:
         45:a7:dc:07:65:a9:f0:7a:47:87:87:8a:31:99:04:dd:2c:32:
         d0:17:66:b4:b8:cf:e9:85:4f:94:03:f4:6a:fd:e2:90:c0:bc:
         07:97:a9:d8:4d:9a:e1:94:93:69:b3:22:93:07:30:62:49:00:
         0a:9d:32:1a:c1:63:38:2e:6c:34:65:ae:d7:c4:2b:04:68:14:
         55:87:f3:d2:c2:9b:de:f4:a6:ed:30:7a:d1:53:ca:3f:15:52:
         ff:ea:f8:75:88:82:28:a8:6b:e7:9d:85:2d:ae:76:54:18:7a:
         da:f6:97:76:a9:25:c9:c8:25:60:46:d6:74:47:c8:7e:fe:55:
         c8:65:aa:c1:03:d3:c6:44:ae:24:1d:d3:80:0f:d0:6a:d8:2f:
         44:f0:eb:7e:06:e7:03:61:21:4c:38:f7:dd:4b:a6:2a:68:d5:
         8d:c1:9a:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7GWUz3CC+gNDcunoIDlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YzY4ZWQ1MGJiNTNkY2FlODU3ZTRjODViY2FmZDUxM2Yy
Nzc0ZGEwHhcNMjQwNjE1MjIwMjMwWhcNMjQwNjE2MjIwMjMwWjAzMTEwLwYDVQQD
Eyg5MDAyNjhhZGViOWViZmUzM2UzNWM2ZTU2YjY1ZDMxNzFiMTUwM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm60e/+eCq47htBeC9/yky4BXWuFs
B7TDQvaxEuHwbbUOZZDs4ZuFM0USMur4/WfAJat3fncXgd9RbtqYUisNXZ3EA/Za
ZykIBfOo5IpdLxCCJ40000MJRU56wXIWPAZuieEqEw/o+rslZvD2xdVijfECgBTd
DmXeauEtrkr4FpDWfsqG8aI9ZozX+eDR/0JLoXo9VkMSZq6M6kgazvoC0Lg5B6SJ
3NOfghp9Yeh6S92ylj4zZEQbWio87kbBZk3hu7gMooN2IUCH9/PN/EqdFaiQuVGb
xj+Ea2cMCGHj8YyK6JZhVXnBd1knDY0/RboElQFZIfCpmQlPdaN1OtF6nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJACaK3rnr/jPjXG5Wtl0xcbFQO3MB8GA1UdIwQY
MBaAFEfGjtULtT3K6FfkyFvK/VE/J3TaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMt
N2M0NTA0OTgyMDMwLzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mZmNhMTgtOWQ3Ni00MDljLWEwZWMtN2M0NTA0OTgyMDMw
LzEvUjhhTzFRdTFQY3JvVi1USVc4cjlVVDhuZE5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGwNsfpTG
PGTOxTDQUV3TRb1GzdbnYE2m/tnlZplU90eefiv8h58BfwCdO6kbyuJv03ffDvp1
+kAwbwaLGfg0VtEKFn5cyWX/PfZ8pLeShJ2Md/GyE1IgD6U8RafcB2Wp8HpHh4eK
MZkE3Swy0BdmtLjP6YVPlAP0av3ikMC8B5ep2E2a4ZSTabMikwcwYkkACp0yGsFj
OC5sNGWu18QrBGgUVYfz0sKb3vSm7TB60VPKPxVS/+r4dYiCKKhr552FLa52VBh6
2vaXdqklycglYEbWdEfIfv5VyGWqwQPTxkSuJB3TgA/QatgvRPDrfgbnA2EhTDj3
3UumKmjVjcGabA==
-----END CERTIFICATE-----