Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          w0uL+2mfryTY/e4f2DPJ5zm8jGACh6kOZDA3IWPbMJM=
Subject key identifier:   79:F9:0C:11:BC:4E:E1:2B:9C:F5:54:0E:63:1F:8A:29:36:31:A7:25
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       01901CD832FFCF68CF0FB4870318654D4CE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          05D2
Signing time:             Sat 15 Jun 2024 17:00:49 +0000
Manifest this update:     Sat 15 Jun 2024 17:00:49 +0000
Manifest next update:     Sun 16 Jun 2024 17:00:49 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: XekzlO+7aB+biqixDhHps6aBtphYrH6YzolHO9CdZg4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:d8:32:ff:cf:68:cf:0f:b4:87:03:18:65:4d:4c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: Jun 15 17:00:49 2024 GMT
            Not After : Jun 16 17:00:49 2024 GMT
        Subject: CN=79f90c11bc4ee12b9cf5540e631f8a293631a725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:1b:f6:77:77:64:b0:a8:da:21:47:1d:27:40:
                    7d:be:ff:ef:13:e7:c5:28:25:3c:4c:6b:90:9f:1d:
                    62:32:53:d8:d9:b9:11:65:a8:94:f3:53:26:2b:6e:
                    da:90:5f:e8:46:b3:34:cc:dd:62:f0:d9:ce:59:f9:
                    e9:0e:2b:5d:71:75:8b:2c:6c:91:17:d0:5d:e6:0e:
                    6e:ea:19:4a:bd:44:dc:62:50:16:31:2a:1e:d3:97:
                    1a:6d:4b:37:7a:3b:97:8d:5a:18:92:e6:a1:8e:eb:
                    03:b2:ab:ab:86:23:7a:da:4d:ad:d6:09:f0:26:a2:
                    e0:a1:45:ba:b8:f8:53:4a:14:fc:8c:72:37:98:b4:
                    42:3c:0a:28:8c:9d:2a:a0:dd:d9:8b:95:9f:fe:e0:
                    bb:6a:4e:41:54:be:ce:d6:e5:68:e2:33:6d:4a:19:
                    bc:64:a5:7a:99:27:e3:47:73:35:02:50:d9:ba:91:
                    2b:fd:c7:37:21:e9:7f:44:4b:9c:ae:f0:54:9a:81:
                    16:b6:ad:71:f5:cb:5d:52:dc:3d:18:6f:dd:a5:72:
                    1f:b9:d6:cb:ca:63:3c:19:af:5d:54:4c:77:85:6d:
                    3c:d1:a2:e0:0d:e1:c7:1f:c8:c7:c5:ea:7e:0f:96:
                    19:85:b8:0a:91:dc:8b:51:9b:b2:1d:a4:3f:49:93:
                    85:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F9:0C:11:BC:4E:E1:2B:9C:F5:54:0E:63:1F:8A:29:36:31:A7:25
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:9c:7d:81:a0:b6:aa:0e:7b:e8:6d:d1:12:70:4f:df:32:63:
         54:c1:d0:e0:ba:1e:43:84:90:d5:07:7e:31:dc:d4:52:2b:98:
         71:7b:64:01:83:d4:86:23:fe:79:f8:d2:2c:57:30:6a:e0:05:
         98:2f:db:88:03:8e:14:87:80:b4:2e:be:a2:97:1b:a0:63:35:
         7c:f9:9c:4e:4c:d5:3f:a4:c8:39:e0:dc:9f:34:3a:e2:78:e7:
         b4:ec:9a:fb:e5:f4:66:ac:25:15:4f:34:1f:28:52:53:54:14:
         3f:20:de:87:d5:2a:6f:09:da:91:a0:3b:9d:41:46:d2:57:25:
         65:1f:a9:1c:bf:41:53:e8:76:3a:a9:a4:04:58:10:c6:e5:a0:
         fd:43:7e:b2:fa:7c:a1:d4:c4:9d:87:a9:c7:ef:a8:b8:00:49:
         2a:a5:91:50:27:63:1b:65:06:6b:df:d8:aa:a4:c1:bc:05:40:
         e8:cc:6a:c7:52:02:34:60:6b:ec:01:89:e3:a3:c1:d9:12:03:
         66:31:d3:20:a8:96:f0:c5:fa:f6:29:b7:2c:08:4c:fa:cc:6d:
         e0:f3:aa:f8:f4:55:34:7e:19:45:f8:fc:73:74:85:8a:7e:06:
         21:2f:ea:56:b9:2e:ca:1f:ed:d2:f4:ef:38:2d:f8:6f:b2:91:
         36:37:16:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAc2DL/z2jPD7SHAxhlTUzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjQwNjE1MTcwMDQ5WhcNMjQwNjE2MTcwMDQ5WjAzMTEwLwYDVQQD
Eyg3OWY5MGMxMWJjNGVlMTJiOWNmNTU0MGU2MzFmOGEyOTM2MzFhNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohv2d3dksKjaIUcdJ0B9vv/vE+fF
KCU8TGuQnx1iMlPY2bkRZaiU81MmK27akF/oRrM0zN1i8NnOWfnpDitdcXWLLGyR
F9Bd5g5u6hlKvUTcYlAWMSoe05cabUs3ejuXjVoYkuahjusDsqurhiN62k2t1gnw
JqLgoUW6uPhTShT8jHI3mLRCPAoojJ0qoN3Zi5Wf/uC7ak5BVL7O1uVo4jNtShm8
ZKV6mSfjR3M1AlDZupEr/cc3Iel/REucrvBUmoEWtq1x9ctdUtw9GG/dpXIfudbL
ymM8Ga9dVEx3hW080aLgDeHHH8jHxep+D5YZhbgKkdyLUZuyHaQ/SZOFqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn5DBG8TuErnPVUDmMfiik2MaclMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHZx9gaC2
qg576G3REnBP3zJjVMHQ4LoeQ4SQ1Qd+MdzUUiuYcXtkAYPUhiP+efjSLFcwauAF
mC/biAOOFIeAtC6+opcboGM1fPmcTkzVP6TIOeDcnzQ64njntOya++X0ZqwlFU80
HyhSU1QUPyDeh9UqbwnakaA7nUFG0lclZR+pHL9BU+h2OqmkBFgQxuWg/UN+svp8
odTEnYepx++ouABJKqWRUCdjG2UGa9/YqqTBvAVA6Mxqx1ICNGBr7AGJ46PB2RID
ZjHTIKiW8MX69im3LAhM+sxt4POq+PRVNH4ZRfj8c3SFin4GIS/qVrkuyh/t0vTv
OC34b7KRNjcWJg==
-----END CERTIFICATE-----