Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
File:                     0kNgnAcZXiAiEHIziNHC5IGAqt0.mft (raw, json)
Hash identifier:          aTNNS68uuicoGRqDzFVDE2irBLFwly94tSsPP4feAMs=
Subject key identifier:   5A:0E:8B:1B:4F:5B:22:79:AC:22:A0:D0:79:B3:05:BC:79:DC:B2:76
Authority key identifier: D2:43:60:9C:07:19:5E:20:22:10:72:33:88:D1:C2:E4:81:80:AA:DD
Certificate issuer:       /CN=d243609c07195e202210723388d1c2e48180aadd
Certificate serial:       01901DEDA2B5EDA1FDA03F5BD3077F83D07C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
Manifest number:          0668
Signing time:             Sat 15 Jun 2024 22:03:51 +0000
Manifest this update:     Sat 15 Jun 2024 22:03:51 +0000
Manifest next update:     Sun 16 Jun 2024 22:03:51 +0000
Files and hashes:         1: 0kNgnAcZXiAiEHIziNHC5IGAqt0.crl (hash: xGxtVXWHkpleB2wtIeg404161qKNpK3w85/DNHiRvsg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ed:a2:b5:ed:a1:fd:a0:3f:5b:d3:07:7f:83:d0:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d243609c07195e202210723388d1c2e48180aadd
        Validity
            Not Before: Jun 15 22:03:51 2024 GMT
            Not After : Jun 16 22:03:51 2024 GMT
        Subject: CN=5a0e8b1b4f5b2279ac22a0d079b305bc79dcb276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:1c:97:4f:c2:a4:4b:7e:d9:1a:8a:b0:6c:c9:
                    47:40:50:92:26:e0:88:cd:68:ca:17:89:c5:d7:84:
                    f8:e7:e7:a0:37:9e:8b:3d:7d:36:f4:37:46:bc:01:
                    90:53:4c:97:89:27:76:7c:15:02:a7:51:03:7e:3b:
                    19:72:77:79:2b:dc:c5:1d:e8:a8:34:77:5e:d2:9d:
                    4f:55:df:dc:25:57:16:a2:f8:ef:97:11:98:c2:cf:
                    6e:e1:5c:64:62:48:77:bf:1f:18:eb:82:dd:57:8b:
                    ed:44:2e:13:2e:2a:c4:58:ab:63:3d:43:a2:00:19:
                    fa:fb:e3:7e:f4:47:86:51:2e:4c:af:50:d2:d3:40:
                    81:a8:2b:3f:79:61:61:32:b8:68:50:93:86:f7:0e:
                    41:db:ab:6a:47:85:38:06:2c:be:3b:87:de:c5:0d:
                    ba:15:16:c4:9e:0b:af:ec:21:0e:4f:1d:bf:e8:c3:
                    ca:fa:04:01:23:04:ee:e4:27:55:ef:29:8f:60:af:
                    8b:94:58:8c:22:0e:78:a6:37:43:13:db:92:1d:fa:
                    99:65:28:64:3e:b7:19:17:14:5e:df:82:f9:54:b5:
                    97:e3:f3:45:bb:a8:90:25:43:e1:ff:b3:ba:3c:f7:
                    84:da:2b:26:29:db:3a:9f:2c:8e:a0:a4:28:82:7f:
                    46:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:0E:8B:1B:4F:5B:22:79:AC:22:A0:D0:79:B3:05:BC:79:DC:B2:76
            X509v3 Authority Key Identifier:
                keyid:D2:43:60:9C:07:19:5E:20:22:10:72:33:88:D1:C2:E4:81:80:AA:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0kNgnAcZXiAiEHIziNHC5IGAqt0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/038449-a99b-4e9c-8ed6-46127fd95aaa/1/0kNgnAcZXiAiEHIziNHC5IGAqt0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:c9:74:bf:52:59:12:86:2e:4b:40:27:c2:13:2b:bf:d6:00:
         a7:00:77:f8:15:22:a5:82:65:df:50:fd:d0:ce:f2:e7:15:48:
         95:18:4d:6a:58:a9:da:35:c7:e2:1d:d3:ef:84:0b:77:55:1b:
         66:d9:8b:e2:e9:5c:6a:9e:74:dd:38:32:0d:10:9f:d1:c9:fd:
         7e:1d:0d:ff:db:6f:42:99:2e:6a:6e:a7:96:5c:e7:23:fa:57:
         99:74:28:b3:9e:11:1b:b5:73:18:7a:a5:5c:14:e2:96:40:66:
         6c:88:55:3b:bc:2f:55:0a:44:5d:4a:06:06:c0:38:d5:7d:3b:
         72:d6:6e:4e:14:9f:61:d7:03:f3:20:9a:1f:5b:08:e4:3d:8d:
         12:d6:7d:64:8f:3c:1d:7a:49:d7:b3:13:7a:b4:8f:c9:f0:ef:
         29:a5:81:62:05:98:8c:c2:97:29:12:46:2b:34:4e:e4:c8:b6:
         31:c2:8d:c0:c1:93:44:ca:90:65:04:71:d5:5b:bd:de:eb:c7:
         ab:83:59:b4:a1:60:5d:91:25:7d:ae:5b:6b:f6:90:d7:18:62:
         36:b3:02:14:ec:56:b1:8e:cd:39:29:b6:15:25:bd:c7:65:7a:
         07:49:b2:75:b1:4f:a3:ff:4e:cd:67:94:2b:70:da:f5:88:43:
         8e:a7:9c:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7aK17aH9oD9b0wd/g9B8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNDM2MDljMDcxOTVlMjAyMjEwNzIzMzg4ZDFjMmU0ODE4
MGFhZGQwHhcNMjQwNjE1MjIwMzUxWhcNMjQwNjE2MjIwMzUxWjAzMTEwLwYDVQQD
Eyg1YTBlOGIxYjRmNWIyMjc5YWMyMmEwZDA3OWIzMDViYzc5ZGNiMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRyXT8KkS37ZGoqwbMlHQFCSJuCI
zWjKF4nF14T45+egN56LPX029DdGvAGQU0yXiSd2fBUCp1EDfjsZcnd5K9zFHeio
NHde0p1PVd/cJVcWovjvlxGYws9u4VxkYkh3vx8Y64LdV4vtRC4TLirEWKtjPUOi
ABn6++N+9EeGUS5Mr1DS00CBqCs/eWFhMrhoUJOG9w5B26tqR4U4Biy+O4fexQ26
FRbEnguv7CEOTx2/6MPK+gQBIwTu5CdV7ymPYK+LlFiMIg54pjdDE9uSHfqZZShk
PrcZFxRe34L5VLWX4/NFu6iQJUPh/7O6PPeE2ismKds6nyyOoKQogn9GdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFoOixtPWyJ5rCKg0HmzBbx53LJ2MB8GA1UdIwQY
MBaAFNJDYJwHGV4gIhByM4jRwuSBgKrdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wMzg0NDktYTk5Yi00ZTljLThlZDYt
NDYxMjdmZDk1YWFhLzEvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wMzg0NDktYTk5Yi00ZTljLThlZDYtNDYxMjdmZDk1YWFh
LzEvMGtOZ25BY1pYaUFpRUhJemlOSEM1SUdBcXQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARcl0v1JZ
EoYuS0AnwhMrv9YApwB3+BUipYJl31D90M7y5xVIlRhNalip2jXH4h3T74QLd1Ub
ZtmL4ulcap503TgyDRCf0cn9fh0N/9tvQpkuam6nllznI/pXmXQos54RG7VzGHql
XBTilkBmbIhVO7wvVQpEXUoGBsA41X07ctZuThSfYdcD8yCaH1sI5D2NEtZ9ZI88
HXpJ17MTerSPyfDvKaWBYgWYjMKXKRJGKzRO5Mi2McKNwMGTRMqQZQRx1Vu93uvH
q4NZtKFgXZElfa5ba/aQ1xhiNrMCFOxWsY7NOSm2FSW9x2V6B0mydbFPo/9OzWeU
K3Da9YhDjqecAw==
-----END CERTIFICATE-----