Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
File:                     bMfzcUDRMXn5pckglknIDDfGpxM.mft (raw, json)
Hash identifier:          yV/1VcB/xoNdf7dJMNy80NtW8vykEb/Q9wuzGjF7vFM=
Subject key identifier:   6F:31:6E:33:15:BF:AD:3E:B0:23:0A:C1:BB:31:4B:5C:51:90:7F:99
Authority key identifier: 6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13
Certificate issuer:       /CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
Certificate serial:       01901E58BF4E24A4663E1D4E4797FAF0EB4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
Manifest number:          0DDE
Signing time:             Sun 16 Jun 2024 00:00:50 +0000
Manifest this update:     Sun 16 Jun 2024 00:00:50 +0000
Manifest next update:     Mon 17 Jun 2024 00:00:50 +0000
Files and hashes:         1: bMfzcUDRMXn5pckglknIDDfGpxM.crl (hash: ciEQvxxBEztqX7prKIteSCmkJyXBiRllKlSaSlUSfeQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:09:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:58:bf:4e:24:a4:66:3e:1d:4e:47:97:fa:f0:eb:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6cc7f37140d13179f9a5c9209649c80c37c6a713
        Validity
            Not Before: Jun 16 00:00:50 2024 GMT
            Not After : Jun 17 00:00:50 2024 GMT
        Subject: CN=6f316e3315bfad3eb0230ac1bb314b5c51907f99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:8f:14:ef:c4:df:a1:e7:f5:c4:03:f0:bb:46:
                    da:ab:21:a2:17:83:0e:60:7c:33:fd:45:21:2c:70:
                    23:ab:a3:e6:0d:7d:8e:a0:87:9d:c9:c2:c9:96:77:
                    d7:e7:e2:e3:2c:35:06:6f:f9:b0:bf:6a:50:b4:88:
                    0d:af:55:d4:58:98:fb:04:59:94:27:30:e1:64:50:
                    86:1b:94:82:42:f5:2c:98:bc:ef:a1:1a:54:a4:6e:
                    5d:69:fb:c0:6e:91:56:34:cb:b8:15:04:5a:10:7b:
                    9b:59:a4:71:11:af:c4:5c:d1:33:f5:a5:73:3d:7e:
                    2d:b4:00:2d:fd:c5:19:3a:53:84:19:47:ed:77:a9:
                    4e:36:de:85:5b:3d:e1:54:fd:ec:af:4b:65:bb:39:
                    15:02:25:03:a7:18:83:97:ac:b7:c2:61:e1:39:ab:
                    a1:87:2f:02:0e:2b:b1:60:5f:79:4c:f7:9c:54:7a:
                    50:77:87:e1:4f:8f:94:69:d2:27:cc:4a:90:07:30:
                    61:0b:03:8a:6f:7f:16:50:f5:9f:98:97:57:0d:d5:
                    9d:5b:cd:86:8a:0a:83:45:aa:91:5b:2f:ac:b4:ea:
                    e5:3c:6b:a2:75:1b:d0:cd:33:03:a6:cf:ab:db:f8:
                    62:0d:23:c6:54:90:74:54:d9:41:6c:2f:84:4e:e2:
                    de:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:31:6E:33:15:BF:AD:3E:B0:23:0A:C1:BB:31:4B:5C:51:90:7F:99
            X509v3 Authority Key Identifier:
                keyid:6C:C7:F3:71:40:D1:31:79:F9:A5:C9:20:96:49:C8:0C:37:C6:A7:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMfzcUDRMXn5pckglknIDDfGpxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a75507-5c5c-4842-a1c4-8d56ddcfa4b8/1/bMfzcUDRMXn5pckglknIDDfGpxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:d7:0f:40:fa:16:91:3f:46:ea:6d:9d:ae:aa:da:e6:83:bc:
         77:ad:ec:cd:57:8a:a4:ca:4f:70:04:08:c1:f6:67:21:0c:a7:
         c9:df:df:78:15:fa:98:af:92:23:28:8c:9b:a0:cd:20:dd:be:
         30:00:ac:49:f4:c2:66:3d:33:93:cd:87:93:fa:18:c1:f5:06:
         7f:f8:12:7a:eb:ce:f9:b0:9d:22:07:fe:a7:bc:99:0b:07:90:
         6d:e7:c6:30:d1:d8:84:39:22:92:ac:e8:0a:1e:71:64:a7:a7:
         eb:95:7b:27:c8:64:2f:18:99:8d:be:d4:d4:30:91:a1:26:03:
         54:bf:83:14:ac:b2:04:2e:96:ef:51:64:92:9b:4c:88:f4:23:
         4d:6a:11:95:df:ef:14:33:41:89:d6:d6:ae:25:cc:13:3c:cb:
         3b:25:5c:12:4b:a1:d7:01:ea:b5:30:91:f2:43:ea:76:be:14:
         ae:5f:c3:42:75:7a:46:c5:f2:12:2c:24:1e:3e:54:5d:83:50:
         73:ba:c2:3c:1c:99:e5:98:7e:f5:9a:7f:b7:fe:e2:3d:43:a9:
         ba:b4:55:04:bd:7f:67:0c:e6:dc:d7:84:fc:ba:e5:e8:04:d1:
         bd:cf:09:bc:64:5d:39:c3:50:c7:3b:44:da:f1:09:21:2d:8e:
         cd:e2:a5:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAeWL9OJKRmPh1OR5f68OtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzdmMzcxNDBkMTMxNzlmOWE1YzkyMDk2NDljODBjMzdj
NmE3MTMwHhcNMjQwNjE2MDAwMDUwWhcNMjQwNjE3MDAwMDUwWjAzMTEwLwYDVQQD
Eyg2ZjMxNmUzMzE1YmZhZDNlYjAyMzBhYzFiYjMxNGI1YzUxOTA3Zjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY8U78Tfoef1xAPwu0baqyGiF4MO
YHwz/UUhLHAjq6PmDX2OoIedycLJlnfX5+LjLDUGb/mwv2pQtIgNr1XUWJj7BFmU
JzDhZFCGG5SCQvUsmLzvoRpUpG5dafvAbpFWNMu4FQRaEHubWaRxEa/EXNEz9aVz
PX4ttAAt/cUZOlOEGUftd6lONt6FWz3hVP3sr0tluzkVAiUDpxiDl6y3wmHhOauh
hy8CDiuxYF95TPecVHpQd4fhT4+UadInzEqQBzBhCwOKb38WUPWfmJdXDdWdW82G
igqDRaqRWy+stOrlPGuidRvQzTMDps+r2/hiDSPGVJB0VNlBbC+ETuLexwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG8xbjMVv60+sCMKwbsxS1xRkH+ZMB8GA1UdIwQY
MBaAFGzH83FA0TF5+aXJIJZJyAw3xqcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQt
OGQ1NmRkY2ZhNGI4LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNzU1MDctNWM1Yy00ODQyLWExYzQtOGQ1NmRkY2ZhNGI4
LzEvYk1memNVRFJNWG41cGNrZ2xrbklERGZHcHhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgdcPQPoW
kT9G6m2drqra5oO8d63szVeKpMpPcAQIwfZnIQynyd/feBX6mK+SIyiMm6DNIN2+
MACsSfTCZj0zk82Hk/oYwfUGf/gSeuvO+bCdIgf+p7yZCweQbefGMNHYhDkikqzo
Ch5xZKen65V7J8hkLxiZjb7U1DCRoSYDVL+DFKyyBC6W71FkkptMiPQjTWoRld/v
FDNBidbWriXMEzzLOyVcEkuh1wHqtTCR8kPqdr4Url/DQnV6RsXyEiwkHj5UXYNQ
c7rCPByZ5Zh+9Zp/t/7iPUOpurRVBL1/Zwzm3NeE/Lrl6ATRvc8JvGRdOcNQxztE
2vEJIS2OzeKl9A==
-----END CERTIFICATE-----