Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
File:                     Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft (raw, json)
Hash identifier:          cRQKtsP6gZKlKTIWjxZ51oOpoPaiEl+0YVaxPYPIyYE=
Subject key identifier:   04:E2:CB:D4:50:F2:88:5A:21:0D:73:E6:73:3B:99:9B:7D:57:38:09
Authority key identifier: 63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0
Certificate issuer:       /CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
Certificate serial:       0190490C85958949CA086787B734A94B8E41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
Manifest number:          0367
Signing time:             Mon 24 Jun 2024 07:01:15 +0000
Manifest this update:     Mon 24 Jun 2024 07:01:15 +0000
Manifest next update:     Tue 25 Jun 2024 07:01:15 +0000
Files and hashes:         1: Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl (hash: mTZvJGQeZG1I3z7ts9RlGZ4PN3zmCW4YTzyTNSho5FA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 07:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:49:0c:85:95:89:49:ca:08:67:87:b7:34:a9:4b:8e:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63a8ca1666206d2cf12b507872ead0f5a793d0e0
        Validity
            Not Before: Jun 24 07:01:15 2024 GMT
            Not After : Jun 25 07:01:15 2024 GMT
        Subject: CN=04e2cbd450f2885a210d73e6733b999b7d573809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:62:5d:b2:c9:df:fc:81:1d:22:c0:e4:50:bf:
                    c9:7f:2f:b5:ef:d7:ea:7a:58:d2:52:4e:1b:84:87:
                    be:d7:5d:41:3b:22:74:68:08:c5:21:98:01:aa:69:
                    4d:a9:31:a7:eb:46:d3:57:f2:39:2b:45:25:6d:57:
                    0a:c1:20:da:92:9d:a2:39:b0:5a:db:4c:90:96:33:
                    2d:2d:c8:93:5c:0f:f4:ab:93:58:6b:e5:06:5d:4a:
                    a8:f6:a9:80:ab:33:4d:30:75:b3:76:6b:5a:1f:72:
                    90:9a:55:40:e6:95:eb:d7:b8:c9:0c:95:dd:43:fb:
                    f3:09:84:d7:bb:30:6b:08:e3:45:b2:33:78:5d:a0:
                    13:88:69:54:eb:8b:10:7b:2b:1d:a7:00:ef:2a:89:
                    79:fa:d4:ae:ec:0e:87:d5:d1:e5:66:51:b1:b8:53:
                    55:e9:c1:89:ce:4c:96:c3:f1:ab:d5:d2:66:60:b0:
                    3f:51:55:d8:91:c8:aa:d1:14:9c:a2:9a:aa:93:be:
                    36:6c:74:ca:8f:6b:b2:09:c2:2d:4f:f1:71:ec:f5:
                    b0:ea:a5:36:d4:2c:1c:10:e6:f9:6d:4e:41:a3:e0:
                    2b:3a:55:ff:66:63:ff:2c:11:8c:18:cc:22:c3:3e:
                    bf:b5:d4:bd:da:f4:74:5b:77:60:b5:7a:d2:80:98:
                    8b:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E2:CB:D4:50:F2:88:5A:21:0D:73:E6:73:3B:99:9B:7D:57:38:09
            X509v3 Authority Key Identifier:
                keyid:63:A8:CA:16:66:20:6D:2C:F1:2B:50:78:72:EA:D0:F5:A7:93:D0:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y6jKFmYgbSzxK1B4curQ9aeT0OA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/0446b1-df2f-4261-a1ba-75ab21f3b3d0/1/Y6jKFmYgbSzxK1B4curQ9aeT0OA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:ad:45:97:b7:d6:5a:d8:94:d8:ba:4b:74:df:5f:80:3b:c5:
         e7:51:26:a2:c3:95:98:e2:de:2f:fd:63:52:e5:b3:8b:b4:eb:
         f9:69:da:5a:62:b1:bb:0b:0e:4f:63:11:4a:e5:87:22:a4:fb:
         0a:9b:7a:72:b7:98:3c:a8:79:cb:5e:cd:b8:55:bd:d5:4d:81:
         3c:45:7a:41:fc:e5:dd:18:12:cf:e7:d4:e6:07:e1:1b:af:87:
         8f:69:e8:7e:ea:a6:0e:36:5a:34:8e:3e:45:12:21:0b:b9:01:
         4f:ec:2e:03:39:57:af:6a:5c:d0:af:d5:46:bc:48:ac:f9:9d:
         af:ce:90:15:52:6f:37:8a:d6:88:04:5f:f5:c2:54:d0:f7:cb:
         39:74:87:b5:18:ee:76:35:20:92:bd:f7:d6:38:39:e9:ea:c0:
         16:b7:2e:b1:40:7c:9f:d9:3d:65:bb:00:7e:3f:98:2c:48:3d:
         4d:b3:27:9a:70:38:a2:3e:88:96:14:09:b4:46:3c:b9:b3:b8:
         c2:43:e4:79:9f:6a:1b:0c:ff:06:8d:46:0a:df:ed:c5:41:d8:
         1c:c3:4d:3a:7a:70:f6:02:a3:6c:92:36:8b:f5:09:a1:26:07:
         8e:70:a0:8e:e2:d7:20:4b:15:07:59:6a:cc:11:d4:44:d9:36:
         42:b5:0f:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBJDIWViUnKCGeHtzSpS45BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYThjYTE2NjYyMDZkMmNmMTJiNTA3ODcyZWFkMGY1YTc5
M2QwZTAwHhcNMjQwNjI0MDcwMTE1WhcNMjQwNjI1MDcwMTE1WjAzMTEwLwYDVQQD
EygwNGUyY2JkNDUwZjI4ODVhMjEwZDczZTY3MzNiOTk5YjdkNTczODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GJdssnf/IEdIsDkUL/Jfy+179fq
eljSUk4bhIe+111BOyJ0aAjFIZgBqmlNqTGn60bTV/I5K0UlbVcKwSDakp2iObBa
20yQljMtLciTXA/0q5NYa+UGXUqo9qmAqzNNMHWzdmtaH3KQmlVA5pXr17jJDJXd
Q/vzCYTXuzBrCONFsjN4XaATiGlU64sQeysdpwDvKol5+tSu7A6H1dHlZlGxuFNV
6cGJzkyWw/Gr1dJmYLA/UVXYkciq0RScopqqk742bHTKj2uyCcItT/Fx7PWw6qU2
1CwcEOb5bU5Bo+ArOlX/ZmP/LBGMGMwiwz6/tdS92vR0W3dgtXrSgJiLbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFATiy9RQ8ohaIQ1z5nM7mZt9VzgJMB8GA1UdIwQY
MBaAFGOoyhZmIG0s8StQeHLq0PWnk9DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEt
NzVhYjIxZjNiM2QwLzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8wNDQ2YjEtZGYyZi00MjYxLWExYmEtNzVhYjIxZjNiM2Qw
LzEvWTZqS0ZtWWdiU3p4SzFCNGN1clE5YWVUME9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj61Fl7fW
WtiU2LpLdN9fgDvF51EmosOVmOLeL/1jUuWzi7Tr+WnaWmKxuwsOT2MRSuWHIqT7
Cpt6creYPKh5y17NuFW91U2BPEV6Qfzl3RgSz+fU5gfhG6+Hj2nofuqmDjZaNI4+
RRIhC7kBT+wuAzlXr2pc0K/VRrxIrPmdr86QFVJvN4rWiARf9cJU0PfLOXSHtRju
djUgkr331jg56erAFrcusUB8n9k9ZbsAfj+YLEg9TbMnmnA4oj6IlhQJtEY8ubO4
wkPkeZ9qGwz/Bo1GCt/txUHYHMNNOnpw9gKjbJI2i/UJoSYHjnCgjuLXIEsVB1lq
zBHURNk2QrUPGQ==
-----END CERTIFICATE-----