Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
File:                     4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json)
Hash identifier:          xZqmXvLm9RFG2u7AMycgnjTXZN1hQXuBxiRVIhHv9ws=
Subject key identifier:   08:A6:83:5A:C0:FF:46:76:56:BE:D5:CC:C1:41:71:C3:9E:8D:2E:52
Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9
Certificate issuer:       /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
Certificate serial:       01901F6B3BA51EDB63F2DC433A007A0D4AA7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
Manifest number:          A0
Signing time:             Sun 16 Jun 2024 05:00:39 +0000
Manifest this update:     Sun 16 Jun 2024 05:00:39 +0000
Manifest next update:     Mon 17 Jun 2024 05:00:39 +0000
Files and hashes:         1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: fCmQQLOiAX9pS6RNBO8wzoQ5JC9rstxSHSRuVtzxtUE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1f:6b:3b:a5:1e:db:63:f2:dc:43:3a:00:7a:0d:4a:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9
        Validity
            Not Before: Jun 16 05:00:39 2024 GMT
            Not After : Jun 17 05:00:39 2024 GMT
        Subject: CN=08a6835ac0ff467656bed5ccc14171c39e8d2e52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:12:04:4b:73:41:a6:29:29:a5:e1:d0:44:dc:
                    6c:80:4b:4b:a8:36:37:3d:a9:5f:6b:30:61:52:5b:
                    36:49:48:25:ac:e3:81:6f:b4:65:30:db:2b:56:5d:
                    8b:61:a0:f7:71:e7:bb:f7:eb:bc:6f:26:e8:89:de:
                    73:a2:c1:57:20:f6:7e:fb:c7:b0:c7:fe:7a:68:b7:
                    0e:54:94:cc:b1:91:75:ea:d1:9f:72:b8:07:9a:6e:
                    f4:1c:e1:6f:c0:5c:b9:8a:1e:66:95:65:7a:38:5a:
                    d4:9a:b2:f1:24:2f:31:29:9c:9c:6a:86:b3:31:40:
                    fa:fb:93:22:27:5b:cd:9c:02:6a:79:82:db:37:99:
                    3f:8d:1e:22:a1:1a:a7:82:49:13:ba:de:18:a1:63:
                    89:f0:df:20:c2:dd:16:e9:a6:51:a8:3b:21:a5:d8:
                    88:ba:82:41:9f:00:3e:26:6c:e8:ee:04:9c:f3:b6:
                    b3:9b:52:15:bf:b4:ea:c4:e8:bf:b7:81:74:02:d0:
                    5c:17:36:d8:4f:31:aa:91:b4:d7:6e:58:02:1d:bf:
                    ab:e8:fd:e5:6b:52:c0:7f:03:a3:44:d6:e4:1a:38:
                    18:c2:94:e7:73:d0:2a:55:0c:a6:50:e7:1f:42:dc:
                    e0:ec:55:8e:a1:ff:bc:5f:3f:e5:2e:83:8a:05:e9:
                    a8:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:A6:83:5A:C0:FF:46:76:56:BE:D5:CC:C1:41:71:C3:9E:8D:2E:52
            X509v3 Authority Key Identifier:
                keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:ac:da:4f:a6:ce:f6:df:69:d9:5f:ab:59:2e:db:7e:83:03:
         60:a1:56:f8:71:f7:1e:03:66:a2:ff:2d:c1:0c:a8:20:a9:1c:
         03:68:4f:4c:b9:d8:7a:88:18:68:de:29:16:ff:82:52:a6:f8:
         ab:e2:b0:de:59:49:3e:b6:bf:66:06:60:f0:49:1f:71:5e:46:
         ee:80:f7:01:b2:81:ca:55:8d:72:6d:68:d0:52:90:b6:a0:36:
         b7:81:bb:39:54:6d:e3:39:18:47:64:b3:12:ea:c0:fd:19:58:
         40:57:96:54:99:96:95:39:c0:bc:4b:52:95:19:47:fd:54:7f:
         9f:b2:3c:7b:d7:4c:9d:dd:39:39:49:c4:db:a4:20:24:0f:d2:
         d7:46:52:37:68:51:8a:f0:e9:a0:3b:55:ab:39:e8:fa:ec:8f:
         eb:50:3e:fb:a1:63:14:a3:08:21:24:27:5b:e7:3d:f3:39:26:
         3d:39:68:55:0e:5b:bb:5f:21:b0:86:39:67:20:c4:88:20:cc:
         fe:d2:79:a7:2e:c9:ed:a4:ce:d5:eb:5b:0c:9b:d2:41:ba:af:
         f8:09:a8:49:d1:ed:48:3b:51:0d:cf:e5:f9:5e:ed:68:3e:8f:
         74:b7:00:9d:20:20:80:fa:37:4d:ba:39:81:05:9c:e8:20:9a:
         01:75:b5:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAfazulHttj8txDOgB6DUqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw
ZjAwYjkwHhcNMjQwNjE2MDUwMDM5WhcNMjQwNjE3MDUwMDM5WjAzMTEwLwYDVQQD
EygwOGE2ODM1YWMwZmY0Njc2NTZiZWQ1Y2NjMTQxNzFjMzllOGQyZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBIES3NBpikppeHQRNxsgEtLqDY3
PalfazBhUls2SUglrOOBb7RlMNsrVl2LYaD3cee79+u8byboid5zosFXIPZ++8ew
x/56aLcOVJTMsZF16tGfcrgHmm70HOFvwFy5ih5mlWV6OFrUmrLxJC8xKZycaoaz
MUD6+5MiJ1vNnAJqeYLbN5k/jR4ioRqngkkTut4YoWOJ8N8gwt0W6aZRqDshpdiI
uoJBnwA+Jmzo7gSc87azm1IVv7TqxOi/t4F0AtBcFzbYTzGqkbTXblgCHb+r6P3l
a1LAfwOjRNbkGjgYwpTnc9AqVQymUOcfQtzg7FWOof+8Xz/lLoOKBemoEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAimg1rA/0Z2Vr7VzMFBccOejS5SMB8GA1UdIwQY
MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt
MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw
LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcazaT6bO
9t9p2V+rWS7bfoMDYKFW+HH3HgNmov8twQyoIKkcA2hPTLnYeogYaN4pFv+CUqb4
q+Kw3llJPra/ZgZg8EkfcV5G7oD3AbKBylWNcm1o0FKQtqA2t4G7OVRt4zkYR2Sz
EurA/RlYQFeWVJmWlTnAvEtSlRlH/VR/n7I8e9dMnd05OUnE26QgJA/S10ZSN2hR
ivDpoDtVqzno+uyP61A++6FjFKMIISQnW+c98zkmPTloVQ5bu18hsIY5ZyDEiCDM
/tJ5py7J7aTO1etbDJvSQbqv+AmoSdHtSDtRDc/l+V7taD6PdLcAnSAggPo3Tbo5
gQWc6CCaAXW1Kw==
-----END CERTIFICATE-----