Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
File:                     d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft (raw, json)
Hash identifier:          rOK6MUbA3X13/pS2bFRhcdS4idPsCd0GFcYelEMbKU8=
Subject key identifier:   20:01:4B:15:3E:C2:AF:5D:5D:C9:4D:34:A4:FA:20:54:E0:0A:13:07
Authority key identifier: 77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC
Certificate issuer:       /CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
Certificate serial:       01901DECBD56C082E84BB7A571460CAD39BC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
Manifest number:          03EF
Signing time:             Sat 15 Jun 2024 22:02:52 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:52 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:52 +0000
Files and hashes:         1: d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl (hash: dKUOWxfak8AueBp9J/T6ZMm87HKkqRvbEgQvIlT2sKU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:bd:56:c0:82:e8:4b:b7:a5:71:46:0c:ad:39:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7763e47fc850acc8ffda06e3da23a4a444c2d6fc
        Validity
            Not Before: Jun 15 22:02:52 2024 GMT
            Not After : Jun 16 22:02:52 2024 GMT
        Subject: CN=20014b153ec2af5d5dc94d34a4fa2054e00a1307
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d9:ef:38:45:67:eb:bf:ef:af:86:75:58:73:
                    99:e9:a5:69:0d:3b:c7:10:11:64:8b:c7:21:eb:5a:
                    46:9d:76:ef:9e:1f:2a:c9:eb:74:6f:cd:07:21:e2:
                    06:8c:e2:77:7b:dd:5c:42:54:2f:2d:de:99:7f:d6:
                    37:ca:7e:47:f7:a3:71:e3:a5:bb:c9:15:c1:89:75:
                    14:48:f1:dd:b9:f7:b7:b7:c2:26:4f:1b:18:ec:5b:
                    21:8f:a3:9e:d9:57:99:33:9e:87:07:95:ab:5b:59:
                    f3:ae:7c:c1:84:1d:1f:17:4d:0b:c0:b1:21:c5:22:
                    8c:cd:5f:e2:0d:5f:3e:2d:d5:de:8c:72:e9:98:59:
                    4b:f3:53:9d:6b:f0:1f:f4:c6:35:32:be:36:c3:c0:
                    07:99:46:60:15:6e:2c:b3:e8:58:e7:7d:5b:bf:2f:
                    98:97:1b:24:c2:e4:6d:f5:6e:19:38:30:78:a9:1c:
                    e5:88:27:69:4c:a7:1c:e0:8f:1b:30:02:69:0f:9d:
                    ba:00:6d:8f:b9:5c:d3:3b:85:3a:ab:8b:27:f8:a9:
                    80:75:77:a7:7e:0a:4c:5b:1e:3b:0f:c2:96:1f:96:
                    1e:5c:7b:4a:ea:79:48:19:ff:a9:52:41:f1:76:82:
                    2b:c8:85:38:17:04:a3:67:f0:68:36:47:d5:5b:5e:
                    8c:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:01:4B:15:3E:C2:AF:5D:5D:C9:4D:34:A4:FA:20:54:E0:0A:13:07
            X509v3 Authority Key Identifier:
                keyid:77:63:E4:7F:C8:50:AC:C8:FF:DA:06:E3:DA:23:A4:A4:44:C2:D6:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2Pkf8hQrMj_2gbj2iOkpETC1vw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/aabb5f-72f2-4928-92a9-2ff9d42ee213/1/d2Pkf8hQrMj_2gbj2iOkpETC1vw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a5:91:58:34:04:81:4f:83:23:f3:1a:8a:db:d3:7b:c5:c5:24:
         00:6d:a4:45:3b:3e:e2:64:ff:19:d1:a4:da:35:1c:3d:1d:f0:
         62:ad:3d:31:7a:0c:01:88:34:da:c1:55:1f:54:fa:85:52:45:
         1a:a0:e1:42:20:4b:87:4b:1d:9f:93:13:1d:24:a4:04:1d:20:
         df:62:52:9b:02:ed:f0:71:de:38:19:fc:ce:37:45:ba:2c:7d:
         44:04:ab:c2:92:c3:b3:4e:2c:67:00:18:05:ae:4b:a3:11:31:
         4f:dc:85:3e:30:f9:3c:36:b3:f2:41:35:95:41:ad:fa:c7:6c:
         98:29:d0:0f:fe:a7:f2:09:4f:bb:ad:8f:6a:47:a4:cd:b5:bd:
         58:8c:f6:5f:d3:db:b7:92:fc:21:cd:d4:1f:ce:b6:d9:6f:82:
         b3:a0:ec:2f:fe:3d:09:37:e3:57:8d:f1:0b:03:a4:a7:67:1c:
         94:50:47:92:45:35:ed:bf:32:04:11:2c:44:17:eb:dc:9b:cb:
         97:64:92:e5:ac:5e:95:c7:bf:4b:56:47:9f:3a:85:1d:34:fb:
         af:3f:b0:50:c1:0c:9d:ce:02:41:23:3d:da:aa:26:6b:20:87:
         57:ec:89:b4:c3:df:e8:ae:17:8d:20:83:2c:c3:b9:ac:75:96:
         66:59:db:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7L1WwILoS7elcUYMrTm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjNlNDdmYzg1MGFjYzhmZmRhMDZlM2RhMjNhNGE0NDRj
MmQ2ZmMwHhcNMjQwNjE1MjIwMjUyWhcNMjQwNjE2MjIwMjUyWjAzMTEwLwYDVQQD
EygyMDAxNGIxNTNlYzJhZjVkNWRjOTRkMzRhNGZhMjA1NGUwMGExMzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dnvOEVn67/vr4Z1WHOZ6aVpDTvH
EBFki8ch61pGnXbvnh8qyet0b80HIeIGjOJ3e91cQlQvLd6Zf9Y3yn5H96Nx46W7
yRXBiXUUSPHdufe3t8ImTxsY7Fshj6Oe2VeZM56HB5WrW1nzrnzBhB0fF00LwLEh
xSKMzV/iDV8+LdXejHLpmFlL81Oda/Af9MY1Mr42w8AHmUZgFW4ss+hY531bvy+Y
lxskwuRt9W4ZODB4qRzliCdpTKcc4I8bMAJpD526AG2PuVzTO4U6q4sn+KmAdXen
fgpMWx47D8KWH5YeXHtK6nlIGf+pUkHxdoIryIU4FwSjZ/BoNkfVW16MpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCABSxU+wq9dXclNNKT6IFTgChMHMB8GA1UdIwQY
MBaAFHdj5H/IUKzI/9oG49ojpKREwtb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTkt
MmZmOWQ0MmVlMjEzLzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9hYWJiNWYtNzJmMi00OTI4LTkyYTktMmZmOWQ0MmVlMjEz
LzEvZDJQa2Y4aFFyTWpfMmdiajJpT2twRVRDMXZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApZFYNASB
T4Mj8xqK29N7xcUkAG2kRTs+4mT/GdGk2jUcPR3wYq09MXoMAYg02sFVH1T6hVJF
GqDhQiBLh0sdn5MTHSSkBB0g32JSmwLt8HHeOBn8zjdFuix9RASrwpLDs04sZwAY
Ba5LoxExT9yFPjD5PDaz8kE1lUGt+sdsmCnQD/6n8glPu62PakekzbW9WIz2X9Pb
t5L8Ic3UH8622W+Cs6DsL/49CTfjV43xCwOkp2cclFBHkkU17b8yBBEsRBfr3JvL
l2SS5axelce/S1ZHnzqFHTT7rz+wUMEMnc4CQSM92qomayCHV+yJtMPf6K4XjSCD
LMO5rHWWZlnb1A==
-----END CERTIFICATE-----