Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          MylBLQpdiRogVkhDFGcHie/vn15XlKe8xsOf79q3TQo=
Subject key identifier:   49:ED:F1:6E:C4:09:75:5A:46:64:6C:2C:7C:7C:8D:6D:C2:B0:A9:94
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       01901DEC5EA3578E64FADAB3606854A579BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          0C7B
Signing time:             Sat 15 Jun 2024 22:02:28 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:28 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:28 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: MsH59qHp8LrXYJfLYkkI+ZcYYPn5obQSySxAKhyYYso=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:5e:a3:57:8e:64:fa:da:b3:60:68:54:a5:79:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: Jun 15 22:02:28 2024 GMT
            Not After : Jun 16 22:02:28 2024 GMT
        Subject: CN=49edf16ec409755a46646c2c7c7c8d6dc2b0a994
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:a7:08:fd:a2:18:bc:be:19:88:88:da:93:8d:
                    65:97:db:45:bb:57:6e:38:d9:c3:de:28:5b:aa:d0:
                    13:86:68:3a:f5:c7:cb:ff:2b:7b:94:91:42:0e:87:
                    d6:2c:fb:b2:7c:cf:b7:33:66:79:17:d6:24:44:68:
                    d2:81:95:85:9a:2e:e9:ad:7b:21:cf:98:a2:84:de:
                    60:ed:a3:1d:e5:82:96:bb:2a:a1:85:ad:38:33:b5:
                    8a:bc:b9:1d:9f:20:1f:ac:1a:68:15:b5:90:e0:6b:
                    ee:8c:11:30:4f:50:cc:de:05:70:1c:ea:cf:7d:7b:
                    8d:e3:12:4e:ce:2f:53:f5:4e:60:70:5c:75:84:04:
                    ca:16:d6:60:6d:35:89:3e:23:c0:62:b7:a3:d3:bc:
                    7d:e3:63:72:31:61:0a:8e:09:68:c6:23:31:29:b7:
                    3a:f3:23:9a:c7:4a:3a:a0:cb:44:50:87:b5:f4:9c:
                    e0:c8:a4:c7:69:6a:d8:db:73:81:85:cf:51:52:3d:
                    e8:4f:85:73:3e:4d:fd:f5:d0:4b:2d:54:5d:4d:51:
                    ce:4e:33:26:e3:00:52:20:cb:69:73:44:18:61:c7:
                    2c:63:3c:4c:2c:cd:4f:2f:be:22:8e:9c:a8:af:96:
                    ea:a6:06:4f:7f:7d:40:b5:5e:3e:d5:e0:c9:19:2b:
                    60:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:ED:F1:6E:C4:09:75:5A:46:64:6C:2C:7C:7C:8D:6D:C2:B0:A9:94
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:07:6e:2a:cd:24:b2:7f:3b:a4:47:47:d7:a6:1e:b5:56:5f:
         fe:df:fe:c2:b7:a5:2b:36:8d:79:06:5a:a3:d1:c1:4f:da:8f:
         53:1f:37:04:8b:a5:ed:2d:9a:45:7c:d3:52:ad:25:05:08:30:
         71:3b:15:a6:42:ca:16:b8:86:a4:32:ee:8e:72:ce:ae:96:a5:
         6f:c4:4b:5a:61:e5:e1:94:c5:b2:61:aa:2f:2a:0a:5d:0e:52:
         ec:fd:ae:bd:4f:f8:b7:8f:f9:71:23:47:50:93:45:26:e0:de:
         e0:57:96:f6:ef:c4:1a:fa:32:71:06:59:e5:e3:f5:e3:40:c0:
         43:48:64:7c:3f:ef:4c:f3:f7:cb:9c:03:ad:2c:0f:85:62:60:
         11:aa:29:94:7d:6a:43:af:e0:49:e1:31:04:f5:58:df:04:fa:
         fc:44:72:22:a8:a6:31:f2:d0:e9:33:f2:d7:7f:b0:74:79:3c:
         b7:70:6b:2c:2b:36:ae:70:d9:44:6c:68:d3:17:d4:01:e7:d8:
         52:e2:16:4e:8f:95:75:11:32:27:83:46:ce:e9:cb:35:65:c2:
         0d:73:f8:01:6b:36:3b:04:b6:2d:0f:0b:b5:35:80:ca:a1:d2:
         d7:0e:fa:d9:e0:52:4d:eb:be:1a:08:9b:62:89:a1:fb:c3:9f:
         31:84:2f:1f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7F6jV45k+tqzYGhUpXm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjQwNjE1MjIwMjI4WhcNMjQwNjE2MjIwMjI4WjAzMTEwLwYDVQQD
Eyg0OWVkZjE2ZWM0MDk3NTVhNDY2NDZjMmM3YzdjOGQ2ZGMyYjBhOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7acI/aIYvL4ZiIjak41ll9tFu1du
ONnD3ihbqtAThmg69cfL/yt7lJFCDofWLPuyfM+3M2Z5F9YkRGjSgZWFmi7prXsh
z5iihN5g7aMd5YKWuyqhha04M7WKvLkdnyAfrBpoFbWQ4GvujBEwT1DM3gVwHOrP
fXuN4xJOzi9T9U5gcFx1hATKFtZgbTWJPiPAYrej07x942NyMWEKjgloxiMxKbc6
8yOax0o6oMtEUIe19JzgyKTHaWrY23OBhc9RUj3oT4VzPk399dBLLVRdTVHOTjMm
4wBSIMtpc0QYYccsYzxMLM1PL74ijpyor5bqpgZPf31AtV4+1eDJGStgEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnt8W7ECXVaRmRsLHx8jW3CsKmUMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhwduKs0k
sn87pEdH16YetVZf/t/+wrelKzaNeQZao9HBT9qPUx83BIul7S2aRXzTUq0lBQgw
cTsVpkLKFriGpDLujnLOrpalb8RLWmHl4ZTFsmGqLyoKXQ5S7P2uvU/4t4/5cSNH
UJNFJuDe4FeW9u/EGvoycQZZ5eP140DAQ0hkfD/vTPP3y5wDrSwPhWJgEaoplH1q
Q6/gSeExBPVY3wT6/ERyIqimMfLQ6TPy13+wdHk8t3BrLCs2rnDZRGxo0xfUAefY
UuIWTo+VdREyJ4NGzunLNWXCDXP4AWs2OwS2LQ8LtTWAyqHS1w762eBSTeu+Ggib
Yomh+8OfMYQvHw==
-----END CERTIFICATE-----