Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          1TQaIJNzjzn0OBK5gVi6YfacuyOtwjnVTRPmISvRjVg=
Subject key identifier:   05:54:AA:B7:E3:81:40:79:47:76:69:62:EC:AC:AC:6E:45:CC:D0:77
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       0190448A5E464311A986DD7EDAA516DB97B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          11DB
Signing time:             Sun 23 Jun 2024 10:00:36 +0000
Manifest this update:     Sun 23 Jun 2024 10:00:36 +0000
Manifest next update:     Mon 24 Jun 2024 10:00:36 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: bnWrnWJlaPw2Q9dZMPb05wp9JBqkdwDONNf0/d84gnQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8a:5e:46:43:11:a9:86:dd:7e:da:a5:16:db:97:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Jun 23 10:00:36 2024 GMT
            Not After : Jun 24 10:00:36 2024 GMT
        Subject: CN=0554aab7e381407947766962ecacac6e45ccd077
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:9a:4b:57:00:37:76:e4:ea:da:04:e2:f6:84:
                    e5:2a:4a:cd:b2:23:e7:4a:40:f6:dc:e8:93:c1:10:
                    5f:4a:06:a0:00:0b:03:8c:cf:eb:92:67:61:27:86:
                    f1:ea:d7:fe:2d:2a:e7:e7:ba:e9:92:a3:ba:19:95:
                    80:25:00:68:be:3d:d4:e7:e7:c8:00:ec:2b:6e:85:
                    59:88:70:34:57:34:23:a7:94:61:c6:0c:00:45:0b:
                    9f:eb:b7:42:df:61:f8:ff:d0:6f:22:56:b3:e4:1c:
                    02:6f:59:d2:7c:51:84:bb:81:1e:9f:a3:59:08:88:
                    28:0d:e6:e4:93:85:d9:d9:63:83:63:54:c3:40:ba:
                    db:c3:52:a3:a6:23:cb:5a:b1:0b:70:af:47:0b:29:
                    ee:d9:55:63:78:78:63:04:de:6a:e8:4f:39:19:02:
                    4b:ac:cd:76:a1:ba:b9:5e:3d:fd:76:2c:18:2f:f9:
                    04:59:41:87:27:41:e1:73:5b:4f:90:68:af:98:80:
                    42:d4:42:f5:4d:e1:02:d8:e9:5b:ee:74:c1:15:34:
                    ce:19:91:da:18:80:5c:22:f2:2f:ec:13:f2:d7:fc:
                    56:b8:6a:db:28:ff:8c:1c:80:e7:35:71:10:89:a2:
                    9a:55:5d:9e:29:1f:a1:38:91:93:dc:ae:94:e7:07:
                    c9:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:54:AA:B7:E3:81:40:79:47:76:69:62:EC:AC:AC:6E:45:CC:D0:77
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         67:52:63:01:0d:55:15:c9:f5:bd:52:91:00:19:b9:e8:7b:0a:
         93:5a:7d:a8:c8:f7:f7:19:ec:9c:c8:fc:44:f0:32:f5:72:c6:
         13:34:91:01:23:0f:38:dd:1c:fd:5e:96:58:1b:0e:09:2b:60:
         91:99:c0:83:4c:90:c0:0e:0d:c9:52:52:30:13:60:54:ba:6e:
         32:9b:2a:cb:50:18:11:f0:2c:f7:c1:00:27:88:cf:bf:44:eb:
         81:bb:a7:94:57:6e:cb:c9:49:53:8c:fc:1b:9f:27:f1:54:d1:
         be:9b:08:bf:7e:c2:39:1d:b3:87:c0:bd:ce:12:dd:3a:19:32:
         cb:73:10:4b:e1:49:e6:15:e0:b1:83:77:8e:8c:01:22:0b:66:
         c0:b3:6d:5b:40:ff:ac:24:4c:fe:21:0e:43:34:11:01:33:00:
         2d:ff:69:cd:e4:a1:96:3b:a7:83:91:28:ea:00:25:9d:7e:ae:
         16:d3:a3:15:ac:a5:25:89:04:2c:69:da:9f:da:35:77:8d:ff:
         df:64:df:60:ad:fc:03:96:3a:70:c2:75:eb:67:24:a9:9a:c2:
         be:69:d3:55:e8:fb:5f:d5:92:e9:b5:a2:fa:6d:ee:d8:e3:64:
         45:f9:0a:cc:3a:80:75:1f:f1:55:29:9c:77:83:72:a5:d0:40:
         be:be:1d:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEil5GQxGpht1+2qUW25ezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjQwNjIzMTAwMDM2WhcNMjQwNjI0MTAwMDM2WjAzMTEwLwYDVQQD
EygwNTU0YWFiN2UzODE0MDc5NDc3NjY5NjJlY2FjYWM2ZTQ1Y2NkMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnppLVwA3duTq2gTi9oTlKkrNsiPn
SkD23OiTwRBfSgagAAsDjM/rkmdhJ4bx6tf+LSrn57rpkqO6GZWAJQBovj3U5+fI
AOwrboVZiHA0VzQjp5RhxgwARQuf67dC32H4/9BvIlaz5BwCb1nSfFGEu4Een6NZ
CIgoDebkk4XZ2WODY1TDQLrbw1KjpiPLWrELcK9HCynu2VVjeHhjBN5q6E85GQJL
rM12obq5Xj39diwYL/kEWUGHJ0Hhc1tPkGivmIBC1EL1TeEC2Olb7nTBFTTOGZHa
GIBcIvIv7BPy1/xWuGrbKP+MHIDnNXEQiaKaVV2eKR+hOJGT3K6U5wfJlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAVUqrfjgUB5R3ZpYuysrG5FzNB3MB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1JjAQ1V
Fcn1vVKRABm56HsKk1p9qMj39xnsnMj8RPAy9XLGEzSRASMPON0c/V6WWBsOCStg
kZnAg0yQwA4NyVJSMBNgVLpuMpsqy1AYEfAs98EAJ4jPv0TrgbunlFduy8lJU4z8
G58n8VTRvpsIv37COR2zh8C9zhLdOhkyy3MQS+FJ5hXgsYN3jowBIgtmwLNtW0D/
rCRM/iEOQzQRATMALf9pzeShljung5Eo6gAlnX6uFtOjFaylJYkELGnan9o1d43/
32TfYK38A5Y6cMJ162ckqZrCvmnTVej7X9WS6bWi+m3u2ONkRfkKzDqAdR/xVSmc
d4NypdBAvr4dAg==
-----END CERTIFICATE-----