Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
File:                     tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json)
Hash identifier:          zf+1m9q5tN2DEiy1ccTb7JaHayTfA4jEBPp/0rQ5u/4=
Subject key identifier:   F0:CB:BB:7C:F8:CB:01:8E:A7:C3:7D:70:C5:08:3E:AB:80:7D:F1:7D
Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE
Certificate issuer:       /CN=b595e2171768bc9b294249f0e3a53590179c52ee
Certificate serial:       01901DEC4657110BAEB407AA0B9664593AF2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
Manifest number:          11C7
Signing time:             Sat 15 Jun 2024 22:02:22 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:22 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:22 +0000
Files and hashes:         1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: fqPunU8bukcjiTpfIfznmAkB+1ixBmJp+XEht8xs7CQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:46:57:11:0b:ae:b4:07:aa:0b:96:64:59:3a:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee
        Validity
            Not Before: Jun 15 22:02:22 2024 GMT
            Not After : Jun 16 22:02:22 2024 GMT
        Subject: CN=f0cbbb7cf8cb018ea7c37d70c5083eab807df17d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:54:ff:21:70:15:36:e0:cc:bd:65:53:7f:f6:
                    9c:b8:a5:58:d6:d3:7c:ac:e7:7c:3a:ee:1d:5c:b5:
                    17:c5:2e:19:4f:f3:df:a6:27:c9:44:34:d3:0b:dc:
                    d5:96:d0:88:64:b9:a3:54:e6:86:42:66:ab:31:6a:
                    f6:69:bb:9c:d0:d1:a2:91:40:c5:eb:b8:c9:c5:ac:
                    61:9a:aa:ab:19:d1:2e:05:10:d5:65:f5:08:ac:c7:
                    75:e2:1e:00:c8:56:08:52:cd:41:ca:3a:b2:b8:ea:
                    6f:f2:aa:11:7c:b2:5f:6a:25:87:53:2e:3e:e6:6b:
                    88:d5:dd:09:d6:fb:36:69:e7:06:aa:4a:f7:8b:85:
                    cb:8a:51:5a:af:ea:d9:2b:3b:e6:15:20:c1:10:d5:
                    e8:c3:c4:18:18:88:2a:00:b1:ae:24:d2:e9:ec:b0:
                    7b:b2:da:24:8d:78:6b:cc:f0:86:5b:02:bc:ce:75:
                    61:ec:a9:ae:3b:f4:2d:0c:47:cf:a2:66:d8:11:ae:
                    8b:98:32:34:7a:eb:48:c9:fd:e6:04:9e:31:3d:3a:
                    41:ec:95:d3:ca:ab:79:aa:8c:5b:ed:02:8c:8e:6b:
                    5c:87:d4:d4:ec:16:74:ae:c0:ec:a3:08:cc:34:da:
                    7f:af:51:f5:82:ba:ab:ea:55:96:7d:fe:3d:fc:d0:
                    c6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:CB:BB:7C:F8:CB:01:8E:A7:C3:7D:70:C5:08:3E:AB:80:7D:F1:7D
            X509v3 Authority Key Identifier:
                keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:90:f2:81:c2:db:cb:90:e2:91:a7:96:97:7c:b4:1d:8d:cf:
         1a:b4:af:0b:ab:16:e2:9d:16:ec:39:2c:a6:83:88:65:d5:ea:
         2d:4a:2d:81:fe:95:2d:f0:3c:02:6d:58:7a:74:aa:06:b2:b5:
         d5:a1:98:8f:73:c3:43:cc:eb:87:3e:ca:39:26:a7:8c:6f:67:
         b8:df:94:fc:a2:73:5d:a6:f5:87:53:ad:e3:4d:80:2f:65:d6:
         ec:3e:73:9a:cf:20:b0:43:07:c3:13:67:88:b9:95:79:98:90:
         3e:ef:8e:bb:2a:6b:bf:bc:17:66:3d:43:c8:2a:a7:30:d0:24:
         e5:b0:57:85:f1:63:b7:3c:f6:78:86:8f:72:78:19:98:65:a6:
         c6:0b:d9:a6:80:14:bb:21:11:1a:00:38:27:d2:85:73:d2:17:
         52:e0:57:e5:64:e8:cf:75:ea:fd:f4:96:03:cf:96:57:0b:01:
         a5:fa:a4:8b:bc:00:aa:1b:8a:aa:6d:29:7e:2c:5f:f5:ad:14:
         6b:45:7a:bc:ae:d0:79:e3:e5:4a:2c:67:a7:7d:a8:76:da:8f:
         28:85:f0:66:85:9f:83:68:8d:53:be:d0:eb:eb:61:52:e4:d4:
         cc:7e:52:92:f4:ad:2e:42:66:9f:2b:32:37:48:32:a5:68:00:
         7c:0f:c0:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7EZXEQuutAeqC5ZkWTryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5
YzUyZWUwHhcNMjQwNjE1MjIwMjIyWhcNMjQwNjE2MjIwMjIyWjAzMTEwLwYDVQQD
EyhmMGNiYmI3Y2Y4Y2IwMThlYTdjMzdkNzBjNTA4M2VhYjgwN2RmMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylT/IXAVNuDMvWVTf/acuKVY1tN8
rOd8Ou4dXLUXxS4ZT/PfpifJRDTTC9zVltCIZLmjVOaGQmarMWr2abuc0NGikUDF
67jJxaxhmqqrGdEuBRDVZfUIrMd14h4AyFYIUs1ByjqyuOpv8qoRfLJfaiWHUy4+
5muI1d0J1vs2aecGqkr3i4XLilFar+rZKzvmFSDBENXow8QYGIgqALGuJNLp7LB7
stokjXhrzPCGWwK8znVh7KmuO/QtDEfPombYEa6LmDI0eutIyf3mBJ4xPTpB7JXT
yqt5qoxb7QKMjmtch9TU7BZ0rsDsowjMNNp/r1H1grqr6lWWff49/NDGQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDLu3z4ywGOp8N9cMUIPquAffF9MB8GA1UdIwQY
MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt
NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1
LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpDygcLb
y5DikaeWl3y0HY3PGrSvC6sW4p0W7DkspoOIZdXqLUotgf6VLfA8Am1YenSqBrK1
1aGYj3PDQ8zrhz7KOSanjG9nuN+U/KJzXab1h1Ot402AL2XW7D5zms8gsEMHwxNn
iLmVeZiQPu+Ouyprv7wXZj1DyCqnMNAk5bBXhfFjtzz2eIaPcngZmGWmxgvZpoAU
uyERGgA4J9KFc9IXUuBX5WToz3Xq/fSWA8+WVwsBpfqki7wAqhuKqm0pfixf9a0U
a0V6vK7QeePlSixnp32odtqPKIXwZoWfg2iNU77Q6+thUuTUzH5SkvStLkJmnysy
N0gypWgAfA/A1g==
-----END CERTIFICATE-----