Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          ZPobgJG56pmB4ZSRqy+Gzfz4R7I99koHMNTfd6+JnF4=
Subject key identifier:   93:F9:8E:E8:63:78:C4:3C:87:B3:92:CE:BE:02:C8:5B:F6:EC:CF:7C
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       01901E593B5FFB52046BE43C17DE9A8792C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          020C
Signing time:             Sun 16 Jun 2024 00:01:22 +0000
Manifest this update:     Sun 16 Jun 2024 00:01:22 +0000
Manifest next update:     Mon 17 Jun 2024 00:01:22 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: vGwrdKVjti9AwlddvS70UbIA5HJG07v06VMbIG06KNY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:59:3b:5f:fb:52:04:6b:e4:3c:17:de:9a:87:92:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Jun 16 00:01:22 2024 GMT
            Not After : Jun 17 00:01:22 2024 GMT
        Subject: CN=93f98ee86378c43c87b392cebe02c85bf6eccf7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:8e:61:a0:a2:ca:b2:bf:1c:a4:7d:55:d0:e3:
                    ee:49:0f:09:9a:5a:18:43:6c:a0:2e:f9:9d:87:06:
                    a5:52:ca:d4:b1:c2:4d:5e:99:a1:cd:91:46:8c:b0:
                    ab:3c:2c:93:17:11:28:cc:19:ad:7a:ec:08:36:48:
                    35:af:9f:81:ad:58:36:70:ee:4d:e2:38:7d:82:56:
                    51:92:a1:42:94:3d:4a:a6:62:1f:3e:c5:62:bb:71:
                    26:4b:d8:f1:c1:11:b3:89:91:66:34:36:a3:86:dd:
                    af:29:b8:01:e1:2b:33:8b:8c:62:f9:0f:42:d8:5f:
                    dd:e2:e0:f9:75:8e:20:36:7e:bd:84:01:75:3d:f8:
                    2d:2b:39:0a:18:8f:fc:f1:b0:87:83:21:b5:6c:a5:
                    84:8d:b4:9a:85:6e:66:2c:d8:a9:71:aa:f2:b1:79:
                    ac:0b:e0:f1:f9:14:d6:49:0b:0f:63:d5:54:d4:86:
                    8b:13:68:65:2e:98:07:4a:f1:77:c6:35:4e:d5:ac:
                    e5:15:eb:3e:73:97:44:24:c1:0d:1a:7d:41:be:8c:
                    02:d7:05:1d:fa:c6:b3:82:95:be:4e:5f:e3:5d:df:
                    17:a8:47:14:fd:34:56:5c:29:2c:d8:2b:81:d5:86:
                    1a:fe:e5:d3:f0:b8:c3:4b:a7:fc:15:8c:ba:17:3a:
                    f5:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:F9:8E:E8:63:78:C4:3C:87:B3:92:CE:BE:02:C8:5B:F6:EC:CF:7C
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         81:0d:2c:75:5a:36:c2:9c:b7:fd:09:c2:f5:c8:47:b7:a0:88:
         57:ae:33:be:fd:1b:cf:4e:f1:c9:92:3a:ce:a3:06:7f:42:69:
         ef:96:9a:e6:e3:7e:a1:37:85:f8:5f:be:24:c1:6e:75:51:24:
         cf:af:e1:89:2c:d8:8f:54:a8:85:87:8e:b7:92:38:1a:da:da:
         91:50:99:e4:10:0e:f1:a2:d9:1c:29:a3:f2:4f:09:9b:8a:07:
         8e:2a:e7:3b:8d:09:c6:7b:75:90:3b:02:d5:3e:93:88:90:d9:
         d6:6a:0d:16:b9:13:53:6a:c6:a3:93:b8:f0:5c:3a:42:c8:33:
         e9:48:95:6f:e2:d8:f4:0a:f1:f2:5d:26:a3:18:09:3d:1a:58:
         86:27:75:12:07:b4:71:31:bb:33:1b:a8:49:cc:0c:d2:4c:89:
         36:ed:3f:4f:26:4e:d8:8e:80:7e:b1:bf:5e:14:67:c9:9c:07:
         48:98:57:30:7e:70:b9:14:b0:ee:6a:8f:85:9b:8a:d9:ff:0e:
         51:d7:f1:69:21:5f:10:d8:a3:2e:8e:36:3d:3c:40:ef:fb:2e:
         88:41:12:2d:26:9b:92:bf:ed:e9:05:b0:0d:ef:d2:2b:99:1a:
         c8:d4:ca:60:77:d5:51:5d:d3:11:f6:61:a2:c5:af:41:e8:3f:
         0e:4d:d3:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAeWTtf+1IEa+Q8F96ah5LEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjQwNjE2MDAwMTIyWhcNMjQwNjE3MDAwMTIyWjAzMTEwLwYDVQQD
Eyg5M2Y5OGVlODYzNzhjNDNjODdiMzkyY2ViZTAyYzg1YmY2ZWNjZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2o5hoKLKsr8cpH1V0OPuSQ8JmloY
Q2ygLvmdhwalUsrUscJNXpmhzZFGjLCrPCyTFxEozBmteuwINkg1r5+BrVg2cO5N
4jh9glZRkqFClD1KpmIfPsViu3EmS9jxwRGziZFmNDajht2vKbgB4Sszi4xi+Q9C
2F/d4uD5dY4gNn69hAF1PfgtKzkKGI/88bCHgyG1bKWEjbSahW5mLNipcarysXms
C+Dx+RTWSQsPY9VU1IaLE2hlLpgHSvF3xjVO1azlFes+c5dEJMENGn1BvowC1wUd
+sazgpW+Tl/jXd8XqEcU/TRWXCks2CuB1YYa/uXT8LjDS6f8FYy6Fzr1jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJP5juhjeMQ8h7OSzr4CyFv27M98MB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQ0sdVo2
wpy3/QnC9chHt6CIV64zvv0bz07xyZI6zqMGf0Jp75aa5uN+oTeF+F++JMFudVEk
z6/hiSzYj1SohYeOt5I4GtrakVCZ5BAO8aLZHCmj8k8Jm4oHjirnO40Jxnt1kDsC
1T6TiJDZ1moNFrkTU2rGo5O48Fw6Qsgz6UiVb+LY9Arx8l0moxgJPRpYhid1Ege0
cTG7MxuoScwM0kyJNu0/TyZO2I6AfrG/XhRnyZwHSJhXMH5wuRSw7mqPhZuK2f8O
UdfxaSFfENijLo42PTxA7/suiEESLSabkr/t6QWwDe/SK5kayNTKYHfVUV3TEfZh
osWvQeg/Dk3TMg==
-----END CERTIFICATE-----