Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
File:                     orLY2dCvlBb6vW8gNfpyiO-XyME.mft (raw, json)
Hash identifier:          MM2oLrTdQ2W4iblSrOK68oWvBrtq5g6ex6VwJsxkfAg=
Subject key identifier:   07:C0:A0:5C:D1:E6:D4:3D:4D:0E:29:66:39:BC:24:E6:D0:AA:18:F8
Authority key identifier: A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1
Certificate issuer:       /CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
Certificate serial:       019048D53A84117E5D8D83DA7783144FA486
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
Manifest number:          0222
Signing time:             Mon 24 Jun 2024 06:00:52 +0000
Manifest this update:     Mon 24 Jun 2024 06:00:52 +0000
Manifest next update:     Tue 25 Jun 2024 06:00:52 +0000
Files and hashes:         1: orLY2dCvlBb6vW8gNfpyiO-XyME.crl (hash: 1izRHr4siC1hKnXeVYRrdjV9uo6aMocrfpQyvemF8Jk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 06:00:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:d5:3a:84:11:7e:5d:8d:83:da:77:83:14:4f:a4:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a2b2d8d9d0af9416fabd6f2035fa7288ef97c8c1
        Validity
            Not Before: Jun 24 06:00:52 2024 GMT
            Not After : Jun 25 06:00:52 2024 GMT
        Subject: CN=07c0a05cd1e6d43d4d0e296639bc24e6d0aa18f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:23:f3:e2:53:5b:a0:8b:ae:25:60:fe:be:c6:
                    4e:54:82:08:07:d4:22:79:a1:07:16:61:07:68:33:
                    4a:26:36:43:71:04:de:e2:b9:ed:37:ac:b1:37:bf:
                    ea:56:24:65:7b:ad:36:77:ec:62:ac:ba:0e:91:95:
                    1a:8e:c6:e1:ac:38:cd:56:e7:45:60:7d:89:0b:54:
                    e8:f1:06:07:a6:4b:fc:3d:2b:da:a5:68:cd:54:ba:
                    68:4f:93:b8:84:c6:0a:05:37:bd:26:ce:65:e4:0a:
                    6f:20:d0:9a:f2:8f:8b:5d:ca:ce:dd:39:21:e7:55:
                    14:c9:65:67:3f:72:4a:05:0a:1c:c1:00:b6:03:94:
                    de:e6:0c:de:70:e5:f2:b2:28:87:3f:f4:74:48:a4:
                    e6:e4:44:b1:bd:2f:a1:43:0a:07:8e:db:3a:2d:dd:
                    6a:16:1c:1a:ba:7c:83:bc:61:a6:25:95:cd:f7:7a:
                    32:41:62:76:27:2d:9f:68:9f:70:59:ff:45:12:c3:
                    13:86:5a:78:29:1e:0e:cd:80:3b:ac:da:14:70:16:
                    3d:12:bd:c9:92:34:68:0f:89:aa:d6:90:36:76:68:
                    a0:b6:d2:bf:5e:de:8a:c0:37:84:af:77:9b:89:22:
                    62:aa:21:f4:75:80:53:2a:e9:93:0c:fd:7e:f3:a7:
                    e3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:C0:A0:5C:D1:E6:D4:3D:4D:0E:29:66:39:BC:24:E6:D0:AA:18:F8
            X509v3 Authority Key Identifier:
                keyid:A2:B2:D8:D9:D0:AF:94:16:FA:BD:6F:20:35:FA:72:88:EF:97:C8:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orLY2dCvlBb6vW8gNfpyiO-XyME.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/55/3a28e3-8544-48c6-8b8e-baf7ba0c4177/1/orLY2dCvlBb6vW8gNfpyiO-XyME.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:74:a5:3b:12:f5:fb:b8:a9:9e:f7:f4:ff:07:11:8f:dd:e8:
         f3:a1:70:51:65:03:71:31:84:67:db:3b:2a:72:c4:b0:d6:50:
         03:23:74:2e:78:fc:a2:6c:80:93:e3:5b:c6:95:e3:92:1d:e2:
         29:07:65:ce:22:1a:3b:ae:0c:dd:15:5c:ad:00:d3:d8:61:a2:
         76:65:9d:5a:53:08:fe:d9:69:9f:20:54:29:98:e8:f7:59:72:
         3e:65:71:ac:c4:f6:96:06:eb:b5:69:89:05:33:c9:9e:d5:39:
         69:e7:33:e4:3b:b0:55:3f:ec:7d:f6:1e:52:57:d8:b6:3f:92:
         13:e3:22:f7:ae:df:81:f8:32:6c:f2:c2:e8:ce:9a:78:41:dd:
         ac:51:70:8f:41:54:49:0c:13:85:03:24:61:ca:d5:ac:0f:36:
         9d:0f:f1:d0:ac:db:cb:06:19:52:64:2a:1c:85:7d:a7:dc:fd:
         fe:f1:ba:2b:c9:20:05:a0:e8:b4:f3:51:80:a8:76:7a:eb:12:
         42:d8:ca:19:ff:19:85:1a:4e:8c:61:8a:4b:d6:7e:1b:6c:e2:
         91:c1:fc:aa:bf:40:a8:40:7a:73:b8:a9:8d:f9:97:c5:11:ab:
         4d:7a:50:a0:ec:66:a0:66:52:18:c2:eb:ca:a6:10:c8:1e:c3:
         68:c9:4a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBI1TqEEX5djYPad4MUT6SGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjJkOGQ5ZDBhZjk0MTZmYWJkNmYyMDM1ZmE3Mjg4ZWY5
N2M4YzEwHhcNMjQwNjI0MDYwMDUyWhcNMjQwNjI1MDYwMDUyWjAzMTEwLwYDVQQD
EygwN2MwYTA1Y2QxZTZkNDNkNGQwZTI5NjYzOWJjMjRlNmQwYWExOGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryPz4lNboIuuJWD+vsZOVIIIB9Qi
eaEHFmEHaDNKJjZDcQTe4rntN6yxN7/qViRle602d+xirLoOkZUajsbhrDjNVudF
YH2JC1To8QYHpkv8PSvapWjNVLpoT5O4hMYKBTe9Js5l5ApvINCa8o+LXcrO3Tkh
51UUyWVnP3JKBQocwQC2A5Te5gzecOXysiiHP/R0SKTm5ESxvS+hQwoHjts6Ld1q
FhwaunyDvGGmJZXN93oyQWJ2Jy2faJ9wWf9FEsMThlp4KR4OzYA7rNoUcBY9Er3J
kjRoD4mq1pA2dmigttK/Xt6KwDeEr3ebiSJiqiH0dYBTKumTDP1+86fjzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAfAoFzR5tQ9TQ4pZjm8JObQqhj4MB8GA1UdIwQY
MBaAFKKy2NnQr5QW+r1vIDX6cojvl8jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUt
YmFmN2JhMGM0MTc3LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8zYTI4ZTMtODU0NC00OGM2LThiOGUtYmFmN2JhMGM0MTc3
LzEvb3JMWTJkQ3ZsQmI2dlc4Z05mcHlpTy1YeU1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJXSlOxL1
+7ipnvf0/wcRj93o86FwUWUDcTGEZ9s7KnLEsNZQAyN0Lnj8omyAk+NbxpXjkh3i
KQdlziIaO64M3RVcrQDT2GGidmWdWlMI/tlpnyBUKZjo91lyPmVxrMT2lgbrtWmJ
BTPJntU5aecz5DuwVT/sffYeUlfYtj+SE+Mi967fgfgybPLC6M6aeEHdrFFwj0FU
SQwThQMkYcrVrA82nQ/x0KzbywYZUmQqHIV9p9z9/vG6K8kgBaDotPNRgKh2eusS
QtjKGf8ZhRpOjGGKS9Z+G2zikcH8qr9AqEB6c7ipjfmXxRGrTXpQoOxmoGZSGMLr
yqYQyB7DaMlKYg==
-----END CERTIFICATE-----