Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
File:                     kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json)
Hash identifier:          whl8rJ9Q0CHAj1hnO233R54pfXZ9YWlkAvaslErb+ZU=
Subject key identifier:   89:7A:DF:C7:81:3B:05:B5:5D:B2:AB:26:6C:7E:4B:19:E5:7E:A9:87
Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58
Certificate issuer:       /CN=907a4d12924b5357e30267afe3c5cc7364241158
Certificate serial:       01904869D5B3C1F9B2E786D055AC91F3CE36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
Manifest number:          0BF1
Signing time:             Mon 24 Jun 2024 04:03:33 +0000
Manifest this update:     Mon 24 Jun 2024 04:03:33 +0000
Manifest next update:     Tue 25 Jun 2024 04:03:33 +0000
Files and hashes:         1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: rF8iipeFYVvzBD1JV//TpoE4JfznCwFwHpvn4tZlpEo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 25 Jun 2024 04:03:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:48:69:d5:b3:c1:f9:b2:e7:86:d0:55:ac:91:f3:ce:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158
        Validity
            Not Before: Jun 24 04:03:33 2024 GMT
            Not After : Jun 25 04:03:33 2024 GMT
        Subject: CN=897adfc7813b05b55db2ab266c7e4b19e57ea987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:1a:ce:ea:66:44:f9:10:e3:74:e7:6b:d6:71:
                    84:f6:bd:0b:69:cb:2c:fb:f3:bf:89:bb:0e:eb:18:
                    65:33:e9:4a:35:85:8d:34:cd:a8:60:5b:9b:9d:75:
                    ca:de:e8:44:e7:59:9a:b9:9b:20:7e:f1:d6:67:2d:
                    61:5a:89:10:8f:3f:e8:17:9a:cd:af:8f:6d:55:f6:
                    15:3e:68:8a:ef:53:d8:62:53:ab:be:98:06:8f:ea:
                    ba:42:f8:65:57:e9:3d:64:a9:a5:7e:43:8d:50:d3:
                    e2:04:44:ee:c9:8d:24:04:a6:fa:f8:3f:5a:af:38:
                    73:ce:ae:dc:70:8d:2a:4b:bf:67:8e:74:9d:4e:a4:
                    28:9b:b4:80:7b:f9:d3:0a:e5:ba:19:ed:da:c0:da:
                    6d:4a:95:ef:79:bb:02:b6:2d:42:78:33:29:8b:df:
                    26:4a:f8:34:d3:e8:88:08:76:f5:8a:a3:0d:58:ef:
                    4f:bf:6f:08:27:ba:3e:fa:1f:02:6b:f4:eb:7a:73:
                    82:63:75:31:9f:60:8d:ec:86:c3:a4:1d:c5:95:e6:
                    37:31:21:49:14:66:41:aa:6e:6d:ad:87:80:71:7f:
                    1b:89:e4:45:b1:f3:ba:e5:d1:38:ed:e6:10:06:00:
                    51:ae:5a:20:62:68:96:34:ae:9f:dc:ba:79:98:6b:
                    77:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:7A:DF:C7:81:3B:05:B5:5D:B2:AB:26:6C:7E:4B:19:E5:7E:A9:87
            X509v3 Authority Key Identifier:
                keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:17:0d:1e:5f:a7:b1:53:29:72:2c:dc:78:25:ad:0d:60:cc:
         d9:da:9b:4c:91:ac:ce:78:87:a2:b8:1f:c6:f7:5d:80:dc:4d:
         be:0b:cc:64:16:b7:eb:ae:7c:7f:c5:8e:b0:d2:c4:57:16:8d:
         4d:bf:a2:d2:2f:c5:db:04:99:9c:4e:43:7a:5c:03:eb:43:c6:
         f1:13:38:93:d2:35:7f:15:cb:51:dc:8e:a9:0a:26:29:d6:f7:
         3d:aa:48:61:53:f4:7a:b7:a2:3e:a4:40:a6:86:1a:c1:47:db:
         98:94:b7:7e:c4:2b:f8:a8:d0:d0:f5:10:5a:3d:f7:3d:f7:72:
         17:47:9a:d5:d9:3a:96:b3:38:a0:66:85:07:32:2e:91:58:f8:
         85:f2:d7:60:8e:42:20:13:1f:99:7d:2a:ba:5a:4b:15:fe:00:
         22:45:31:c3:a9:54:a9:e0:1e:e5:46:2c:8d:d5:2f:0d:be:49:
         1d:99:fb:29:f7:a5:d3:e3:b8:52:5f:4b:af:6d:71:db:05:d5:
         1e:2c:95:aa:04:11:ac:34:93:85:a5:6f:25:3b:7a:43:30:22:
         82:ac:3b:c7:f0:36:19:f3:6c:11:c9:a0:dc:c1:65:0d:f5:2a:
         e6:5b:c1:be:f0:e1:ab:7d:f0:03:86:7a:69:ba:61:92:b2:a7:
         fe:e6:b5:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBIadWzwfmy54bQVayR8842MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy
NDExNTgwHhcNMjQwNjI0MDQwMzMzWhcNMjQwNjI1MDQwMzMzWjAzMTEwLwYDVQQD
Eyg4OTdhZGZjNzgxM2IwNWI1NWRiMmFiMjY2YzdlNGIxOWU1N2VhOTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxrO6mZE+RDjdOdr1nGE9r0Lacss
+/O/ibsO6xhlM+lKNYWNNM2oYFubnXXK3uhE51mauZsgfvHWZy1hWokQjz/oF5rN
r49tVfYVPmiK71PYYlOrvpgGj+q6QvhlV+k9ZKmlfkONUNPiBETuyY0kBKb6+D9a
rzhzzq7ccI0qS79njnSdTqQom7SAe/nTCuW6Ge3awNptSpXvebsCti1CeDMpi98m
Svg00+iICHb1iqMNWO9Pv28IJ7o++h8Ca/TrenOCY3Uxn2CN7IbDpB3FleY3MSFJ
FGZBqm5trYeAcX8bieRFsfO65dE47eYQBgBRrlogYmiWNK6f3Lp5mGt3RQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIl638eBOwW1XbKrJmx+SxnlfqmHMB8GA1UdIwQY
MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt
NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2
LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcRcNHl+n
sVMpcizceCWtDWDM2dqbTJGszniHorgfxvddgNxNvgvMZBa36658f8WOsNLEVxaN
Tb+i0i/F2wSZnE5DelwD60PG8RM4k9I1fxXLUdyOqQomKdb3PapIYVP0ereiPqRA
poYawUfbmJS3fsQr+KjQ0PUQWj33PfdyF0ea1dk6lrM4oGaFBzIukVj4hfLXYI5C
IBMfmX0qulpLFf4AIkUxw6lUqeAe5UYsjdUvDb5JHZn7Kfel0+O4Ul9Lr21x2wXV
HiyVqgQRrDSThaVvJTt6QzAigqw7x/A2GfNsEcmg3MFlDfUq5lvBvvDhq33wA4Z6
abphkrKn/ua1UQ==
-----END CERTIFICATE-----