Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          fpxPcJtLQSzK2xCpHCZpMI4MWoDDJlKxEjJJOZXXhq4=
Subject key identifier:   5B:1A:47:5B:CA:32:2A:60:56:C0:93:2D:47:B8:A0:F5:28:35:B3:48
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       01901CA189B6613E5E539FE02E6A081D6218
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          EF
Signing time:             Sat 15 Jun 2024 16:01:06 +0000
Manifest this update:     Sat 15 Jun 2024 16:01:06 +0000
Manifest next update:     Sun 16 Jun 2024 16:01:06 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: 69NHuYEpdY9q840gqU0UEKu7IDItQdQH2/43FTPNdBc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:a1:89:b6:61:3e:5e:53:9f:e0:2e:6a:08:1d:62:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: Jun 15 16:01:06 2024 GMT
            Not After : Jun 16 16:01:06 2024 GMT
        Subject: CN=5b1a475bca322a6056c0932d47b8a0f52835b348
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:a5:7b:de:bc:4b:4f:d9:e3:ad:17:b7:2e:de:
                    8e:c7:e2:4d:c3:48:03:c5:39:cf:ee:9a:83:bd:81:
                    16:b3:47:6d:86:b3:0c:45:21:61:c1:ac:68:ff:25:
                    c7:59:ff:2d:e7:b7:ba:22:82:04:b9:22:a0:44:1b:
                    23:0c:22:1c:ed:02:7e:a7:99:21:36:4c:f3:7d:fd:
                    05:66:0b:b1:7a:56:b6:c2:25:81:ed:42:fb:bb:cf:
                    b5:d2:e1:a9:ed:74:87:53:37:a0:73:0b:83:e8:4c:
                    41:eb:97:8d:d7:a3:82:53:3b:d7:07:e5:67:74:1e:
                    fc:7e:98:06:09:be:8b:d3:59:2b:59:31:1e:a0:97:
                    cc:1e:e0:52:79:65:10:83:93:cc:21:0f:41:c0:12:
                    10:75:9b:16:27:13:29:4e:63:bc:b8:eb:20:c8:35:
                    71:f1:da:b6:90:74:f7:9a:6a:8a:fa:58:e1:eb:87:
                    c7:2e:10:5b:55:aa:8b:2b:c1:4c:ba:cb:77:eb:c3:
                    4d:bc:80:42:fc:8a:b3:4f:08:ce:cf:0f:d2:d9:29:
                    4a:29:8c:7f:2b:da:de:d7:1b:c3:9e:89:49:3f:9d:
                    bb:93:73:d3:2d:ab:5b:d3:8e:a4:d4:86:dd:c3:79:
                    26:0c:0f:f1:65:c0:49:1b:45:d9:1f:73:f0:3f:8f:
                    35:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:1A:47:5B:CA:32:2A:60:56:C0:93:2D:47:B8:A0:F5:28:35:B3:48
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:ae:0c:ec:04:ff:ab:ce:7b:72:5d:f7:fb:1d:da:23:6f:dc:
         bd:a9:37:fe:78:8b:d7:f8:3f:4c:a6:2e:69:44:ca:5a:88:b4:
         6f:9f:69:27:95:39:03:42:81:50:79:ad:b2:da:02:38:f4:fa:
         72:89:6d:43:97:ce:47:a1:0c:0b:11:08:04:c0:36:ac:f3:ef:
         b2:c4:e4:ae:cd:62:30:30:e2:26:7c:6a:ff:2a:19:1a:17:89:
         b7:86:d1:b2:08:45:2b:d1:60:74:3d:50:59:c3:91:39:e0:b3:
         c7:32:24:0b:51:62:8b:18:6a:c7:a1:5e:a1:c2:72:ad:06:7d:
         25:a2:e8:11:d5:cb:16:2f:48:36:f8:d0:5e:72:d5:a6:9e:85:
         77:25:3f:0c:cf:4f:c1:32:53:01:e8:eb:da:ae:ea:93:8e:56:
         ec:35:36:e9:24:ff:d7:49:70:c9:3a:75:64:6f:98:81:fb:25:
         37:45:58:05:25:ba:78:8e:9c:28:bc:c9:4e:6b:96:6f:c5:7e:
         17:b2:b5:6c:29:90:fa:15:e6:08:6d:75:98:f4:ca:c9:8a:83:
         ab:d2:84:3d:7f:88:fe:8c:a5:b2:8f:67:98:31:f3:92:40:28:
         14:a9:fb:1a:4c:7a:af:fe:3c:b8:84:7c:2c:58:c5:a3:bd:80:
         18:3e:ce:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAcoYm2YT5eU5/gLmoIHWIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjQwNjE1MTYwMTA2WhcNMjQwNjE2MTYwMTA2WjAzMTEwLwYDVQQD
Eyg1YjFhNDc1YmNhMzIyYTYwNTZjMDkzMmQ0N2I4YTBmNTI4MzViMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6V73rxLT9njrRe3Lt6Ox+JNw0gD
xTnP7pqDvYEWs0dthrMMRSFhwaxo/yXHWf8t57e6IoIEuSKgRBsjDCIc7QJ+p5kh
Nkzzff0FZguxela2wiWB7UL7u8+10uGp7XSHUzegcwuD6ExB65eN16OCUzvXB+Vn
dB78fpgGCb6L01krWTEeoJfMHuBSeWUQg5PMIQ9BwBIQdZsWJxMpTmO8uOsgyDVx
8dq2kHT3mmqK+ljh64fHLhBbVaqLK8FMust368NNvIBC/IqzTwjOzw/S2SlKKYx/
K9re1xvDnolJP527k3PTLatb046k1Ibdw3kmDA/xZcBJG0XZH3PwP481QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsaR1vKMipgVsCTLUe4oPUoNbNIMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM64M7AT/
q857cl33+x3aI2/cvak3/niL1/g/TKYuaUTKWoi0b59pJ5U5A0KBUHmtstoCOPT6
coltQ5fOR6EMCxEIBMA2rPPvssTkrs1iMDDiJnxq/yoZGheJt4bRsghFK9FgdD1Q
WcOROeCzxzIkC1Fiixhqx6FeocJyrQZ9JaLoEdXLFi9INvjQXnLVpp6FdyU/DM9P
wTJTAejr2q7qk45W7DU26ST/10lwyTp1ZG+YgfslN0VYBSW6eI6cKLzJTmuWb8V+
F7K1bCmQ+hXmCG11mPTKyYqDq9KEPX+I/oylso9nmDHzkkAoFKn7Gkx6r/48uIR8
LFjFo72AGD7OMw==
-----END CERTIFICATE-----