Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
File:                     Y31k1HJWO36HP1t5-RydP__D2_k.mft (raw, json)
Hash identifier:          tgP6M//2B6s6g4yRPSOalGyr6wr9PCBAHCUONWtT9g8=
Subject key identifier:   59:EC:49:CA:9B:B7:E2:46:82:93:AD:7A:B5:AD:22:75:CB:24:FC:9F
Authority key identifier: 63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9
Certificate issuer:       /CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
Certificate serial:       01901A7C7346E452976B3F814AB9070A98EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
Manifest number:          0A7F
Signing time:             Sat 15 Jun 2024 06:01:21 +0000
Manifest this update:     Sat 15 Jun 2024 06:01:21 +0000
Manifest next update:     Sun 16 Jun 2024 06:01:21 +0000
Files and hashes:         1: Y31k1HJWO36HP1t5-RydP__D2_k.crl (hash: Z+e6xDBHaf8PAJViDqhRQMcmx/GGLpJ/jmLTcQjuZ0s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1a:7c:73:46:e4:52:97:6b:3f:81:4a:b9:07:0a:98:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=637d64d472563b7e873f5b79f91c9d3fffc3dbf9
        Validity
            Not Before: Jun 15 06:01:21 2024 GMT
            Not After : Jun 16 06:01:21 2024 GMT
        Subject: CN=59ec49ca9bb7e2468293ad7ab5ad2275cb24fc9f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:c5:97:7e:e5:2f:5a:e9:f5:6d:5b:74:fe:1f:
                    3f:dc:58:6d:16:3e:9d:ac:74:86:35:6e:35:cb:0d:
                    dc:ef:ae:90:79:0d:68:aa:19:07:3d:2c:98:9d:f1:
                    6a:b1:ea:62:b3:f1:b5:1e:a6:72:61:a6:9c:65:38:
                    84:56:3a:8d:83:a8:79:82:0b:87:c3:21:97:7a:eb:
                    13:f6:4d:37:85:e3:f4:2c:2d:a1:55:19:30:a1:a5:
                    a2:a4:f2:8b:40:34:f6:a4:be:58:2d:3c:c9:80:f5:
                    a9:0f:c5:59:d7:75:d4:d4:49:4b:b3:3f:94:be:b0:
                    2c:36:5b:59:f6:b9:d5:e3:2a:70:cf:44:3c:74:47:
                    d4:44:e1:65:2a:18:e8:bf:91:15:29:5f:bc:78:08:
                    cb:9e:b0:0a:d9:15:17:78:6e:d5:d7:6c:69:d6:4d:
                    32:2e:79:d2:70:59:f8:d1:f7:44:26:38:fa:7d:55:
                    bf:ae:52:5b:5e:66:ab:54:ec:0b:b5:c2:5d:4b:ca:
                    67:a8:7b:1b:e2:72:ad:35:67:c0:d5:04:e1:5f:0f:
                    1a:4d:6a:eb:00:86:6d:8b:e8:af:3e:a6:e2:93:1c:
                    52:cc:af:46:74:31:7c:15:c8:f7:4c:d6:d6:af:5f:
                    86:05:b7:f6:8b:ff:89:d2:28:7b:2d:a7:9f:1b:4d:
                    29:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:EC:49:CA:9B:B7:E2:46:82:93:AD:7A:B5:AD:22:75:CB:24:FC:9F
            X509v3 Authority Key Identifier:
                keyid:63:7D:64:D4:72:56:3B:7E:87:3F:5B:79:F9:1C:9D:3F:FF:C3:DB:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y31k1HJWO36HP1t5-RydP__D2_k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2bd6b4-eeb2-4f1b-8aaf-817af8a76250/1/Y31k1HJWO36HP1t5-RydP__D2_k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ad:a9:a6:59:02:b5:05:04:3c:8d:61:96:f9:42:5a:cb:49:69:
         f6:c0:d2:da:9d:a2:b6:62:51:63:59:ed:03:0d:77:2c:12:30:
         ab:b9:80:c1:d0:d8:17:d9:66:01:36:71:44:2b:9f:8c:05:d5:
         d6:7d:93:49:e1:86:17:d0:15:49:45:be:73:bd:75:3c:3c:22:
         39:20:43:a1:17:d1:04:3f:f3:d3:95:fb:57:82:6a:c0:2e:21:
         43:2c:ec:99:80:fa:2e:d5:9e:9e:c2:15:4a:6e:7c:eb:56:2f:
         92:cc:e8:64:25:f8:dd:c2:c0:12:4e:7c:8a:3d:2c:07:b8:2e:
         7d:cb:85:09:2d:fe:35:02:08:30:45:7f:9e:5c:e1:1b:f2:6b:
         35:47:87:71:18:20:28:c3:c9:43:ec:7a:a7:8a:36:29:85:5c:
         20:17:3d:5b:07:b9:7e:94:9b:e7:fa:99:18:9a:78:9f:c6:83:
         aa:33:a0:9c:58:e7:a1:5e:20:3a:98:fb:ec:26:6b:cc:89:bb:
         0e:07:ee:76:fa:75:8d:43:d7:66:f8:82:9c:42:c1:e1:55:a3:
         69:b8:50:93:1b:7a:7c:fe:55:dc:8d:cf:ff:90:aa:b1:5b:c0:
         32:e6:a0:d3:a8:d2:0c:dd:47:e4:13:38:6c:b3:cb:3f:a6:25:
         09:4b:ba:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAafHNG5FKXaz+BSrkHCpjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzN2Q2NGQ0NzI1NjNiN2U4NzNmNWI3OWY5MWM5ZDNmZmZj
M2RiZjkwHhcNMjQwNjE1MDYwMTIxWhcNMjQwNjE2MDYwMTIxWjAzMTEwLwYDVQQD
Eyg1OWVjNDljYTliYjdlMjQ2ODI5M2FkN2FiNWFkMjI3NWNiMjRmYzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcWXfuUvWun1bVt0/h8/3FhtFj6d
rHSGNW41yw3c766QeQ1oqhkHPSyYnfFqsepis/G1HqZyYaacZTiEVjqNg6h5gguH
wyGXeusT9k03heP0LC2hVRkwoaWipPKLQDT2pL5YLTzJgPWpD8VZ13XU1ElLsz+U
vrAsNltZ9rnV4ypwz0Q8dEfUROFlKhjov5EVKV+8eAjLnrAK2RUXeG7V12xp1k0y
LnnScFn40fdEJjj6fVW/rlJbXmarVOwLtcJdS8pnqHsb4nKtNWfA1QThXw8aTWrr
AIZti+ivPqbikxxSzK9GdDF8Fcj3TNbWr1+GBbf2i/+J0ih7LaefG00pIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnsScqbt+JGgpOterWtInXLJPyfMB8GA1UdIwQY
MBaAFGN9ZNRyVjt+hz9befkcnT//w9v5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYt
ODE3YWY4YTc2MjUwLzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yYmQ2YjQtZWViMi00ZjFiLThhYWYtODE3YWY4YTc2MjUw
LzEvWTMxazFISldPMzZIUDF0NS1SeWRQX19EMl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArammWQK1
BQQ8jWGW+UJay0lp9sDS2p2itmJRY1ntAw13LBIwq7mAwdDYF9lmATZxRCufjAXV
1n2TSeGGF9AVSUW+c711PDwiOSBDoRfRBD/z05X7V4JqwC4hQyzsmYD6LtWensIV
Sm5861YvkszoZCX43cLAEk58ij0sB7gufcuFCS3+NQIIMEV/nlzhG/JrNUeHcRgg
KMPJQ+x6p4o2KYVcIBc9Wwe5fpSb5/qZGJp4n8aDqjOgnFjnoV4gOpj77CZrzIm7
Dgfudvp1jUPXZviCnELB4VWjabhQkxt6fP5V3I3P/5CqsVvAMuag06jSDN1H5BM4
bLPLP6YlCUu65w==
-----END CERTIFICATE-----