Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File:                     dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier:          M4s1pAN0H/JYaT5G4Sj2v6mYKV8OdtgqPxlbEXyyAHA=
Subject key identifier:   D9:97:AF:EF:D3:2B:EC:7A:BC:C5:7F:09:06:FD:95:31:44:E3:DB:CA
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer:       /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial:       0190452F1F7BBA30CA8B5DBFB6376FBEBA0A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number:          057A
Signing time:             Sun 23 Jun 2024 13:00:34 +0000
Manifest this update:     Sun 23 Jun 2024 13:00:34 +0000
Manifest next update:     Mon 24 Jun 2024 13:00:34 +0000
Files and hashes:         1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: mID/SVKvM7BPz4TnBMTHeIWbZGXg8H0c8szbMdifvQA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 13:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:2f:1f:7b:ba:30:ca:8b:5d:bf:b6:37:6f:be:ba:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
        Validity
            Not Before: Jun 23 13:00:34 2024 GMT
            Not After : Jun 24 13:00:34 2024 GMT
        Subject: CN=d997afefd32bec7abcc57f0906fd953144e3dbca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:75:11:d5:e1:3a:73:77:db:e6:aa:f7:cc:9e:
                    31:a4:7a:26:02:05:8a:65:ab:53:96:7f:73:91:bc:
                    15:a7:81:c2:2a:61:80:ba:53:9e:48:13:31:ca:c1:
                    e5:3a:3c:2a:73:52:3b:ec:53:e9:ea:d0:a8:9d:eb:
                    9c:21:75:d8:88:f2:22:74:1c:33:58:a1:fa:7c:85:
                    91:43:7c:04:67:39:76:fc:7e:6e:35:cc:3e:45:54:
                    75:4f:3f:1a:cf:d1:70:f9:77:61:cb:80:80:04:ec:
                    76:78:67:25:e4:29:78:3c:b5:20:1b:ba:34:14:83:
                    2e:2f:4c:4c:86:55:ef:29:96:36:ad:a1:19:07:0c:
                    ca:91:39:d4:79:2a:73:16:79:a5:ea:b8:d3:aa:d1:
                    db:b0:66:fe:cf:7b:8d:53:f7:70:43:6d:dd:18:b5:
                    ca:96:98:b6:10:dc:b4:2f:21:18:71:19:c4:cb:bd:
                    16:ba:d3:d8:e5:d0:ae:d1:82:f2:04:e6:ba:45:2d:
                    75:b8:3d:14:9a:22:ab:bf:1f:2e:37:9d:8f:c2:43:
                    18:5e:75:e2:c3:ef:a7:56:81:6e:92:02:6a:86:c3:
                    6b:b1:88:d6:51:c5:4f:f7:46:3a:53:1b:2f:31:5c:
                    78:28:d8:bc:f7:85:79:df:01:b8:f5:34:3c:8d:06:
                    34:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:97:AF:EF:D3:2B:EC:7A:BC:C5:7F:09:06:FD:95:31:44:E3:DB:CA
            X509v3 Authority Key Identifier:
                keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0c:00:10:35:f8:2e:f0:0d:47:17:98:d6:80:8c:4b:80:6a:66:
         cf:13:9c:d4:f9:3f:61:68:2b:1e:c0:7a:07:87:85:9c:46:56:
         42:14:67:28:7d:e2:f0:a5:d3:5e:41:bd:a3:80:91:67:f6:d3:
         e6:a5:d4:c7:58:ea:cb:84:9a:43:44:3a:4b:b2:ba:b4:62:d8:
         cd:c9:30:5d:9d:c2:dc:cb:01:db:9a:84:77:d9:a7:96:de:94:
         bb:36:c4:e9:38:23:86:8f:2e:1b:46:ad:4b:4b:f8:84:8f:58:
         1a:03:06:da:f3:ca:8c:26:a4:87:06:bf:e7:d5:bc:77:cc:d6:
         1b:c1:d4:60:da:f9:5e:57:30:7d:d3:fb:20:87:2e:58:4b:d6:
         eb:7b:f2:5a:43:e4:7b:ac:a2:45:c3:8e:a5:02:2c:b9:30:91:
         d7:0c:dc:09:49:6c:4e:e1:de:49:16:cb:50:e7:c8:89:a8:a4:
         9a:b5:bf:f2:2b:19:18:92:c5:8c:5b:03:a1:e0:fa:7f:ea:d8:
         c2:d9:1a:f7:a3:9d:75:9d:c3:e7:0f:0d:45:84:f2:23:4f:53:
         83:b4:29:6c:9e:45:5b:8a:f6:47:0e:be:de:93:e2:c2:9d:80:
         0d:b4:04:b7:47:e3:04:79:a8:50:a6:ed:84:83:31:7a:d9:c5:
         63:bd:c9:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBFLx97ujDKi12/tjdvvroKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjQwNjIzMTMwMDM0WhcNMjQwNjI0MTMwMDM0WjAzMTEwLwYDVQQD
EyhkOTk3YWZlZmQzMmJlYzdhYmNjNTdmMDkwNmZkOTUzMTQ0ZTNkYmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UR1eE6c3fb5qr3zJ4xpHomAgWK
ZatTln9zkbwVp4HCKmGAulOeSBMxysHlOjwqc1I77FPp6tConeucIXXYiPIidBwz
WKH6fIWRQ3wEZzl2/H5uNcw+RVR1Tz8az9Fw+Xdhy4CABOx2eGcl5Cl4PLUgG7o0
FIMuL0xMhlXvKZY2raEZBwzKkTnUeSpzFnml6rjTqtHbsGb+z3uNU/dwQ23dGLXK
lpi2ENy0LyEYcRnEy70WutPY5dCu0YLyBOa6RS11uD0UmiKrvx8uN52PwkMYXnXi
w++nVoFukgJqhsNrsYjWUcVP90Y6UxsvMVx4KNi894V53wG49TQ8jQY0wwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNmXr+/TK+x6vMV/CQb9lTFE49vKMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADAAQNfgu
8A1HF5jWgIxLgGpmzxOc1Pk/YWgrHsB6B4eFnEZWQhRnKH3i8KXTXkG9o4CRZ/bT
5qXUx1jqy4SaQ0Q6S7K6tGLYzckwXZ3C3MsB25qEd9mnlt6UuzbE6Tgjho8uG0at
S0v4hI9YGgMG2vPKjCakhwa/59W8d8zWG8HUYNr5XlcwfdP7IIcuWEvW63vyWkPk
e6yiRcOOpQIsuTCR1wzcCUlsTuHeSRbLUOfIiaikmrW/8isZGJLFjFsDoeD6f+rY
wtka96OddZ3D5w8NRYTyI09Tg7QpbJ5FW4r2Rw6+3pPiwp2ADbQEt0fjBHmoUKbt
hIMxetnFY73J4A==
-----END CERTIFICATE-----