Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          87p8nUAaqNcwMVY0HmAiDuEsxU6dIH1lW15N30WFBf4=
Subject key identifier:   6E:01:F5:86:9E:9F:2F:10:76:9C:06:B7:BE:29:F7:45:D7:7B:4F:73
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       01901EC6B84406CE524A8D7A679870CB5210
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0A9F
Signing time:             Sun 16 Jun 2024 02:00:57 +0000
Manifest this update:     Sun 16 Jun 2024 02:00:57 +0000
Manifest next update:     Mon 17 Jun 2024 02:00:57 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: zXr+jz896fX1q5iPzI7bRMqF2G/vhNkW0Ri0dQJvf5k=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 23:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1e:c6:b8:44:06:ce:52:4a:8d:7a:67:98:70:cb:52:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Jun 16 02:00:57 2024 GMT
            Not After : Jun 17 02:00:57 2024 GMT
        Subject: CN=6e01f5869e9f2f10769c06b7be29f745d77b4f73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:0a:82:f8:84:b5:1e:0a:29:c2:96:4c:2c:d2:
                    af:20:b9:f7:56:ef:15:24:8a:1f:91:0c:ba:67:7f:
                    95:33:a0:71:d0:f7:84:df:ba:8f:1e:70:60:9f:29:
                    ec:4c:e8:0e:89:56:ad:32:d2:5f:ea:f7:ff:03:57:
                    21:a6:13:89:ca:77:ab:36:95:a2:5a:69:40:be:ce:
                    dd:f2:9b:62:12:c2:89:b7:50:c0:0a:03:4f:5e:47:
                    bc:6b:46:65:82:6c:48:b3:4c:af:14:5a:c6:3d:06:
                    42:56:08:17:05:f4:98:75:dc:e0:0a:d2:3f:5e:85:
                    17:96:9d:60:24:3c:60:9b:df:95:a4:ce:64:62:5c:
                    12:be:13:73:f5:67:1e:b9:1b:e3:fa:70:4a:4b:c3:
                    c8:a3:f9:67:c2:45:57:92:83:54:3e:3b:ef:55:73:
                    12:9a:63:79:07:90:38:8a:ac:10:bd:38:8a:3b:d4:
                    cc:66:3a:02:40:a4:bb:ee:ae:e5:51:ca:80:cd:1e:
                    ca:9e:a8:30:1c:d7:45:83:a6:28:86:4b:28:23:50:
                    cf:4a:4d:5f:09:fd:34:49:5d:ff:dd:b6:0c:a1:47:
                    90:93:2d:78:8d:4a:6b:1a:74:2e:4d:ec:90:eb:88:
                    a7:ae:c3:b0:6f:8b:6d:2e:da:ea:2d:17:fe:19:df:
                    c7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:01:F5:86:9E:9F:2F:10:76:9C:06:B7:BE:29:F7:45:D7:7B:4F:73
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:63:e6:90:3b:14:16:7e:27:d6:84:59:52:fd:f2:d3:4a:41:
         f8:e1:9f:16:cb:76:79:9a:94:71:46:dc:f2:9f:f6:49:43:5d:
         9f:7c:3c:da:5f:91:56:8a:cf:f4:24:07:a8:c9:58:d2:73:82:
         ac:96:ab:65:01:2c:b9:aa:9b:e3:85:62:54:a4:4c:f6:54:06:
         b4:7a:4a:34:1f:f3:f8:fb:64:1d:ad:5f:61:44:b6:40:08:24:
         e5:4a:7a:5e:bd:47:a9:5c:d2:bc:57:21:7e:2f:b3:41:e1:a1:
         79:db:ec:aa:4e:af:14:f7:64:bc:59:f9:36:da:f8:f6:be:3c:
         20:dd:90:4e:64:e4:be:f9:d1:ed:43:1b:85:ab:7b:cb:11:43:
         92:26:88:0f:ec:f4:f2:4a:b4:7b:08:c4:34:21:3d:66:82:45:
         bd:7b:17:6d:6c:a3:d6:05:0c:71:71:d9:43:d1:3c:a2:59:b7:
         67:77:ae:29:78:ea:09:6c:a9:f3:14:f1:2b:bd:74:97:10:d3:
         8b:2e:84:db:c8:8c:6b:95:d9:ef:7c:e0:ee:3c:10:12:84:95:
         7c:72:a4:bc:27:c8:d2:2f:e2:92:34:f5:a8:98:9a:bb:aa:f4:
         34:23:03:1b:da:af:ce:7c:05:06:4c:69:c6:3f:a2:65:f7:98:
         89:19:58:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAexrhEBs5SSo16Z5hwy1IQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjQwNjE2MDIwMDU3WhcNMjQwNjE3MDIwMDU3WjAzMTEwLwYDVQQD
Eyg2ZTAxZjU4NjllOWYyZjEwNzY5YzA2YjdiZTI5Zjc0NWQ3N2I0ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAqC+IS1HgopwpZMLNKvILn3Vu8V
JIofkQy6Z3+VM6Bx0PeE37qPHnBgnynsTOgOiVatMtJf6vf/A1chphOJynerNpWi
WmlAvs7d8ptiEsKJt1DACgNPXke8a0ZlgmxIs0yvFFrGPQZCVggXBfSYddzgCtI/
XoUXlp1gJDxgm9+VpM5kYlwSvhNz9WceuRvj+nBKS8PIo/lnwkVXkoNUPjvvVXMS
mmN5B5A4iqwQvTiKO9TMZjoCQKS77q7lUcqAzR7KnqgwHNdFg6YohksoI1DPSk1f
Cf00SV3/3bYMoUeQky14jUprGnQuTeyQ64inrsOwb4ttLtrqLRf+Gd/HFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG4B9Yaeny8QdpwGt74p90XXe09zMB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2PmkDsU
Fn4n1oRZUv3y00pB+OGfFst2eZqUcUbc8p/2SUNdn3w82l+RVorP9CQHqMlY0nOC
rJarZQEsuaqb44ViVKRM9lQGtHpKNB/z+PtkHa1fYUS2QAgk5Up6Xr1HqVzSvFch
fi+zQeGhedvsqk6vFPdkvFn5Ntr49r48IN2QTmTkvvnR7UMbhat7yxFDkiaID+z0
8kq0ewjENCE9ZoJFvXsXbWyj1gUMcXHZQ9E8olm3Z3euKXjqCWyp8xTxK710lxDT
iy6E28iMa5XZ73zg7jwQEoSVfHKkvCfI0i/ikjT1qJiau6r0NCMDG9qvznwFBkxp
xj+iZfeYiRlYyw==
-----END CERTIFICATE-----