Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
File:                     4tY8oFQoMuZCZPOssVYZki_s-Ds.mft (raw, json)
Hash identifier:          kt4aWNBcEfFMXlk/6VJgil02qsTDS5RvyHP2gCEL5o4=
Subject key identifier:   22:CE:7D:31:AB:EE:1C:1F:4D:EB:BF:46:63:29:F0:36:46:45:C1:3B
Authority key identifier: E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B
Certificate issuer:       /CN=e2d63ca0542832e64264f3acb15619922fecf83b
Certificate serial:       01904566BC3F0D6AD0DD89138541C59F4AAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
Manifest number:          0AB3
Signing time:             Sun 23 Jun 2024 14:01:19 +0000
Manifest this update:     Sun 23 Jun 2024 14:01:19 +0000
Manifest next update:     Mon 24 Jun 2024 14:01:19 +0000
Files and hashes:         1: 4tY8oFQoMuZCZPOssVYZki_s-Ds.crl (hash: BVucRo4u+HNQvFlO4C8stKc+3WKWEyuh5kqKd5CV6pU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:66:bc:3f:0d:6a:d0:dd:89:13:85:41:c5:9f:4a:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2d63ca0542832e64264f3acb15619922fecf83b
        Validity
            Not Before: Jun 23 14:01:19 2024 GMT
            Not After : Jun 24 14:01:19 2024 GMT
        Subject: CN=22ce7d31abee1c1f4debbf466329f0364645c13b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:84:24:c4:f8:45:51:b3:63:20:71:da:3e:26:
                    e9:bb:97:3a:20:6a:58:1a:41:3f:04:21:3f:ec:88:
                    1a:66:7c:c0:47:25:e4:bc:0e:50:cd:da:a1:6e:ed:
                    98:9d:ea:78:bc:d6:29:b5:d5:c3:5a:86:30:5d:06:
                    e3:f2:99:86:34:e8:ad:bb:4d:44:3b:34:06:36:51:
                    17:f7:5f:1c:dd:62:37:39:80:c2:ec:be:d0:02:7c:
                    94:da:11:af:9f:f7:7d:03:08:29:30:da:4c:1e:8d:
                    ff:a8:98:46:76:ae:a5:20:cc:c1:fc:ef:e5:a4:30:
                    54:85:e7:43:b5:cc:a0:24:57:6a:5e:78:e0:5c:11:
                    3a:70:4b:e8:ba:f2:62:da:db:2c:e2:ff:74:49:85:
                    6a:12:6a:64:dd:36:89:9f:2c:10:b6:9c:f6:7a:e7:
                    3a:9b:31:a1:98:3d:4d:d3:51:8c:82:24:73:f7:fe:
                    56:27:7e:73:da:1e:6f:ea:40:0f:ea:e4:7c:57:18:
                    f2:2f:f4:3f:ec:a9:a8:33:27:90:46:77:68:29:7f:
                    58:7f:7a:c1:f7:42:20:38:5b:2f:0f:de:e6:01:b0:
                    2e:72:69:c4:31:04:56:37:2a:df:4a:4f:1e:4a:6b:
                    88:d5:78:80:66:89:5d:78:73:eb:6d:6d:92:95:79:
                    08:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:CE:7D:31:AB:EE:1C:1F:4D:EB:BF:46:63:29:F0:36:46:45:C1:3B
            X509v3 Authority Key Identifier:
                keyid:E2:D6:3C:A0:54:28:32:E6:42:64:F3:AC:B1:56:19:92:2F:EC:F8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tY8oFQoMuZCZPOssVYZki_s-Ds.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/aba9d3-9912-4f5e-98da-c5b00cb8d914/1/4tY8oFQoMuZCZPOssVYZki_s-Ds.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:99:3d:75:fc:bc:aa:c9:b8:f9:f9:a3:7e:4c:67:44:82:40:
         8e:ad:ba:d7:ce:ac:4d:81:41:4d:ae:64:f5:72:57:05:47:30:
         d3:95:97:53:5a:7a:21:c0:ce:8c:11:e7:cd:27:f0:1b:0b:fa:
         9d:e6:b3:e2:2d:db:d4:cd:cd:9a:e0:8b:ff:c6:96:8b:c3:ea:
         0c:f0:dd:5d:87:19:50:e8:04:ec:8b:3c:68:55:ba:c4:c3:51:
         7d:12:57:ce:65:a6:e1:2e:03:cc:35:f2:6c:b1:8e:1b:d2:8d:
         d8:a6:3f:e1:14:a5:c4:41:79:a0:01:28:9c:01:c7:ab:77:2f:
         5a:9e:13:1a:cd:6c:89:5c:c9:c2:9c:18:57:af:e7:ae:94:7f:
         c0:94:09:a5:f2:c7:01:be:5b:16:dc:40:bd:0c:b1:55:f5:ff:
         d7:37:a7:30:9b:9d:07:68:a3:b3:31:d8:38:04:92:ee:9c:00:
         40:2b:9c:0d:c0:1b:e4:56:fc:4d:eb:2f:19:ac:9d:4c:77:80:
         b3:33:05:88:65:75:60:a7:a5:2f:72:b4:ea:9a:e6:cc:32:c3:
         81:6f:a5:da:5a:52:da:4e:91:37:1b:e6:29:f2:39:1f:88:1d:
         50:43:3d:5a:bc:e4:3c:1d:58:f9:49:82:33:69:d2:8b:e8:22:
         00:15:73:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBFZrw/DWrQ3YkThUHFn0quMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDYzY2EwNTQyODMyZTY0MjY0ZjNhY2IxNTYxOTkyMmZl
Y2Y4M2IwHhcNMjQwNjIzMTQwMTE5WhcNMjQwNjI0MTQwMTE5WjAzMTEwLwYDVQQD
EygyMmNlN2QzMWFiZWUxYzFmNGRlYmJmNDY2MzI5ZjAzNjQ2NDVjMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoQkxPhFUbNjIHHaPibpu5c6IGpY
GkE/BCE/7IgaZnzARyXkvA5Qzdqhbu2Ynep4vNYptdXDWoYwXQbj8pmGNOitu01E
OzQGNlEX918c3WI3OYDC7L7QAnyU2hGvn/d9AwgpMNpMHo3/qJhGdq6lIMzB/O/l
pDBUhedDtcygJFdqXnjgXBE6cEvouvJi2tss4v90SYVqEmpk3TaJnywQtpz2euc6
mzGhmD1N01GMgiRz9/5WJ35z2h5v6kAP6uR8VxjyL/Q/7KmoMyeQRndoKX9Yf3rB
90IgOFsvD97mAbAucmnEMQRWNyrfSk8eSmuI1XiAZoldeHPrbW2SlXkIrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCLOfTGr7hwfTeu/RmMp8DZGRcE7MB8GA1UdIwQY
MBaAFOLWPKBUKDLmQmTzrLFWGZIv7Pg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEt
YzViMDBjYjhkOTE0LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hYmE5ZDMtOTkxMi00ZjVlLTk4ZGEtYzViMDBjYjhkOTE0
LzEvNHRZOG9GUW9NdVpDWlBPc3NWWVpraV9zLURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM5k9dfy8
qsm4+fmjfkxnRIJAjq26186sTYFBTa5k9XJXBUcw05WXU1p6IcDOjBHnzSfwGwv6
neaz4i3b1M3NmuCL/8aWi8PqDPDdXYcZUOgE7Is8aFW6xMNRfRJXzmWm4S4DzDXy
bLGOG9KN2KY/4RSlxEF5oAEonAHHq3cvWp4TGs1siVzJwpwYV6/nrpR/wJQJpfLH
Ab5bFtxAvQyxVfX/1zenMJudB2ijszHYOASS7pwAQCucDcAb5Fb8TesvGaydTHeA
szMFiGV1YKelL3K06prmzDLDgW+l2lpS2k6RNxvmKfI5H4gdUEM9WrzkPB1Y+UmC
M2nSi+giABVzfQ==
-----END CERTIFICATE-----