Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
File:                     VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft (raw, json)
Hash identifier:          GkLL2N9wFp84pPJhM/onmQJwJlcNPqTH+oBSQnC0U7I=
Subject key identifier:   51:25:05:F4:38:D6:84:CA:FD:75:4E:7B:98:12:DA:96:CC:11:C9:11
Authority key identifier: 54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70
Certificate issuer:       /CN=5476e09001c3186526190d1f35d2a5b99fcaa270
Certificate serial:       01901DEAFC6AAD4F78474F718E6C0B3D9103
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
Manifest number:          11C4
Signing time:             Sat 15 Jun 2024 22:00:57 +0000
Manifest this update:     Sat 15 Jun 2024 22:00:57 +0000
Manifest next update:     Sun 16 Jun 2024 22:00:57 +0000
Files and hashes:         1: VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl (hash: Z7mED8MBCGaes9D6b4K2NsKYmTnAU72p/OANl4qjnjg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:00:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ea:fc:6a:ad:4f:78:47:4f:71:8e:6c:0b:3d:91:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5476e09001c3186526190d1f35d2a5b99fcaa270
        Validity
            Not Before: Jun 15 22:00:57 2024 GMT
            Not After : Jun 16 22:00:57 2024 GMT
        Subject: CN=512505f438d684cafd754e7b9812da96cc11c911
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:5b:d2:81:ff:57:43:c4:f9:26:a2:81:18:93:
                    86:ca:b1:f1:7c:5d:ed:fd:6a:09:c1:77:65:0a:12:
                    df:83:d9:0e:94:80:fa:24:96:2e:77:c2:e5:2f:36:
                    6f:00:30:61:a5:06:1f:3d:c5:70:6b:42:f5:a5:dc:
                    08:e4:e1:97:fe:b4:70:8f:97:30:77:3d:dd:41:6d:
                    f4:9d:6a:49:d0:46:8b:a9:71:ad:76:e3:0d:3c:7b:
                    33:37:0d:57:79:10:a6:63:ed:59:c8:65:44:d3:6a:
                    52:3f:c2:ce:bc:61:1b:46:0b:83:d5:3e:ce:74:00:
                    d4:b4:35:23:fc:f8:0c:2e:f9:e3:87:8d:55:b3:f3:
                    92:aa:7b:87:22:04:ef:ec:55:8e:f5:6c:06:a3:54:
                    df:47:a0:5a:08:f3:9d:f2:08:cb:6f:04:24:52:2e:
                    64:45:58:2e:a4:29:26:68:4c:0e:77:27:6a:b2:2a:
                    9c:2a:b6:e0:e2:7d:ba:51:f9:4e:53:e1:b2:1d:1f:
                    c2:74:20:83:fe:4f:61:38:c6:fe:ac:b2:62:aa:66:
                    d1:f8:f4:8f:b0:ad:6a:ca:79:e1:59:0a:e7:30:87:
                    90:20:46:0e:f5:2c:c0:b3:39:ee:eb:18:d6:62:67:
                    a9:58:bf:cf:c8:0f:56:09:2f:44:3a:0c:fe:6e:01:
                    fe:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:25:05:F4:38:D6:84:CA:FD:75:4E:7B:98:12:DA:96:CC:11:C9:11
            X509v3 Authority Key Identifier:
                keyid:54:76:E0:90:01:C3:18:65:26:19:0D:1F:35:D2:A5:B9:9F:CA:A2:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbgkAHDGGUmGQ0fNdKluZ_KonA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/4bc47e-3987-4a34-92bc-8901e8813aac/1/VHbgkAHDGGUmGQ0fNdKluZ_KonA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4c:df:8b:31:10:b4:9f:23:af:a6:f2:3e:ac:33:0e:b8:f7:f0:
         82:05:40:07:9a:ab:14:16:79:47:6a:fd:1d:dc:0e:1c:f8:d0:
         d0:cf:49:82:6f:18:31:48:a9:97:e9:a2:82:76:dc:7a:e2:dd:
         eb:82:3e:13:59:54:c6:25:fe:cb:5c:41:53:27:c0:20:39:9f:
         af:99:3f:b6:83:00:30:72:57:24:37:10:eb:f4:f4:be:5b:a3:
         82:77:ff:9b:ac:22:db:2b:31:b0:e8:f6:91:6c:37:3e:32:9c:
         e6:3f:44:f8:56:92:50:1c:18:db:9e:f8:46:97:f7:91:2d:45:
         db:74:40:88:22:db:8b:8b:8b:bd:74:2d:3a:8d:1f:0e:7e:48:
         c1:93:d4:4d:90:5f:e3:ff:88:8c:a0:55:ad:01:e9:9e:3d:c1:
         b0:11:b0:c1:7c:e5:37:5a:b4:1e:81:62:93:47:6d:18:ea:38:
         d5:df:e8:dd:79:15:c6:f3:65:f9:97:b4:92:6b:4d:b3:62:ec:
         95:83:93:f1:ec:a8:61:7e:75:6a:28:59:75:87:23:32:9a:99:
         8a:18:6a:55:67:37:b4:9a:d1:eb:06:85:30:26:77:80:f9:d5:
         3f:dc:ac:aa:d5:4f:bd:4e:dc:46:ed:1b:1b:7c:56:0c:b5:88:
         ff:b9:eb:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd6vxqrU94R09xjmwLPZEDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZlMDkwMDFjMzE4NjUyNjE5MGQxZjM1ZDJhNWI5OWZj
YWEyNzAwHhcNMjQwNjE1MjIwMDU3WhcNMjQwNjE2MjIwMDU3WjAzMTEwLwYDVQQD
Eyg1MTI1MDVmNDM4ZDY4NGNhZmQ3NTRlN2I5ODEyZGE5NmNjMTFjOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1vSgf9XQ8T5JqKBGJOGyrHxfF3t
/WoJwXdlChLfg9kOlID6JJYud8LlLzZvADBhpQYfPcVwa0L1pdwI5OGX/rRwj5cw
dz3dQW30nWpJ0EaLqXGtduMNPHszNw1XeRCmY+1ZyGVE02pSP8LOvGEbRguD1T7O
dADUtDUj/PgMLvnjh41Vs/OSqnuHIgTv7FWO9WwGo1TfR6BaCPOd8gjLbwQkUi5k
RVgupCkmaEwOdydqsiqcKrbg4n26UflOU+GyHR/CdCCD/k9hOMb+rLJiqmbR+PSP
sK1qynnhWQrnMIeQIEYO9SzAsznu6xjWYmepWL/PyA9WCS9EOgz+bgH+zwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFElBfQ41oTK/XVOe5gS2pbMEckRMB8GA1UdIwQY
MBaAFFR24JABwxhlJhkNHzXSpbmfyqJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMt
ODkwMWU4ODEzYWFjLzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC80YmM0N2UtMzk4Ny00YTM0LTkyYmMtODkwMWU4ODEzYWFj
LzEvVkhiZ2tBSERHR1VtR1EwZk5kS2x1Wl9Lb25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATN+LMRC0
nyOvpvI+rDMOuPfwggVAB5qrFBZ5R2r9HdwOHPjQ0M9Jgm8YMUipl+mignbceuLd
64I+E1lUxiX+y1xBUyfAIDmfr5k/toMAMHJXJDcQ6/T0vlujgnf/m6wi2ysxsOj2
kWw3PjKc5j9E+FaSUBwY2574Rpf3kS1F23RAiCLbi4uLvXQtOo0fDn5IwZPUTZBf
4/+IjKBVrQHpnj3BsBGwwXzlN1q0HoFik0dtGOo41d/o3XkVxvNl+Ze0kmtNs2Ls
lYOT8eyoYX51aihZdYcjMpqZihhqVWc3tJrR6waFMCZ3gPnVP9ysqtVPvU7cRu0b
G3xWDLWI/7nrrQ==
-----END CERTIFICATE-----