Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          hjINDfKgn7LdgFljE5a7SoU0IJrY21BuN62ELdHeIKY=
Subject key identifier:   83:47:25:C6:95:21:38:4F:00:3F:25:64:67:CA:14:2A:CB:7F:C2:09
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       0190448C1B77547171F818B761D05B886AD9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          11D8
Signing time:             Sun 23 Jun 2024 10:02:30 +0000
Manifest this update:     Sun 23 Jun 2024 10:02:30 +0000
Manifest next update:     Mon 24 Jun 2024 10:02:30 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: 3VUEPwtBnUNi5bQ2xdiGqXe3UfJ7aoPSYRYeaEvsQ8s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 10:02:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:44:8c:1b:77:54:71:71:f8:18:b7:61:d0:5b:88:6a:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Jun 23 10:02:30 2024 GMT
            Not After : Jun 24 10:02:30 2024 GMT
        Subject: CN=834725c69521384f003f256467ca142acb7fc209
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d1:4d:3c:f3:e2:9f:43:54:d6:ee:9e:b0:8a:
                    8c:5d:e9:24:35:79:d7:8a:cc:2d:51:a5:45:e9:41:
                    45:6f:f3:0b:be:be:54:c5:44:a5:1b:31:d8:2c:f2:
                    a8:58:00:06:33:36:4d:00:a5:b1:26:bb:e1:a0:a0:
                    3a:ea:e7:25:bb:d2:8f:1a:da:5f:10:ef:7b:0b:20:
                    28:5a:e4:8e:73:32:23:1d:df:7e:4b:ac:9b:6e:b6:
                    8a:57:57:4a:fb:7a:c9:73:ac:37:24:63:05:9e:6c:
                    69:90:8b:e9:03:12:b1:1c:f8:69:0f:cc:96:b4:2c:
                    bb:50:28:f5:ff:df:38:81:25:32:a6:60:3d:9c:21:
                    77:0e:ec:07:e5:f3:ba:d0:a3:46:8f:e5:bc:54:ee:
                    bd:0f:f4:4d:ea:96:a6:ed:ca:42:0a:35:a9:30:0c:
                    ee:c3:fa:d9:c3:73:50:f2:ef:4e:b2:65:70:59:01:
                    f1:37:ff:fc:75:ac:c1:4d:10:2c:00:bd:a9:45:dc:
                    b0:bb:92:b8:83:24:cb:98:73:f1:a2:47:94:ef:a9:
                    d1:98:48:fa:75:79:b2:db:f0:e1:ae:01:21:60:7d:
                    86:5d:9d:5e:dc:ae:11:86:e6:8e:e6:77:f3:8b:6f:
                    fd:8d:30:6b:c3:34:19:56:63:fe:d6:b0:88:77:cb:
                    78:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:47:25:C6:95:21:38:4F:00:3F:25:64:67:CA:14:2A:CB:7F:C2:09
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:87:8b:f7:05:43:d5:bb:77:51:d9:0f:0f:42:c2:c6:2c:be:
         88:68:e5:c8:8f:c5:d4:a3:de:ae:d1:89:aa:71:57:56:7a:49:
         7b:f7:1a:91:91:63:7a:4e:8f:f3:be:50:8a:45:36:89:2b:1a:
         48:bd:1b:2e:ca:49:c6:f5:fc:9e:3d:7b:2a:be:d6:0a:9e:d2:
         1e:b9:1d:33:63:d0:06:de:2b:c4:30:61:61:cc:98:66:e7:fc:
         a7:dd:ab:10:a1:91:22:f5:55:ab:0f:1a:f4:20:9c:cc:14:9b:
         b5:69:02:8a:fe:7a:1c:7d:57:32:a7:32:f8:ec:ae:e5:64:cf:
         43:89:fd:a2:aa:9b:18:a5:58:db:1c:1a:7f:da:fd:09:71:44:
         47:9d:17:5b:a9:f4:c9:a2:30:89:10:79:72:e2:07:ed:ff:f9:
         cb:0a:9f:45:0f:ee:69:a7:e8:55:9d:9f:3d:47:56:5a:aa:f9:
         54:24:bb:c5:49:d7:8a:9e:c5:66:f2:c0:30:fb:59:5c:9e:be:
         fe:59:d8:57:1b:a8:78:a8:6b:c8:3b:06:fd:23:e7:71:80:42:
         36:a5:31:0b:55:05:c6:0d:81:a4:88:09:f7:0b:67:26:c4:26:
         ca:03:cf:e0:3c:0f:25:15:da:6d:2a:72:d1:4a:bc:03:ca:33:
         af:79:65:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBEjBt3VHFx+Bi3YdBbiGrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjQwNjIzMTAwMjMwWhcNMjQwNjI0MTAwMjMwWjAzMTEwLwYDVQQD
Eyg4MzQ3MjVjNjk1MjEzODRmMDAzZjI1NjQ2N2NhMTQyYWNiN2ZjMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9FNPPPin0NU1u6esIqMXekkNXnX
iswtUaVF6UFFb/MLvr5UxUSlGzHYLPKoWAAGMzZNAKWxJrvhoKA66uclu9KPGtpf
EO97CyAoWuSOczIjHd9+S6ybbraKV1dK+3rJc6w3JGMFnmxpkIvpAxKxHPhpD8yW
tCy7UCj1/984gSUypmA9nCF3DuwH5fO60KNGj+W8VO69D/RN6pam7cpCCjWpMAzu
w/rZw3NQ8u9OsmVwWQHxN//8dazBTRAsAL2pRdywu5K4gyTLmHPxokeU76nRmEj6
dXmy2/DhrgEhYH2GXZ1e3K4RhuaO5nfzi2/9jTBrwzQZVmP+1rCId8t46QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINHJcaVIThPAD8lZGfKFCrLf8IJMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaIeL9wVD
1bt3UdkPD0LCxiy+iGjlyI/F1KPertGJqnFXVnpJe/cakZFjek6P875QikU2iSsa
SL0bLspJxvX8nj17Kr7WCp7SHrkdM2PQBt4rxDBhYcyYZuf8p92rEKGRIvVVqw8a
9CCczBSbtWkCiv56HH1XMqcy+Oyu5WTPQ4n9oqqbGKVY2xwaf9r9CXFER50XW6n0
yaIwiRB5cuIH7f/5ywqfRQ/uaafoVZ2fPUdWWqr5VCS7xUnXip7FZvLAMPtZXJ6+
/lnYVxuoeKhryDsG/SPncYBCNqUxC1UFxg2BpIgJ9wtnJsQmygPP4DwPJRXabSpy
0Uq8A8ozr3llTA==
-----END CERTIFICATE-----