Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
File:                     iOZzGonffpNxq6M-sU1y9h45gLk.mft (raw, json)
Hash identifier:          y5mnoCU/NCJ8JGDjfGnEVP6EDrpFfgbqWWVR16zmixg=
Subject key identifier:   A6:29:DB:9D:52:1C:AF:00:11:18:82:88:EE:FA:10:DA:5A:D7:9D:5F
Authority key identifier: 88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9
Certificate issuer:       /CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
Certificate serial:       01901DEC38EA3DD3F3693D1C81275FD6B7AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
Manifest number:          11C4
Signing time:             Sat 15 Jun 2024 22:02:18 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:18 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:18 +0000
Files and hashes:         1: iOZzGonffpNxq6M-sU1y9h45gLk.crl (hash: BEFb365ULHb7nckL7/4WmG1YFU5R9tpm981G8mKTg9Q=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:38:ea:3d:d3:f3:69:3d:1c:81:27:5f:d6:b7:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88e6731a89df7e9371aba33eb14d72f61e3980b9
        Validity
            Not Before: Jun 15 22:02:18 2024 GMT
            Not After : Jun 16 22:02:18 2024 GMT
        Subject: CN=a629db9d521caf0011188288eefa10da5ad79d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:09:97:f2:b2:5c:c4:90:c1:74:2a:c1:81:2b:
                    9f:56:4b:26:c2:36:a1:d8:0e:b9:b6:4c:76:ca:bb:
                    6e:ef:6f:85:6c:67:bb:db:48:a7:8e:7d:2c:13:23:
                    59:c0:05:91:7b:2a:c5:3a:e1:03:42:c0:d6:f7:e4:
                    3f:c4:a0:1e:90:f2:a9:84:59:b6:3b:dd:00:52:f9:
                    83:f9:ea:52:2f:0e:3a:ef:41:f8:e8:85:0b:d9:79:
                    99:d2:fc:f6:ac:7a:ed:31:7c:31:42:d3:b6:bb:1d:
                    8a:54:55:12:c5:c5:37:3c:3b:19:2e:e9:54:00:32:
                    ec:eb:b7:3f:ad:37:10:72:0e:50:aa:83:90:0a:f5:
                    80:c2:90:df:3d:c8:09:e7:98:c5:63:eb:88:cd:c8:
                    98:6d:ee:c6:e1:1f:cf:1d:eb:42:d9:03:36:d0:ac:
                    60:32:fc:28:14:5e:21:b7:a6:96:30:22:ec:9c:1f:
                    45:c9:d1:68:ac:34:f2:d7:75:c6:77:2a:36:ce:68:
                    81:77:11:92:90:2d:e8:f6:8c:bb:d0:ba:6b:d5:56:
                    c9:68:b0:30:16:b2:23:91:72:b0:ec:72:06:10:a8:
                    4d:82:c3:f9:be:2d:3e:86:a0:f9:9f:d7:5b:8b:a2:
                    da:c7:11:8f:f2:1e:0a:db:e5:85:c3:0b:d2:38:48:
                    7b:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:29:DB:9D:52:1C:AF:00:11:18:82:88:EE:FA:10:DA:5A:D7:9D:5F
            X509v3 Authority Key Identifier:
                keyid:88:E6:73:1A:89:DF:7E:93:71:AB:A3:3E:B1:4D:72:F6:1E:39:80:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOZzGonffpNxq6M-sU1y9h45gLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/336cb3-f4f7-4d8a-95ce-6bcf4a42ac7d/1/iOZzGonffpNxq6M-sU1y9h45gLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         70:18:d8:dc:74:b7:f3:45:34:be:08:b6:c2:56:01:9c:d6:ef:
         44:a6:2c:98:53:88:67:ef:7a:e6:93:9c:ec:c9:36:a1:d6:1d:
         05:e9:ce:9f:25:e7:08:81:12:7a:86:af:92:79:3c:e8:56:1b:
         0f:a3:7c:3e:63:25:6f:32:7a:20:c3:a9:58:fa:82:28:0b:33:
         a5:4a:11:b1:df:78:12:13:20:69:22:8b:e9:de:51:ae:a6:c7:
         8c:c3:44:f5:c3:5d:be:88:68:ea:43:eb:79:25:33:6b:f3:de:
         15:1b:ab:d5:c3:d1:f2:2b:e0:db:b9:08:08:f8:ca:ae:ed:77:
         b1:e1:86:50:5d:0d:b9:52:bb:7c:c2:e3:a6:0a:db:f8:91:38:
         52:74:8a:8e:06:0f:a1:46:48:27:7c:7a:98:68:97:fe:7f:f4:
         a1:cb:d3:26:f0:f0:6d:f7:c0:e9:d7:d8:a3:27:73:41:e0:30:
         ab:a5:7d:a9:84:b4:20:4a:6f:74:78:63:e1:df:d0:15:a3:52:
         26:ef:ea:fd:ef:79:59:ed:19:85:68:67:08:31:d6:1a:a5:dd:
         2a:ec:fd:76:73:f1:b0:54:4c:af:cb:2e:c5:85:c6:bf:1b:1f:
         79:89:c1:25:0c:81:ad:0d:e2:62:97:ea:83:7f:fa:d5:2e:09:
         19:f3:f1:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7DjqPdPzaT0cgSdf1reqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTY3MzFhODlkZjdlOTM3MWFiYTMzZWIxNGQ3MmY2MWUz
OTgwYjkwHhcNMjQwNjE1MjIwMjE4WhcNMjQwNjE2MjIwMjE4WjAzMTEwLwYDVQQD
EyhhNjI5ZGI5ZDUyMWNhZjAwMTExODgyODhlZWZhMTBkYTVhZDc5ZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugmX8rJcxJDBdCrBgSufVksmwjah
2A65tkx2yrtu72+FbGe720injn0sEyNZwAWReyrFOuEDQsDW9+Q/xKAekPKphFm2
O90AUvmD+epSLw4670H46IUL2XmZ0vz2rHrtMXwxQtO2ux2KVFUSxcU3PDsZLulU
ADLs67c/rTcQcg5QqoOQCvWAwpDfPcgJ55jFY+uIzciYbe7G4R/PHetC2QM20Kxg
MvwoFF4ht6aWMCLsnB9FydForDTy13XGdyo2zmiBdxGSkC3o9oy70Lpr1VbJaLAw
FrIjkXKw7HIGEKhNgsP5vi0+hqD5n9dbi6LaxxGP8h4K2+WFwwvSOEh7FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKYp251SHK8AERiCiO76ENpa151fMB8GA1UdIwQY
MBaAFIjmcxqJ336TcaujPrFNcvYeOYC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2Ut
NmJjZjRhNDJhYzdkLzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMzZjYjMtZjRmNy00ZDhhLTk1Y2UtNmJjZjRhNDJhYzdk
LzEvaU9aekdvbmZmcE54cTZNLXNVMXk5aDQ1Z0xrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcBjY3HS3
80U0vgi2wlYBnNbvRKYsmFOIZ+965pOc7Mk2odYdBenOnyXnCIESeoavknk86FYb
D6N8PmMlbzJ6IMOpWPqCKAszpUoRsd94EhMgaSKL6d5RrqbHjMNE9cNdvoho6kPr
eSUza/PeFRur1cPR8ivg27kICPjKru13seGGUF0NuVK7fMLjpgrb+JE4UnSKjgYP
oUZIJ3x6mGiX/n/0ocvTJvDwbffA6dfYoydzQeAwq6V9qYS0IEpvdHhj4d/QFaNS
Ju/q/e95We0ZhWhnCDHWGqXdKuz9dnPxsFRMr8suxYXGvxsfeYnBJQyBrQ3iYpfq
g3/61S4JGfPxFA==
-----END CERTIFICATE-----