Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
File:                     0jhr7YO2RaK64TifU9llfZGedtE.mft (raw, json)
Hash identifier:          MARpr/c/MadTdMBTUNfB6bALvvNq+Y7pMz9IcK8DemY=
Subject key identifier:   D7:DB:5E:E0:44:C0:95:C5:5E:C5:4F:8F:87:E8:F6:E3:6C:F3:42:EE
Authority key identifier: D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1
Certificate issuer:       /CN=d2386bed83b645a2bae1389f53d9657d919e76d1
Certificate serial:       01901DECAE3DF11B1F379B47AD518594AED3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
Manifest number:          058B
Signing time:             Sat 15 Jun 2024 22:02:48 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:48 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:48 +0000
Files and hashes:         1: 0jhr7YO2RaK64TifU9llfZGedtE.crl (hash: omf/uag1u7COsiLEA5xn30heNrjrv+548t/PWXRc5mM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:ae:3d:f1:1b:1f:37:9b:47:ad:51:85:94:ae:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2386bed83b645a2bae1389f53d9657d919e76d1
        Validity
            Not Before: Jun 15 22:02:48 2024 GMT
            Not After : Jun 16 22:02:48 2024 GMT
        Subject: CN=d7db5ee044c095c55ec54f8f87e8f6e36cf342ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:fd:df:f2:d3:95:dd:7a:9e:00:c0:c6:e6:16:
                    61:41:bc:7f:42:c2:b9:c2:06:d4:b5:3c:08:f5:7c:
                    33:f1:ff:49:4e:c2:2b:b1:18:be:f4:06:77:88:2f:
                    3f:7b:b7:d7:4e:93:92:64:e7:99:c1:88:7f:73:1c:
                    2a:d0:d9:31:9d:ee:51:3b:77:0a:11:17:a7:69:b9:
                    c0:78:9f:79:34:06:d8:b1:cd:b3:ac:bb:f5:a4:66:
                    6e:d8:31:cb:26:83:61:46:b7:8c:fe:0e:68:2d:ba:
                    17:c4:2a:ea:93:43:83:e2:35:ed:3c:a3:59:64:42:
                    c9:a2:c2:4c:28:4a:b3:4c:f0:01:ec:a1:2f:6e:74:
                    21:21:d3:e8:e8:89:9d:fe:86:9d:9f:74:23:62:e2:
                    e9:e9:69:61:02:77:99:ac:e8:5f:5d:a9:94:af:92:
                    c7:c2:02:b7:2f:78:34:12:47:05:ca:15:42:2e:1a:
                    c8:1f:a9:ed:c5:39:ea:60:1f:91:7a:6b:e1:05:d3:
                    bc:c0:80:d8:61:9f:64:79:52:ce:e7:db:99:88:ab:
                    2c:37:45:c2:e6:c8:29:7c:4b:00:66:28:12:d0:ac:
                    95:2a:39:cc:74:5a:69:5f:0c:88:68:ed:c1:e7:26:
                    3f:01:aa:21:40:83:23:4f:f5:05:c7:d5:8d:1c:0e:
                    f1:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:DB:5E:E0:44:C0:95:C5:5E:C5:4F:8F:87:E8:F6:E3:6C:F3:42:EE
            X509v3 Authority Key Identifier:
                keyid:D2:38:6B:ED:83:B6:45:A2:BA:E1:38:9F:53:D9:65:7D:91:9E:76:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jhr7YO2RaK64TifU9llfZGedtE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/563297-6056-4675-8399-03438351a369/1/0jhr7YO2RaK64TifU9llfZGedtE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:e8:23:0a:ba:1b:40:e6:20:fd:68:e9:aa:bd:62:d3:54:a4:
         cd:3e:1a:2b:36:db:f6:06:36:dc:e1:c3:ea:c2:d0:5e:8f:9c:
         22:f5:57:f5:bc:82:27:d5:83:81:d8:1e:14:2d:03:63:91:5f:
         59:84:ae:c8:d8:2b:01:34:9a:19:39:9e:c1:7f:25:05:3b:64:
         7c:20:6e:f9:6a:d3:d4:a5:54:3c:97:76:c6:a8:c5:cb:10:27:
         71:3b:43:bc:b7:61:60:f0:98:a4:26:00:ab:88:04:9d:8f:29:
         d4:8b:b3:b6:b7:4e:c7:fb:ce:db:2a:fe:db:bf:21:67:1f:96:
         38:ee:c8:d0:ea:7f:c2:c2:75:49:25:ef:91:8b:ef:2b:75:aa:
         8e:ab:34:d4:30:45:7c:a6:18:37:50:06:fa:23:30:32:c3:19:
         31:5d:67:b4:0c:ad:51:91:1d:1f:23:47:de:d6:ee:75:ef:f3:
         11:8c:5d:6f:74:29:a4:66:1f:c7:8b:50:10:01:ba:ca:02:e5:
         8e:e4:96:16:62:4f:67:db:06:43:ef:d3:44:f7:4d:b2:a7:59:
         b5:ab:13:59:e4:86:1e:d5:bb:eb:5b:d9:6c:11:e0:50:a5:9a:
         96:52:d7:50:19:fa:fa:83:8e:14:dc:a0:4c:5d:d7:96:75:4d:
         a9:da:d6:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7K498RsfN5tHrVGFlK7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMzg2YmVkODNiNjQ1YTJiYWUxMzg5ZjUzZDk2NTdkOTE5
ZTc2ZDEwHhcNMjQwNjE1MjIwMjQ4WhcNMjQwNjE2MjIwMjQ4WjAzMTEwLwYDVQQD
EyhkN2RiNWVlMDQ0YzA5NWM1NWVjNTRmOGY4N2U4ZjZlMzZjZjM0MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf3f8tOV3XqeAMDG5hZhQbx/QsK5
wgbUtTwI9Xwz8f9JTsIrsRi+9AZ3iC8/e7fXTpOSZOeZwYh/cxwq0Nkxne5RO3cK
ERenabnAeJ95NAbYsc2zrLv1pGZu2DHLJoNhRreM/g5oLboXxCrqk0OD4jXtPKNZ
ZELJosJMKEqzTPAB7KEvbnQhIdPo6Imd/oadn3QjYuLp6WlhAneZrOhfXamUr5LH
wgK3L3g0EkcFyhVCLhrIH6ntxTnqYB+RemvhBdO8wIDYYZ9keVLO59uZiKssN0XC
5sgpfEsAZigS0KyVKjnMdFppXwyIaO3B5yY/AaohQIMjT/UFx9WNHA7xMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNfbXuBEwJXFXsVPj4fo9uNs80LuMB8GA1UdIwQY
MBaAFNI4a+2DtkWiuuE4n1PZZX2RnnbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTkt
MDM0MzgzNTFhMzY5LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi81NjMyOTctNjA1Ni00Njc1LTgzOTktMDM0MzgzNTFhMzY5
LzEvMGpocjdZTzJSYUs2NFRpZlU5bGxmWkdlZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHOgjCrob
QOYg/Wjpqr1i01SkzT4aKzbb9gY23OHD6sLQXo+cIvVX9byCJ9WDgdgeFC0DY5Ff
WYSuyNgrATSaGTmewX8lBTtkfCBu+WrT1KVUPJd2xqjFyxAncTtDvLdhYPCYpCYA
q4gEnY8p1IuztrdOx/vO2yr+278hZx+WOO7I0Op/wsJ1SSXvkYvvK3Wqjqs01DBF
fKYYN1AG+iMwMsMZMV1ntAytUZEdHyNH3tbude/zEYxdb3QppGYfx4tQEAG6ygLl
juSWFmJPZ9sGQ+/TRPdNsqdZtasTWeSGHtW761vZbBHgUKWallLXUBn6+oOOFNyg
TF3XlnVNqdrWJg==
-----END CERTIFICATE-----