Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File:                     2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier:          drJWPJ7nsHxx88SzakW21hN3RKXmqarh+ct3c7D49DA=
Subject key identifier:   21:1B:9D:B8:30:BE:C9:57:80:2A:51:0F:25:27:38:07:88:06:F0:AF
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer:       /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial:       01901DEC2AD487EF5A643ACB8FD77EEC34A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number:          024A
Signing time:             Sat 15 Jun 2024 22:02:15 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:15 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:15 +0000
Files and hashes:         1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: mnj0vWmRGIOjWEXZkB2n42Gy2BKkN+STr9NI6ROeVy8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:2a:d4:87:ef:5a:64:3a:cb:8f:d7:7e:ec:34:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
        Validity
            Not Before: Jun 15 22:02:15 2024 GMT
            Not After : Jun 16 22:02:15 2024 GMT
        Subject: CN=211b9db830bec957802a510f252738078806f0af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:19:44:3c:5e:fc:14:08:d4:68:2b:ba:58:d9:
                    81:72:7d:13:e6:64:84:d5:4e:a8:40:6d:0e:63:68:
                    f8:d8:34:52:6c:8f:ff:aa:11:42:de:a0:72:79:fc:
                    cb:15:03:00:8f:b1:cd:35:00:2c:48:a2:1b:7d:1d:
                    dc:99:00:07:9a:28:7e:f4:92:fa:06:db:65:0e:38:
                    ab:7e:e5:2e:57:53:24:9d:d0:d0:a1:e1:dc:18:50:
                    c5:d5:52:77:0a:ea:32:f8:ba:cb:dc:77:0e:07:fb:
                    e0:f2:2e:4b:5a:3f:87:3c:53:e4:24:a8:d0:32:4d:
                    d5:3c:e9:63:8d:aa:11:43:e4:18:19:37:19:e3:81:
                    99:fa:48:d6:0d:5c:0a:ab:84:16:4e:57:db:00:9d:
                    09:16:3c:c7:23:88:ba:64:e2:9f:5d:fc:00:01:03:
                    46:c6:24:d0:9e:3c:10:0f:ff:72:e5:6a:46:e0:1e:
                    2e:ff:fa:9a:65:f6:41:fe:6e:8d:5f:05:79:ef:10:
                    fb:56:e9:8d:d0:04:b0:aa:50:81:48:e6:84:62:93:
                    69:c1:20:f4:98:87:ad:d6:9e:be:6f:24:2f:40:e3:
                    01:fc:ce:94:bf:f8:b6:88:a2:6d:9d:1a:3b:c3:a2:
                    7c:97:a3:cd:d2:64:98:9d:38:7f:a1:ae:bb:2b:f4:
                    82:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:1B:9D:B8:30:BE:C9:57:80:2A:51:0F:25:27:38:07:88:06:F0:AF
            X509v3 Authority Key Identifier:
                keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:10:b1:15:72:cc:08:33:61:a8:9e:9b:f2:ac:f8:88:eb:66:
         6f:e7:07:2b:e0:63:a9:ba:7e:84:2f:50:cd:85:7a:d6:a4:0a:
         1b:4d:6b:52:73:da:ba:7c:c4:89:1d:0a:a7:4c:3d:14:c0:6f:
         3c:96:f4:a6:77:fa:74:42:5a:a1:3d:a0:ba:3c:0c:eb:ce:b0:
         0a:ff:db:21:b3:47:9a:44:33:e5:aa:82:f5:61:45:74:65:38:
         31:70:e9:0e:59:c3:ea:75:c3:62:8e:fb:6c:f8:ee:0a:b9:fe:
         57:d1:83:81:3b:0c:df:e8:22:61:a4:3a:5c:c1:c0:56:9f:9a:
         b0:15:3b:06:6d:91:a6:de:41:07:fb:32:1e:16:63:e5:a4:2c:
         19:34:f3:78:65:97:0b:f0:69:0b:64:19:7c:0b:3f:bf:5d:db:
         92:1b:d6:43:b0:32:a7:52:1b:f1:3e:db:94:ae:47:c4:74:83:
         9e:3c:6c:ab:18:72:a4:fb:fd:0e:92:bd:39:50:bb:f9:da:1f:
         31:a4:79:6d:18:de:57:0e:1a:fb:ed:01:28:1b:96:14:1a:17:
         96:9e:11:60:88:27:73:62:08:d1:f3:78:2e:33:57:11:81:5d:
         f0:52:10:3b:67:8f:06:ce:41:94:a8:7e:2e:5d:31:99:8b:56:
         c0:76:f2:09
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7CrUh+9aZDrLj9d+7DSmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjQwNjE1MjIwMjE1WhcNMjQwNjE2MjIwMjE1WjAzMTEwLwYDVQQD
EygyMTFiOWRiODMwYmVjOTU3ODAyYTUxMGYyNTI3MzgwNzg4MDZmMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhlEPF78FAjUaCu6WNmBcn0T5mSE
1U6oQG0OY2j42DRSbI//qhFC3qByefzLFQMAj7HNNQAsSKIbfR3cmQAHmih+9JL6
BttlDjirfuUuV1MkndDQoeHcGFDF1VJ3Cuoy+LrL3HcOB/vg8i5LWj+HPFPkJKjQ
Mk3VPOljjaoRQ+QYGTcZ44GZ+kjWDVwKq4QWTlfbAJ0JFjzHI4i6ZOKfXfwAAQNG
xiTQnjwQD/9y5WpG4B4u//qaZfZB/m6NXwV57xD7VumN0ASwqlCBSOaEYpNpwSD0
mIet1p6+byQvQOMB/M6Uv/i2iKJtnRo7w6J8l6PN0mSYnTh/oa67K/SCPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEbnbgwvslXgCpRDyUnOAeIBvCvMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBCxFXLM
CDNhqJ6b8qz4iOtmb+cHK+Bjqbp+hC9QzYV61qQKG01rUnPaunzEiR0Kp0w9FMBv
PJb0pnf6dEJaoT2gujwM686wCv/bIbNHmkQz5aqC9WFFdGU4MXDpDlnD6nXDYo77
bPjuCrn+V9GDgTsM3+giYaQ6XMHAVp+asBU7Bm2Rpt5BB/syHhZj5aQsGTTzeGWX
C/BpC2QZfAs/v13bkhvWQ7Ayp1Ib8T7blK5HxHSDnjxsqxhypPv9DpK9OVC7+dof
MaR5bRjeVw4a++0BKBuWFBoXlp4RYIgnc2II0fN4LjNXEYFd8FIQO2ePBs5BlKh+
Ll0xmYtWwHbyCQ==
-----END CERTIFICATE-----