Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          Jpdt2l/PMJlgbc0JGDmCaihQ+hhhCtS+aZ3ByOMTsLE=
Subject key identifier:   42:D2:E0:F4:0D:80:E4:56:05:1A:9A:7C:C7:62:11:96:41:50:BF:88
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       01901CD83C12C5E126A1A2232EF8559C2695
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          02AA
Signing time:             Sat 15 Jun 2024 17:00:51 +0000
Manifest this update:     Sat 15 Jun 2024 17:00:51 +0000
Manifest next update:     Sun 16 Jun 2024 17:00:51 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: rgFLbDqkGnTV/IaFTLf0f0XqawofYwS7Z6mJXbveTlk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:d8:3c:12:c5:e1:26:a1:a2:23:2e:f8:55:9c:26:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Jun 15 17:00:51 2024 GMT
            Not After : Jun 16 17:00:51 2024 GMT
        Subject: CN=42d2e0f40d80e456051a9a7cc76211964150bf88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:c9:a7:73:51:3f:68:38:43:2d:7a:7f:c5:f9:
                    12:4e:ce:de:08:c3:80:63:42:4c:f7:22:89:9d:da:
                    b4:d1:c7:d7:22:b3:57:d9:60:64:33:36:e4:0b:5b:
                    a9:42:55:2d:e2:b3:2d:0f:44:f8:76:ae:0a:e5:76:
                    4f:d1:0e:b5:7f:bf:b5:42:26:65:fd:87:5d:9f:a0:
                    86:7e:b9:85:2d:38:2e:0e:01:6a:a5:74:5f:a2:d9:
                    57:1d:02:61:97:40:43:05:38:7c:d2:b1:e6:1e:dd:
                    96:ff:e2:05:34:54:b5:4b:21:64:73:45:66:fb:ff:
                    94:b5:30:ab:18:99:e7:ac:88:2f:91:92:1d:3e:bb:
                    85:89:7d:cd:cf:0c:24:e9:84:ab:16:31:e6:47:8c:
                    cc:90:23:11:e3:dc:f0:aa:56:7d:fc:76:e0:ac:e1:
                    f5:7b:92:71:f1:7b:e0:03:98:c3:32:c3:02:25:a2:
                    d8:ec:5e:85:c5:66:01:b5:36:88:09:68:dc:0d:ba:
                    e1:ea:96:71:67:1d:7f:dc:e4:ce:39:b6:8f:aa:22:
                    55:ae:6f:82:3c:e2:cc:26:2b:d1:2e:65:93:13:f0:
                    8e:14:11:e7:33:00:3d:7f:f8:b9:f7:bd:17:d0:9c:
                    8e:ca:73:e5:3e:e6:fa:d9:8c:fc:e3:f5:53:fb:4c:
                    05:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:D2:E0:F4:0D:80:E4:56:05:1A:9A:7C:C7:62:11:96:41:50:BF:88
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         46:c3:13:9d:ee:b5:d9:a2:3a:55:a4:a5:22:fc:2e:d5:85:04:
         17:77:5f:aa:45:1f:3c:7f:1e:1e:15:18:40:01:dc:ad:1b:f8:
         42:5b:94:45:f8:09:28:b1:92:55:c3:fb:88:a3:3f:04:ba:3f:
         7e:2c:52:0d:03:4f:b4:22:a3:ef:9b:9a:d8:8d:d1:da:7b:16:
         c9:d7:e4:15:ca:2d:bf:4a:b0:a6:09:c5:58:69:e6:3d:ee:df:
         7b:ee:07:60:18:6b:77:35:25:55:bc:da:e6:2e:29:8a:e6:7b:
         e3:96:15:3e:de:0c:db:67:59:12:06:c0:ca:33:90:55:b0:df:
         95:0f:0a:f8:66:36:d2:40:b3:96:57:d8:9f:cb:e2:87:1b:f2:
         06:66:bb:7a:bb:38:bd:84:ca:e0:47:32:88:12:cc:0c:ff:98:
         6d:d0:27:27:4a:64:47:f5:50:57:f2:7d:15:d6:39:01:aa:45:
         9a:03:4b:78:eb:9b:3a:bf:5b:9d:4f:9c:28:6f:aa:32:5a:93:
         75:c2:b5:3b:f3:51:5b:d9:f7:b8:39:71:2e:56:56:f2:08:8a:
         cf:91:eb:8b:10:57:0c:fc:a4:2b:29:61:61:27:8d:c1:40:2f:
         05:89:dc:0a:db:f4:f8:6a:7f:4a:d2:7c:cc:cb:cf:06:61:97:
         f8:ae:7a:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAc2DwSxeEmoaIjLvhVnCaVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjQwNjE1MTcwMDUxWhcNMjQwNjE2MTcwMDUxWjAzMTEwLwYDVQQD
Eyg0MmQyZTBmNDBkODBlNDU2MDUxYTlhN2NjNzYyMTE5NjQxNTBiZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMmnc1E/aDhDLXp/xfkSTs7eCMOA
Y0JM9yKJndq00cfXIrNX2WBkMzbkC1upQlUt4rMtD0T4dq4K5XZP0Q61f7+1QiZl
/Yddn6CGfrmFLTguDgFqpXRfotlXHQJhl0BDBTh80rHmHt2W/+IFNFS1SyFkc0Vm
+/+UtTCrGJnnrIgvkZIdPruFiX3Nzwwk6YSrFjHmR4zMkCMR49zwqlZ9/HbgrOH1
e5Jx8XvgA5jDMsMCJaLY7F6FxWYBtTaICWjcDbrh6pZxZx1/3OTOObaPqiJVrm+C
POLMJivRLmWTE/COFBHnMwA9f/i5970X0JyOynPlPub62Yz84/VT+0wFfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFELS4PQNgORWBRqafMdiEZZBUL+IMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARsMTne61
2aI6VaSlIvwu1YUEF3dfqkUfPH8eHhUYQAHcrRv4QluURfgJKLGSVcP7iKM/BLo/
fixSDQNPtCKj75ua2I3R2nsWydfkFcotv0qwpgnFWGnmPe7fe+4HYBhrdzUlVbza
5i4piuZ745YVPt4M22dZEgbAyjOQVbDflQ8K+GY20kCzllfYn8vihxvyBma7ers4
vYTK4EcyiBLMDP+YbdAnJ0pkR/VQV/J9FdY5AapFmgNLeOubOr9bnU+cKG+qMlqT
dcK1O/NRW9n3uDlxLlZW8giKz5HrixBXDPykKylhYSeNwUAvBYncCtv0+Gp/StJ8
zMvPBmGX+K56aQ==
-----END CERTIFICATE-----