Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
File:                     KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft (raw, json)
Hash identifier:          Q+0jDlUu19pNvBUlpKeLrJLfG6hRls5YEFkQ9jta9TQ=
Subject key identifier:   90:E6:19:97:7D:9E:A2:C6:CF:CB:2D:B8:58:BE:14:4A:89:35:D9:5A
Authority key identifier: 29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0
Certificate issuer:       /CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
Certificate serial:       01903BBE31630B32FD55C669233877617245
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
Manifest number:          02BA
Signing time:             Fri 21 Jun 2024 17:00:38 +0000
Manifest this update:     Fri 21 Jun 2024 17:00:38 +0000
Manifest next update:     Sat 22 Jun 2024 17:00:38 +0000
Files and hashes:         1: KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl (hash: /jlInoWNgcTeecVl+qlD/F3z0aXkRqBbQlOF+BBMpVo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 22 Jun 2024 13:57:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:3b:be:31:63:0b:32:fd:55:c6:69:23:38:77:61:72:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2962e6a1334c9ca9c93ed57ff4ad72d99ce91ad0
        Validity
            Not Before: Jun 21 17:00:38 2024 GMT
            Not After : Jun 22 17:00:38 2024 GMT
        Subject: CN=90e619977d9ea2c6cfcb2db858be144a8935d95a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:ed:49:98:ba:89:ba:80:0e:3a:1f:ff:96:cf:
                    ef:05:b4:71:84:30:d7:08:33:4e:7a:0e:e1:ff:d7:
                    3f:47:43:cf:81:ba:17:2b:e9:2b:d0:93:42:20:5f:
                    72:8a:e9:ad:7d:ee:1a:a4:c0:db:c7:16:34:4a:2d:
                    f7:ea:ec:43:08:ee:d2:96:80:c1:93:02:82:7c:e6:
                    ee:91:5c:fc:7f:c4:d7:aa:5d:a7:5e:f7:16:1d:55:
                    d9:c5:ee:c9:d0:ee:77:2d:b1:8c:e8:a6:a0:23:f7:
                    81:71:fe:59:f7:54:ae:d6:a2:90:83:2c:9f:9f:75:
                    9e:fb:85:dd:1e:4a:23:28:ca:c7:91:d2:80:82:9a:
                    14:0e:07:f6:20:c3:a3:d1:d7:b1:e5:8e:d7:b8:89:
                    18:d0:0f:07:af:95:c5:5b:a9:ab:66:81:97:12:a8:
                    22:81:72:f5:0b:41:b6:e4:cd:f0:1e:6d:c0:9f:82:
                    a1:8d:3c:f4:d6:4e:15:ac:69:c9:4c:19:84:3f:ca:
                    f9:02:67:60:8a:9c:ad:cc:46:89:ee:65:bb:30:8e:
                    ef:22:0b:50:36:bc:af:f9:1c:0b:ef:fd:fc:18:56:
                    97:13:19:3e:e1:9b:94:5e:1c:ea:26:1b:b0:3c:07:
                    1a:b7:cf:98:52:e4:11:eb:78:80:1a:75:6c:e8:df:
                    c3:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:E6:19:97:7D:9E:A2:C6:CF:CB:2D:B8:58:BE:14:4A:89:35:D9:5A
            X509v3 Authority Key Identifier:
                keyid:29:62:E6:A1:33:4C:9C:A9:C9:3E:D5:7F:F4:AD:72:D9:9C:E9:1A:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/bde818-c0ed-4924-8d7b-6ec40c85a2ae/1/KWLmoTNMnKnJPtV_9K1y2ZzpGtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:26:06:16:00:90:5c:ba:08:22:3d:67:01:80:58:d0:51:2d:
         9b:e6:17:ab:04:ce:55:27:56:36:23:bc:74:93:c0:04:2c:d7:
         73:96:5a:a1:d6:a3:3d:ff:de:60:62:aa:57:27:e1:f1:5d:82:
         9f:50:3b:14:4c:ce:0e:9f:da:d5:04:2f:fb:0c:3c:fe:ff:c8:
         d7:ee:68:52:96:69:19:b6:9e:58:43:67:b4:9b:dd:16:8d:7c:
         ff:93:ab:8c:df:75:ed:ca:cc:7c:2b:11:c7:cc:3b:ae:61:59:
         ad:df:25:b9:c0:e2:9d:de:ba:f2:39:09:09:ca:dd:42:92:0b:
         d8:49:99:83:98:18:cc:8f:b6:16:2c:f3:96:48:af:2d:88:e9:
         65:ea:31:5d:58:df:8d:34:a5:a6:1e:ef:d4:d4:b5:3a:8d:bf:
         dc:fa:32:2d:a5:fa:01:d1:bc:e6:e4:f9:25:08:a4:95:f6:b9:
         0e:f6:86:0d:a4:07:ee:cb:9c:81:80:2f:a9:f5:74:68:c2:e2:
         01:19:3f:67:73:f8:31:cc:4c:26:ea:d1:91:1c:d8:7f:8c:39:
         9b:6e:7b:86:04:4b:df:b6:77:9b:63:40:8f:a6:03:d5:91:25:
         67:eb:0f:7d:14:41:e8:77:95:e1:e2:0d:16:4b:1d:47:3e:4f:
         73:e3:59:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA7vjFjCzL9VcZpIzh3YXJFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjJlNmExMzM0YzljYTljOTNlZDU3ZmY0YWQ3MmQ5OWNl
OTFhZDAwHhcNMjQwNjIxMTcwMDM4WhcNMjQwNjIyMTcwMDM4WjAzMTEwLwYDVQQD
Eyg5MGU2MTk5NzdkOWVhMmM2Y2ZjYjJkYjg1OGJlMTQ0YTg5MzVkOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju1JmLqJuoAOOh//ls/vBbRxhDDX
CDNOeg7h/9c/R0PPgboXK+kr0JNCIF9yiumtfe4apMDbxxY0Si336uxDCO7SloDB
kwKCfObukVz8f8TXql2nXvcWHVXZxe7J0O53LbGM6KagI/eBcf5Z91Su1qKQgyyf
n3We+4XdHkojKMrHkdKAgpoUDgf2IMOj0dex5Y7XuIkY0A8Hr5XFW6mrZoGXEqgi
gXL1C0G25M3wHm3An4KhjTz01k4VrGnJTBmEP8r5AmdgipytzEaJ7mW7MI7vIgtQ
Nryv+RwL7/38GFaXExk+4ZuUXhzqJhuwPAcat8+YUuQR63iAGnVs6N/DOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJDmGZd9nqLGz8stuFi+FEqJNdlaMB8GA1UdIwQY
MBaAFCli5qEzTJypyT7Vf/Stctmc6RrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2It
NmVjNDBjODVhMmFlLzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9iZGU4MTgtYzBlZC00OTI0LThkN2ItNmVjNDBjODVhMmFl
LzEvS1dMbW9UTk1uS25KUHRWXzlLMXkyWnpwR3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcSYGFgCQ
XLoIIj1nAYBY0FEtm+YXqwTOVSdWNiO8dJPABCzXc5ZaodajPf/eYGKqVyfh8V2C
n1A7FEzODp/a1QQv+ww8/v/I1+5oUpZpGbaeWENntJvdFo18/5OrjN917crMfCsR
x8w7rmFZrd8lucDind668jkJCcrdQpIL2EmZg5gYzI+2FizzlkivLYjpZeoxXVjf
jTSlph7v1NS1Oo2/3PoyLaX6AdG85uT5JQiklfa5DvaGDaQH7sucgYAvqfV0aMLi
ARk/Z3P4McxMJurRkRzYf4w5m257hgRL37Z3m2NAj6YD1ZElZ+sPfRRB6HeV4eIN
FksdRz5Pc+NZ8g==
-----END CERTIFICATE-----