Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
File:                     K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft (raw, json)
Hash identifier:          lg9CDYdfQrIY9s1N7RikN62s38qT1CmGlmTVWQmnUwI=
Subject key identifier:   A0:A4:13:71:EA:AB:7F:E3:4A:0F:18:C8:6F:36:6C:67:EA:F5:C1:7C
Authority key identifier: 2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F
Certificate issuer:       /CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
Certificate serial:       01901DEC1BCBEDA48A610C492B7F573DC146
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
Manifest number:          02DF
Signing time:             Sat 15 Jun 2024 22:02:10 +0000
Manifest this update:     Sat 15 Jun 2024 22:02:10 +0000
Manifest next update:     Sun 16 Jun 2024 22:02:10 +0000
Files and hashes:         1: K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl (hash: 1TmZMYCqEtKClHMcP5Zr+OJfor7Z885vkvRuFAuX8l0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:ec:1b:cb:ed:a4:8a:61:0c:49:2b:7f:57:3d:c1:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2b57b0db0016fe625095df0c6e57fe07f1cf289f
        Validity
            Not Before: Jun 15 22:02:10 2024 GMT
            Not After : Jun 16 22:02:10 2024 GMT
        Subject: CN=a0a41371eaab7fe34a0f18c86f366c67eaf5c17c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f2:8c:c9:c7:14:03:cf:74:73:48:ce:86:5d:
                    05:01:83:ea:8e:63:6f:af:28:12:f1:08:4b:d7:13:
                    0b:96:71:c2:7e:2c:47:40:7c:9b:91:3a:bc:58:57:
                    cb:90:f4:2a:17:75:54:78:d7:58:a3:79:86:02:25:
                    47:66:22:69:cb:50:b2:a4:84:41:71:5c:e6:c2:74:
                    5f:f0:b6:b7:40:28:fe:b3:ed:41:b3:0f:04:71:09:
                    7c:48:c7:4d:12:b9:b7:7b:02:a4:9b:00:ea:85:03:
                    54:ec:3b:a2:01:7e:c1:1f:39:57:c6:86:e3:21:6b:
                    8d:79:7f:9c:9e:6e:3d:57:65:d8:4f:54:0a:00:9b:
                    4a:50:6d:50:94:50:01:39:ff:b6:31:2e:e9:12:ca:
                    32:eb:30:e7:78:6d:ab:72:63:95:48:df:1d:a8:0b:
                    6e:6b:54:55:84:d5:74:9c:9a:34:fd:2d:35:a7:19:
                    89:01:dd:e1:22:a0:88:02:13:2b:af:19:38:48:ca:
                    69:60:00:14:3f:ab:bb:a8:2c:40:2e:9c:1b:57:65:
                    94:db:89:bd:2e:01:85:5d:96:11:9a:b8:cf:aa:ae:
                    34:12:36:39:f3:9b:bd:1d:ce:69:21:d7:1a:d7:58:
                    15:af:6b:3e:15:29:b0:ca:68:f8:05:a5:90:bf:12:
                    1f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A4:13:71:EA:AB:7F:E3:4A:0F:18:C8:6F:36:6C:67:EA:F5:C1:7C
            X509v3 Authority Key Identifier:
                keyid:2B:57:B0:DB:00:16:FE:62:50:95:DF:0C:6E:57:FE:07:F1:CF:28:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K1ew2wAW_mJQld8Mblf-B_HPKJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/22746e-cac8-45d3-a258-f44f35b7a95d/1/K1ew2wAW_mJQld8Mblf-B_HPKJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         47:d8:5d:a7:b1:98:a8:33:f4:b7:52:a3:18:8e:09:0f:5e:f6:
         7d:64:bd:c8:ef:d0:3f:60:f3:6f:85:d1:1e:74:a2:6f:37:25:
         37:a9:d9:dc:75:f9:a2:d3:56:e5:77:2a:e6:b8:cc:77:48:e5:
         0c:05:68:69:7a:d4:dc:d8:f1:e3:d2:8f:0d:e8:42:6b:d1:3b:
         0a:90:07:1b:06:ce:00:5c:8f:2e:67:b8:53:bc:80:dc:da:cc:
         43:7c:7d:34:05:4d:c7:c9:9b:99:38:a1:d2:b1:15:0e:37:2a:
         87:c2:b4:52:84:cc:11:a7:5e:9e:dd:57:4a:72:df:fe:2b:b5:
         57:3d:8a:0c:54:cc:d3:6f:67:8d:67:0d:f9:07:2b:e6:2f:f6:
         31:d4:38:0e:d1:8e:5f:6a:d4:a3:44:67:38:e1:45:df:4f:d0:
         f5:6e:1c:67:1b:95:70:24:26:c6:6b:6a:48:c3:af:23:37:8b:
         e7:40:e3:2a:d8:ed:3b:d7:c4:c6:93:5d:d7:30:ec:4d:b3:0b:
         36:43:73:c3:e7:a1:ca:34:7b:24:6b:a9:2c:7b:25:46:ff:be:
         cb:1c:38:68:2b:b9:cf:4b:e4:88:50:de:02:3f:94:5b:6a:9d:
         0a:28:58:1f:d3:48:6b:14:03:39:53:9b:3c:d5:01:57:20:3a:
         8d:48:85:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd7BvL7aSKYQxJK39XPcFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNTdiMGRiMDAxNmZlNjI1MDk1ZGYwYzZlNTdmZTA3ZjFj
ZjI4OWYwHhcNMjQwNjE1MjIwMjEwWhcNMjQwNjE2MjIwMjEwWjAzMTEwLwYDVQQD
EyhhMGE0MTM3MWVhYWI3ZmUzNGEwZjE4Yzg2ZjM2NmM2N2VhZjVjMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvKMyccUA890c0jOhl0FAYPqjmNv
rygS8QhL1xMLlnHCfixHQHybkTq8WFfLkPQqF3VUeNdYo3mGAiVHZiJpy1CypIRB
cVzmwnRf8La3QCj+s+1Bsw8EcQl8SMdNErm3ewKkmwDqhQNU7DuiAX7BHzlXxobj
IWuNeX+cnm49V2XYT1QKAJtKUG1QlFABOf+2MS7pEsoy6zDneG2rcmOVSN8dqAtu
a1RVhNV0nJo0/S01pxmJAd3hIqCIAhMrrxk4SMppYAAUP6u7qCxALpwbV2WU24m9
LgGFXZYRmrjPqq40EjY585u9Hc5pIdca11gVr2s+FSmwymj4BaWQvxIfAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKCkE3Hqq3/jSg8YyG82bGfq9cF8MB8GA1UdIwQY
MBaAFCtXsNsAFv5iUJXfDG5X/gfxzyifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgt
ZjQ0ZjM1YjdhOTVkLzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMjc0NmUtY2FjOC00NWQzLWEyNTgtZjQ0ZjM1YjdhOTVk
LzEvSzFldzJ3QVdfbUpRbGQ4TWJsZi1CX0hQS0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR9hdp7GY
qDP0t1KjGI4JD172fWS9yO/QP2Dzb4XRHnSibzclN6nZ3HX5otNW5Xcq5rjMd0jl
DAVoaXrU3Njx49KPDehCa9E7CpAHGwbOAFyPLme4U7yA3NrMQ3x9NAVNx8mbmTih
0rEVDjcqh8K0UoTMEadent1XSnLf/iu1Vz2KDFTM029njWcN+Qcr5i/2MdQ4DtGO
X2rUo0RnOOFF30/Q9W4cZxuVcCQmxmtqSMOvIzeL50DjKtjtO9fExpNd1zDsTbML
NkNzw+ehyjR7JGupLHslRv++yxw4aCu5z0vkiFDeAj+UW2qdCihYH9NIaxQDOVOb
PNUBVyA6jUiFPg==
-----END CERTIFICATE-----