Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
File:                     gU3w5sDcpazuCDqMcwTUXz0z1W0.mft (raw, json)
Hash identifier:          u2G1Je6FWaO+tdymoYir96C4hoGMVkaEF5Ckmsw5hs0=
Subject key identifier:   1A:5B:B6:94:C6:4C:B7:30:D4:67:BF:47:43:C5:67:03:09:C7:B4:23
Authority key identifier: 81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D
Certificate issuer:       /CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
Certificate serial:       01901DEB1874920BACE95C0328DE9ACDC9D6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
Manifest number:          08A6
Signing time:             Sat 15 Jun 2024 22:01:04 +0000
Manifest this update:     Sat 15 Jun 2024 22:01:04 +0000
Manifest next update:     Sun 16 Jun 2024 22:01:04 +0000
Files and hashes:         1: gU3w5sDcpazuCDqMcwTUXz0z1W0.crl (hash: CB3dxKADGv8DQa0SHospHIRwPtzz21oezSawUHRWh8A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:eb:18:74:92:0b:ac:e9:5c:03:28:de:9a:cd:c9:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=814df0e6c0dca5acee083a8c7304d45f3d33d56d
        Validity
            Not Before: Jun 15 22:01:04 2024 GMT
            Not After : Jun 16 22:01:04 2024 GMT
        Subject: CN=1a5bb694c64cb730d467bf4743c5670309c7b423
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1d:e0:de:0f:7c:8c:45:92:62:14:1f:da:8a:
                    3c:4f:f2:e7:cb:31:de:66:ea:b7:10:fa:0b:96:2a:
                    35:00:bd:90:81:87:6f:c8:6f:bc:9a:d7:b9:91:db:
                    14:1a:55:51:a0:77:93:99:3c:68:43:ad:8b:30:25:
                    9e:43:0e:7e:3c:ef:28:35:85:8a:cc:b2:80:9f:48:
                    62:ce:6d:ee:c8:0a:1f:04:7c:b6:c5:e3:88:01:27:
                    15:96:71:8f:40:7e:48:36:77:74:4d:aa:e5:68:76:
                    42:c0:e1:fb:18:b9:09:f7:7d:7b:b8:d8:bf:ae:b2:
                    f0:e5:58:19:72:39:80:1b:d8:6b:07:e4:d0:92:91:
                    27:15:13:c0:55:53:a8:bb:54:db:b7:91:e3:85:2e:
                    2f:c9:95:71:39:2d:d5:9e:92:fa:07:51:c4:49:c0:
                    47:a3:a6:a2:54:77:0d:37:fc:3b:dc:22:84:20:a7:
                    22:a2:5b:e1:0f:ef:c5:d3:cf:af:d1:93:6a:c5:5f:
                    cc:14:c3:21:3f:f7:66:52:8d:cd:fb:10:38:b1:9d:
                    5c:c7:c7:15:04:36:38:c8:d0:74:75:0e:91:43:e7:
                    3a:50:7b:fd:3c:86:47:c5:2a:17:29:62:ab:37:49:
                    0c:77:24:8e:10:e7:11:e6:8f:34:c5:8c:ca:2b:69:
                    d1:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:5B:B6:94:C6:4C:B7:30:D4:67:BF:47:43:C5:67:03:09:C7:B4:23
            X509v3 Authority Key Identifier:
                keyid:81:4D:F0:E6:C0:DC:A5:AC:EE:08:3A:8C:73:04:D4:5F:3D:33:D5:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gU3w5sDcpazuCDqMcwTUXz0z1W0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5140ee-6fef-46ac-be32-d0d2f2ca8cbc/1/gU3w5sDcpazuCDqMcwTUXz0z1W0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:ce:5e:bd:eb:a3:f7:60:43:6d:60:54:75:88:13:26:69:99:
         58:2f:d9:18:49:44:81:57:e4:a7:ec:e6:34:d8:c3:4f:5b:b1:
         7b:1f:c1:a5:5f:9c:bd:b9:52:ff:fe:4d:3f:13:04:9b:5e:78:
         c4:c1:5a:be:9c:71:67:b1:c5:18:7d:44:dd:5c:a5:a5:bf:30:
         b2:42:70:6c:11:04:5c:db:cd:81:2c:39:4b:02:6b:31:c3:2e:
         7a:77:c4:d2:3a:dc:82:f1:bf:d8:90:b2:85:6a:65:34:c2:6d:
         e2:30:5c:81:c0:ef:4c:de:4c:f0:8f:bb:59:91:80:ad:22:6e:
         65:ea:e5:f4:5b:98:d4:8a:7b:d2:82:f1:01:be:39:eb:05:2c:
         51:df:d5:79:2d:00:16:fb:6a:35:06:01:27:b3:ba:09:8f:ce:
         6f:89:8f:20:6e:49:2e:d1:92:a2:f6:60:95:9d:a2:4c:e5:bb:
         be:a3:07:9c:f9:4d:11:91:c8:bc:f5:61:1a:d0:2b:ee:df:05:
         ad:28:30:38:a3:9e:8b:7b:8f:c4:72:f4:f5:d3:af:31:5a:5d:
         3d:98:9a:00:1b:8e:4f:49:30:95:1f:c3:de:a0:05:10:92:ba:
         4a:f5:d9:73:bd:54:e2:68:59:6e:07:43:8c:23:16:5e:c5:57:
         e6:d6:79:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd6xh0kgus6VwDKN6azcnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNGRmMGU2YzBkY2E1YWNlZTA4M2E4YzczMDRkNDVmM2Qz
M2Q1NmQwHhcNMjQwNjE1MjIwMTA0WhcNMjQwNjE2MjIwMTA0WjAzMTEwLwYDVQQD
EygxYTViYjY5NGM2NGNiNzMwZDQ2N2JmNDc0M2M1NjcwMzA5YzdiNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh3g3g98jEWSYhQf2oo8T/LnyzHe
Zuq3EPoLlio1AL2QgYdvyG+8mte5kdsUGlVRoHeTmTxoQ62LMCWeQw5+PO8oNYWK
zLKAn0hizm3uyAofBHy2xeOIAScVlnGPQH5INnd0TarlaHZCwOH7GLkJ9317uNi/
rrLw5VgZcjmAG9hrB+TQkpEnFRPAVVOou1Tbt5HjhS4vyZVxOS3VnpL6B1HEScBH
o6aiVHcNN/w73CKEIKciolvhD+/F08+v0ZNqxV/MFMMhP/dmUo3N+xA4sZ1cx8cV
BDY4yNB0dQ6RQ+c6UHv9PIZHxSoXKWKrN0kMdySOEOcR5o80xYzKK2nRCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBpbtpTGTLcw1Ge/R0PFZwMJx7QjMB8GA1UdIwQY
MBaAFIFN8ObA3KWs7gg6jHME1F89M9VtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzIt
ZDBkMmYyY2E4Y2JjLzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81MTQwZWUtNmZlZi00NmFjLWJlMzItZDBkMmYyY2E4Y2Jj
LzEvZ1UzdzVzRGNwYXp1Q0RxTWN3VFVYejB6MVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoc5eveuj
92BDbWBUdYgTJmmZWC/ZGElEgVfkp+zmNNjDT1uxex/BpV+cvblS//5NPxMEm154
xMFavpxxZ7HFGH1E3Vylpb8wskJwbBEEXNvNgSw5SwJrMcMuenfE0jrcgvG/2JCy
hWplNMJt4jBcgcDvTN5M8I+7WZGArSJuZerl9FuY1Ip70oLxAb456wUsUd/VeS0A
FvtqNQYBJ7O6CY/Ob4mPIG5JLtGSovZglZ2iTOW7vqMHnPlNEZHIvPVhGtAr7t8F
rSgwOKOei3uPxHL09dOvMVpdPZiaABuOT0kwlR/D3qAFEJK6SvXZc71U4mhZbgdD
jCMWXsVX5tZ52g==
-----END CERTIFICATE-----