Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          0mnlNyjhsowbwYDdI7TrwgMYjFUkkrJf5wwvJAXfNko=
Subject key identifier:   35:8A:DA:0C:2D:4C:3F:B2:95:77:30:B3:CE:DE:03:80:9C:90:F8:CE
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       01901C6A2DFE22056110F92464023A23EF4B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          0211
Signing time:             Sat 15 Jun 2024 15:00:38 +0000
Manifest this update:     Sat 15 Jun 2024 15:00:38 +0000
Manifest next update:     Sun 16 Jun 2024 15:00:38 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: FCACbxABThIiTMfOgrq8P/MJ+XJ6axhaDt9oX6yQKrA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:6a:2d:fe:22:05:61:10:f9:24:64:02:3a:23:ef:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Jun 15 15:00:38 2024 GMT
            Not After : Jun 16 15:00:38 2024 GMT
        Subject: CN=358ada0c2d4c3fb2957730b3cede03809c90f8ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:25:75:9d:1a:88:a0:df:62:a6:40:01:4e:bc:
                    94:f3:81:61:f2:64:a1:44:bb:36:66:a3:39:78:d2:
                    79:02:d2:13:5c:47:9c:1b:b7:7f:2c:c6:56:95:f1:
                    57:28:96:db:ec:5d:1d:2d:29:dc:17:8e:32:97:67:
                    ca:ba:9f:97:e4:91:85:d7:c4:e3:da:00:ef:22:3b:
                    2b:3e:88:bc:0c:ed:05:cd:2a:f6:ca:0d:63:f6:89:
                    00:b9:a8:07:e6:0f:bc:1e:c6:33:cd:54:04:93:ad:
                    f3:64:34:90:af:33:1e:d8:d7:e5:20:43:94:4b:81:
                    09:05:c8:be:39:52:ec:35:3e:0f:f8:45:35:25:64:
                    1d:d3:27:5b:11:a4:b8:43:06:61:66:91:11:1d:ef:
                    f2:bf:21:09:f0:e5:e3:1e:13:da:df:a7:86:15:89:
                    3f:26:08:54:a6:ff:74:f0:77:ef:c2:76:f2:32:76:
                    f6:18:55:09:bd:e4:27:a8:33:de:45:b5:57:28:83:
                    c0:86:35:9f:70:34:6a:da:87:79:3b:54:9b:69:40:
                    f7:45:73:03:56:67:f8:83:78:6a:5b:87:99:af:2b:
                    6b:2f:29:2d:5d:ff:8d:ea:6c:73:9c:77:d0:3c:77:
                    d3:58:37:07:bf:4b:10:06:49:1c:4f:da:85:a6:43:
                    f9:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:8A:DA:0C:2D:4C:3F:B2:95:77:30:B3:CE:DE:03:80:9C:90:F8:CE
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         05:97:2c:fd:0e:56:43:e9:2d:64:8a:e4:f0:c5:58:26:fc:f1:
         a2:84:c7:e1:58:d6:84:22:4a:0f:83:99:1e:b6:d3:fa:48:b4:
         cc:2f:3d:8a:83:fa:10:2f:5b:28:0a:6f:86:95:56:1e:e0:6b:
         15:35:4b:87:15:64:44:5e:df:4c:f8:3f:61:04:ce:dd:4f:08:
         95:c1:a8:a5:cc:a5:e9:06:a4:97:e8:d4:90:c3:81:25:5e:cd:
         ee:ad:c6:97:9d:a0:2a:ea:55:ff:93:51:f2:3f:16:15:01:37:
         54:a6:87:e0:e7:76:93:8d:fb:c3:5b:e9:86:6f:e3:81:e5:0e:
         13:28:ed:99:47:b9:40:8d:f8:99:9a:66:e7:8e:7b:7b:9e:6f:
         e6:97:c6:14:89:4a:18:b4:65:d5:c5:80:5b:1c:8e:13:d0:49:
         cf:a7:83:25:89:70:2d:77:80:38:39:58:72:b1:39:b3:8a:2d:
         7e:41:de:3b:2c:77:ee:ff:c3:ee:86:82:4d:66:72:a9:c1:ba:
         35:2a:15:50:66:d1:13:40:ac:08:44:f2:a8:1c:eb:8c:8c:12:
         be:31:1e:07:0b:a7:e2:a4:24:3a:49:71:74:f5:3a:f8:fa:5a:
         04:c1:79:0e:8d:4f:5e:03:b9:b7:05:25:bb:72:86:a9:00:1a:
         2d:6e:c0:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAcai3+IgVhEPkkZAI6I+9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjQwNjE1MTUwMDM4WhcNMjQwNjE2MTUwMDM4WjAzMTEwLwYDVQQD
EygzNThhZGEwYzJkNGMzZmIyOTU3NzMwYjNjZWRlMDM4MDljOTBmOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyV1nRqIoN9ipkABTryU84Fh8mSh
RLs2ZqM5eNJ5AtITXEecG7d/LMZWlfFXKJbb7F0dLSncF44yl2fKup+X5JGF18Tj
2gDvIjsrPoi8DO0FzSr2yg1j9okAuagH5g+8HsYzzVQEk63zZDSQrzMe2NflIEOU
S4EJBci+OVLsNT4P+EU1JWQd0ydbEaS4QwZhZpERHe/yvyEJ8OXjHhPa36eGFYk/
JghUpv908HfvwnbyMnb2GFUJveQnqDPeRbVXKIPAhjWfcDRq2od5O1SbaUD3RXMD
Vmf4g3hqW4eZrytrLyktXf+N6mxznHfQPHfTWDcHv0sQBkkcT9qFpkP5uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWK2gwtTD+ylXcws87eA4CckPjOMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZcs/Q5W
Q+ktZIrk8MVYJvzxooTH4VjWhCJKD4OZHrbT+ki0zC89ioP6EC9bKApvhpVWHuBr
FTVLhxVkRF7fTPg/YQTO3U8IlcGopcyl6Qakl+jUkMOBJV7N7q3Gl52gKupV/5NR
8j8WFQE3VKaH4Od2k437w1vphm/jgeUOEyjtmUe5QI34mZpm5457e55v5pfGFIlK
GLRl1cWAWxyOE9BJz6eDJYlwLXeAODlYcrE5s4otfkHeOyx37v/D7oaCTWZyqcG6
NSoVUGbRE0CsCETyqBzrjIwSvjEeBwun4qQkOklxdPU6+PpaBMF5Do1PXgO5twUl
u3KGqQAaLW7AMA==
-----END CERTIFICATE-----