Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
File:                     MN-QKoFpKFoeCclwPGOg89St7kg.mft (raw, json)
Hash identifier:          NG7K95zV2GJ2yhxtfj8C6wwttaUKdSpEdpDLo/FCVfI=
Subject key identifier:   5C:82:AF:3A:A9:96:D3:8E:0E:0B:B8:BA:59:AF:B5:F9:C6:87:B7:A6
Authority key identifier: 30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48
Certificate issuer:       /CN=30df902a8169285a1e09c9703c63a0f3d4adee48
Certificate serial:       0190377388EF9DD334BC9378897DF5C90BEB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
Manifest number:          021F
Signing time:             Thu 20 Jun 2024 21:00:36 +0000
Manifest this update:     Thu 20 Jun 2024 21:00:36 +0000
Manifest next update:     Fri 21 Jun 2024 21:00:36 +0000
Files and hashes:         1: MN-QKoFpKFoeCclwPGOg89St7kg.crl (hash: F+Duhfx9JxoZwqhOvCujJt8xqu46MoUGXVwUasxC/hc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 21 Jun 2024 21:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:37:73:88:ef:9d:d3:34:bc:93:78:89:7d:f5:c9:0b:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30df902a8169285a1e09c9703c63a0f3d4adee48
        Validity
            Not Before: Jun 20 21:00:36 2024 GMT
            Not After : Jun 21 21:00:36 2024 GMT
        Subject: CN=5c82af3aa996d38e0e0bb8ba59afb5f9c687b7a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:af:0c:f3:07:5f:09:ec:4d:ca:a9:b0:f6:
                    91:bc:b5:86:c2:64:ef:ef:db:84:66:d7:18:9d:f7:
                    9a:d0:7b:d4:1f:32:fb:dc:8e:ea:4c:f6:34:e4:84:
                    41:95:03:84:c8:7d:51:32:0c:ca:36:d6:f7:13:de:
                    ad:d0:8f:8e:b1:eb:37:e7:45:93:ee:96:29:80:e7:
                    4e:8d:59:a4:95:76:46:2a:1f:9b:a5:f5:a9:b7:87:
                    0f:3e:ff:b5:9b:9b:83:80:22:27:ee:42:f4:cb:50:
                    2e:70:c1:61:9e:5c:9b:33:70:6c:28:de:99:5f:1d:
                    8d:28:f4:05:be:a9:86:87:8f:d8:0c:66:ab:7f:f2:
                    47:2b:df:72:9c:76:13:40:f0:c4:a1:39:30:51:f7:
                    09:39:49:13:e3:4a:65:e1:34:36:aa:74:54:55:79:
                    20:9e:87:08:35:43:60:8c:ee:82:c2:25:49:69:45:
                    90:93:59:d4:f1:e2:ec:b1:fd:72:f1:ee:d2:f4:43:
                    35:1f:26:b9:1f:a6:1a:89:e8:d8:9d:5d:f4:2d:41:
                    4b:32:57:dd:f7:d7:4c:b5:95:cb:07:38:58:db:bd:
                    32:f0:50:21:fa:77:14:93:20:06:d0:f1:28:81:20:
                    f4:86:fa:a0:f5:5d:9e:22:5e:bd:da:58:dd:83:d8:
                    64:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:82:AF:3A:A9:96:D3:8E:0E:0B:B8:BA:59:AF:B5:F9:C6:87:B7:A6
            X509v3 Authority Key Identifier:
                keyid:30:DF:90:2A:81:69:28:5A:1E:09:C9:70:3C:63:A0:F3:D4:AD:EE:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MN-QKoFpKFoeCclwPGOg89St7kg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/ba7a80-5d54-4e24-99f9-e2994534495a/1/MN-QKoFpKFoeCclwPGOg89St7kg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b5:e5:4e:f7:35:98:ad:e7:09:09:e4:1f:d8:14:74:f8:b5:a7:
         3b:ba:7a:e9:cb:2b:80:24:b5:8e:e3:ba:ef:7a:f1:9c:67:62:
         06:49:67:af:5e:f7:3e:f4:0c:9b:c9:a1:6c:f4:e3:0e:85:23:
         3f:12:a5:2b:15:eb:c8:df:68:e4:fb:c0:be:cb:db:db:27:3c:
         cd:71:06:0f:eb:1f:7a:d7:b4:20:cf:08:d4:09:e5:c6:ad:7f:
         c9:dd:15:76:f1:b7:c7:c9:46:99:e3:04:94:d3:ab:48:5c:a5:
         7a:3b:a9:47:e4:5f:b1:de:f9:74:96:46:42:0b:c9:ad:51:5e:
         f8:f0:af:48:ff:3d:f1:d9:ab:ae:d2:ad:25:ed:9c:c2:93:b6:
         95:d9:32:ea:27:64:fb:bd:0a:1c:98:64:1c:d0:44:34:7d:cd:
         87:2b:0a:b0:84:c1:24:e8:44:9b:28:9b:47:38:8c:79:04:c9:
         6d:98:86:cc:3e:aa:24:41:c4:2d:84:a0:87:95:eb:87:08:4e:
         14:0a:a3:27:65:58:e8:b3:40:6d:6c:c8:d6:7a:98:d1:33:cc:
         dd:e1:ba:1e:f1:dc:87:b6:da:58:36:f9:52:66:9f:aa:e1:3b:
         25:7f:7d:dd:3c:0a:75:d4:7a:6d:6a:73:c3:1f:f7:b4:3b:e1:
         80:0a:4c:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZA3c4jvndM0vJN4iX31yQvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZGY5MDJhODE2OTI4NWExZTA5Yzk3MDNjNjNhMGYzZDRh
ZGVlNDgwHhcNMjQwNjIwMjEwMDM2WhcNMjQwNjIxMjEwMDM2WjAzMTEwLwYDVQQD
Eyg1YzgyYWYzYWE5OTZkMzhlMGUwYmI4YmE1OWFmYjVmOWM2ODdiN2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYmvDPMHXwnsTcqpsPaRvLWGwmTv
79uEZtcYnfea0HvUHzL73I7qTPY05IRBlQOEyH1RMgzKNtb3E96t0I+Oses350WT
7pYpgOdOjVmklXZGKh+bpfWpt4cPPv+1m5uDgCIn7kL0y1AucMFhnlybM3BsKN6Z
Xx2NKPQFvqmGh4/YDGarf/JHK99ynHYTQPDEoTkwUfcJOUkT40pl4TQ2qnRUVXkg
nocINUNgjO6CwiVJaUWQk1nU8eLssf1y8e7S9EM1Hya5H6YaiejYnV30LUFLMlfd
99dMtZXLBzhY270y8FAh+ncUkyAG0PEogSD0hvqg9V2eIl692ljdg9hkrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyCrzqpltOODgu4ulmvtfnGh7emMB8GA1UdIwQY
MBaAFDDfkCqBaShaHgnJcDxjoPPUre5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5Zjkt
ZTI5OTQ1MzQ0OTVhLzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9iYTdhODAtNWQ1NC00ZTI0LTk5ZjktZTI5OTQ1MzQ0OTVh
LzEvTU4tUUtvRnBLRm9lQ2Nsd1BHT2c4OVN0N2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAteVO9zWY
recJCeQf2BR0+LWnO7p66csrgCS1juO673rxnGdiBklnr173PvQMm8mhbPTjDoUj
PxKlKxXryN9o5PvAvsvb2yc8zXEGD+sfete0IM8I1Anlxq1/yd0VdvG3x8lGmeME
lNOrSFylejupR+Rfsd75dJZGQgvJrVFe+PCvSP898dmrrtKtJe2cwpO2ldky6idk
+70KHJhkHNBENH3NhysKsITBJOhEmyibRziMeQTJbZiGzD6qJEHELYSgh5XrhwhO
FAqjJ2VY6LNAbWzI1nqY0TPM3eG6HvHch7baWDb5UmafquE7JX993TwKddR6bWpz
wx/3tDvhgApMpA==
-----END CERTIFICATE-----