Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
File:                     tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft (raw, json)
Hash identifier:          +iVLO0yREQDJFOZ+qFmdj3CbEKO/ZZzwP12Kda7vOHQ=
Subject key identifier:   D0:0E:BF:6E:16:DA:B0:67:ED:D3:0D:B9:E6:C0:25:58:3C:01:CB:33
Authority key identifier: B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F
Certificate issuer:       /CN=b56daa6f850414a13f650df094506628a46dc12f
Certificate serial:       01901D468358FE14BAFC424497635E582F01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
Manifest number:          0CC1
Signing time:             Sat 15 Jun 2024 19:01:18 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:18 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:18 +0000
Files and hashes:         1: tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl (hash: gN5TKVFEjySArMwwWrtekM+mFCpVcD3CManOmEhe2GY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:01:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:83:58:fe:14:ba:fc:42:44:97:63:5e:58:2f:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b56daa6f850414a13f650df094506628a46dc12f
        Validity
            Not Before: Jun 15 19:01:18 2024 GMT
            Not After : Jun 16 19:01:18 2024 GMT
        Subject: CN=d00ebf6e16dab067edd30db9e6c025583c01cb33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a2:ea:0c:ff:c5:fd:74:7f:82:39:28:61:4d:
                    78:bf:58:6a:72:cf:64:f6:27:f3:71:fb:e8:1f:e2:
                    ff:be:77:76:93:cf:b6:f8:a0:c5:3c:5b:bb:d5:84:
                    08:c0:c6:c4:76:40:c9:88:6a:d9:09:ca:1d:cb:3c:
                    de:52:0c:63:27:12:c0:09:c7:3f:f7:83:7d:57:7b:
                    49:9c:59:20:2d:bd:76:bd:ff:dd:07:c1:b0:91:38:
                    9b:50:e1:da:9e:69:d7:30:c0:62:33:5f:83:0b:c2:
                    19:48:90:74:68:20:a1:f1:c6:ed:16:1e:f8:ad:d6:
                    9a:e4:48:97:14:b2:80:38:0d:dc:1c:61:40:8c:76:
                    d1:a7:57:2c:78:62:b7:b2:41:22:0a:a1:d4:78:c8:
                    ac:60:9a:a8:42:a5:ac:70:a6:ec:fe:8e:9e:58:57:
                    81:8e:1e:2f:a1:38:9d:bb:38:49:2c:71:9e:28:55:
                    4e:e9:d7:72:48:6c:8b:bc:34:e8:ce:8f:3b:b4:91:
                    64:24:1f:7b:fd:77:70:c6:a8:d0:5d:24:79:8d:57:
                    b4:90:04:55:7b:c0:25:e1:88:d8:b9:36:71:8d:3a:
                    49:37:8a:22:5a:6f:29:28:97:86:72:02:ac:e9:d8:
                    a4:9c:fb:0f:b3:89:07:70:a7:e8:56:34:13:45:2a:
                    ce:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:0E:BF:6E:16:DA:B0:67:ED:D3:0D:B9:E6:C0:25:58:3C:01:CB:33
            X509v3 Authority Key Identifier:
                keyid:B5:6D:AA:6F:85:04:14:A1:3F:65:0D:F0:94:50:66:28:A4:6D:C1:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3bee01-1fb8-47e2-b766-fe0a2ac0869f/1/tW2qb4UEFKE_ZQ3wlFBmKKRtwS8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         14:7d:b2:8d:b1:72:08:33:47:6d:24:c8:6b:d6:e0:e2:ab:dc:
         5a:0d:89:41:1d:39:8d:fc:05:13:27:8e:8d:05:ef:91:27:df:
         94:b3:5b:93:f5:dd:4f:07:24:2f:5f:f9:88:61:8e:62:fc:74:
         10:29:a9:d0:9a:f3:f5:48:24:07:56:8d:93:99:1e:94:c5:51:
         fb:90:e5:e4:f7:e6:fd:8c:b9:eb:14:99:9b:07:7d:d6:16:e8:
         cd:2e:ff:96:1d:61:0f:dc:7e:72:ce:72:d8:11:d8:5b:28:29:
         01:dc:dc:dc:75:24:a4:26:00:64:22:e5:7c:3a:39:f4:70:e8:
         29:14:3d:a1:52:b7:70:03:33:ea:34:f6:db:26:4a:8a:28:51:
         cf:9b:d3:d2:93:87:fb:7f:03:99:a6:05:6c:f2:85:de:37:c1:
         bd:79:b6:f4:a1:aa:15:5c:e7:6c:e3:17:da:33:58:e5:b4:7c:
         5b:8c:b8:82:6b:ce:35:e5:53:6b:94:8a:2f:bc:0f:99:fb:0a:
         b2:cd:47:82:5b:cf:43:ad:d8:1b:56:eb:d2:ae:b8:40:53:a6:
         62:20:14:17:30:3c:23:5f:09:23:d5:66:e1:db:f5:b5:f0:47:
         3d:18:b6:d9:da:77:4a:15:b4:85:f6:86:39:34:48:06:4a:7c:
         76:ad:5a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRoNY/hS6/EJEl2NeWC8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NmRhYTZmODUwNDE0YTEzZjY1MGRmMDk0NTA2NjI4YTQ2
ZGMxMmYwHhcNMjQwNjE1MTkwMTE4WhcNMjQwNjE2MTkwMTE4WjAzMTEwLwYDVQQD
EyhkMDBlYmY2ZTE2ZGFiMDY3ZWRkMzBkYjllNmMwMjU1ODNjMDFjYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqLqDP/F/XR/gjkoYU14v1hqcs9k
9ifzcfvoH+L/vnd2k8+2+KDFPFu71YQIwMbEdkDJiGrZCcodyzzeUgxjJxLACcc/
94N9V3tJnFkgLb12vf/dB8GwkTibUOHanmnXMMBiM1+DC8IZSJB0aCCh8cbtFh74
rdaa5EiXFLKAOA3cHGFAjHbRp1cseGK3skEiCqHUeMisYJqoQqWscKbs/o6eWFeB
jh4voTiduzhJLHGeKFVO6ddySGyLvDTozo87tJFkJB97/XdwxqjQXSR5jVe0kARV
e8Al4YjYuTZxjTpJN4oiWm8pKJeGcgKs6diknPsPs4kHcKfoVjQTRSrOJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAOv24W2rBn7dMNuebAJVg8AcszMB8GA1UdIwQY
MBaAFLVtqm+FBBShP2UN8JRQZiikbcEvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYt
ZmUwYTJhYzA4NjlmLzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zYmVlMDEtMWZiOC00N2UyLWI3NjYtZmUwYTJhYzA4Njlm
LzEvdFcycWI0VUVGS0VfWlEzd2xGQm1LS1J0d1M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFH2yjbFy
CDNHbSTIa9bg4qvcWg2JQR05jfwFEyeOjQXvkSfflLNbk/XdTwckL1/5iGGOYvx0
ECmp0Jrz9UgkB1aNk5kelMVR+5Dl5Pfm/Yy56xSZmwd91hbozS7/lh1hD9x+cs5y
2BHYWygpAdzc3HUkpCYAZCLlfDo59HDoKRQ9oVK3cAMz6jT22yZKiihRz5vT0pOH
+38DmaYFbPKF3jfBvXm29KGqFVznbOMX2jNY5bR8W4y4gmvONeVTa5SKL7wPmfsK
ss1HglvPQ63YG1br0q64QFOmYiAUFzA8I18JI9Vm4dv1tfBHPRi22dp3ShW0hfaG
OTRIBkp8dq1aYg==
-----END CERTIFICATE-----