Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
File:                     d_bMQsdY59p8S_q8ISEtHSghYDE.mft (raw, json)
Hash identifier:          LZfG5zsYgSI+aWRAORWCwLxV9VEnDFunj/il2g5pzG8=
Subject key identifier:   E8:E5:C8:A9:93:4D:12:36:4C:B8:36:C8:FB:4C:FA:60:9E:A0:E8:0D
Authority key identifier: 77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31
Certificate issuer:       /CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
Certificate serial:       01901C6A4401F68170110983DF8033FF8C83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
Manifest number:          018E
Signing time:             Sat 15 Jun 2024 15:00:44 +0000
Manifest this update:     Sat 15 Jun 2024 15:00:44 +0000
Manifest next update:     Sun 16 Jun 2024 15:00:44 +0000
Files and hashes:         1: d_bMQsdY59p8S_q8ISEtHSghYDE.crl (hash: IajbZKtLASTtmprHoIvOAKz8czB7LLrODFiIRvucFtw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:6a:44:01:f6:81:70:11:09:83:df:80:33:ff:8c:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=77f6cc42c758e7da7c4bfabc21212d1d28216031
        Validity
            Not Before: Jun 15 15:00:44 2024 GMT
            Not After : Jun 16 15:00:44 2024 GMT
        Subject: CN=e8e5c8a9934d12364cb836c8fb4cfa609ea0e80d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:90:1a:fb:61:3c:df:0d:0f:4f:68:41:fa:f8:
                    4e:a6:e5:94:9e:34:bc:7b:0d:4e:7d:d8:88:01:8d:
                    f4:29:98:ab:ce:6b:88:5f:b4:e3:32:5c:b8:06:75:
                    c1:c9:3f:67:9f:26:5b:3b:d0:b8:0d:87:77:f9:44:
                    c3:ed:c9:14:8c:91:87:b7:01:95:a8:8c:7c:63:ff:
                    d2:59:57:90:1d:e9:f5:38:15:62:ae:84:c0:e3:a5:
                    80:d7:82:21:4c:b2:a5:f7:73:2e:1e:21:8a:34:0e:
                    53:99:98:85:d6:33:5b:87:0d:0e:06:06:ce:fe:df:
                    6d:c0:9d:0a:46:21:48:b3:72:d9:48:a7:e5:c6:02:
                    f2:84:11:cd:fd:c3:41:e4:e4:fe:57:21:44:cf:f0:
                    55:b1:e8:35:89:0d:9b:a0:2b:87:89:86:13:03:28:
                    11:42:55:12:29:4e:2a:31:b5:75:b4:da:e8:b1:7d:
                    4e:4b:1c:d1:97:e9:46:3e:b4:ad:dc:4c:76:dd:55:
                    01:eb:ed:16:c1:6c:09:c9:b0:e7:42:89:66:5b:44:
                    86:51:e7:75:a7:45:c2:4a:4f:29:08:34:3f:71:0b:
                    ce:ed:f7:83:c8:f8:61:e5:6a:12:5a:2d:0c:8a:4c:
                    05:da:b5:5f:38:2b:3e:4c:2e:2b:96:96:5f:f4:a0:
                    86:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:E5:C8:A9:93:4D:12:36:4C:B8:36:C8:FB:4C:FA:60:9E:A0:E8:0D
            X509v3 Authority Key Identifier:
                keyid:77:F6:CC:42:C7:58:E7:DA:7C:4B:FA:BC:21:21:2D:1D:28:21:60:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_bMQsdY59p8S_q8ISEtHSghYDE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/974264-8eab-467a-a2dd-4becb3369dec/1/d_bMQsdY59p8S_q8ISEtHSghYDE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:8e:cd:cd:5f:73:80:44:e9:65:ea:46:7b:ec:93:13:0e:23:
         39:bd:0d:23:cb:cb:22:15:23:2e:db:bc:c5:24:c3:1f:42:6a:
         04:b6:10:83:49:3a:e3:a6:0a:c3:f6:29:f7:70:9a:52:f9:ff:
         28:57:3a:19:1f:f3:f8:e5:41:21:04:e6:6d:6c:22:0a:29:ad:
         67:2c:7d:25:cb:d6:64:a5:3b:1f:a5:f1:73:8c:37:7b:3d:ae:
         8c:95:1f:e1:ba:ef:50:2f:9a:2e:dd:e7:a7:f9:ce:e5:56:21:
         f0:6e:42:3f:69:9b:ba:37:c0:05:fb:1c:70:27:f3:ab:c8:d5:
         22:a1:30:fd:fe:e4:2e:f7:03:9e:41:5b:40:48:17:08:76:83:
         7b:73:fb:6c:97:e3:5c:7d:b3:ee:96:a9:40:bc:78:39:77:ff:
         63:39:b4:81:6b:de:c5:f0:25:53:5c:7e:4a:96:96:bc:1d:c4:
         e4:62:d7:47:e0:bd:8d:4e:b9:83:a9:7c:9a:b5:1f:31:4e:e4:
         6c:08:64:1f:37:02:63:ae:cd:fc:70:f8:1e:9d:94:d0:ad:74:
         b6:9e:2c:ad:d7:ec:78:07:34:f1:78:dd:a4:cf:f0:d6:5f:26:
         e3:a8:32:30:c1:a5:f5:66:68:51:a3:95:d0:ff:0d:61:c1:ce:
         e1:9d:8b:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAcakQB9oFwEQmD34Az/4yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjZjYzQyYzc1OGU3ZGE3YzRiZmFiYzIxMjEyZDFkMjgy
MTYwMzEwHhcNMjQwNjE1MTUwMDQ0WhcNMjQwNjE2MTUwMDQ0WjAzMTEwLwYDVQQD
EyhlOGU1YzhhOTkzNGQxMjM2NGNiODM2YzhmYjRjZmE2MDllYTBlODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZAa+2E83w0PT2hB+vhOpuWUnjS8
ew1OfdiIAY30KZirzmuIX7TjMly4BnXByT9nnyZbO9C4DYd3+UTD7ckUjJGHtwGV
qIx8Y//SWVeQHen1OBViroTA46WA14IhTLKl93MuHiGKNA5TmZiF1jNbhw0OBgbO
/t9twJ0KRiFIs3LZSKflxgLyhBHN/cNB5OT+VyFEz/BVseg1iQ2boCuHiYYTAygR
QlUSKU4qMbV1tNrosX1OSxzRl+lGPrSt3Ex23VUB6+0WwWwJybDnQolmW0SGUed1
p0XCSk8pCDQ/cQvO7feDyPhh5WoSWi0MikwF2rVfOCs+TC4rlpZf9KCGDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOjlyKmTTRI2TLg2yPtM+mCeoOgNMB8GA1UdIwQY
MBaAFHf2zELHWOfafEv6vCEhLR0oIWAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQt
NGJlY2IzMzY5ZGVjLzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy85NzQyNjQtOGVhYi00NjdhLWEyZGQtNGJlY2IzMzY5ZGVj
LzEvZF9iTVFzZFk1OXA4U19xOElTRXRIU2doWURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn47NzV9z
gETpZepGe+yTEw4jOb0NI8vLIhUjLtu8xSTDH0JqBLYQg0k646YKw/Yp93CaUvn/
KFc6GR/z+OVBIQTmbWwiCimtZyx9JcvWZKU7H6Xxc4w3ez2ujJUf4brvUC+aLt3n
p/nO5VYh8G5CP2mbujfABfsccCfzq8jVIqEw/f7kLvcDnkFbQEgXCHaDe3P7bJfj
XH2z7papQLx4OXf/Yzm0gWvexfAlU1x+SpaWvB3E5GLXR+C9jU65g6l8mrUfMU7k
bAhkHzcCY67N/HD4Hp2U0K10tp4srdfseAc08XjdpM/w1l8m46gyMMGl9WZoUaOV
0P8NYcHO4Z2Lgg==
-----END CERTIFICATE-----