Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
File:                     MKNPnR29IKqH-w9ivStsXjDGFKI.mft (raw, json)
Hash identifier:          exsQcr7pG9KWV2s9fIjz5saePzeEhByEW/NWqMsdcQE=
Subject key identifier:   63:1F:50:F7:90:41:85:F8:4E:5A:84:D4:23:92:0D:56:5E:B8:ED:22
Authority key identifier: 30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2
Certificate issuer:       /CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
Certificate serial:       01901C6A5232BE3A1A717600573FA763F81F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
Manifest number:          0276
Signing time:             Sat 15 Jun 2024 15:00:48 +0000
Manifest this update:     Sat 15 Jun 2024 15:00:48 +0000
Manifest next update:     Sun 16 Jun 2024 15:00:48 +0000
Files and hashes:         1: MKNPnR29IKqH-w9ivStsXjDGFKI.crl (hash: IGkn0h1seFAAdxsOYxKxla/2J6miXMAkOBWYjJYXVp8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:6a:52:32:be:3a:1a:71:76:00:57:3f:a7:63:f8:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=30a34f9d1dbd20aa87fb0f62bd2b6c5e30c614a2
        Validity
            Not Before: Jun 15 15:00:48 2024 GMT
            Not After : Jun 16 15:00:48 2024 GMT
        Subject: CN=631f50f7904185f84e5a84d423920d565eb8ed22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:00:0c:e1:23:98:a7:ee:4a:39:82:03:6c:a1:
                    2d:eb:1a:5c:1c:15:2b:ec:c4:38:1f:0a:3f:e3:6a:
                    79:81:3a:c6:fa:e6:84:a7:1c:3a:8a:14:96:29:a6:
                    78:f6:5c:f3:19:31:5f:5c:82:42:be:17:af:fe:25:
                    00:5d:fa:d3:03:0c:00:01:43:63:11:34:22:bc:5d:
                    c0:c5:e9:f4:2f:ec:22:c2:c2:b2:ab:f6:de:d1:43:
                    09:5e:65:eb:cd:88:65:27:0a:f4:68:93:6a:5a:cf:
                    bc:88:d0:6f:5e:36:93:d1:1f:86:c8:2f:22:76:60:
                    71:27:ba:82:83:31:b5:ab:1f:d0:f5:df:d7:63:94:
                    86:16:7f:95:f8:c1:e7:fb:25:a7:97:88:79:09:2f:
                    49:92:2e:1f:ac:65:1d:da:56:b3:e8:e6:cb:63:4f:
                    14:f1:7e:46:c9:a6:76:f7:34:df:78:d8:97:9c:78:
                    66:59:6f:b4:27:99:d9:ad:f6:11:4e:d0:f8:da:36:
                    1d:25:a0:d7:a6:59:45:d7:03:e0:0a:7a:ab:89:0a:
                    d8:76:7f:2b:6e:70:08:bd:83:b3:e8:be:16:40:19:
                    bd:bc:b4:bf:fd:a4:13:4c:ae:4c:3d:54:fc:0b:f3:
                    07:e1:a2:ec:39:dc:b8:09:b5:af:c7:ac:c3:8b:b6:
                    30:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:1F:50:F7:90:41:85:F8:4E:5A:84:D4:23:92:0D:56:5E:B8:ED:22
            X509v3 Authority Key Identifier:
                keyid:30:A3:4F:9D:1D:BD:20:AA:87:FB:0F:62:BD:2B:6C:5E:30:C6:14:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKNPnR29IKqH-w9ivStsXjDGFKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ee4732-c3ba-4088-a5fa-eb653d3622bb/1/MKNPnR29IKqH-w9ivStsXjDGFKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:a4:a7:72:84:0e:30:e4:c2:f3:03:bb:2a:d8:1f:17:00:3a:
         ae:d3:27:57:cf:2f:9f:d9:5b:31:2e:38:7b:07:95:4c:5c:98:
         3d:fa:2f:79:fc:46:fa:d4:37:33:e0:4e:a3:5b:87:46:2e:14:
         6e:46:4e:35:1d:96:9b:94:69:c3:50:0d:ad:d1:fe:76:17:69:
         01:b2:ea:67:08:31:3f:56:fc:13:9c:fb:06:9d:a3:0b:70:28:
         cf:00:12:6c:17:f1:d0:99:51:c8:b3:ae:da:0e:b2:ce:d0:b3:
         f6:ad:97:a3:a6:5b:e7:6b:70:c5:01:03:41:8c:d1:0b:19:1e:
         36:19:73:69:c8:4c:d4:e4:09:98:db:24:d9:53:e6:68:9a:53:
         85:dd:c1:24:34:a3:20:f0:bd:69:57:3e:41:57:4d:d8:28:bd:
         74:0e:59:47:8a:c2:98:8b:3e:9a:88:4f:19:4f:dd:9b:49:1a:
         aa:e0:0b:e0:21:58:f1:b8:ae:bf:34:cc:ee:e8:eb:d5:80:ea:
         03:40:c4:90:b4:87:5d:66:a8:1f:49:9a:9b:ba:ad:7d:93:bf:
         6f:67:b2:7d:01:e9:33:2d:82:cf:7c:f1:69:a7:6f:00:21:31:
         af:6b:74:2d:6c:eb:db:d8:2d:4e:2c:8f:33:ff:d4:15:90:4c:
         d4:b3:99:d8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAcalIyvjoacXYAVz+nY/gfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYTM0ZjlkMWRiZDIwYWE4N2ZiMGY2MmJkMmI2YzVlMzBj
NjE0YTIwHhcNMjQwNjE1MTUwMDQ4WhcNMjQwNjE2MTUwMDQ4WjAzMTEwLwYDVQQD
Eyg2MzFmNTBmNzkwNDE4NWY4NGU1YTg0ZDQyMzkyMGQ1NjVlYjhlZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQAM4SOYp+5KOYIDbKEt6xpcHBUr
7MQ4Hwo/42p5gTrG+uaEpxw6ihSWKaZ49lzzGTFfXIJCvhev/iUAXfrTAwwAAUNj
ETQivF3Axen0L+wiwsKyq/be0UMJXmXrzYhlJwr0aJNqWs+8iNBvXjaT0R+GyC8i
dmBxJ7qCgzG1qx/Q9d/XY5SGFn+V+MHn+yWnl4h5CS9Jki4frGUd2laz6ObLY08U
8X5GyaZ29zTfeNiXnHhmWW+0J5nZrfYRTtD42jYdJaDXpllF1wPgCnqriQrYdn8r
bnAIvYOz6L4WQBm9vLS//aQTTK5MPVT8C/MH4aLsOdy4CbWvx6zDi7YwYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGMfUPeQQYX4TlqE1COSDVZeuO0iMB8GA1UdIwQY
MBaAFDCjT50dvSCqh/sPYr0rbF4wxhSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEt
ZWI2NTNkMzYyMmJiLzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lZTQ3MzItYzNiYS00MDg4LWE1ZmEtZWI2NTNkMzYyMmJi
LzEvTUtOUG5SMjlJS3FILXc5aXZTdHNYakRHRktJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX6SncoQO
MOTC8wO7KtgfFwA6rtMnV88vn9lbMS44eweVTFyYPfovefxG+tQ3M+BOo1uHRi4U
bkZONR2Wm5Rpw1ANrdH+dhdpAbLqZwgxP1b8E5z7Bp2jC3AozwASbBfx0JlRyLOu
2g6yztCz9q2Xo6Zb52twxQEDQYzRCxkeNhlzachM1OQJmNsk2VPmaJpThd3BJDSj
IPC9aVc+QVdN2Ci9dA5ZR4rCmIs+mohPGU/dm0kaquAL4CFY8biuvzTM7ujr1YDq
A0DEkLSHXWaoH0mam7qtfZO/b2eyfQHpMy2Cz3zxaadvACExr2t0LWzr29gtTiyP
M//UFZBM1LOZ2A==
-----END CERTIFICATE-----