Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
File:                     2axioKJWftFz3CqtN25FXIW8trs.mft (raw, json)
Hash identifier:          OLx2VlGgK1fDoBAjR9NHvvfJpobqurvVU98KBG6iUsU=
Subject key identifier:   0F:1B:1C:52:7A:42:BD:F7:5C:51:FE:D7:65:70:F5:41:42:F4:04:E5
Authority key identifier: D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB
Certificate issuer:       /CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
Certificate serial:       018F497D929C3EFD2CB73A84E2DDEE91AB09
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
Manifest number:          1154
Signing time:             Sun 05 May 2024 16:01:57 +0000
Manifest this update:     Sun 05 May 2024 16:01:57 +0000
Manifest next update:     Mon 06 May 2024 16:01:57 +0000
Files and hashes:         1: 2axioKJWftFz3CqtN25FXIW8trs.crl (hash: Mkjck8d4VJHTqorqV887pl45xrH/yv2DSZjnLp6SgNg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 16:01:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:49:7d:92:9c:3e:fd:2c:b7:3a:84:e2:dd:ee:91:ab:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9ac62a0a2567ed173dc2aad376e455c85bcb6bb
        Validity
            Not Before: May  5 16:01:57 2024 GMT
            Not After : May  6 16:01:57 2024 GMT
        Subject: CN=0f1b1c527a42bdf75c51fed76570f54142f404e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:9c:c0:ca:b9:df:2a:d2:cc:29:35:75:9e:a7:
                    1d:81:3c:52:5d:f1:b7:4a:00:5b:2d:99:a7:a4:ca:
                    5e:c3:99:a0:2b:74:24:52:d5:14:ec:e4:69:a7:8c:
                    60:0a:4d:fb:b7:ac:41:a2:93:d2:69:03:1c:ae:1c:
                    28:cb:aa:3c:ac:9c:8c:e5:60:b0:b1:48:56:29:9d:
                    24:d8:cd:21:6b:bc:bd:ca:1a:4b:a8:6c:5c:87:aa:
                    9f:13:03:24:e2:cd:c8:dc:d5:06:42:80:ca:eb:56:
                    d6:5d:94:c7:f0:7c:19:e7:71:d4:f2:51:df:f4:37:
                    92:7d:3b:95:8d:bf:f9:7d:f3:6f:04:29:ea:f4:cb:
                    8e:3e:81:05:b0:6a:6e:c4:39:1f:c0:a9:40:7f:25:
                    82:84:20:55:7e:bc:90:84:a3:83:a5:6d:f5:93:91:
                    f6:56:eb:38:62:bb:c9:b5:14:9c:18:40:f1:e1:ef:
                    1e:09:58:fb:e9:36:b6:80:f2:7f:fd:c6:c4:bb:07:
                    4c:2d:53:cd:43:59:4e:ea:85:c4:c2:37:50:3d:45:
                    b8:3f:7d:cd:89:28:95:bf:4a:e3:3b:c5:06:e7:23:
                    f2:93:49:28:d8:f3:c1:ac:40:4b:45:e2:40:ba:f9:
                    35:db:7e:56:d7:59:32:d4:7f:4a:d8:47:12:c2:4d:
                    e8:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:1B:1C:52:7A:42:BD:F7:5C:51:FE:D7:65:70:F5:41:42:F4:04:E5
            X509v3 Authority Key Identifier:
                keyid:D9:AC:62:A0:A2:56:7E:D1:73:DC:2A:AD:37:6E:45:5C:85:BC:B6:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2axioKJWftFz3CqtN25FXIW8trs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5ce86e-27d2-48c2-88b5-f181b6e80a62/1/2axioKJWftFz3CqtN25FXIW8trs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:72:c7:08:81:74:64:c9:e1:95:77:1f:e3:a1:54:7b:72:2b:
         a9:ce:62:a1:d5:81:81:bb:fa:37:b3:91:d3:fa:b5:ac:15:3c:
         59:ce:35:7a:8b:f3:fa:42:2f:5b:ad:58:03:c0:8f:46:ef:f7:
         a9:2b:6c:45:25:39:ac:5e:46:f9:31:1f:9a:0f:b3:6a:ff:d8:
         2f:14:0e:31:de:69:03:a3:af:1b:f6:5a:6b:e4:5b:42:ca:7f:
         20:b3:87:c0:7f:b4:c2:98:13:9e:9c:87:8d:e5:b6:a4:ab:31:
         40:60:44:fc:53:45:ee:95:b8:90:cd:c6:21:fc:6c:b5:dc:a8:
         67:f2:2e:ca:2d:a3:81:4e:d3:b8:80:97:5d:1b:c3:cc:e2:2b:
         01:cf:e0:c1:0b:cb:4b:04:c4:4b:f0:7b:5a:4b:a7:fb:93:db:
         46:8c:f4:45:b1:a0:7f:6f:2d:02:13:03:7a:7c:8d:00:93:f3:
         d9:c4:3e:2e:55:89:a1:50:a4:31:4b:7f:83:16:9e:58:ab:c6:
         ba:8a:02:ad:47:61:e5:32:79:de:7a:1f:43:b3:1c:dd:0b:e1:
         ee:f6:43:fd:f4:94:af:e6:37:49:16:80:fe:8f:aa:ef:50:23:
         7c:a9:52:f3:51:f7:57:49:ae:f3:84:d3:1c:0b:fe:47:90:90:
         d4:dc:1d:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9JfZKcPv0stzqE4t3ukasJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YWM2MmEwYTI1NjdlZDE3M2RjMmFhZDM3NmU0NTVjODVi
Y2I2YmIwHhcNMjQwNTA1MTYwMTU3WhcNMjQwNTA2MTYwMTU3WjAzMTEwLwYDVQQD
EygwZjFiMWM1MjdhNDJiZGY3NWM1MWZlZDc2NTcwZjU0MTQyZjQwNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZzAyrnfKtLMKTV1nqcdgTxSXfG3
SgBbLZmnpMpew5mgK3QkUtUU7ORpp4xgCk37t6xBopPSaQMcrhwoy6o8rJyM5WCw
sUhWKZ0k2M0ha7y9yhpLqGxch6qfEwMk4s3I3NUGQoDK61bWXZTH8HwZ53HU8lHf
9DeSfTuVjb/5ffNvBCnq9MuOPoEFsGpuxDkfwKlAfyWChCBVfryQhKODpW31k5H2
Vus4YrvJtRScGEDx4e8eCVj76Ta2gPJ//cbEuwdMLVPNQ1lO6oXEwjdQPUW4P33N
iSiVv0rjO8UG5yPyk0ko2PPBrEBLReJAuvk1235W11ky1H9K2EcSwk3opQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8bHFJ6Qr33XFH+12Vw9UFC9ATlMB8GA1UdIwQY
MBaAFNmsYqCiVn7Rc9wqrTduRVyFvLa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUt
ZjE4MWI2ZTgwYTYyLzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81Y2U4NmUtMjdkMi00OGMyLTg4YjUtZjE4MWI2ZTgwYTYy
LzEvMmF4aW9LSldmdEZ6M0NxdE4yNUZYSVc4dHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb3LHCIF0
ZMnhlXcf46FUe3Irqc5iodWBgbv6N7OR0/q1rBU8Wc41eovz+kIvW61YA8CPRu/3
qStsRSU5rF5G+TEfmg+zav/YLxQOMd5pA6OvG/Zaa+RbQsp/ILOHwH+0wpgTnpyH
jeW2pKsxQGBE/FNF7pW4kM3GIfxstdyoZ/Iuyi2jgU7TuICXXRvDzOIrAc/gwQvL
SwTES/B7Wkun+5PbRoz0RbGgf28tAhMDenyNAJPz2cQ+LlWJoVCkMUt/gxaeWKvG
uooCrUdh5TJ53nofQ7Mc3Qvh7vZD/fSUr+Y3SRaA/o+q71AjfKlS81H3V0mu84TT
HAv+R5CQ1NwdTA==
-----END CERTIFICATE-----