Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
File:                     2h2OAPPwRejexhV_FCYkG18SbQ0.mft (raw, json)
Hash identifier:          S50gaar8Gv5HVidKaP0cmKmr550GolQwMdIJMKSqTww=
Subject key identifier:   AE:00:41:FB:8C:2A:7A:CF:F3:E1:6D:20:D5:E8:30:BE:DC:1D:94:EC
Authority key identifier: DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D
Certificate issuer:       /CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
Certificate serial:       018F3AE5FB84154D18EB8FB13D01E209BD30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
Manifest number:          055D
Signing time:             Thu 02 May 2024 20:01:41 +0000
Manifest this update:     Thu 02 May 2024 20:01:41 +0000
Manifest next update:     Fri 03 May 2024 20:01:41 +0000
Files and hashes:         1: 2h2OAPPwRejexhV_FCYkG18SbQ0.crl (hash: q+tJxU9sH7u8BmTBzbiQxOIUebvD5LTv1adSjfM8Oh0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:59:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:e5:fb:84:15:4d:18:eb:8f:b1:3d:01:e2:09:bd:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da1d8e00f3f045e8dec6157f1426241b5f126d0d
        Validity
            Not Before: May  2 20:01:41 2024 GMT
            Not After : May  3 20:01:41 2024 GMT
        Subject: CN=ae0041fb8c2a7acff3e16d20d5e830bedc1d94ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ea:15:b6:bd:e3:fe:52:d6:4a:30:9c:44:2e:
                    55:ee:15:00:68:13:aa:28:bf:7d:b2:e5:5c:27:19:
                    f1:d0:62:1d:b4:18:ba:95:71:38:14:8a:57:5a:6d:
                    48:0c:89:81:c4:66:95:79:53:06:33:16:eb:06:89:
                    97:a8:92:84:c5:26:b7:e3:41:8c:c1:da:d3:e3:84:
                    3e:b8:26:76:e3:82:a5:a3:10:47:58:09:a5:77:9b:
                    e9:8f:9f:64:38:9c:a6:4c:cd:47:8c:c8:ba:c5:33:
                    41:9f:03:1f:0c:29:6c:a5:80:33:67:97:0e:b6:8c:
                    8a:e6:04:8d:b3:0a:dc:de:0d:58:52:27:c8:33:0a:
                    5a:67:b2:29:40:4f:bf:53:62:06:0b:cf:1f:22:6f:
                    a7:1a:f8:ba:6b:63:43:f8:ce:12:90:7f:b6:a7:dc:
                    2f:5e:43:46:47:7d:3c:1a:27:f9:03:6f:e3:9b:1a:
                    be:dc:bd:95:f5:36:bd:19:5d:55:3b:1d:7b:0c:8b:
                    76:24:b5:14:2b:08:87:e9:e8:62:f1:7e:6e:20:6d:
                    28:40:3b:99:c7:57:e8:1d:30:23:19:fb:18:e1:ae:
                    77:6d:13:62:ab:d9:20:ef:8b:75:8c:41:77:ab:8c:
                    69:fa:70:16:15:5c:43:a5:f4:fe:b5:7e:e9:7f:81:
                    cf:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:00:41:FB:8C:2A:7A:CF:F3:E1:6D:20:D5:E8:30:BE:DC:1D:94:EC
            X509v3 Authority Key Identifier:
                keyid:DA:1D:8E:00:F3:F0:45:E8:DE:C6:15:7F:14:26:24:1B:5F:12:6D:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2h2OAPPwRejexhV_FCYkG18SbQ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/5b9709-1108-4d5f-8608-09d560c0043b/1/2h2OAPPwRejexhV_FCYkG18SbQ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         12:d8:f9:e2:0d:73:ef:5f:a2:04:3c:2a:e3:de:26:b0:1b:c5:
         85:69:dc:a3:19:e9:fa:74:bf:8d:b7:0e:55:53:71:1f:59:56:
         ac:1b:e6:94:42:cd:21:03:dc:24:04:fc:74:b9:bc:94:c8:19:
         9b:33:9f:cc:8c:a7:12:23:ec:94:5f:99:26:67:a2:b6:dd:ea:
         82:c6:a5:4a:01:34:fd:95:a6:a8:59:82:e0:e8:31:37:1d:d2:
         d4:2d:e0:c5:c4:11:69:05:5d:aa:6a:cf:2a:4a:79:33:cb:57:
         e1:70:18:04:42:0a:61:1f:b6:ee:90:41:d4:e1:6c:94:b8:96:
         8e:1b:4a:d5:88:c1:e9:28:06:fd:8f:9d:93:ab:3d:11:ea:46:
         5e:60:a5:c5:ff:b5:0f:c0:02:ba:d6:f1:14:38:45:70:b3:83:
         2b:be:dc:1e:05:e4:90:b2:9c:c0:07:78:96:3a:ff:34:df:5b:
         84:9d:77:da:b2:b3:52:4d:35:ed:1c:1e:7b:d3:19:9f:e8:e7:
         9c:0d:a7:f3:72:60:45:19:e3:a9:fb:3d:c2:f4:45:da:c4:68:
         2f:53:be:39:15:17:24:58:7f:7e:05:5f:bb:c7:4a:25:57:f3:
         d6:f7:a6:f8:02:8e:8f:f1:7b:58:d9:a9:1d:11:08:ac:ca:42:
         80:3d:12:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY865fuEFU0Y64+xPQHiCb0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMWQ4ZTAwZjNmMDQ1ZThkZWM2MTU3ZjE0MjYyNDFiNWYx
MjZkMGQwHhcNMjQwNTAyMjAwMTQxWhcNMjQwNTAzMjAwMTQxWjAzMTEwLwYDVQQD
EyhhZTAwNDFmYjhjMmE3YWNmZjNlMTZkMjBkNWU4MzBiZWRjMWQ5NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreoVtr3j/lLWSjCcRC5V7hUAaBOq
KL99suVcJxnx0GIdtBi6lXE4FIpXWm1IDImBxGaVeVMGMxbrBomXqJKExSa340GM
wdrT44Q+uCZ244KloxBHWAmld5vpj59kOJymTM1HjMi6xTNBnwMfDClspYAzZ5cO
toyK5gSNswrc3g1YUifIMwpaZ7IpQE+/U2IGC88fIm+nGvi6a2ND+M4SkH+2p9wv
XkNGR308Gif5A2/jmxq+3L2V9Ta9GV1VOx17DIt2JLUUKwiH6ehi8X5uIG0oQDuZ
x1foHTAjGfsY4a53bRNiq9kg74t1jEF3q4xp+nAWFVxDpfT+tX7pf4HPowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK4AQfuMKnrP8+FtINXoML7cHZTsMB8GA1UdIwQY
MBaAFNodjgDz8EXo3sYVfxQmJBtfEm0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgt
MDlkNTYwYzAwNDNiLzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi81Yjk3MDktMTEwOC00ZDVmLTg2MDgtMDlkNTYwYzAwNDNi
LzEvMmgyT0FQUHdSZWpleGhWX0ZDWWtHMThTYlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEtj54g1z
71+iBDwq494msBvFhWncoxnp+nS/jbcOVVNxH1lWrBvmlELNIQPcJAT8dLm8lMgZ
mzOfzIynEiPslF+ZJmeitt3qgsalSgE0/ZWmqFmC4OgxNx3S1C3gxcQRaQVdqmrP
Kkp5M8tX4XAYBEIKYR+27pBB1OFslLiWjhtK1YjB6SgG/Y+dk6s9EepGXmClxf+1
D8ACutbxFDhFcLODK77cHgXkkLKcwAd4ljr/NN9bhJ132rKzUk017Rwee9MZn+jn
nA2n83JgRRnjqfs9wvRF2sRoL1O+ORUXJFh/fgVfu8dKJVfz1vem+AKOj/F7WNmp
HREIrMpCgD0SBA==
-----END CERTIFICATE-----