Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
File:                     DUlCfYpEd823aAhhqexQ3HMhaYI.mft (raw, json)
Hash identifier:          g9PZ0233JWEV14nCWJLdezJbb8NkAIKAdlgZ2U6VBrE=
Subject key identifier:   8D:63:1D:AA:D0:E3:3A:46:94:D9:11:F6:9F:D6:7B:E1:09:42:6E:2C
Authority key identifier: 0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82
Certificate issuer:       /CN=0d49427d8a4477cdb7680861a9ec50dc73216982
Certificate serial:       018F874A28AA066C9D8F0E66FE7E8DB3AB58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
Manifest number:          0204
Signing time:             Fri 17 May 2024 16:02:15 +0000
Manifest this update:     Fri 17 May 2024 16:02:15 +0000
Manifest next update:     Sat 18 May 2024 16:02:15 +0000
Files and hashes:         1: DUlCfYpEd823aAhhqexQ3HMhaYI.crl (hash: GN1vKatqQVqv2RMTSIaBLZfQOuqUh20n6vIRSisVIvA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:28:aa:06:6c:9d:8f:0e:66:fe:7e:8d:b3:ab:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d49427d8a4477cdb7680861a9ec50dc73216982
        Validity
            Not Before: May 17 16:02:15 2024 GMT
            Not After : May 18 16:02:15 2024 GMT
        Subject: CN=8d631daad0e33a4694d911f69fd67be109426e2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:23:b6:e8:e1:35:08:6e:89:7b:d4:52:4d:22:
                    4b:fb:90:2f:19:f6:30:de:59:33:36:27:c9:8d:fd:
                    d3:9e:e1:e7:ca:d4:0e:ae:bc:5f:86:57:b2:d6:31:
                    d2:05:55:52:a9:7b:04:3a:ce:6d:53:69:48:7a:86:
                    47:99:ac:10:8b:2f:f6:9f:68:c5:04:49:88:e8:30:
                    63:1b:2f:7a:74:d8:d1:7e:4a:00:4c:7d:e3:d4:c8:
                    97:06:8f:9e:db:88:2a:6b:af:ab:6a:75:f7:a7:7f:
                    66:16:28:a6:6d:4f:fc:b2:af:20:ea:cd:e5:f7:55:
                    fb:e2:d5:a5:db:e0:03:b0:1f:c1:82:96:e0:fe:ea:
                    ce:05:7f:8d:87:f6:f4:c2:28:bb:74:be:6f:48:4e:
                    98:a3:17:79:e3:e7:9f:a2:a0:77:a0:1c:cf:3c:71:
                    71:a3:a6:99:84:bd:f1:df:56:13:d4:08:ff:93:26:
                    8c:da:7e:a2:c2:31:4c:98:c9:41:3f:3b:ac:cb:e2:
                    d0:cf:44:31:96:3d:05:88:4f:e2:58:cb:42:12:e9:
                    53:51:bf:21:a3:2d:d3:28:8f:17:6c:b9:ac:c7:86:
                    31:8c:28:81:4c:e8:c3:43:97:7d:7f:d8:0a:57:e2:
                    9f:4d:cd:d4:4d:40:d3:93:48:e2:7c:1f:12:7a:77:
                    cb:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:63:1D:AA:D0:E3:3A:46:94:D9:11:F6:9F:D6:7B:E1:09:42:6E:2C
            X509v3 Authority Key Identifier:
                keyid:0D:49:42:7D:8A:44:77:CD:B7:68:08:61:A9:EC:50:DC:73:21:69:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUlCfYpEd823aAhhqexQ3HMhaYI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/89dd25-546c-4f18-acc4-7a4057314167/1/DUlCfYpEd823aAhhqexQ3HMhaYI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:07:2d:4b:fc:f1:68:de:45:69:c4:a1:52:9e:36:42:74:72:
         91:44:31:93:c8:48:0c:26:cb:67:2e:56:b2:f2:7c:d4:50:f7:
         01:1f:87:36:91:bf:0c:a6:29:c9:01:f8:66:f7:f1:d6:23:a6:
         77:e3:48:97:16:77:52:df:8e:c5:f1:db:35:b3:1c:88:d6:b9:
         0e:11:08:79:3c:5b:de:4c:86:6f:b1:c2:4c:0e:67:1c:21:ee:
         4c:7c:08:8d:82:21:27:bd:5f:9a:a8:b7:01:7a:62:bd:fa:85:
         b3:85:48:b1:5c:d5:83:4c:60:0b:94:95:97:20:c1:ae:85:31:
         df:14:31:72:45:a5:d5:cd:92:49:27:96:ec:ed:78:5b:61:d4:
         95:e8:9b:5f:69:30:42:63:14:be:82:6c:2f:0b:5f:4b:14:84:
         97:08:19:c0:a2:e3:61:b2:e3:09:ac:f9:19:02:24:02:41:4e:
         ad:57:29:5d:30:e0:80:45:db:19:d1:65:be:b1:92:93:ee:73:
         22:11:7c:d7:3a:d2:5b:26:89:46:0f:d5:2d:04:77:16:ba:a3:
         3a:0e:bf:db:e3:16:1f:83:a0:77:f6:0e:85:dd:a0:33:21:8d:
         b3:34:51:22:a7:4e:42:3e:ed:46:f9:4b:97:97:97:08:95:69:
         ea:90:18:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSiiqBmydjw5m/n6Ns6tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDk0MjdkOGE0NDc3Y2RiNzY4MDg2MWE5ZWM1MGRjNzMy
MTY5ODIwHhcNMjQwNTE3MTYwMjE1WhcNMjQwNTE4MTYwMjE1WjAzMTEwLwYDVQQD
Eyg4ZDYzMWRhYWQwZTMzYTQ2OTRkOTExZjY5ZmQ2N2JlMTA5NDI2ZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6iO26OE1CG6Je9RSTSJL+5AvGfYw
3lkzNifJjf3TnuHnytQOrrxfhley1jHSBVVSqXsEOs5tU2lIeoZHmawQiy/2n2jF
BEmI6DBjGy96dNjRfkoATH3j1MiXBo+e24gqa6+ranX3p39mFiimbU/8sq8g6s3l
91X74tWl2+ADsB/Bgpbg/urOBX+Nh/b0wii7dL5vSE6Yoxd54+efoqB3oBzPPHFx
o6aZhL3x31YT1Aj/kyaM2n6iwjFMmMlBPzusy+LQz0Qxlj0FiE/iWMtCEulTUb8h
oy3TKI8XbLmsx4YxjCiBTOjDQ5d9f9gKV+KfTc3UTUDTk0jifB8SenfLzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1jHarQ4zpGlNkR9p/We+EJQm4sMB8GA1UdIwQY
MBaAFA1JQn2KRHfNt2gIYansUNxzIWmCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQt
N2E0MDU3MzE0MTY3LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84OWRkMjUtNTQ2Yy00ZjE4LWFjYzQtN2E0MDU3MzE0MTY3
LzEvRFVsQ2ZZcEVkODIzYUFoaHFleFEzSE1oYVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdActS/zx
aN5FacShUp42QnRykUQxk8hIDCbLZy5WsvJ81FD3AR+HNpG/DKYpyQH4Zvfx1iOm
d+NIlxZ3Ut+OxfHbNbMciNa5DhEIeTxb3kyGb7HCTA5nHCHuTHwIjYIhJ71fmqi3
AXpivfqFs4VIsVzVg0xgC5SVlyDBroUx3xQxckWl1c2SSSeW7O14W2HUleibX2kw
QmMUvoJsLwtfSxSElwgZwKLjYbLjCaz5GQIkAkFOrVcpXTDggEXbGdFlvrGSk+5z
IhF81zrSWyaJRg/VLQR3FrqjOg6/2+MWH4Ogd/YOhd2gMyGNszRRIqdOQj7tRvlL
l5eXCJVp6pAYYA==
-----END CERTIFICATE-----