Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
File:                     q6N0OU_hCA1kohnX01pJRi6Omaw.mft (raw, json)
Hash identifier:          hL29c5cbaBjcvlYfRK3d+D7CcymbONNYQa7en6+ifxw=
Subject key identifier:   5A:42:EB:DC:0C:06:7A:E6:5A:C7:0B:DD:42:72:02:10:3D:55:A1:31
Authority key identifier: AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC
Certificate issuer:       /CN=aba374394fe1080d64a219d7d35a49462e8e99ac
Certificate serial:       018F87ED1E45123A6E126CC8DBEF89775E2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
Manifest number:          0285
Signing time:             Fri 17 May 2024 19:00:14 +0000
Manifest this update:     Fri 17 May 2024 19:00:14 +0000
Manifest next update:     Sat 18 May 2024 19:00:14 +0000
Files and hashes:         1: q6N0OU_hCA1kohnX01pJRi6Omaw.crl (hash: bnkl4wwp57ieqkye4F+Z1hI7ozmHJK1b8vkaNuemTK8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:1e:45:12:3a:6e:12:6c:c8:db:ef:89:77:5e:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aba374394fe1080d64a219d7d35a49462e8e99ac
        Validity
            Not Before: May 17 19:00:14 2024 GMT
            Not After : May 18 19:00:14 2024 GMT
        Subject: CN=5a42ebdc0c067ae65ac70bdd427202103d55a131
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b7:51:00:4c:45:e6:98:55:8e:76:17:67:6b:
                    03:ef:4d:3f:e1:99:2c:69:c1:e8:2a:22:4d:cb:37:
                    20:b0:96:d0:ee:01:cc:63:c1:9b:25:8b:de:ee:bd:
                    3d:3b:c0:99:8f:d4:ed:a3:b0:61:9a:51:13:02:70:
                    0d:34:d4:f9:ff:fc:43:7a:0c:71:d5:44:66:e6:36:
                    0d:2e:11:b7:01:7a:6d:85:73:66:65:1b:9e:06:d4:
                    74:06:b7:2e:68:fb:c4:3c:8e:b5:87:72:c9:ba:66:
                    a5:3d:e0:f3:2b:7a:d7:7c:eb:3d:d7:35:43:6c:4f:
                    f8:30:fe:5e:d0:8f:fb:b1:82:4d:ed:05:22:b0:c2:
                    e8:27:5f:e8:b5:2b:11:6d:ec:d1:b3:06:47:51:ae:
                    a4:dd:a7:c1:7f:0b:f1:ed:f1:fe:86:33:9f:ab:59:
                    74:7b:db:e2:b4:0d:48:14:d0:4c:ab:3e:0e:86:ad:
                    56:4f:fc:33:f1:a1:42:97:53:72:18:75:26:d7:36:
                    d7:7f:51:7b:e2:cf:71:a1:a8:50:a7:40:97:55:80:
                    14:d6:0c:ae:17:8b:21:16:5c:4e:06:62:7e:d2:b0:
                    99:c0:bc:7f:e7:7d:70:94:b1:b0:af:92:73:29:d8:
                    a2:38:7a:46:5c:cf:10:dd:c7:c3:73:95:a4:ab:a3:
                    ed:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:42:EB:DC:0C:06:7A:E6:5A:C7:0B:DD:42:72:02:10:3D:55:A1:31
            X509v3 Authority Key Identifier:
                keyid:AB:A3:74:39:4F:E1:08:0D:64:A2:19:D7:D3:5A:49:46:2E:8E:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6N0OU_hCA1kohnX01pJRi6Omaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/8104c0-be62-4017-91cf-22c87dff8d41/1/q6N0OU_hCA1kohnX01pJRi6Omaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:e6:cd:5f:32:73:57:c0:9d:44:3c:fe:ad:f9:cc:fc:cd:d1:
         e6:58:85:8d:6d:20:93:06:6c:2b:5a:9e:3f:82:f7:70:4c:63:
         79:55:dd:a8:df:12:72:9f:92:54:e2:22:9a:a1:1f:8f:0c:0c:
         e1:fe:fc:44:48:0a:ae:38:6f:f1:ac:11:f0:d6:9c:d5:85:43:
         63:a1:7a:bb:ff:78:38:dd:ca:ad:61:45:ed:ae:79:7f:00:99:
         64:fd:bd:21:33:07:40:ea:aa:da:e5:8d:34:3a:72:e2:23:0c:
         1b:d0:74:a7:c1:07:10:63:81:73:e1:ba:2c:f5:b5:b8:82:33:
         72:40:92:74:61:4d:3e:0c:4f:3b:df:51:bf:04:51:27:61:60:
         9a:c9:1c:0d:2f:1e:40:57:85:36:1c:14:11:e2:6b:49:c4:94:
         32:cb:90:cd:09:a0:0c:e4:28:e4:78:70:a3:35:b8:85:3c:32:
         4d:47:a8:94:d3:c5:d3:2d:f0:99:88:e0:35:0c:8e:3b:e6:9e:
         02:be:d2:a6:8f:44:77:6b:c3:98:29:7d:b1:d8:a3:1f:a3:25:
         cf:a5:7c:3b:70:05:80:71:45:8a:6b:42:7d:e0:15:55:0b:e8:
         09:9b:45:63:df:5b:8b:b8:bb:c4:3a:d5:e0:6a:d8:00:e2:95:
         3a:87:c6:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7R5FEjpuEmzI2++Jd14rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTM3NDM5NGZlMTA4MGQ2NGEyMTlkN2QzNWE0OTQ2MmU4
ZTk5YWMwHhcNMjQwNTE3MTkwMDE0WhcNMjQwNTE4MTkwMDE0WjAzMTEwLwYDVQQD
Eyg1YTQyZWJkYzBjMDY3YWU2NWFjNzBiZGQ0MjcyMDIxMDNkNTVhMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27dRAExF5phVjnYXZ2sD700/4Zks
acHoKiJNyzcgsJbQ7gHMY8GbJYve7r09O8CZj9Tto7BhmlETAnANNNT5//xDegxx
1URm5jYNLhG3AXpthXNmZRueBtR0BrcuaPvEPI61h3LJumalPeDzK3rXfOs91zVD
bE/4MP5e0I/7sYJN7QUisMLoJ1/otSsRbezRswZHUa6k3afBfwvx7fH+hjOfq1l0
e9vitA1IFNBMqz4Ohq1WT/wz8aFCl1NyGHUm1zbXf1F74s9xoahQp0CXVYAU1gyu
F4shFlxOBmJ+0rCZwLx/531wlLGwr5JzKdiiOHpGXM8Q3cfDc5Wkq6PtcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFpC69wMBnrmWscL3UJyAhA9VaExMB8GA1UdIwQY
MBaAFKujdDlP4QgNZKIZ19NaSUYujpmsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2Yt
MjJjODdkZmY4ZDQxLzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84MTA0YzAtYmU2Mi00MDE3LTkxY2YtMjJjODdkZmY4ZDQx
LzEvcTZOME9VX2hDQTFrb2huWDAxcEpSaTZPbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeubNXzJz
V8CdRDz+rfnM/M3R5liFjW0gkwZsK1qeP4L3cExjeVXdqN8Scp+SVOIimqEfjwwM
4f78REgKrjhv8awR8Nac1YVDY6F6u/94ON3KrWFF7a55fwCZZP29ITMHQOqq2uWN
NDpy4iMMG9B0p8EHEGOBc+G6LPW1uIIzckCSdGFNPgxPO99RvwRRJ2FgmskcDS8e
QFeFNhwUEeJrScSUMsuQzQmgDOQo5HhwozW4hTwyTUeolNPF0y3wmYjgNQyOO+ae
Ar7Spo9Ed2vDmCl9sdijH6Mlz6V8O3AFgHFFimtCfeAVVQvoCZtFY99bi7i7xDrV
4GrYAOKVOofGmg==
-----END CERTIFICATE-----