Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
File:                     IKo_sAxQTBoJEqNJWo49uvPZako.mft (raw, json)
Hash identifier:          FXanvYQXey9/tIUW5MgE9yPYBmWPz0iZ6QkY80bUhcs=
Subject key identifier:   CB:72:02:F0:61:CB:92:EE:99:EA:D3:7B:F9:F7:05:7E:F1:ED:CB:B2
Authority key identifier: 20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A
Certificate issuer:       /CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
Certificate serial:       018F96BDB4EBA064AD26E81D649ABAE8333C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
Manifest number:          01A4
Signing time:             Mon 20 May 2024 16:02:46 +0000
Manifest this update:     Mon 20 May 2024 16:02:46 +0000
Manifest next update:     Tue 21 May 2024 16:02:46 +0000
Files and hashes:         1: IKo_sAxQTBoJEqNJWo49uvPZako.crl (hash: ga8FgUXL4jiMNbj5dYo8ZGw5Zj/yFYRGeYLhLBGdIjs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:96:bd:b4:eb:a0:64:ad:26:e8:1d:64:9a:ba:e8:33:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=20aa3fb00c504c1a0912a3495a8e3dbaf3d96a4a
        Validity
            Not Before: May 20 16:02:46 2024 GMT
            Not After : May 21 16:02:46 2024 GMT
        Subject: CN=cb7202f061cb92ee99ead37bf9f7057ef1edcbb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:9e:e1:5a:25:b6:9c:55:4a:0a:a9:8b:c2:04:
                    64:96:f0:7a:f6:c1:e5:22:a7:71:bc:fe:9c:2c:21:
                    69:ec:08:c2:da:f9:60:01:cc:81:4d:4c:cc:61:72:
                    07:6b:0a:92:4c:b2:64:fd:42:ab:15:0e:e2:63:d1:
                    c0:b0:0f:61:ba:ec:9c:94:e4:cc:80:3d:01:dc:41:
                    29:81:95:9a:e5:3a:8a:10:ee:4b:17:f0:68:12:0e:
                    b0:1c:81:50:79:e2:04:3b:22:2d:d8:db:75:32:87:
                    88:f2:7d:5a:f0:41:c5:5a:4b:32:f5:fe:05:57:82:
                    c8:ff:59:90:73:a2:20:76:ab:dc:ed:67:36:a9:c7:
                    7e:9c:06:bb:38:a7:da:df:ac:eb:a5:8b:a2:a6:2b:
                    6d:b1:75:8c:83:07:8a:16:df:58:a9:ec:15:d9:fd:
                    1e:de:85:d2:8f:fa:cf:1a:90:50:21:a7:26:87:63:
                    6d:2d:b1:69:27:58:9e:3f:3e:87:79:e3:5f:b7:d2:
                    10:91:f5:9d:d8:51:49:d7:30:88:8e:c1:53:40:25:
                    ef:27:f9:c5:3a:f9:a9:03:a0:ad:e6:c0:d4:3b:d7:
                    d8:38:9a:db:76:8c:cd:bd:b1:7b:00:b8:71:17:d9:
                    35:bf:aa:7e:d5:b3:ef:aa:eb:d6:cd:2b:0e:b7:64:
                    0b:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:72:02:F0:61:CB:92:EE:99:EA:D3:7B:F9:F7:05:7E:F1:ED:CB:B2
            X509v3 Authority Key Identifier:
                keyid:20:AA:3F:B0:0C:50:4C:1A:09:12:A3:49:5A:8E:3D:BA:F3:D9:6A:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKo_sAxQTBoJEqNJWo49uvPZako.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/67b42a-cac3-4216-b518-d74a4d4f52b4/1/IKo_sAxQTBoJEqNJWo49uvPZako.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:51:eb:35:18:f4:7c:58:c9:41:4f:df:78:ab:9a:10:35:37:
         97:d4:10:1b:e7:46:85:6e:be:57:c4:9e:98:a2:63:69:7e:34:
         b8:7c:15:13:2d:14:8f:bf:af:b7:26:58:1e:a4:57:77:1a:c4:
         e6:54:a7:a1:69:1e:8f:e7:5b:9c:17:9f:91:d5:8c:ef:2b:33:
         e9:7b:67:b4:43:c9:82:01:fd:d5:47:ff:fd:bf:5d:b5:f8:90:
         5a:f4:de:d7:14:6d:69:f0:0e:33:ac:9b:81:ac:27:60:84:43:
         38:b5:b6:df:b2:8e:9c:34:d2:02:ad:ac:48:6a:4c:6e:8e:de:
         87:7d:2e:1f:79:e4:f5:17:23:ce:f6:a8:65:11:b4:a6:18:11:
         10:0d:8e:fc:f0:bf:ab:65:b6:0c:8d:66:87:8d:dd:ff:64:28:
         09:f3:8f:88:88:34:3f:ee:b2:61:20:bd:76:89:7d:3f:b8:82:
         ff:c5:22:e6:ff:0a:37:02:83:18:96:97:15:10:30:3f:38:16:
         29:a9:cd:21:0c:6d:22:fc:76:49:ef:a1:62:32:86:01:b9:2b:
         c2:22:50:ec:4c:7b:39:cd:5e:a2:99:5c:c5:bc:a6:5b:05:81:
         b7:9e:36:e9:78:e3:1a:2e:0a:bc:51:45:81:67:e3:03:6a:f4:
         fa:6a:5f:a3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+WvbTroGStJugdZJq66DM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWEzZmIwMGM1MDRjMWEwOTEyYTM0OTVhOGUzZGJhZjNk
OTZhNGEwHhcNMjQwNTIwMTYwMjQ2WhcNMjQwNTIxMTYwMjQ2WjAzMTEwLwYDVQQD
EyhjYjcyMDJmMDYxY2I5MmVlOTllYWQzN2JmOWY3MDU3ZWYxZWRjYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3J7hWiW2nFVKCqmLwgRklvB69sHl
IqdxvP6cLCFp7AjC2vlgAcyBTUzMYXIHawqSTLJk/UKrFQ7iY9HAsA9huuyclOTM
gD0B3EEpgZWa5TqKEO5LF/BoEg6wHIFQeeIEOyIt2Nt1MoeI8n1a8EHFWksy9f4F
V4LI/1mQc6Igdqvc7Wc2qcd+nAa7OKfa36zrpYuipittsXWMgweKFt9YqewV2f0e
3oXSj/rPGpBQIacmh2NtLbFpJ1iePz6HeeNft9IQkfWd2FFJ1zCIjsFTQCXvJ/nF
OvmpA6Ct5sDUO9fYOJrbdozNvbF7ALhxF9k1v6p+1bPvquvWzSsOt2QL/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtyAvBhy5LumerTe/n3BX7x7cuyMB8GA1UdIwQY
MBaAFCCqP7AMUEwaCRKjSVqOPbrz2WpKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgt
ZDc0YTRkNGY1MmI0LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi82N2I0MmEtY2FjMy00MjE2LWI1MTgtZDc0YTRkNGY1MmI0
LzEvSUtvX3NBeFFUQm9KRXFOSldvNDl1dlBaYWtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQFHrNRj0
fFjJQU/feKuaEDU3l9QQG+dGhW6+V8SemKJjaX40uHwVEy0Uj7+vtyZYHqRXdxrE
5lSnoWkej+dbnBefkdWM7ysz6XtntEPJggH91Uf//b9dtfiQWvTe1xRtafAOM6yb
gawnYIRDOLW237KOnDTSAq2sSGpMbo7eh30uH3nk9RcjzvaoZRG0phgREA2O/PC/
q2W2DI1mh43d/2QoCfOPiIg0P+6yYSC9dol9P7iC/8Ui5v8KNwKDGJaXFRAwPzgW
KanNIQxtIvx2Se+hYjKGAbkrwiJQ7Ex7Oc1eoplcxbymWwWBt5426XjjGi4KvFFF
gWfjA2r0+mpfow==
-----END CERTIFICATE-----