Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
File:                     7N0ioeDFuwAoDxkz7uz4HNig5rI.mft (raw, json)
Hash identifier:          bWdBOyHZ/0GrhRPTkEc3CzUc6K4K895iltkW1K6sXYk=
Subject key identifier:   69:81:6D:CB:CA:2C:AE:47:EC:C1:D1:FA:24:8D:79:AE:DC:F0:09:19
Authority key identifier: EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2
Certificate issuer:       /CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2
Certificate serial:       018F3250FAA16487726F389A11C4A200DCDE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
Manifest number:          10DC
Signing time:             Wed 01 May 2024 04:01:58 +0000
Manifest this update:     Wed 01 May 2024 04:01:58 +0000
Manifest next update:     Thu 02 May 2024 04:01:58 +0000
Files and hashes:         1: 7N0ioeDFuwAoDxkz7uz4HNig5rI.crl (hash: 66joUq6NbnryLK7MFM8ZVQ219THuEydtIjp/T5Xdk0A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 04:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:32:50:fa:a1:64:87:72:6f:38:9a:11:c4:a2:00:dc:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2
        Validity
            Not Before: May  1 04:01:58 2024 GMT
            Not After : May  2 04:01:58 2024 GMT
        Subject: CN=69816dcbca2cae47ecc1d1fa248d79aedcf00919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:fd:44:7a:8b:77:88:c6:82:e8:ac:22:bc:0f:
                    8d:51:4f:9e:ed:56:55:61:a3:6f:9a:d0:eb:d9:cf:
                    4e:36:77:ee:5c:7f:e4:e7:f0:d4:d1:6c:a0:7c:d7:
                    52:bd:c7:e4:27:31:21:dd:f1:24:b9:7d:ae:58:54:
                    c9:44:9e:be:83:cd:d6:e0:0c:3c:6d:c0:65:3c:15:
                    8b:91:6a:84:2f:a2:0e:db:e0:b6:80:6d:70:8c:4e:
                    26:05:ba:e7:af:ae:76:dd:24:69:76:12:51:57:28:
                    08:fd:a0:a8:fe:c0:ca:74:ed:b2:49:ef:ac:65:46:
                    c6:ed:25:c5:04:2e:29:4f:cd:d9:3a:84:c4:ca:b0:
                    fd:3d:cc:a1:a3:f5:b6:3d:7e:18:d5:60:1c:0a:f0:
                    71:f1:dc:b9:ee:05:7e:ca:78:b8:7a:fa:c6:2c:e5:
                    1d:17:ff:32:19:97:8d:b2:40:90:66:c6:e2:e1:32:
                    e8:64:6b:50:4a:a0:f6:61:f7:32:51:44:29:cb:28:
                    fe:c7:81:38:22:c8:5e:e6:3c:8b:99:84:07:b6:25:
                    e1:95:36:5c:bb:f7:ff:a3:5c:35:59:15:23:79:0d:
                    78:66:ca:78:66:70:3b:a2:1a:ec:e8:ec:51:c8:96:
                    0e:10:c3:03:d1:62:81:83:58:37:03:d7:2a:1b:dd:
                    5b:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:81:6D:CB:CA:2C:AE:47:EC:C1:D1:FA:24:8D:79:AE:DC:F0:09:19
            X509v3 Authority Key Identifier:
                keyid:EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:cb:9c:6a:14:70:d0:ed:89:f3:ce:58:0d:fb:e2:a6:76:6c:
         f6:a1:33:b2:bb:2d:f2:09:61:d4:a2:dc:fc:63:63:84:09:cd:
         36:eb:82:7b:db:1f:4d:d4:c8:06:64:66:f3:0a:a9:b6:c8:96:
         81:fc:f0:86:29:67:91:e5:82:1d:65:da:3f:0e:0f:e9:a9:e7:
         c5:1f:fc:3d:a1:c1:70:84:95:f9:2b:3b:9a:c3:20:1d:08:ae:
         ce:8c:ea:cc:63:8a:e6:7c:0b:da:ed:8b:b8:5a:68:2e:c3:4b:
         01:bd:0e:b7:1c:b0:ac:62:66:6d:0e:c2:c1:c8:c2:3d:6e:1b:
         b0:41:19:96:b7:bb:f2:a9:e8:ff:95:fc:b0:31:38:41:af:a1:
         17:48:64:31:35:92:21:ae:cb:7b:2a:fb:8b:e5:b2:28:31:1c:
         33:30:f0:57:a2:82:78:7e:05:60:7f:c4:39:52:d2:d5:c3:df:
         15:63:8e:4e:ce:2b:09:1d:6d:eb:0d:75:45:cd:2c:24:f5:57:
         33:fd:c1:dd:6d:ab:fb:28:91:97:93:b9:eb:72:03:6c:d3:84:
         28:af:5b:b5:e2:88:b0:12:45:dd:98:3a:04:27:f4:7b:a5:3f:
         3a:bd:1d:ca:ba:bf:cf:25:a4:0c:a0:d9:c9:36:d1:61:20:b9:
         f9:85:bc:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8yUPqhZIdybziaEcSiANzeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZGQyMmExZTBjNWJiMDAyODBmMTkzM2VlZWNmODFjZDhh
MGU2YjIwHhcNMjQwNTAxMDQwMTU4WhcNMjQwNTAyMDQwMTU4WjAzMTEwLwYDVQQD
Eyg2OTgxNmRjYmNhMmNhZTQ3ZWNjMWQxZmEyNDhkNzlhZWRjZjAwOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv1Eeot3iMaC6KwivA+NUU+e7VZV
YaNvmtDr2c9ONnfuXH/k5/DU0WygfNdSvcfkJzEh3fEkuX2uWFTJRJ6+g83W4Aw8
bcBlPBWLkWqEL6IO2+C2gG1wjE4mBbrnr6523SRpdhJRVygI/aCo/sDKdO2ySe+s
ZUbG7SXFBC4pT83ZOoTEyrD9Pcyho/W2PX4Y1WAcCvBx8dy57gV+yni4evrGLOUd
F/8yGZeNskCQZsbi4TLoZGtQSqD2YfcyUUQpyyj+x4E4Ishe5jyLmYQHtiXhlTZc
u/f/o1w1WRUjeQ14Zsp4ZnA7ohrs6OxRyJYOEMMD0WKBg1g3A9cqG91bBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmBbcvKLK5H7MHR+iSNea7c8AkZMB8GA1UdIwQY
MBaAFOzdIqHgxbsAKA8ZM+7s+BzYoOayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUt
NTk2MTY1NWMzNGQ5LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUtNTk2MTY1NWMzNGQ5
LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHcucahRw
0O2J885YDfvipnZs9qEzsrst8glh1KLc/GNjhAnNNuuCe9sfTdTIBmRm8wqptsiW
gfzwhilnkeWCHWXaPw4P6annxR/8PaHBcISV+Ss7msMgHQiuzozqzGOK5nwL2u2L
uFpoLsNLAb0OtxywrGJmbQ7CwcjCPW4bsEEZlre78qno/5X8sDE4Qa+hF0hkMTWS
Ia7Leyr7i+WyKDEcMzDwV6KCeH4FYH/EOVLS1cPfFWOOTs4rCR1t6w11Rc0sJPVX
M/3B3W2r+yiRl5O563IDbNOEKK9bteKIsBJF3Zg6BCf0e6U/Or0dyrq/zyWkDKDZ
yTbRYSC5+YW8tQ==
-----END CERTIFICATE-----