Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
File:                     4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json)
Hash identifier:          MymBTgOHuVE5SjjQfCk3goQLDL1WCLcmFzIZzbkrAco=
Subject key identifier:   3A:14:9E:D9:99:CF:07:D4:BB:9D:40:54:E0:C6:E2:69:B2:BC:B9:67
Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB
Certificate issuer:       /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
Certificate serial:       018F3FD7CCDF4E92DF4184ACC44076EA3B0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
Manifest number:          069D
Signing time:             Fri 03 May 2024 19:04:18 +0000
Manifest this update:     Fri 03 May 2024 19:04:18 +0000
Manifest next update:     Sat 04 May 2024 19:04:18 +0000
Files and hashes:         1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: sgr8NHpUXrYCZ+sX33PDSXkejrmAat7X6kMCPMcJz2A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 19:04:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3f:d7:cc:df:4e:92:df:41:84:ac:c4:40:76:ea:3b:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb
        Validity
            Not Before: May  3 19:04:18 2024 GMT
            Not After : May  4 19:04:18 2024 GMT
        Subject: CN=3a149ed999cf07d4bb9d4054e0c6e269b2bcb967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:85:59:64:ab:1b:a1:e2:29:8e:1b:3d:0f:ef:
                    71:71:15:00:3a:9a:a2:a5:0f:a8:45:7a:79:16:09:
                    6f:ab:23:55:63:2d:ff:90:a0:b3:bd:a2:45:a4:e9:
                    73:80:95:ce:96:b1:b1:7e:da:db:61:c5:a5:fd:c5:
                    d0:1e:86:4e:fb:5b:5f:00:61:b7:7b:84:33:7d:e5:
                    20:8a:0d:dc:82:bf:46:26:07:ef:0f:21:46:f6:96:
                    64:36:56:95:f3:30:ce:12:c2:1a:e6:c6:0e:92:c1:
                    ff:eb:5d:ac:6c:b1:7e:7b:d5:f2:dc:ba:13:77:c2:
                    b6:0b:19:34:b8:10:ad:2c:ef:cc:99:23:f8:7b:bc:
                    38:1f:bc:d9:a4:47:71:31:9a:f3:80:d7:0e:4d:3e:
                    88:f4:6d:6c:bb:73:ef:ed:68:16:7a:52:40:e2:d6:
                    bc:fe:e2:9e:c8:9b:e9:02:9c:b7:1f:cb:e3:bf:96:
                    69:9f:2f:5b:68:16:3e:16:7f:c2:f0:8d:32:4f:56:
                    e6:cf:db:c8:35:43:30:77:7f:91:85:72:15:95:5c:
                    d6:78:1d:0f:05:97:7f:d4:54:32:1d:37:61:d3:9d:
                    f5:fb:e5:f1:4e:07:67:b3:6a:58:3d:92:e7:23:fb:
                    13:cc:08:22:26:98:13:83:89:57:04:b2:81:d3:bb:
                    d7:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:14:9E:D9:99:CF:07:D4:BB:9D:40:54:E0:C6:E2:69:B2:BC:B9:67
            X509v3 Authority Key Identifier:
                keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7a:b7:01:4f:54:9f:58:1e:32:f7:81:db:67:34:a8:76:37:06:
         9a:ba:55:1f:ff:6c:27:5e:d6:a7:13:35:22:f2:f4:56:54:cd:
         15:23:ff:3b:7d:72:ef:a3:98:e0:40:e5:4b:9d:28:ce:2e:53:
         89:b1:1a:e3:9d:67:a7:e5:ef:ea:87:8f:ca:11:2f:d6:e5:88:
         6f:1e:c4:cb:03:9b:13:91:f8:d8:fa:32:9b:23:78:7b:36:0b:
         37:c7:bc:a0:2c:84:49:be:d0:d0:24:f0:0b:69:01:86:82:eb:
         d6:ab:3d:d5:e0:19:3a:0c:e7:88:b3:db:65:b7:0e:be:83:f4:
         06:8e:9b:a9:93:d4:3e:04:a7:fb:bf:08:61:40:f9:e0:50:df:
         fb:9a:4c:08:06:99:a1:cb:f8:f1:60:28:4c:6c:da:75:56:f7:
         04:b9:db:01:df:25:ac:fd:27:0a:0b:20:79:e5:e0:6a:0a:eb:
         11:3f:96:5a:de:d0:ef:af:b4:95:c2:e9:43:c7:f4:5b:f1:d8:
         47:04:d9:a7:49:73:2d:3e:c5:5a:0e:eb:ee:18:b0:8a:06:ec:
         c6:c1:92:b0:4d:cd:92:e9:32:77:ef:67:be:4c:9b:80:6e:e7:
         65:6e:14:4c:e8:62:e8:69:62:ad:47:ba:7f:1c:7a:2d:2f:48:
         16:cb:73:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8/18zfTpLfQYSsxEB26jsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5
MDkzYmIwHhcNMjQwNTAzMTkwNDE4WhcNMjQwNTA0MTkwNDE4WjAzMTEwLwYDVQQD
EygzYTE0OWVkOTk5Y2YwN2Q0YmI5ZDQwNTRlMGM2ZTI2OWIyYmNiOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoVZZKsboeIpjhs9D+9xcRUAOpqi
pQ+oRXp5FglvqyNVYy3/kKCzvaJFpOlzgJXOlrGxftrbYcWl/cXQHoZO+1tfAGG3
e4QzfeUgig3cgr9GJgfvDyFG9pZkNlaV8zDOEsIa5sYOksH/612sbLF+e9Xy3LoT
d8K2Cxk0uBCtLO/MmSP4e7w4H7zZpEdxMZrzgNcOTT6I9G1su3Pv7WgWelJA4ta8
/uKeyJvpApy3H8vjv5Zpny9baBY+Fn/C8I0yT1bmz9vINUMwd3+RhXIVlVzWeB0P
BZd/1FQyHTdh0531++XxTgdns2pYPZLnI/sTzAgiJpgTg4lXBLKB07vXLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDoUntmZzwfUu51AVODG4mmyvLlnMB8GA1UdIwQY
MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt
OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1
LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAercBT1Sf
WB4y94HbZzSodjcGmrpVH/9sJ17WpxM1IvL0VlTNFSP/O31y76OY4EDlS50ozi5T
ibEa451np+Xv6oePyhEv1uWIbx7EywObE5H42PoymyN4ezYLN8e8oCyESb7Q0CTw
C2kBhoLr1qs91eAZOgzniLPbZbcOvoP0Bo6bqZPUPgSn+78IYUD54FDf+5pMCAaZ
ocv48WAoTGzadVb3BLnbAd8lrP0nCgsgeeXgagrrET+WWt7Q76+0lcLpQ8f0W/HY
RwTZp0lzLT7FWg7r7hiwigbsxsGSsE3Nkukyd+9nvkybgG7nZW4UTOhi6GlirUe6
fxx6LS9IFstzww==
-----END CERTIFICATE-----