Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
File:                     2xqlqI_mUM51-73mL66AzGIz3Ms.mft (raw, json)
Hash identifier:          gT57G+g2kcAxAWzXJrvdcjMf+XlKcFmJibtItw9PaaY=
Subject key identifier:   3B:5E:BA:7D:9E:3E:19:88:8D:68:58:58:06:1D:44:71:AD:DF:59:A2
Authority key identifier: DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB
Certificate issuer:       /CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
Certificate serial:       018F43B41C23C6B25A89411BF82C4788C900
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
Manifest number:          0A5A
Signing time:             Sat 04 May 2024 13:03:48 +0000
Manifest this update:     Sat 04 May 2024 13:03:48 +0000
Manifest next update:     Sun 05 May 2024 13:03:48 +0000
Files and hashes:         1: 2xqlqI_mUM51-73mL66AzGIz3Ms.crl (hash: /UIre6MmOvCnaPZQUIxePnjmT1jWtPFOxW1xeE9NBcE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:43:b4:1c:23:c6:b2:5a:89:41:1b:f8:2c:47:88:c9:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db1aa5a88fe650ce75fbbde62fae80cc6233dccb
        Validity
            Not Before: May  4 13:03:48 2024 GMT
            Not After : May  5 13:03:48 2024 GMT
        Subject: CN=3b5eba7d9e3e19888d685858061d4471addf59a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:aa:01:8d:b3:83:07:34:6a:28:4f:a7:48:21:
                    d8:bd:f0:63:f4:82:8e:f3:83:c5:af:06:51:7f:c6:
                    79:39:a5:50:59:dc:a5:21:94:d9:4e:0b:40:fe:81:
                    9a:7b:c8:ea:cc:3a:6e:72:c8:69:1e:09:d1:3b:bd:
                    bb:4c:2b:34:cd:32:2a:71:29:44:9e:24:5f:c8:da:
                    f0:1f:ae:2c:e4:83:9b:b5:90:4f:dd:26:17:fd:38:
                    44:a5:5f:1f:e4:d6:56:c4:a5:72:e2:7d:77:cb:c5:
                    39:4d:04:e1:a5:10:12:cc:b2:15:5c:aa:72:22:38:
                    10:20:e6:6a:ff:6b:39:f3:72:a6:30:a8:7d:4e:44:
                    68:dc:20:6f:70:a9:d9:15:a7:d2:6f:e4:71:e5:d7:
                    d9:3e:01:80:61:8e:1c:63:d4:12:5a:f7:09:db:f5:
                    51:0f:6e:72:34:7b:aa:a2:80:ba:79:4e:ce:56:c1:
                    95:32:73:ac:76:ab:b2:78:dd:55:9d:7f:d9:80:86:
                    78:f2:c4:b1:d6:e8:a3:29:48:0e:a5:6c:b1:04:b4:
                    29:0f:a4:3f:58:48:c5:a0:97:85:87:bc:4a:ab:8f:
                    78:d8:11:8e:4a:65:a7:8c:e2:b3:06:47:14:f4:60:
                    76:ed:93:f0:4c:f2:d7:3f:e1:24:a2:e1:53:31:6a:
                    7d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:5E:BA:7D:9E:3E:19:88:8D:68:58:58:06:1D:44:71:AD:DF:59:A2
            X509v3 Authority Key Identifier:
                keyid:DB:1A:A5:A8:8F:E6:50:CE:75:FB:BD:E6:2F:AE:80:CC:62:33:DC:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xqlqI_mUM51-73mL66AzGIz3Ms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/7db3b8-9863-49bb-90f0-d5bdcb630177/1/2xqlqI_mUM51-73mL66AzGIz3Ms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:32:1b:65:ef:2a:0e:a4:30:9f:ea:96:ea:bf:52:30:16:9e:
         bf:9f:19:c0:e4:7e:51:a0:9a:fd:de:93:87:93:a0:fa:56:14:
         7f:11:99:06:f8:6d:69:b1:59:d0:6d:72:1a:e2:0e:f3:a8:21:
         65:19:ab:f7:a5:96:8c:47:71:f5:d3:1a:9a:4e:12:a9:58:3c:
         ef:9d:af:8e:d2:56:3b:a5:3e:ab:b2:7a:28:86:ff:11:fc:1d:
         5f:41:9f:a2:7c:f2:99:e1:4d:e6:56:0e:e1:c7:9a:ac:f1:3c:
         5a:a5:72:73:44:19:cc:f2:4f:b2:52:3e:40:77:54:89:a5:f8:
         0e:27:84:f7:aa:35:3a:0a:4c:18:32:df:bf:e7:a2:13:3c:4c:
         28:73:8c:22:c3:93:5d:fb:15:e4:3e:c9:5a:93:76:8c:ed:29:
         ee:32:60:66:3c:8c:02:ec:eb:95:7f:05:b8:95:40:4d:8a:02:
         35:ba:4f:ba:f0:f7:50:0a:85:de:76:63:67:34:3b:59:93:70:
         1f:3e:65:16:f6:f7:ee:d3:bf:b1:c7:7c:c6:51:66:72:54:77:
         5d:dc:b4:98:c4:40:33:62:a9:ef:a7:88:b1:18:2b:dc:6f:94:
         80:8a:d9:36:df:af:2b:20:0c:51:96:a0:ac:2c:7c:3c:34:b9:
         70:d1:6d:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9DtBwjxrJaiUEb+CxHiMkAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWFhNWE4OGZlNjUwY2U3NWZiYmRlNjJmYWU4MGNjNjIz
M2RjY2IwHhcNMjQwNTA0MTMwMzQ4WhcNMjQwNTA1MTMwMzQ4WjAzMTEwLwYDVQQD
EygzYjVlYmE3ZDllM2UxOTg4OGQ2ODU4NTgwNjFkNDQ3MWFkZGY1OWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06oBjbODBzRqKE+nSCHYvfBj9IKO
84PFrwZRf8Z5OaVQWdylIZTZTgtA/oGae8jqzDpucshpHgnRO727TCs0zTIqcSlE
niRfyNrwH64s5IObtZBP3SYX/ThEpV8f5NZWxKVy4n13y8U5TQThpRASzLIVXKpy
IjgQIOZq/2s583KmMKh9TkRo3CBvcKnZFafSb+Rx5dfZPgGAYY4cY9QSWvcJ2/VR
D25yNHuqooC6eU7OVsGVMnOsdquyeN1VnX/ZgIZ48sSx1uijKUgOpWyxBLQpD6Q/
WEjFoJeFh7xKq4942BGOSmWnjOKzBkcU9GB27ZPwTPLXP+EkouFTMWp9nQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDteun2ePhmIjWhYWAYdRHGt31miMB8GA1UdIwQY
MBaAFNsapaiP5lDOdfu95i+ugMxiM9zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAt
ZDViZGNiNjMwMTc3LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83ZGIzYjgtOTg2My00OWJiLTkwZjAtZDViZGNiNjMwMTc3
LzEvMnhxbHFJX21VTTUxLTczbUw2NkF6R0l6M01zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmDIbZe8q
DqQwn+qW6r9SMBaev58ZwOR+UaCa/d6Th5Og+lYUfxGZBvhtabFZ0G1yGuIO86gh
ZRmr96WWjEdx9dMamk4SqVg8752vjtJWO6U+q7J6KIb/EfwdX0GfonzymeFN5lYO
4cearPE8WqVyc0QZzPJPslI+QHdUiaX4DieE96o1OgpMGDLfv+eiEzxMKHOMIsOT
XfsV5D7JWpN2jO0p7jJgZjyMAuzrlX8FuJVATYoCNbpPuvD3UAqF3nZjZzQ7WZNw
Hz5lFvb37tO/scd8xlFmclR3Xdy0mMRAM2Kp76eIsRgr3G+UgIrZNt+vKyAMUZag
rCx8PDS5cNFtUA==
-----END CERTIFICATE-----