Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
File:                     dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft (raw, json)
Hash identifier:          7XW6MVHjKnGV5oJmhTt1e2kpWlWvHNkpRhbH4D1LgcM=
Subject key identifier:   0A:02:36:EE:87:BE:83:6B:6F:49:CF:72:5B:3E:0B:09:51:2D:89:8A
Authority key identifier: 75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84
Certificate issuer:       /CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
Certificate serial:       018F8748458170D35740B28B02E078E3AA73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
Manifest number:          0C2D
Signing time:             Fri 17 May 2024 16:00:11 +0000
Manifest this update:     Fri 17 May 2024 16:00:11 +0000
Manifest next update:     Sat 18 May 2024 16:00:11 +0000
Files and hashes:         1: dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl (hash: M1xyBWLnvYztpZqyx+0HJhsuxU5CkEnoAEIFRGJB1oQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:45:81:70:d3:57:40:b2:8b:02:e0:78:e3:aa:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7572c9a108ce3de52d16e211e80c95e5c5b54c84
        Validity
            Not Before: May 17 16:00:11 2024 GMT
            Not After : May 18 16:00:11 2024 GMT
        Subject: CN=0a0236ee87be836b6f49cf725b3e0b09512d898a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:ff:18:ef:5b:ac:68:73:ef:8a:f0:a8:8e:d8:
                    ba:45:45:99:1f:3a:c5:d2:b3:b9:f7:c8:4e:44:10:
                    30:41:65:08:68:38:99:f3:93:9a:fc:38:e4:b8:27:
                    79:cf:2d:42:b6:76:a4:b3:99:a8:bb:d5:5c:26:ec:
                    58:b9:84:d2:0d:12:e6:c1:65:33:03:08:29:28:6e:
                    60:02:6c:27:52:ac:0f:bd:28:30:ae:65:cc:02:23:
                    8c:a3:c8:44:6d:88:5a:62:bf:9d:93:8e:07:f7:9b:
                    bf:07:2f:44:f9:2c:e6:43:1a:86:8e:d4:c8:3f:32:
                    94:66:1a:1a:8d:d5:c3:bd:00:3d:14:e1:f6:26:ec:
                    1b:6a:e8:96:8c:fd:e7:51:9d:f9:8f:8e:af:59:28:
                    07:54:70:e7:8a:e5:ba:44:63:32:68:fe:72:f5:42:
                    df:05:ee:c4:8e:ae:86:8b:02:f0:2b:95:53:0a:77:
                    48:de:f9:25:06:bb:ae:e9:28:5e:c6:14:01:82:e1:
                    ed:4a:31:36:7c:2c:55:db:8d:f4:bc:d6:30:0e:51:
                    2f:f1:e3:e6:93:a9:85:71:4a:d8:d0:d9:aa:64:f2:
                    6f:28:93:6e:fc:3a:fa:11:df:0a:76:8d:1c:48:10:
                    1a:63:5b:f2:8a:3e:89:9e:d4:2c:89:a8:7e:f2:93:
                    ee:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:02:36:EE:87:BE:83:6B:6F:49:CF:72:5B:3E:0B:09:51:2D:89:8A
            X509v3 Authority Key Identifier:
                keyid:75:72:C9:A1:08:CE:3D:E5:2D:16:E2:11:E8:0C:95:E5:C5:B5:4C:84

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6fd7e5-c2c9-490b-95e9-5faec5abaf1b/1/dXLJoQjOPeUtFuIR6AyV5cW1TIQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a1:be:b9:e4:2e:54:26:58:39:ae:67:d7:b3:bf:b6:d0:09:e1:
         7f:df:82:e2:ae:fb:c8:72:4f:a5:62:3e:6a:1a:f2:a7:07:5c:
         fb:84:ee:19:19:f2:58:1a:17:31:9b:9d:51:cf:e2:be:b7:34:
         d9:9f:cf:d0:ee:0c:49:27:5e:03:b8:e8:d8:a2:e9:3b:50:4d:
         ee:ad:55:35:ad:6d:f9:71:7e:eb:33:a5:bd:38:44:64:5f:44:
         06:ac:79:ba:35:ad:39:8c:25:7d:85:9b:c5:f8:22:c8:4d:ef:
         f6:f4:5b:c7:38:df:27:21:3e:a4:f5:0e:ab:1f:b1:2b:be:12:
         ee:ae:bf:48:f5:a9:b6:8e:c3:4c:fe:fa:32:e4:75:09:a0:6d:
         85:40:6c:a4:71:51:0d:6e:cb:92:7d:2a:c3:6f:b8:83:25:f8:
         01:32:e1:41:f1:ea:27:a9:99:7a:37:d8:6b:42:b1:16:72:cd:
         37:c5:ce:d1:a6:d5:fb:d5:f2:c7:6d:89:22:1a:a0:c3:0c:00:
         9d:ac:50:68:d3:d7:50:08:41:79:e4:48:87:5c:6c:5f:40:f7:
         5f:af:84:3d:eb:61:9c:d6:b2:34:ac:8e:9f:88:b0:79:17:0d:
         af:88:d7:41:c9:8d:1b:79:f9:c1:75:cb:d2:96:78:84:c1:48:
         6c:90:0c:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSEWBcNNXQLKLAuB446pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NzJjOWExMDhjZTNkZTUyZDE2ZTIxMWU4MGM5NWU1YzVi
NTRjODQwHhcNMjQwNTE3MTYwMDExWhcNMjQwNTE4MTYwMDExWjAzMTEwLwYDVQQD
EygwYTAyMzZlZTg3YmU4MzZiNmY0OWNmNzI1YjNlMGIwOTUxMmQ4OThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv8Y71usaHPvivCojti6RUWZHzrF
0rO598hORBAwQWUIaDiZ85Oa/DjkuCd5zy1Ctnaks5mou9VcJuxYuYTSDRLmwWUz
AwgpKG5gAmwnUqwPvSgwrmXMAiOMo8hEbYhaYr+dk44H95u/By9E+SzmQxqGjtTI
PzKUZhoajdXDvQA9FOH2JuwbauiWjP3nUZ35j46vWSgHVHDniuW6RGMyaP5y9ULf
Be7Ejq6GiwLwK5VTCndI3vklBruu6ShexhQBguHtSjE2fCxV2430vNYwDlEv8ePm
k6mFcUrY0NmqZPJvKJNu/Dr6Ed8Kdo0cSBAaY1vyij6JntQsiah+8pPu8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAoCNu6HvoNrb0nPcls+CwlRLYmKMB8GA1UdIwQY
MBaAFHVyyaEIzj3lLRbiEegMleXFtUyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTkt
NWZhZWM1YWJhZjFiLzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82ZmQ3ZTUtYzJjOS00OTBiLTk1ZTktNWZhZWM1YWJhZjFi
LzEvZFhMSm9Rak9QZVV0RnVJUjZBeVY1Y1cxVElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAob655C5U
Jlg5rmfXs7+20Anhf9+C4q77yHJPpWI+ahrypwdc+4TuGRnyWBoXMZudUc/ivrc0
2Z/P0O4MSSdeA7jo2KLpO1BN7q1VNa1t+XF+6zOlvThEZF9EBqx5ujWtOYwlfYWb
xfgiyE3v9vRbxzjfJyE+pPUOqx+xK74S7q6/SPWpto7DTP76MuR1CaBthUBspHFR
DW7Lkn0qw2+4gyX4ATLhQfHqJ6mZejfYa0KxFnLNN8XO0abV+9Xyx22JIhqgwwwA
naxQaNPXUAhBeeRIh1xsX0D3X6+EPethnNayNKyOn4iweRcNr4jXQcmNG3n5wXXL
0pZ4hMFIbJAM1A==
-----END CERTIFICATE-----