Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
File:                     861SH4OIdIPIybDG895f1e1Whck.mft (raw, json)
Hash identifier:          6Cr4KwxO/e67theEalzAM537vPY+zk4rAk1Ngrf/CgY=
Subject key identifier:   63:D1:8C:34:FD:B7:63:EC:0B:6D:F6:4D:FA:61:C9:DD:52:AD:0D:62
Authority key identifier: F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9
Certificate issuer:       /CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
Certificate serial:       018F58F173782BCE2FE3C9767DC91212601E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
Manifest number:          06EA
Signing time:             Wed 08 May 2024 16:02:49 +0000
Manifest this update:     Wed 08 May 2024 16:02:49 +0000
Manifest next update:     Thu 09 May 2024 16:02:49 +0000
Files and hashes:         1: 861SH4OIdIPIybDG895f1e1Whck.crl (hash: MwxxoGHmd813c3DXJN9A7xBMq6MxNR53QgpjACRcpNI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 16:02:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:58:f1:73:78:2b:ce:2f:e3:c9:76:7d:c9:12:12:60:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f3ad521f83887483c8c9b0c6f3de5fd5ed5685c9
        Validity
            Not Before: May  8 16:02:49 2024 GMT
            Not After : May  9 16:02:49 2024 GMT
        Subject: CN=63d18c34fdb763ec0b6df64dfa61c9dd52ad0d62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c4:e4:0f:af:b2:36:ac:55:5a:71:15:8b:d9:
                    01:c9:0c:46:d2:83:56:81:83:c5:d3:4c:bf:4c:8f:
                    94:07:bf:29:0b:8c:c5:c0:1f:ff:49:f3:81:13:c2:
                    ee:98:66:d3:fc:2b:ac:71:01:24:e6:1c:35:87:46:
                    8a:83:f2:c9:ea:f2:b5:e9:9b:24:fd:32:81:06:af:
                    62:3b:34:cf:4d:a0:37:31:9d:b0:5f:39:eb:25:a4:
                    7b:40:90:35:13:eb:3f:52:05:fd:b0:56:69:66:b9:
                    fc:b8:e2:7b:cf:e2:8a:a0:47:6f:ad:b0:55:14:b2:
                    1e:0a:55:1b:fc:a7:b6:c5:7c:ba:6f:2e:ed:51:a5:
                    fd:bb:37:d7:f1:e5:a8:cd:67:e5:06:c2:e1:57:ff:
                    79:bd:fe:5b:0b:f1:e6:3c:3a:fb:91:2f:57:44:b1:
                    cb:d9:3f:35:7a:3f:d6:0e:05:c9:f2:55:27:b3:f5:
                    84:83:9d:6b:fd:77:73:44:11:64:33:4a:b9:23:e0:
                    8e:69:3f:53:04:00:8e:6d:f5:15:73:d1:d3:a6:b8:
                    2e:d6:e3:4e:c2:eb:a4:1c:ac:a7:cb:b4:62:aa:da:
                    ed:e8:7d:97:ed:80:27:de:c9:80:f5:77:bb:ac:9a:
                    3f:8f:7c:9e:66:57:b1:5a:2b:d2:73:a9:d3:1c:6a:
                    46:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:D1:8C:34:FD:B7:63:EC:0B:6D:F6:4D:FA:61:C9:DD:52:AD:0D:62
            X509v3 Authority Key Identifier:
                keyid:F3:AD:52:1F:83:88:74:83:C8:C9:B0:C6:F3:DE:5F:D5:ED:56:85:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/861SH4OIdIPIybDG895f1e1Whck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/cdd985-334c-4a0d-a7a8-75c0ccedf976/1/861SH4OIdIPIybDG895f1e1Whck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:df:c7:0b:19:cb:cb:d9:87:74:7e:47:93:50:2b:fb:29:18:
         f0:a1:96:35:14:a2:e4:5e:bf:32:2c:67:c5:e4:bd:0a:04:a6:
         7d:9e:a6:09:c9:ad:12:f9:0d:f0:0f:4f:cb:19:3b:05:d7:33:
         a8:ce:0b:e5:ca:08:b3:4e:d2:27:c3:f1:26:89:a7:64:e2:f2:
         c9:0b:4f:79:fe:2e:21:df:9b:3e:77:e6:d9:f5:93:31:9b:47:
         4d:96:d8:58:d4:4c:31:49:3c:6b:75:db:23:fb:f6:3f:d5:2b:
         30:ed:79:fb:d4:33:84:50:47:c3:d2:73:11:de:d6:2a:d7:50:
         b0:46:90:da:02:03:0e:31:14:4e:d0:02:57:54:e7:d4:d8:60:
         f7:03:67:27:99:31:39:a4:b1:fa:05:24:65:8b:2b:43:f4:8d:
         c0:96:da:d0:48:84:99:93:b3:c2:4d:10:0e:91:ee:93:d4:37:
         ce:78:b6:b2:f2:b7:19:83:89:23:b2:19:77:ac:29:d1:dc:37:
         f9:ec:85:75:bd:ed:05:bf:9d:1a:bd:b8:e2:30:fd:ee:a7:ce:
         bb:1d:1c:a2:79:06:83:7c:ce:9e:bd:97:82:1e:84:a8:0b:b3:
         56:43:ac:73:8c:9c:c1:18:61:30:35:e1:45:0e:86:75:ae:b2:
         75:f2:3d:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Y8XN4K84v48l2fckSEmAeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWQ1MjFmODM4ODc0ODNjOGM5YjBjNmYzZGU1ZmQ1ZWQ1
Njg1YzkwHhcNMjQwNTA4MTYwMjQ5WhcNMjQwNTA5MTYwMjQ5WjAzMTEwLwYDVQQD
Eyg2M2QxOGMzNGZkYjc2M2VjMGI2ZGY2NGRmYTYxYzlkZDUyYWQwZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucTkD6+yNqxVWnEVi9kByQxG0oNW
gYPF00y/TI+UB78pC4zFwB//SfOBE8LumGbT/CuscQEk5hw1h0aKg/LJ6vK16Zsk
/TKBBq9iOzTPTaA3MZ2wXznrJaR7QJA1E+s/UgX9sFZpZrn8uOJ7z+KKoEdvrbBV
FLIeClUb/Ke2xXy6by7tUaX9uzfX8eWozWflBsLhV/95vf5bC/HmPDr7kS9XRLHL
2T81ej/WDgXJ8lUns/WEg51r/XdzRBFkM0q5I+COaT9TBACObfUVc9HTprgu1uNO
wuukHKyny7Riqtrt6H2X7YAn3smA9Xe7rJo/j3yeZlexWivSc6nTHGpGqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPRjDT9t2PsC232Tfphyd1SrQ1iMB8GA1UdIwQY
MBaAFPOtUh+DiHSDyMmwxvPeX9XtVoXJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgt
NzVjMGNjZWRmOTc2LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jZGQ5ODUtMzM0Yy00YTBkLWE3YTgtNzVjMGNjZWRmOTc2
LzEvODYxU0g0T0lkSVBJeWJERzg5NWYxZTFXaGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQN/HCxnL
y9mHdH5Hk1Ar+ykY8KGWNRSi5F6/MixnxeS9CgSmfZ6mCcmtEvkN8A9Pyxk7Bdcz
qM4L5coIs07SJ8PxJomnZOLyyQtPef4uId+bPnfm2fWTMZtHTZbYWNRMMUk8a3Xb
I/v2P9UrMO15+9QzhFBHw9JzEd7WKtdQsEaQ2gIDDjEUTtACV1Tn1Nhg9wNnJ5kx
OaSx+gUkZYsrQ/SNwJba0EiEmZOzwk0QDpHuk9Q3zni2svK3GYOJI7IZd6wp0dw3
+eyFdb3tBb+dGr244jD97qfOux0conkGg3zOnr2Xgh6EqAuzVkOsc4ycwRhhMDXh
RQ6Gda6ydfI91g==
-----END CERTIFICATE-----