Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
File:                     4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json)
Hash identifier:          LEmPGEAFSfWuMnBkDKRHQEs7WpDJh564uocY2uzIqVo=
Subject key identifier:   B0:78:9D:F7:0D:78:6B:8B:C3:87:B8:12:2C:53:F0:95:4D:D7:20:F7
Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA
Certificate issuer:       /CN=e31b9b629904d438451127855b52f882ebe162aa
Certificate serial:       018F2426A9C64D08EB905C441768892EB6F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
Manifest number:          0A76
Signing time:             Sun 28 Apr 2024 10:01:04 +0000
Manifest this update:     Sun 28 Apr 2024 10:01:04 +0000
Manifest next update:     Mon 29 Apr 2024 10:01:04 +0000
Files and hashes:         1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: Es5iocCO1r3piWSTI4sfYETJoL1D8DrRreP/Tqe9nEM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 05:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:24:26:a9:c6:4d:08:eb:90:5c:44:17:68:89:2e:b6:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa
        Validity
            Not Before: Apr 28 10:01:04 2024 GMT
            Not After : Apr 29 10:01:04 2024 GMT
        Subject: CN=b0789df70d786b8bc387b8122c53f0954dd720f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7b:d0:13:8a:33:92:8e:94:33:4e:d0:af:df:
                    2a:4b:7b:ce:a1:08:9f:d6:24:9d:53:a7:99:fe:80:
                    99:51:dd:37:43:7f:a7:8e:9e:ae:6c:78:c1:af:3e:
                    30:52:39:a6:7e:74:78:05:1e:79:fc:60:3f:80:fa:
                    80:d1:4f:ed:c2:2d:a8:f5:a2:13:2c:c8:52:b4:65:
                    4d:e5:b7:08:7e:2c:f6:e9:3a:f5:f4:3b:3d:d5:b8:
                    6b:de:31:4b:b8:84:a8:55:8e:54:02:13:bb:61:03:
                    b6:b6:e9:90:ed:06:99:55:c8:32:6d:45:92:de:8d:
                    5e:bb:df:4e:18:e3:c0:4b:2b:c9:d9:52:ef:c9:4e:
                    2e:65:78:41:70:3a:93:de:f8:ce:93:64:ab:b5:f6:
                    30:d8:04:d3:32:63:01:82:99:ac:44:38:bf:64:18:
                    1d:7e:b0:67:87:4a:c8:07:6a:ed:bc:5d:af:d7:e0:
                    fd:84:5e:34:b5:a9:22:04:85:57:ea:86:c5:46:66:
                    ae:47:f0:b0:66:f2:61:a7:2a:c8:89:bf:96:c3:82:
                    b8:86:b9:f3:3d:0a:d8:f1:40:41:74:b6:0d:dc:4f:
                    4d:92:fd:bd:32:41:65:9e:9e:15:45:cc:82:44:d4:
                    a8:aa:3c:cc:40:c3:c3:f6:84:81:17:ee:81:7e:81:
                    61:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:78:9D:F7:0D:78:6B:8B:C3:87:B8:12:2C:53:F0:95:4D:D7:20:F7
            X509v3 Authority Key Identifier:
                keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:fe:0b:0e:f5:af:f5:83:b6:33:14:90:6b:97:d6:52:59:cf:
         84:2c:28:d0:a6:d5:66:59:cf:c2:d7:07:52:64:95:c3:b1:7a:
         96:60:1a:3b:f2:d6:b7:b9:4d:df:36:cd:99:67:ad:20:ce:56:
         f6:fd:f5:52:95:34:6f:6d:ec:f2:61:ba:82:15:3d:1d:bb:c7:
         cc:57:f5:30:ed:ab:f9:36:da:23:fe:54:51:75:a3:41:c6:46:
         d2:68:aa:70:3a:be:17:65:66:e2:0f:39:a7:ef:cb:7b:60:d4:
         48:3c:07:83:6c:5f:cd:7e:7b:d1:07:91:02:64:fc:fa:35:4e:
         e5:b4:85:a7:f5:9b:ec:82:6c:8a:70:91:d9:c5:c2:58:73:fb:
         6a:b5:a6:01:28:61:8a:f8:48:f2:02:b2:29:5f:05:20:43:fc:
         53:d5:f2:75:4d:46:b0:da:0f:b1:32:18:3b:43:8e:c7:ae:b2:
         b4:3d:53:34:2e:96:d8:01:cd:73:e6:11:64:18:85:6f:91:48:
         1f:51:b2:56:0d:a3:97:79:3a:1e:a0:12:c2:de:3c:ba:71:bb:
         6c:f4:f4:49:29:3b:67:fb:65:ac:e2:bc:3a:e3:3e:86:70:3b:
         dd:c0:f5:36:16:85:35:df:35:f1:db:77:ad:1f:04:c8:c1:78:
         93:2e:da:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8kJqnGTQjrkFxEF2iJLrb3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl
MTYyYWEwHhcNMjQwNDI4MTAwMTA0WhcNMjQwNDI5MTAwMTA0WjAzMTEwLwYDVQQD
EyhiMDc4OWRmNzBkNzg2YjhiYzM4N2I4MTIyYzUzZjA5NTRkZDcyMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3vQE4ozko6UM07Qr98qS3vOoQif
1iSdU6eZ/oCZUd03Q3+njp6ubHjBrz4wUjmmfnR4BR55/GA/gPqA0U/twi2o9aIT
LMhStGVN5bcIfiz26Tr19Ds91bhr3jFLuISoVY5UAhO7YQO2tumQ7QaZVcgybUWS
3o1eu99OGOPASyvJ2VLvyU4uZXhBcDqT3vjOk2SrtfYw2ATTMmMBgpmsRDi/ZBgd
frBnh0rIB2rtvF2v1+D9hF40takiBIVX6obFRmauR/CwZvJhpyrIib+Ww4K4hrnz
PQrY8UBBdLYN3E9Nkv29MkFlnp4VRcyCRNSoqjzMQMPD9oSBF+6BfoFhrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLB4nfcNeGuLw4e4EixT8JVN1yD3MB8GA1UdIwQY
MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut
ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw
LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoP4LDvWv
9YO2MxSQa5fWUlnPhCwo0KbVZlnPwtcHUmSVw7F6lmAaO/LWt7lN3zbNmWetIM5W
9v31UpU0b23s8mG6ghU9HbvHzFf1MO2r+TbaI/5UUXWjQcZG0miqcDq+F2Vm4g85
p+/Le2DUSDwHg2xfzX570QeRAmT8+jVO5bSFp/Wb7IJsinCR2cXCWHP7arWmAShh
ivhI8gKyKV8FIEP8U9XydU1GsNoPsTIYO0OOx66ytD1TNC6W2AHNc+YRZBiFb5FI
H1GyVg2jl3k6HqASwt48unG7bPT0SSk7Z/tlrOK8OuM+hnA73cD1NhaFNd818dt3
rR8EyMF4ky7aKQ==
-----END CERTIFICATE-----