Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
File:                     aKUCPY4CESaZfXkmpHcBYIqs48c.mft (raw, json)
Hash identifier:          tpPaGOXecisTwv5j11OzWoKrZAllJmTn6E9cafzH78s=
Subject key identifier:   39:1C:D1:59:15:D4:60:15:AC:01:64:99:A7:1B:D8:05:3A:68:B5:11
Authority key identifier: 68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7
Certificate issuer:       /CN=68a5023d8e021126997d7926a47701608aace3c7
Certificate serial:       018F87B63B77725615C449123CDEF4E9F924
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
Manifest number:          02E9
Signing time:             Fri 17 May 2024 18:00:17 +0000
Manifest this update:     Fri 17 May 2024 18:00:17 +0000
Manifest next update:     Sat 18 May 2024 18:00:17 +0000
Files and hashes:         1: aKUCPY4CESaZfXkmpHcBYIqs48c.crl (hash: n8r3jxtnOBP7OZYL3HdRGZCPMLfdJX+2j7xGVacFuXg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:3b:77:72:56:15:c4:49:12:3c:de:f4:e9:f9:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68a5023d8e021126997d7926a47701608aace3c7
        Validity
            Not Before: May 17 18:00:17 2024 GMT
            Not After : May 18 18:00:17 2024 GMT
        Subject: CN=391cd15915d46015ac016499a71bd8053a68b511
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:b1:f1:de:68:a9:63:f1:e5:de:2d:83:59:17:
                    b3:2f:13:fd:4c:7e:0a:10:10:d5:ef:0f:58:d6:44:
                    08:6c:cb:1d:65:1f:d3:09:09:7f:1d:27:fc:39:3b:
                    a3:78:94:c9:35:64:60:35:c8:01:b7:14:4c:41:03:
                    43:75:d2:e1:58:69:1b:16:7e:71:3f:83:69:d0:9e:
                    2a:24:5e:d1:c7:c9:fb:13:8b:d5:a1:cc:3e:92:4d:
                    da:70:53:7a:22:9a:0d:88:94:a7:9c:62:78:59:d4:
                    16:e4:e9:af:f1:44:32:b3:fe:b4:ef:6c:f0:e1:b6:
                    36:3f:a7:cc:4f:70:3f:67:45:59:c4:64:a2:32:96:
                    4e:2c:dc:fa:15:d8:5b:21:c1:2e:16:de:df:b2:ea:
                    00:cd:f5:0b:49:e1:09:3c:02:cd:2d:67:08:cf:c4:
                    03:13:b0:5e:8a:50:d3:b9:41:87:01:79:36:f7:04:
                    8a:ff:bc:84:69:be:f1:85:19:cd:f8:4c:71:73:8d:
                    bf:d5:fb:95:36:a5:9b:c2:ae:cc:60:03:a1:c1:8c:
                    da:8f:5c:88:b4:64:52:64:15:6b:5e:e1:95:4f:7e:
                    27:c8:2f:a3:ba:62:8d:ef:76:39:64:4c:02:be:4e:
                    93:01:c3:34:b3:39:3e:c0:74:75:ba:08:9c:30:5a:
                    e3:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:1C:D1:59:15:D4:60:15:AC:01:64:99:A7:1B:D8:05:3A:68:B5:11
            X509v3 Authority Key Identifier:
                keyid:68:A5:02:3D:8E:02:11:26:99:7D:79:26:A4:77:01:60:8A:AC:E3:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKUCPY4CESaZfXkmpHcBYIqs48c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/58/860beb-2edb-4ce0-a55e-8481e6c33e3c/1/aKUCPY4CESaZfXkmpHcBYIqs48c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0e:e2:43:79:bc:2a:8c:4a:f3:93:07:f4:8a:bc:96:c3:b3:d0:
         10:38:9d:06:01:76:20:1f:85:26:99:f5:7a:44:e7:7d:6a:84:
         da:0b:f7:3c:3f:06:e7:5a:58:c8:d1:c2:23:aa:50:fc:3d:31:
         00:5d:60:3a:9d:c0:d0:61:f7:7f:c2:4f:f7:34:97:96:8a:9d:
         69:7e:1c:34:79:d3:ba:0e:b2:f3:ec:32:fa:46:45:3c:39:01:
         18:9a:20:a8:b0:7b:3d:71:3f:c7:fc:33:fb:cd:1e:c2:a7:ea:
         b2:1d:eb:9c:a0:0b:85:55:58:d7:94:dc:d8:f5:8c:d8:d1:20:
         00:a2:5d:b9:6d:4f:6f:5d:c6:fc:1c:dd:c4:d0:6d:c3:02:cc:
         23:cc:6e:43:92:db:af:ee:ee:0b:85:de:44:e6:e2:a6:9c:5f:
         e4:83:7f:01:3e:a2:6e:c7:8e:7a:b4:50:28:ff:37:9c:9a:de:
         a1:a3:ab:62:01:33:06:a2:19:42:1e:03:5f:ff:71:bf:af:9b:
         e6:cf:73:9b:67:00:bb:0f:5c:da:ff:91:cf:38:35:b9:b5:84:
         8f:9c:a7:d6:ab:38:52:2c:10:c8:60:1e:d1:a6:03:85:a1:1d:
         eb:3a:4e:8b:35:e4:de:9a:8b:3b:12:37:8d:6d:ef:67:b7:ba:
         c3:64:8f:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htjt3clYVxEkSPN706fkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTUwMjNkOGUwMjExMjY5OTdkNzkyNmE0NzcwMTYwOGFh
Y2UzYzcwHhcNMjQwNTE3MTgwMDE3WhcNMjQwNTE4MTgwMDE3WjAzMTEwLwYDVQQD
EygzOTFjZDE1OTE1ZDQ2MDE1YWMwMTY0OTlhNzFiZDgwNTNhNjhiNTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbHx3mipY/Hl3i2DWRezLxP9TH4K
EBDV7w9Y1kQIbMsdZR/TCQl/HSf8OTujeJTJNWRgNcgBtxRMQQNDddLhWGkbFn5x
P4Np0J4qJF7Rx8n7E4vVocw+kk3acFN6IpoNiJSnnGJ4WdQW5Omv8UQys/6072zw
4bY2P6fMT3A/Z0VZxGSiMpZOLNz6FdhbIcEuFt7fsuoAzfULSeEJPALNLWcIz8QD
E7BeilDTuUGHAXk29wSK/7yEab7xhRnN+Exxc42/1fuVNqWbwq7MYAOhwYzaj1yI
tGRSZBVrXuGVT34nyC+jumKN73Y5ZEwCvk6TAcM0szk+wHR1ugicMFrj/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDkc0VkV1GAVrAFkmacb2AU6aLURMB8GA1UdIwQY
MBaAFGilAj2OAhEmmX15JqR3AWCKrOPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUt
ODQ4MWU2YzMzZTNjLzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84NjBiZWItMmVkYi00Y2UwLWE1NWUtODQ4MWU2YzMzZTNj
LzEvYUtVQ1BZNENFU2FaZlhrbXBIY0JZSXFzNDhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADuJDebwq
jErzkwf0iryWw7PQEDidBgF2IB+FJpn1ekTnfWqE2gv3PD8G51pYyNHCI6pQ/D0x
AF1gOp3A0GH3f8JP9zSXloqdaX4cNHnTug6y8+wy+kZFPDkBGJogqLB7PXE/x/wz
+80ewqfqsh3rnKALhVVY15Tc2PWM2NEgAKJduW1Pb13G/BzdxNBtwwLMI8xuQ5Lb
r+7uC4XeRObippxf5IN/AT6ibseOerRQKP83nJreoaOrYgEzBqIZQh4DX/9xv6+b
5s9zm2cAuw9c2v+Rzzg1ubWEj5yn1qs4UiwQyGAe0aYDhaEd6zpOizXk3pqLOxI3
jW3vZ7e6w2SP7A==
-----END CERTIFICATE-----