Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
File:                     tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json)
Hash identifier:          NFfa7Fag6G1RpiBRkv1SmdMRP/x8E5uXSRu4FYkajo8=
Subject key identifier:   04:22:07:89:74:E2:BE:B6:43:DC:28:42:FD:F1:9A:72:66:56:B3:82
Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91
Certificate issuer:       /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
Certificate serial:       018F87B61FBA6EB1E812B33A47E3C5459785
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
Manifest number:          03FF
Signing time:             Fri 17 May 2024 18:00:10 +0000
Manifest this update:     Fri 17 May 2024 18:00:10 +0000
Manifest next update:     Sat 18 May 2024 18:00:10 +0000
Files and hashes:         1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: Q0M9UoO9hoA9Wuez5r32MargWCtCOTN0haO7X1EkOlY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:1f:ba:6e:b1:e8:12:b3:3a:47:e3:c5:45:97:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791
        Validity
            Not Before: May 17 18:00:10 2024 GMT
            Not After : May 18 18:00:10 2024 GMT
        Subject: CN=0422078974e2beb643dc2842fdf19a726656b382
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a0:69:77:75:c7:aa:ec:98:d5:ce:e6:a0:56:
                    3b:aa:8f:61:5d:11:fe:e5:3e:28:16:fc:5d:64:f0:
                    4b:31:35:ef:25:47:1f:54:4d:f8:e8:6c:ec:ca:8b:
                    80:19:dd:9a:fe:9a:2c:85:09:12:37:27:1b:15:5c:
                    80:21:72:d9:f7:0c:70:47:93:0c:83:3f:df:1f:df:
                    17:31:f9:a3:5e:fd:5e:2b:5e:d8:fa:a1:7d:d8:4c:
                    1d:1a:9a:90:ae:f2:9e:24:26:a1:d9:26:b1:f1:2e:
                    db:b1:b2:64:63:5f:7d:03:55:5b:65:d0:cd:1d:ac:
                    ff:23:5f:01:0c:63:54:7f:30:8d:b0:21:09:95:94:
                    d7:a0:e3:1e:81:87:ea:f9:74:d4:ab:05:15:8b:13:
                    74:b5:8f:65:5a:eb:24:fc:e8:c3:f3:0c:fa:6a:8c:
                    20:4f:fe:08:3d:81:ce:d0:93:15:cc:4a:e9:14:66:
                    da:76:5e:8d:13:86:42:7f:9b:52:37:ad:46:8a:72:
                    cf:f3:cd:32:39:f4:79:79:34:d9:4b:51:8f:21:98:
                    04:59:40:c7:94:64:7f:4b:c7:80:5e:f8:32:1b:e0:
                    45:bb:4c:e8:56:93:46:48:d2:af:c3:04:ac:66:cf:
                    53:d3:cd:0b:e2:50:99:fb:00:fa:3a:10:3e:6f:f6:
                    0d:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:22:07:89:74:E2:BE:B6:43:DC:28:42:FD:F1:9A:72:66:56:B3:82
            X509v3 Authority Key Identifier:
                keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         89:da:0d:b8:08:8b:d2:ea:41:e8:8d:f1:5e:1e:bf:58:74:2d:
         7c:43:db:ad:1d:f2:e0:2b:d9:3c:70:2c:ab:8e:76:6e:14:5b:
         6f:40:60:3a:8a:62:1b:9b:23:1e:d0:9e:06:df:f5:c5:56:1e:
         53:3d:0d:6e:ff:e0:7a:e3:dc:05:dc:8e:90:8d:06:aa:87:c0:
         6d:d3:cb:5c:f0:6d:0c:04:4b:bb:80:06:7f:ab:38:e2:30:b7:
         5b:51:60:73:95:80:29:83:01:e4:ea:0f:54:4a:3d:a8:ef:73:
         f9:9c:50:9e:d1:b7:36:aa:9b:e5:78:5b:07:f7:53:c8:cb:8e:
         f9:7e:68:7f:47:1d:1b:32:f6:05:db:ca:7c:4f:39:ed:fe:9d:
         9b:4c:88:67:53:76:72:eb:83:cd:75:e2:3f:57:37:4f:08:5a:
         14:f7:34:10:af:f1:92:dd:b8:c1:60:4b:e3:5a:ee:87:d8:2b:
         f8:04:ae:6b:0c:6a:73:99:e3:db:1d:52:7c:01:66:cd:6e:7e:
         ab:1d:7c:27:77:30:df:89:b5:12:06:95:3a:36:e9:11:17:fe:
         c8:d3:5b:59:0c:30:22:86:55:f1:7d:a9:07:58:e0:ca:8e:5d:
         6b:a9:ae:a4:45:6a:7a:0c:14:59:7f:19:f1:98:b9:d6:6e:29:
         3b:ec:1f:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Hth+6brHoErM6R+PFRZeFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh
YzU3OTEwHhcNMjQwNTE3MTgwMDEwWhcNMjQwNTE4MTgwMDEwWjAzMTEwLwYDVQQD
EygwNDIyMDc4OTc0ZTJiZWI2NDNkYzI4NDJmZGYxOWE3MjY2NTZiMzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKBpd3XHquyY1c7moFY7qo9hXRH+
5T4oFvxdZPBLMTXvJUcfVE346GzsyouAGd2a/poshQkSNycbFVyAIXLZ9wxwR5MM
gz/fH98XMfmjXv1eK17Y+qF92EwdGpqQrvKeJCah2Sax8S7bsbJkY199A1VbZdDN
Haz/I18BDGNUfzCNsCEJlZTXoOMegYfq+XTUqwUVixN0tY9lWusk/OjD8wz6aowg
T/4IPYHO0JMVzErpFGbadl6NE4ZCf5tSN61GinLP880yOfR5eTTZS1GPIZgEWUDH
lGR/S8eAXvgyG+BFu0zoVpNGSNKvwwSsZs9T080L4lCZ+wD6OhA+b/YNowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQiB4l04r62Q9woQv3xmnJmVrOCMB8GA1UdIwQY
MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt
NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5
LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAidoNuAiL
0upB6I3xXh6/WHQtfEPbrR3y4CvZPHAsq452bhRbb0BgOopiG5sjHtCeBt/1xVYe
Uz0Nbv/geuPcBdyOkI0GqofAbdPLXPBtDARLu4AGf6s44jC3W1Fgc5WAKYMB5OoP
VEo9qO9z+ZxQntG3Nqqb5XhbB/dTyMuO+X5of0cdGzL2BdvKfE857f6dm0yIZ1N2
cuuDzXXiP1c3TwhaFPc0EK/xkt24wWBL41ruh9gr+ASuawxqc5nj2x1SfAFmzW5+
qx18J3cw34m1EgaVOjbpERf+yNNbWQwwIoZV8X2pB1jgyo5da6mupEVqegwUWX8Z
8Zi51m4pO+wfqw==
-----END CERTIFICATE-----