Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
File:                     kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json)
Hash identifier:          ZsJ902jA36sgBZ4zhQrRuJtSKeNyXmgQOUr4H/250Cg=
Subject key identifier:   43:26:7B:90:8D:43:34:65:D0:23:3E:A4:ED:28:83:42:27:2A:1D:CE
Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A
Certificate issuer:       /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
Certificate serial:       018F87ED2E6D03AFF852F0A17A18866EBAFF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
Manifest number:          A2
Signing time:             Fri 17 May 2024 19:00:18 +0000
Manifest this update:     Fri 17 May 2024 19:00:18 +0000
Manifest next update:     Sat 18 May 2024 19:00:18 +0000
Files and hashes:         1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: x7ViAcSmGAnxRWeYx0obRYDrxgEFUXZiKoQh7Xvrn0g=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:2e:6d:03:af:f8:52:f0:a1:7a:18:86:6e:ba:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a
        Validity
            Not Before: May 17 19:00:18 2024 GMT
            Not After : May 18 19:00:18 2024 GMT
        Subject: CN=43267b908d433465d0233ea4ed288342272a1dce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b8:4a:46:28:95:9d:4a:20:5f:46:c8:17:dd:
                    a5:00:40:cb:50:aa:f9:5f:7e:82:e3:80:8f:71:f3:
                    bc:b4:21:a4:e3:1f:70:8d:9a:f3:f0:f9:92:84:70:
                    cd:df:58:45:59:3c:99:1c:9a:dc:e3:4f:80:c8:9f:
                    ad:ac:f4:a1:d2:70:b0:40:c3:d9:fe:03:6e:6f:a5:
                    02:6b:40:c8:ae:75:a4:83:69:a0:2e:64:94:15:0c:
                    30:58:11:e1:ba:70:86:6c:6b:1c:87:2e:a2:59:7c:
                    e8:bf:cb:36:ac:43:19:87:5e:9f:fb:99:c2:30:6a:
                    29:90:84:61:e5:71:0a:66:8f:cb:e5:7e:dd:9f:6b:
                    ae:38:7b:57:f2:5b:92:a4:e9:29:c6:30:ec:48:81:
                    da:9e:27:bf:a0:87:36:92:f2:78:c7:02:63:3e:0d:
                    c1:46:0d:99:4b:9c:a1:e5:bb:6b:58:a8:5e:e1:31:
                    6d:d4:8e:3a:df:3a:b8:70:68:93:07:cb:41:87:9f:
                    2e:a9:09:e4:af:93:ce:54:ed:1b:1a:73:3e:b9:d6:
                    10:a7:b1:b0:47:e9:99:50:ab:4a:6f:b6:9a:e7:d6:
                    71:f3:2f:d3:aa:1b:ee:29:18:d6:60:ea:16:ef:ca:
                    48:ef:c0:a6:e5:c0:87:e4:99:dc:57:77:9d:70:1d:
                    b4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:26:7B:90:8D:43:34:65:D0:23:3E:A4:ED:28:83:42:27:2A:1D:CE
            X509v3 Authority Key Identifier:
                keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         06:46:73:f6:5d:4d:81:7f:6c:5e:31:00:5f:d4:d0:6b:8b:ae:
         7b:93:1d:25:17:64:26:bb:75:ad:db:05:c4:45:6d:31:87:5e:
         35:15:ee:0c:e9:8f:fd:d5:12:5a:0b:ae:0d:41:69:46:a0:7b:
         0b:4e:ce:74:ca:bc:c7:08:62:a6:e9:c3:24:c3:3f:70:ab:2e:
         24:9c:68:14:46:4a:e6:58:fe:e0:71:4f:c6:7b:b4:55:d0:3d:
         12:a9:76:93:d2:0c:64:6e:bd:4b:05:80:ac:97:e6:5b:dc:86:
         ae:1e:04:9c:d3:14:89:d1:d5:3d:40:83:55:f5:ce:0a:2f:b7:
         10:2c:09:27:ff:96:f2:fd:b3:c5:d9:2f:9e:e2:76:d2:df:ea:
         d1:c9:1b:52:e4:15:c0:e9:7b:e2:10:35:aa:f4:7d:fd:e0:40:
         6e:83:b8:0f:fb:3e:7d:46:ca:b2:f5:14:41:4d:7a:07:8a:25:
         44:b6:23:03:81:0c:a9:2a:4b:f9:c7:c7:60:ea:87:00:9e:a3:
         a8:d1:52:c5:b9:54:bf:11:a1:82:7d:db:85:d6:5a:1a:0c:13:
         10:d2:84:20:98:bc:d0:75:0e:d8:1b:03:6d:8b:8e:55:b6:61:
         e9:d4:4f:30:5b:0f:f1:c3:81:3d:3f:7f:63:f5:8a:26:af:6c:
         0a:76:76:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7S5tA6/4UvChehiGbrr/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw
NGNiNGEwHhcNMjQwNTE3MTkwMDE4WhcNMjQwNTE4MTkwMDE4WjAzMTEwLwYDVQQD
Eyg0MzI2N2I5MDhkNDMzNDY1ZDAyMzNlYTRlZDI4ODM0MjI3MmExZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrhKRiiVnUogX0bIF92lAEDLUKr5
X36C44CPcfO8tCGk4x9wjZrz8PmShHDN31hFWTyZHJrc40+AyJ+trPSh0nCwQMPZ
/gNub6UCa0DIrnWkg2mgLmSUFQwwWBHhunCGbGschy6iWXzov8s2rEMZh16f+5nC
MGopkIRh5XEKZo/L5X7dn2uuOHtX8luSpOkpxjDsSIHanie/oIc2kvJ4xwJjPg3B
Rg2ZS5yh5btrWKhe4TFt1I463zq4cGiTB8tBh58uqQnkr5POVO0bGnM+udYQp7Gw
R+mZUKtKb7aa59Zx8y/TqhvuKRjWYOoW78pI78Cm5cCH5JncV3edcB20zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEMme5CNQzRl0CM+pO0og0InKh3OMB8GA1UdIwQY
MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt
YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh
LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABkZz9l1N
gX9sXjEAX9TQa4uue5MdJRdkJrt1rdsFxEVtMYdeNRXuDOmP/dUSWguuDUFpRqB7
C07OdMq8xwhipunDJMM/cKsuJJxoFEZK5lj+4HFPxnu0VdA9Eql2k9IMZG69SwWA
rJfmW9yGrh4EnNMUidHVPUCDVfXOCi+3ECwJJ/+W8v2zxdkvnuJ20t/q0ckbUuQV
wOl74hA1qvR9/eBAboO4D/s+fUbKsvUUQU16B4olRLYjA4EMqSpL+cfHYOqHAJ6j
qNFSxblUvxGhgn3bhdZaGgwTENKEIJi80HUO2BsDbYuOVbZh6dRPMFsP8cOBPT9/
Y/WKJq9sCnZ2Tw==
-----END CERTIFICATE-----