Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
File:                     DU7kd6rb1vbH8sonqPohowxrNXw.mft (raw, json)
Hash identifier:          rSBRWAbfMsCc4EnMAK88CVt+DE+rQPsrlikirqPpAp0=
Subject key identifier:   58:D6:A7:F4:28:DE:D4:BF:6D:F9:D4:02:42:A3:F7:F3:AE:5F:62:1D
Authority key identifier: 0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C
Certificate issuer:       /CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
Certificate serial:       018F20EFACDE23F1B43DA0D6E0382C0CFA27
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
Manifest number:          0CD2
Signing time:             Sat 27 Apr 2024 19:02:09 +0000
Manifest this update:     Sat 27 Apr 2024 19:02:09 +0000
Manifest next update:     Sun 28 Apr 2024 19:02:09 +0000
Files and hashes:         1: DU7kd6rb1vbH8sonqPohowxrNXw.crl (hash: EQVmx+gPtHXaU9wGzVgDiDPtqs8RjXxoZMasLv8zHH0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:20:ef:ac:de:23:f1:b4:3d:a0:d6:e0:38:2c:0c:fa:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d4ee477aadbd6f6c7f2ca27a8fa21a30c6b357c
        Validity
            Not Before: Apr 27 19:02:09 2024 GMT
            Not After : Apr 28 19:02:09 2024 GMT
        Subject: CN=58d6a7f428ded4bf6df9d40242a3f7f3ae5f621d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ec:c6:ad:3a:e0:a6:85:c6:4a:b8:53:89:94:
                    c3:a6:c2:ec:2d:dd:f3:4d:96:df:01:33:a6:5e:62:
                    f4:23:67:29:b9:86:62:08:2f:19:39:67:ae:6c:34:
                    48:54:47:49:6f:e0:bc:c1:d5:b5:90:44:6d:0f:6f:
                    5e:24:96:ff:c6:b1:96:5d:ac:ef:75:70:ca:5b:bf:
                    87:f8:1b:06:90:a5:b8:53:64:b1:12:9c:de:77:3d:
                    f7:b6:0f:e9:a4:44:ef:49:9f:74:92:e5:67:ae:76:
                    74:40:8b:b6:46:7a:14:c1:9b:39:05:0d:ed:6a:c6:
                    5f:90:9e:2d:f2:00:28:34:f5:03:3d:8f:5f:1c:7b:
                    ea:b1:db:57:6a:4e:6e:f0:8b:84:37:04:c4:1e:2d:
                    c4:c7:e5:95:34:54:b3:8b:10:d2:59:69:33:b5:59:
                    af:5f:e6:2f:71:48:ac:b1:a0:db:cd:24:78:63:73:
                    5e:69:75:58:dc:f9:b4:d4:6b:c4:fa:f7:8a:91:11:
                    8e:92:3c:d7:28:a2:d5:1f:dc:23:91:f3:d9:bc:01:
                    d3:c1:00:40:6a:5d:5b:f9:40:2a:f7:47:51:b2:be:
                    22:30:85:20:35:3c:1b:25:e9:7b:83:84:4d:3d:49:
                    60:88:94:c9:7d:9f:72:bd:4d:a1:15:16:5f:d1:8c:
                    0b:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:D6:A7:F4:28:DE:D4:BF:6D:F9:D4:02:42:A3:F7:F3:AE:5F:62:1D
            X509v3 Authority Key Identifier:
                keyid:0D:4E:E4:77:AA:DB:D6:F6:C7:F2:CA:27:A8:FA:21:A3:0C:6B:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7kd6rb1vbH8sonqPohowxrNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1adb3b-0597-40f4-95f1-08a6680ac842/1/DU7kd6rb1vbH8sonqPohowxrNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         15:75:ce:19:e1:66:80:a8:34:98:9f:52:48:36:2b:f3:95:f4:
         cb:47:91:53:f6:6d:49:e4:7e:31:df:aa:84:e2:57:31:30:fc:
         ae:fb:2a:18:33:b6:90:37:ee:79:e6:b9:c6:3e:20:e7:c0:0f:
         3f:5a:2a:97:a3:6a:a4:bb:b3:3c:fd:01:e1:e5:b5:22:59:28:
         54:e7:55:17:0f:9f:35:1b:37:c2:b0:65:06:87:c1:90:3e:3b:
         6b:df:8b:94:a4:20:18:b5:1f:a4:3e:11:9b:c0:ea:43:1d:77:
         39:3e:f9:cc:b1:bc:07:e0:f0:36:a8:6c:45:57:c6:42:6e:e1:
         9e:40:ea:e8:be:cb:01:ae:ad:3d:07:6b:a6:72:f7:ea:83:c6:
         d5:a1:ad:f6:5e:83:2e:e2:b3:4d:5b:0d:09:59:94:95:dc:7d:
         6f:0b:8d:8c:ea:03:43:b2:bb:53:9f:61:4c:b5:f1:37:2a:7b:
         98:4a:53:fd:3e:62:34:1b:24:08:7c:35:e4:67:15:17:94:74:
         14:e1:16:e1:45:56:6a:87:2c:88:26:d6:24:32:6d:87:de:55:
         a3:0b:54:97:e3:3c:e5:5b:b9:a4:63:12:cf:75:52:eb:df:7c:
         39:fc:5c:20:8d:46:ac:65:13:70:ca:f8:db:5f:bd:e0:45:ef:
         63:a8:8e:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8g76zeI/G0PaDW4DgsDPonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlNDc3YWFkYmQ2ZjZjN2YyY2EyN2E4ZmEyMWEzMGM2
YjM1N2MwHhcNMjQwNDI3MTkwMjA5WhcNMjQwNDI4MTkwMjA5WjAzMTEwLwYDVQQD
Eyg1OGQ2YTdmNDI4ZGVkNGJmNmRmOWQ0MDI0MmEzZjdmM2FlNWY2MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxezGrTrgpoXGSrhTiZTDpsLsLd3z
TZbfATOmXmL0I2cpuYZiCC8ZOWeubDRIVEdJb+C8wdW1kERtD29eJJb/xrGWXazv
dXDKW7+H+BsGkKW4U2SxEpzedz33tg/ppETvSZ90kuVnrnZ0QIu2RnoUwZs5BQ3t
asZfkJ4t8gAoNPUDPY9fHHvqsdtXak5u8IuENwTEHi3Ex+WVNFSzixDSWWkztVmv
X+YvcUissaDbzSR4Y3NeaXVY3Pm01GvE+veKkRGOkjzXKKLVH9wjkfPZvAHTwQBA
al1b+UAq90dRsr4iMIUgNTwbJel7g4RNPUlgiJTJfZ9yvU2hFRZf0YwLHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjWp/Qo3tS/bfnUAkKj9/OuX2IdMB8GA1UdIwQY
MBaAFA1O5Heq29b2x/LKJ6j6IaMMazV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEt
MDhhNjY4MGFjODQyLzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xYWRiM2ItMDU5Ny00MGY0LTk1ZjEtMDhhNjY4MGFjODQy
LzEvRFU3a2Q2cmIxdmJIOHNvbnFQb2hvd3hyTlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFXXOGeFm
gKg0mJ9SSDYr85X0y0eRU/ZtSeR+Md+qhOJXMTD8rvsqGDO2kDfueea5xj4g58AP
P1oql6NqpLuzPP0B4eW1IlkoVOdVFw+fNRs3wrBlBofBkD47a9+LlKQgGLUfpD4R
m8DqQx13OT75zLG8B+DwNqhsRVfGQm7hnkDq6L7LAa6tPQdrpnL36oPG1aGt9l6D
LuKzTVsNCVmUldx9bwuNjOoDQ7K7U59hTLXxNyp7mEpT/T5iNBskCHw15GcVF5R0
FOEW4UVWaocsiCbWJDJth95VowtUl+M85Vu5pGMSz3VS6998OfxcII1GrGUTcMr4
21+94EXvY6iOkQ==
-----END CERTIFICATE-----