Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
File:                     yuDyZX221YxEden7gXNW4u3SzA8.mft (raw, json)
Hash identifier:          JXglfEnw88MA1i16S22rkarrpESvliYRFk1saZgAhpY=
Subject key identifier:   59:DF:5D:D3:E5:BC:11:6A:E3:8C:5D:04:44:76:02:C8:6E:3C:54:E4
Authority key identifier: CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F
Certificate issuer:       /CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
Certificate serial:       018F87B65F66347123EA00DA5B4D0D9F023F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
Manifest number:          0D54
Signing time:             Fri 17 May 2024 18:00:27 +0000
Manifest this update:     Fri 17 May 2024 18:00:27 +0000
Manifest next update:     Sat 18 May 2024 18:00:27 +0000
Files and hashes:         1: yuDyZX221YxEden7gXNW4u3SzA8.crl (hash: t6073CKFOAHuj0CQiloLVU44vQ5WtieE8MrK0InNQ5U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:5f:66:34:71:23:ea:00:da:5b:4d:0d:9f:02:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cae0f2657db6d58c4475e9fb817356e2edd2cc0f
        Validity
            Not Before: May 17 18:00:27 2024 GMT
            Not After : May 18 18:00:27 2024 GMT
        Subject: CN=59df5dd3e5bc116ae38c5d04447602c86e3c54e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:7e:df:b6:ba:67:2f:32:f3:9a:0c:3f:ca:22:
                    39:8e:86:c4:c1:90:12:b5:84:53:61:63:53:93:2d:
                    e5:59:04:93:de:3c:58:34:25:c6:71:f7:43:62:50:
                    c6:0e:4f:a4:97:96:fe:83:45:ae:ba:02:f5:79:ce:
                    fb:b8:6b:b8:cc:c5:40:bb:30:02:ae:49:97:c7:1f:
                    16:a3:01:91:39:b5:ab:f9:c4:42:ef:2b:d1:89:96:
                    d0:a2:75:b9:6a:1c:58:74:4f:db:1f:dd:2a:19:91:
                    ed:f6:f3:48:79:97:39:f8:ec:30:51:e1:88:84:b1:
                    5f:f3:a2:f3:18:52:61:86:b3:eb:6b:bd:90:68:ba:
                    58:c3:f5:50:0e:83:1d:c5:cd:e1:12:a2:e2:f1:a2:
                    57:a9:ee:4e:0e:98:09:a7:00:f8:32:5e:b8:25:5d:
                    40:63:48:5f:75:9a:96:62:86:00:0e:35:05:c3:ed:
                    25:03:a0:7c:4a:80:37:02:b5:ef:c2:a1:1a:67:05:
                    6a:7a:c1:cf:d2:f9:67:ad:03:df:2b:92:df:c7:d4:
                    a3:43:41:6a:db:61:1e:31:8c:dd:9b:b6:d0:d4:89:
                    55:28:15:63:1c:40:d8:7a:e4:16:49:d5:99:32:7a:
                    9a:d5:f6:a6:1d:88:7c:cf:75:18:67:83:42:65:31:
                    c9:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:DF:5D:D3:E5:BC:11:6A:E3:8C:5D:04:44:76:02:C8:6E:3C:54:E4
            X509v3 Authority Key Identifier:
                keyid:CA:E0:F2:65:7D:B6:D5:8C:44:75:E9:FB:81:73:56:E2:ED:D2:CC:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuDyZX221YxEden7gXNW4u3SzA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/037ff1-69b9-44b4-8c0e-a19a3beb15b2/1/yuDyZX221YxEden7gXNW4u3SzA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:84:65:af:f4:be:76:dd:14:f5:c7:b8:96:89:cc:9b:e7:be:
         b5:8c:e6:e7:b7:3f:e9:b3:5b:70:fe:07:01:15:dd:95:4a:75:
         fd:f6:69:94:9e:5d:09:a8:74:2e:ec:dc:23:12:61:ab:98:26:
         5e:00:b1:3d:de:86:67:19:c7:c1:34:86:94:5e:d7:2b:bc:73:
         33:e2:71:dd:71:81:e1:5b:c4:05:e0:4f:42:01:ca:e4:9d:0e:
         bf:d6:01:97:00:d0:49:8c:f5:5b:8c:7e:08:1d:a3:b3:17:58:
         de:3e:03:4e:c0:e7:aa:23:fc:4f:ea:70:03:84:5e:19:d8:57:
         a9:0d:d3:ee:20:c4:43:4f:9b:c7:dd:cc:57:f7:24:47:49:13:
         13:cd:70:f2:e0:fc:7f:f5:1b:a9:b9:ae:2e:f3:90:ec:fc:ce:
         b7:ab:a3:1e:cd:66:52:e4:7a:c7:81:50:29:47:0e:c9:e9:7e:
         15:d9:ec:67:e2:c0:e7:7c:b3:3f:18:71:1f:d5:04:0d:78:d1:
         1b:2e:d3:59:4a:e8:3f:bd:aa:0f:0a:28:1a:11:63:d7:ab:fa:
         00:c4:34:fe:98:a9:4e:c2:b4:ff:20:d9:58:85:98:a6:44:9d:
         c3:94:f3:28:d5:73:2f:0b:6c:11:17:7c:76:b7:7a:de:66:46:
         32:66:9e:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htl9mNHEj6gDaW00NnwI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZTBmMjY1N2RiNmQ1OGM0NDc1ZTlmYjgxNzM1NmUyZWRk
MmNjMGYwHhcNMjQwNTE3MTgwMDI3WhcNMjQwNTE4MTgwMDI3WjAzMTEwLwYDVQQD
Eyg1OWRmNWRkM2U1YmMxMTZhZTM4YzVkMDQ0NDc2MDJjODZlM2M1NGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn7ftrpnLzLzmgw/yiI5jobEwZAS
tYRTYWNTky3lWQST3jxYNCXGcfdDYlDGDk+kl5b+g0WuugL1ec77uGu4zMVAuzAC
rkmXxx8WowGRObWr+cRC7yvRiZbQonW5ahxYdE/bH90qGZHt9vNIeZc5+OwwUeGI
hLFf86LzGFJhhrPra72QaLpYw/VQDoMdxc3hEqLi8aJXqe5ODpgJpwD4Ml64JV1A
Y0hfdZqWYoYADjUFw+0lA6B8SoA3ArXvwqEaZwVqesHP0vlnrQPfK5Lfx9SjQ0Fq
22EeMYzdm7bQ1IlVKBVjHEDYeuQWSdWZMnqa1famHYh8z3UYZ4NCZTHJRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnfXdPlvBFq44xdBER2AshuPFTkMB8GA1UdIwQY
MBaAFMrg8mV9ttWMRHXp+4FzVuLt0swPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUt
YTE5YTNiZWIxNWIyLzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny8wMzdmZjEtNjliOS00NGI0LThjMGUtYTE5YTNiZWIxNWIy
LzEveXVEeVpYMjIxWXhFZGVuN2dYTlc0dTNTekE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX4Rlr/S+
dt0U9ce4lonMm+e+tYzm57c/6bNbcP4HARXdlUp1/fZplJ5dCah0LuzcIxJhq5gm
XgCxPd6GZxnHwTSGlF7XK7xzM+Jx3XGB4VvEBeBPQgHK5J0Ov9YBlwDQSYz1W4x+
CB2jsxdY3j4DTsDnqiP8T+pwA4ReGdhXqQ3T7iDEQ0+bx93MV/ckR0kTE81w8uD8
f/UbqbmuLvOQ7PzOt6ujHs1mUuR6x4FQKUcOyel+FdnsZ+LA53yzPxhxH9UEDXjR
Gy7TWUroP72qDwooGhFj16v6AMQ0/pipTsK0/yDZWIWYpkSdw5TzKNVzLwtsERd8
drd63mZGMmae+g==
-----END CERTIFICATE-----