Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
File:                     JOuXPcgi1CNuy911UB0mxD4chzk.mft (raw, json)
Hash identifier:          ktGrqwzBPyOka9Io1NPs77kUBMWQ/qXL8V5d8/ZRjfU=
Subject key identifier:   B6:B1:DA:30:3C:E2:2A:08:83:17:50:B4:0F:DC:EE:8A:5D:BA:9E:BB
Authority key identifier: 24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39
Certificate issuer:       /CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
Certificate serial:       018F87490B0186C15C33DADC87DA49E1A115
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
Manifest number:          061C
Signing time:             Fri 17 May 2024 16:01:02 +0000
Manifest this update:     Fri 17 May 2024 16:01:02 +0000
Manifest next update:     Sat 18 May 2024 16:01:02 +0000
Files and hashes:         1: JOuXPcgi1CNuy911UB0mxD4chzk.crl (hash: H624PEM8QEJaDXakyynnUb9Vy4qVWwEq8PDJY+1bk80=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:0b:01:86:c1:5c:33:da:dc:87:da:49:e1:a1:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=24eb973dc822d4236ecbdd75501d26c43e1c8739
        Validity
            Not Before: May 17 16:01:02 2024 GMT
            Not After : May 18 16:01:02 2024 GMT
        Subject: CN=b6b1da303ce22a08831750b40fdcee8a5dba9ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4a:2f:a2:5f:44:f2:0f:da:dc:a3:9e:5e:0e:
                    fe:bd:c4:e7:1e:74:0e:e1:44:b1:b0:c1:f4:7a:e0:
                    40:53:73:23:00:53:22:fc:71:a8:17:cf:83:b0:62:
                    1b:64:bc:2d:a5:aa:dd:e2:d3:02:b5:78:43:a8:c1:
                    24:b0:af:f5:ac:39:89:ee:d9:66:06:f5:33:69:fa:
                    03:f9:cd:8a:86:13:cc:bd:8f:fb:5a:2c:41:d3:d7:
                    c0:61:77:75:30:47:a3:76:25:fe:d2:a5:40:1b:52:
                    a9:23:64:b4:b5:bf:ef:df:3c:53:fe:2e:20:5a:97:
                    57:83:7e:1c:c5:4f:f9:85:96:f8:fb:d7:53:46:18:
                    31:05:75:30:2d:e8:53:70:cf:29:e2:5c:a7:b2:63:
                    b6:e2:35:43:92:d8:72:12:5b:0d:ed:e0:ed:ea:62:
                    e4:bc:87:7d:b3:31:a5:51:ce:e0:fd:39:d4:07:a7:
                    b4:d4:d1:75:66:a7:3b:6a:d6:f4:54:b7:75:15:70:
                    15:f3:3d:d4:94:f8:79:81:0f:ae:24:e9:fb:0d:8b:
                    f1:db:a8:76:b4:0e:7d:d1:8c:9d:12:82:4d:6d:58:
                    d8:cc:39:01:d7:3f:77:96:d6:9c:4b:34:f1:14:33:
                    9e:d8:d1:51:4f:0f:d2:41:39:33:e2:17:3e:01:1f:
                    f8:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:B1:DA:30:3C:E2:2A:08:83:17:50:B4:0F:DC:EE:8A:5D:BA:9E:BB
            X509v3 Authority Key Identifier:
                keyid:24:EB:97:3D:C8:22:D4:23:6E:CB:DD:75:50:1D:26:C4:3E:1C:87:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JOuXPcgi1CNuy911UB0mxD4chzk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/9cedd9-113b-4061-a632-4e1d167f0a9c/1/JOuXPcgi1CNuy911UB0mxD4chzk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         19:9e:bc:97:ff:bd:26:65:1f:1c:5c:23:d6:b4:a0:07:da:ee:
         4a:53:53:48:e9:0a:29:3c:3f:13:aa:cc:d9:5c:c4:4b:b6:78:
         dd:1f:72:54:7b:29:45:f0:a7:9f:67:23:ba:c4:98:d1:4a:7f:
         a5:ce:99:43:db:e7:53:a1:d9:db:60:a5:aa:d8:9d:81:9d:20:
         99:3c:d0:01:04:bd:4f:a2:9e:e6:41:88:6c:8a:5f:c7:25:ff:
         b9:03:49:9b:52:61:fd:81:16:30:0c:26:48:f1:62:72:06:ec:
         8b:21:bd:75:d5:a6:fb:52:6e:8e:72:b8:6d:bb:68:7f:df:fe:
         7e:3b:26:a5:ad:ce:4a:4f:8c:86:b2:3e:a4:19:ee:d9:44:ba:
         3d:f7:ab:57:53:60:f7:6f:56:fa:30:41:8a:ce:a8:8f:62:45:
         34:c4:59:c5:f3:a1:b7:5b:38:77:fb:09:25:34:a4:98:d0:31:
         b3:1f:db:4e:47:53:32:b0:2f:fd:4f:49:86:81:ac:de:98:aa:
         a8:ad:c2:5a:cf:51:06:1d:ec:9b:13:7a:1d:ed:25:fa:e2:94:
         34:6d:19:ad:f4:75:65:17:4c:a8:56:58:40:68:72:45:05:3c:
         5d:ed:a4:40:dc:80:f0:e8:99:44:0a:8c:69:d4:d7:8c:93:78:
         1f:29:6d:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSQsBhsFcM9rch9pJ4aEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZWI5NzNkYzgyMmQ0MjM2ZWNiZGQ3NTUwMWQyNmM0M2Ux
Yzg3MzkwHhcNMjQwNTE3MTYwMTAyWhcNMjQwNTE4MTYwMTAyWjAzMTEwLwYDVQQD
EyhiNmIxZGEzMDNjZTIyYTA4ODMxNzUwYjQwZmRjZWU4YTVkYmE5ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEovol9E8g/a3KOeXg7+vcTnHnQO
4USxsMH0euBAU3MjAFMi/HGoF8+DsGIbZLwtpard4tMCtXhDqMEksK/1rDmJ7tlm
BvUzafoD+c2KhhPMvY/7WixB09fAYXd1MEejdiX+0qVAG1KpI2S0tb/v3zxT/i4g
WpdXg34cxU/5hZb4+9dTRhgxBXUwLehTcM8p4lynsmO24jVDkthyElsN7eDt6mLk
vId9szGlUc7g/TnUB6e01NF1Zqc7atb0VLd1FXAV8z3UlPh5gQ+uJOn7DYvx26h2
tA590YydEoJNbVjYzDkB1z93ltacSzTxFDOe2NFRTw/SQTkz4hc+AR/47wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLax2jA84ioIgxdQtA/c7opdup67MB8GA1UdIwQY
MBaAFCTrlz3IItQjbsvddVAdJsQ+HIc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzIt
NGUxZDE2N2YwYTljLzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85Y2VkZDktMTEzYi00MDYxLWE2MzItNGUxZDE2N2YwYTlj
LzEvSk91WFBjZ2kxQ051eTkxMVVCMG14RDRjaHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGZ68l/+9
JmUfHFwj1rSgB9ruSlNTSOkKKTw/E6rM2VzES7Z43R9yVHspRfCnn2cjusSY0Up/
pc6ZQ9vnU6HZ22ClqtidgZ0gmTzQAQS9T6Ke5kGIbIpfxyX/uQNJm1Jh/YEWMAwm
SPFicgbsiyG9ddWm+1JujnK4bbtof9/+fjsmpa3OSk+MhrI+pBnu2US6PferV1Ng
929W+jBBis6oj2JFNMRZxfOht1s4d/sJJTSkmNAxsx/bTkdTMrAv/U9JhoGs3piq
qK3CWs9RBh3smxN6He0l+uKUNG0ZrfR1ZRdMqFZYQGhyRQU8Xe2kQNyA8OiZRAqM
adTXjJN4HyltbQ==
-----END CERTIFICATE-----