Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
File:                     rS2L1OZ06M7VoJfUPepxhETnivU.mft (raw, json)
Hash identifier:          LkeLmgXa/ff4faTgxuaraWCnqP82VkghD8BbJCWEfsI=
Subject key identifier:   25:C1:5A:67:83:8F:D7:FD:FD:EA:A2:D4:F1:47:46:59:73:AB:59:9E
Authority key identifier: AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5
Certificate issuer:       /CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
Certificate serial:       018F86A3F33578E8926A7B5C0397085DA95E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
Manifest number:          0E48
Signing time:             Fri 17 May 2024 13:00:42 +0000
Manifest this update:     Fri 17 May 2024 13:00:42 +0000
Manifest next update:     Sat 18 May 2024 13:00:42 +0000
Files and hashes:         1: rS2L1OZ06M7VoJfUPepxhETnivU.crl (hash: qnqUBiPgVXP49Djacbxop7Yr3aSEeIYMxvZqe7nqjmQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:f3:35:78:e8:92:6a:7b:5c:03:97:08:5d:a9:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad2d8bd4e674e8ced5a097d43dea718444e78af5
        Validity
            Not Before: May 17 13:00:42 2024 GMT
            Not After : May 18 13:00:42 2024 GMT
        Subject: CN=25c15a67838fd7fdfdeaa2d4f147465973ab599e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9d:b5:5c:2a:64:59:14:c7:ee:9d:33:3e:cc:
                    27:06:53:67:c7:70:8e:71:76:a3:77:85:e8:6b:01:
                    a0:7b:2d:f7:8e:4e:ba:79:29:61:6d:1b:64:eb:e5:
                    39:72:e4:d0:65:23:78:16:e5:15:70:ee:bf:c7:3d:
                    eb:94:85:fa:59:b5:d7:0d:a7:43:35:46:89:e6:32:
                    90:d0:ce:a1:ca:2a:df:97:c9:67:5a:bb:e2:f0:5d:
                    7e:80:8b:cb:55:ee:13:30:52:38:c9:8a:dd:00:4b:
                    50:57:3d:38:fb:44:b5:97:f9:59:f8:ed:ad:f0:a2:
                    2a:9e:8c:44:d1:20:14:33:13:df:9c:f5:08:42:0f:
                    63:29:14:13:bb:3e:cd:35:1f:5c:95:d7:ba:a4:16:
                    61:43:6b:55:7e:1c:e4:89:eb:3f:8c:a6:1e:10:3a:
                    ec:98:8d:1f:1b:63:76:a9:d5:97:19:9e:30:1d:06:
                    b6:21:53:c7:6b:c1:49:cf:36:85:24:92:a5:fe:d6:
                    84:1e:24:67:3c:cb:07:f0:cf:8d:38:5d:c5:4b:2e:
                    4b:a4:e2:7c:b5:d3:12:16:59:e1:c7:d2:c8:1b:b9:
                    d9:d4:fa:1c:23:86:a1:77:a7:eb:43:72:75:39:ee:
                    ab:05:87:23:6c:46:d0:37:c0:b9:3a:de:e1:e3:43:
                    82:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:C1:5A:67:83:8F:D7:FD:FD:EA:A2:D4:F1:47:46:59:73:AB:59:9E
            X509v3 Authority Key Identifier:
                keyid:AD:2D:8B:D4:E6:74:E8:CE:D5:A0:97:D4:3D:EA:71:84:44:E7:8A:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS2L1OZ06M7VoJfUPepxhETnivU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/083f23-26ec-4031-853c-82f151b664c5/1/rS2L1OZ06M7VoJfUPepxhETnivU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:f7:62:dc:69:46:31:6b:f5:96:3a:cc:3f:9b:90:3c:35:bf:
         c3:78:a2:c3:4b:e4:84:38:00:db:d3:f9:87:32:c9:d2:9c:b4:
         69:0e:b0:65:87:d6:df:0f:19:7d:77:46:05:5a:16:a2:12:5f:
         3f:94:4c:43:f3:d1:37:32:a9:60:5a:bc:de:55:d2:72:35:d3:
         4f:1b:74:1b:da:f2:db:bd:99:d5:00:90:76:ad:d2:bf:be:03:
         45:25:f2:c5:29:0e:f3:aa:0a:e8:aa:e1:1c:94:2b:4b:4a:d3:
         c4:a6:3e:e0:07:7c:72:4c:b0:78:21:4f:5d:db:64:b3:83:2a:
         29:78:36:3f:23:37:52:f4:1a:6a:6a:b6:8f:0b:7a:11:1e:e7:
         97:8d:d7:c3:34:e4:11:46:5f:02:b1:f2:09:0e:fa:a1:a5:ea:
         a8:3d:49:18:94:13:74:3f:49:74:25:fa:f3:a2:8b:3d:f6:07:
         33:26:47:f6:43:f9:54:be:70:20:1c:06:8d:34:4c:31:ad:e2:
         5d:60:42:1d:43:d2:3f:85:cd:c8:0a:da:17:fe:b3:c2:75:30:
         4d:98:d2:2a:a5:bb:30:b6:19:72:22:8b:19:37:7c:c1:51:de:
         c7:65:8e:83:84:21:27:af:1e:cd:d2:0b:a4:15:48:3e:19:c8:
         28:a4:e3:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go/M1eOiSantcA5cIXaleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQ4YmQ0ZTY3NGU4Y2VkNWEwOTdkNDNkZWE3MTg0NDRl
NzhhZjUwHhcNMjQwNTE3MTMwMDQyWhcNMjQwNTE4MTMwMDQyWjAzMTEwLwYDVQQD
EygyNWMxNWE2NzgzOGZkN2ZkZmRlYWEyZDRmMTQ3NDY1OTczYWI1OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1p21XCpkWRTH7p0zPswnBlNnx3CO
cXajd4XoawGgey33jk66eSlhbRtk6+U5cuTQZSN4FuUVcO6/xz3rlIX6WbXXDadD
NUaJ5jKQ0M6hyirfl8lnWrvi8F1+gIvLVe4TMFI4yYrdAEtQVz04+0S1l/lZ+O2t
8KIqnoxE0SAUMxPfnPUIQg9jKRQTuz7NNR9clde6pBZhQ2tVfhzkies/jKYeEDrs
mI0fG2N2qdWXGZ4wHQa2IVPHa8FJzzaFJJKl/taEHiRnPMsH8M+NOF3FSy5LpOJ8
tdMSFlnhx9LIG7nZ1PocI4ahd6frQ3J1Oe6rBYcjbEbQN8C5Ot7h40OCJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXBWmeDj9f9/eqi1PFHRllzq1meMB8GA1UdIwQY
MBaAFK0ti9TmdOjO1aCX1D3qcYRE54r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2Mt
ODJmMTUxYjY2NGM1LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8wODNmMjMtMjZlYy00MDMxLTg1M2MtODJmMTUxYjY2NGM1
LzEvclMyTDFPWjA2TTdWb0pmVVBlcHhoRVRuaXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkPdi3GlG
MWv1ljrMP5uQPDW/w3iiw0vkhDgA29P5hzLJ0py0aQ6wZYfW3w8ZfXdGBVoWohJf
P5RMQ/PRNzKpYFq83lXScjXTTxt0G9ry272Z1QCQdq3Sv74DRSXyxSkO86oK6Krh
HJQrS0rTxKY+4Ad8ckyweCFPXdtks4MqKXg2PyM3UvQaamq2jwt6ER7nl43XwzTk
EUZfArHyCQ76oaXqqD1JGJQTdD9JdCX686KLPfYHMyZH9kP5VL5wIBwGjTRMMa3i
XWBCHUPSP4XNyAraF/6zwnUwTZjSKqW7MLYZciKLGTd8wVHex2WOg4QhJ68ezdIL
pBVIPhnIKKTjxA==
-----END CERTIFICATE-----