Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
File:                     IodymNrl1aO-q8oW6S0aFB6Uhic.mft (raw, json)
Hash identifier:          HxC4mDIcCyb24PYmkS/QFVGA598hqMxb6SvP2fDCkXw=
Subject key identifier:   EA:DC:0A:4D:3D:8F:25:CE:30:12:9F:E5:80:F4:E6:2C:58:D3:5A:AC
Authority key identifier: 22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27
Certificate issuer:       /CN=22877298dae5d5a3beabca16e92d1a141e948627
Certificate serial:       0192F064FAA842FB6F7DAFBC240E315C3793
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
Manifest number:          014A
Signing time:             Sun 03 Nov 2024 05:00:02 +0000
Manifest this update:     Sun 03 Nov 2024 05:00:02 +0000
Manifest next update:     Mon 04 Nov 2024 05:00:02 +0000
Files and hashes:         1: IodymNrl1aO-q8oW6S0aFB6Uhic.crl (hash: 9nG+2C5AH9ZzB3sne1bay9jSO6kqqRlmXuh4N4VHNDg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 04 Nov 2024 04:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:f0:64:fa:a8:42:fb:6f:7d:af:bc:24:0e:31:5c:37:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22877298dae5d5a3beabca16e92d1a141e948627
        Validity
            Not Before: Nov  3 05:00:02 2024 GMT
            Not After : Nov  4 05:00:02 2024 GMT
        Subject: CN=eadc0a4d3d8f25ce30129fe580f4e62c58d35aac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4a:96:e3:38:57:fe:d3:aa:02:9d:27:07:64:
                    7d:47:41:cc:23:2a:30:74:c4:26:d1:42:32:7a:aa:
                    f8:ff:4a:b9:6b:02:b9:73:9b:01:73:b8:2a:a5:c1:
                    de:03:ee:ed:90:a0:97:fe:2f:20:ba:2c:15:49:d8:
                    12:0a:4e:ee:2e:c2:80:36:d6:01:f6:bd:7d:20:6a:
                    87:30:3b:66:8c:c4:47:2d:56:15:ea:77:ca:09:cc:
                    a0:91:0b:25:67:39:f9:42:9f:a7:21:d8:49:e6:98:
                    61:a0:db:b4:5d:c8:5f:f5:9f:4c:e5:e7:1b:76:3b:
                    86:52:d8:20:d7:74:be:77:b1:eb:87:03:0b:d1:35:
                    15:ce:f5:da:19:b2:4a:e7:f6:41:d9:9b:a4:03:d1:
                    d7:34:13:fc:ed:d8:7f:9b:42:18:c6:e2:f8:29:25:
                    64:1f:71:bf:9a:64:7d:f4:a4:61:6c:7d:37:11:35:
                    a2:90:cf:e5:5e:32:08:cd:5d:ef:fc:48:85:85:e3:
                    9c:c0:6e:ec:af:5a:ea:e3:88:bd:02:d6:fc:b5:15:
                    3e:2a:7a:27:86:8a:32:ec:4b:c4:f3:b7:ef:66:ee:
                    db:96:75:83:93:dd:df:50:8c:ba:fa:43:1c:08:ef:
                    49:70:a3:e8:8f:c4:ce:c9:ba:45:cf:4b:45:68:b9:
                    29:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:DC:0A:4D:3D:8F:25:CE:30:12:9F:E5:80:F4:E6:2C:58:D3:5A:AC
            X509v3 Authority Key Identifier:
                keyid:22:87:72:98:DA:E5:D5:A3:BE:AB:CA:16:E9:2D:1A:14:1E:94:86:27

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IodymNrl1aO-q8oW6S0aFB6Uhic.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/8651c5-bd77-460d-83bf-5933a09f72d1/1/IodymNrl1aO-q8oW6S0aFB6Uhic.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:aa:1a:7a:55:76:8b:4b:55:bd:22:c6:4f:ea:ed:b5:da:90:
         59:e4:b2:3f:8b:e7:72:47:8e:dd:f9:19:e4:9c:48:2b:01:26:
         c3:ec:37:3e:d0:d8:10:d3:8d:02:21:8c:96:21:1e:d2:36:3f:
         d8:b2:a5:68:3f:1d:30:3a:74:d9:4a:f6:a1:02:91:dd:1c:b0:
         ac:15:01:47:91:e6:fd:83:26:d3:b3:b2:66:25:70:b4:0c:22:
         f7:30:8a:89:48:1e:d9:3c:8f:90:a7:9f:a5:27:02:21:98:f3:
         4a:f0:7c:04:fe:7c:5f:8a:ec:e9:b4:c5:fd:ed:ed:27:b6:8b:
         a8:61:25:bd:50:d4:17:ec:75:0e:cb:50:a3:7f:50:72:20:4b:
         dc:65:e6:e3:da:17:28:e1:55:c7:4f:d5:80:60:71:6e:00:a6:
         c9:c9:01:16:8d:c3:71:67:25:86:fa:d8:cc:36:ac:a4:6d:17:
         00:a6:49:18:53:c8:1a:7e:09:6b:10:21:ba:14:f5:4a:49:82:
         93:55:66:81:17:6b:d5:df:b0:f7:b4:75:94:8d:9f:40:9f:89:
         f9:b5:ec:8e:f1:82:92:18:ca:00:68:6a:1f:c6:5a:67:e4:87:
         93:a1:2b:22:ec:65:ef:15:9c:fb:a1:e2:30:46:66:26:33:29:
         37:dc:03:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZLwZPqoQvtvfa+8JA4xXDeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODc3Mjk4ZGFlNWQ1YTNiZWFiY2ExNmU5MmQxYTE0MWU5
NDg2MjcwHhcNMjQxMTAzMDUwMDAyWhcNMjQxMTA0MDUwMDAyWjAzMTEwLwYDVQQD
EyhlYWRjMGE0ZDNkOGYyNWNlMzAxMjlmZTU4MGY0ZTYyYzU4ZDM1YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUqW4zhX/tOqAp0nB2R9R0HMIyow
dMQm0UIyeqr4/0q5awK5c5sBc7gqpcHeA+7tkKCX/i8guiwVSdgSCk7uLsKANtYB
9r19IGqHMDtmjMRHLVYV6nfKCcygkQslZzn5Qp+nIdhJ5phhoNu0Xchf9Z9M5ecb
djuGUtgg13S+d7HrhwML0TUVzvXaGbJK5/ZB2ZukA9HXNBP87dh/m0IYxuL4KSVk
H3G/mmR99KRhbH03ETWikM/lXjIIzV3v/EiFheOcwG7sr1rq44i9Atb8tRU+Knon
hooy7EvE87fvZu7blnWDk93fUIy6+kMcCO9JcKPoj8TOybpFz0tFaLkp1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrcCk09jyXOMBKf5YD05ixY01qsMB8GA1UdIwQY
MBaAFCKHcpja5dWjvqvKFuktGhQelIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYt
NTkzM2EwOWY3MmQxLzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84NjUxYzUtYmQ3Ny00NjBkLTgzYmYtNTkzM2EwOWY3MmQx
LzEvSW9keW1OcmwxYU8tcThvVzZTMGFGQjZVaGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdaoaelV2
i0tVvSLGT+rttdqQWeSyP4vnckeO3fkZ5JxIKwEmw+w3PtDYENONAiGMliEe0jY/
2LKlaD8dMDp02Ur2oQKR3RywrBUBR5Hm/YMm07OyZiVwtAwi9zCKiUge2TyPkKef
pScCIZjzSvB8BP58X4rs6bTF/e3tJ7aLqGElvVDUF+x1DstQo39QciBL3GXm49oX
KOFVx0/VgGBxbgCmyckBFo3DcWclhvrYzDaspG0XAKZJGFPIGn4JaxAhuhT1SkmC
k1VmgRdr1d+w97R1lI2fQJ+J+bXsjvGCkhjKAGhqH8ZaZ+SHk6ErIuxl7xWc+6Hi
MEZmJjMpN9wDFw==
-----END CERTIFICATE-----