Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
File:                     h6xJPPKny2pLNPTYtva3eyqVXpc.mft (raw, json)
Hash identifier:          oa5KVLcitOrEQun64x1e54NfBlhf0ohSzbLvcj/IasQ=
Subject key identifier:   AC:D8:23:0F:C4:66:A9:C9:F0:28:21:E2:BF:93:A6:4A:C2:17:6C:4B
Authority key identifier: 87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97
Certificate issuer:       /CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
Certificate serial:       018F88926D948517F75881F436E2CEF27EDB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
Manifest number:          06BD
Signing time:             Fri 17 May 2024 22:00:48 +0000
Manifest this update:     Fri 17 May 2024 22:00:48 +0000
Manifest next update:     Sat 18 May 2024 22:00:48 +0000
Files and hashes:         1: h6xJPPKny2pLNPTYtva3eyqVXpc.crl (hash: n4v7EnVQRznAv7e/OtJNjdHXzCLa/h7RnO/xHbGhl/U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:6d:94:85:17:f7:58:81:f4:36:e2:ce:f2:7e:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87ac493cf2a7cb6a4b34f4d8b6f6b77b2a955e97
        Validity
            Not Before: May 17 22:00:48 2024 GMT
            Not After : May 18 22:00:48 2024 GMT
        Subject: CN=acd8230fc466a9c9f02821e2bf93a64ac2176c4b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:09:f0:27:bb:df:d1:b2:4c:1f:a2:4e:52:f8:
                    32:30:22:8e:87:6d:c4:a0:02:bf:98:03:34:f7:9d:
                    35:67:04:be:27:df:fa:2a:43:85:3a:44:06:a1:30:
                    b5:6d:47:87:ff:ff:dc:4f:b0:ca:23:1f:8c:c5:92:
                    5f:81:17:c8:04:3c:f5:f0:25:3d:9e:b4:19:d6:90:
                    04:32:63:c4:35:b3:2a:5f:25:e3:67:c8:58:d3:c2:
                    fb:01:b6:22:af:c1:70:c9:6a:f9:80:99:0d:1f:33:
                    d6:70:0e:51:bb:0a:ab:72:92:1e:a5:e7:71:3a:45:
                    00:26:0d:3b:64:76:bf:56:75:fb:fa:c8:b3:3c:38:
                    41:15:ab:d4:4e:6e:9d:ca:94:4b:d7:49:69:c4:ad:
                    89:f4:82:23:14:95:1c:b8:56:61:a1:c3:8e:aa:af:
                    3f:cc:d6:1b:b7:9c:ce:8b:8c:c2:00:ed:ff:5a:0a:
                    db:31:4b:0b:d9:dc:a3:3f:05:80:b2:9c:f4:67:d7:
                    f6:97:b6:0b:f5:48:f4:10:97:39:26:75:30:aa:26:
                    e7:1f:a0:f9:bd:63:b9:bd:19:b6:f4:cf:01:85:cc:
                    da:4d:a9:e5:0d:53:80:2b:fb:a4:6b:ef:ae:55:07:
                    a4:e1:da:2d:fb:95:81:85:12:53:2f:b6:75:aa:3b:
                    86:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:D8:23:0F:C4:66:A9:C9:F0:28:21:E2:BF:93:A6:4A:C2:17:6C:4B
            X509v3 Authority Key Identifier:
                keyid:87:AC:49:3C:F2:A7:CB:6A:4B:34:F4:D8:B6:F6:B7:7B:2A:95:5E:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6xJPPKny2pLNPTYtva3eyqVXpc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a58a1e-f733-4d9e-88f6-3414367b2d7e/1/h6xJPPKny2pLNPTYtva3eyqVXpc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         57:ba:e4:f7:a2:00:c4:f7:0c:b7:e4:f6:97:38:5a:ac:c8:5f:
         12:f8:37:48:a5:9a:e4:5c:e1:81:cd:e4:a9:1b:01:37:21:14:
         c8:1d:62:08:64:8c:5f:f8:0b:ce:cd:be:2a:c1:5d:85:aa:0f:
         08:88:5c:05:ad:66:bb:84:d9:bc:01:b8:60:98:92:f8:de:49:
         37:05:1e:16:a1:2a:58:c2:75:75:91:04:a1:12:f2:98:e4:4b:
         0e:ef:aa:dd:1c:3d:54:4c:60:03:4b:b1:19:64:4c:78:af:be:
         3d:b6:c5:86:9a:eb:95:96:01:0a:8b:b5:4c:0e:a6:62:84:8e:
         c1:0b:26:24:5c:53:c8:4b:96:8e:d7:62:41:9d:37:77:dd:58:
         b7:35:df:3a:03:7f:6a:75:cd:ab:ab:bd:fa:4b:da:35:4c:53:
         03:48:00:72:a0:ab:2b:ae:33:3a:0d:1b:f4:32:7d:75:c6:8c:
         df:7f:ad:12:f6:d1:eb:0f:12:b2:6c:48:ee:82:4e:f0:de:66:
         38:15:9e:b3:94:33:e3:06:ec:38:e4:36:2b:92:8a:76:2c:f7:
         d0:b6:be:af:24:8a:2e:a7:6f:b4:c1:ce:06:48:c2:86:65:40:
         5b:56:b1:29:5c:73:e7:a0:83:89:f6:3e:06:48:95:5d:bd:a0:
         53:5e:28:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikm2UhRf3WIH0NuLO8n7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YWM0OTNjZjJhN2NiNmE0YjM0ZjRkOGI2ZjZiNzdiMmE5
NTVlOTcwHhcNMjQwNTE3MjIwMDQ4WhcNMjQwNTE4MjIwMDQ4WjAzMTEwLwYDVQQD
EyhhY2Q4MjMwZmM0NjZhOWM5ZjAyODIxZTJiZjkzYTY0YWMyMTc2YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwnwJ7vf0bJMH6JOUvgyMCKOh23E
oAK/mAM09501ZwS+J9/6KkOFOkQGoTC1bUeH///cT7DKIx+MxZJfgRfIBDz18CU9
nrQZ1pAEMmPENbMqXyXjZ8hY08L7AbYir8FwyWr5gJkNHzPWcA5RuwqrcpIepedx
OkUAJg07ZHa/VnX7+sizPDhBFavUTm6dypRL10lpxK2J9IIjFJUcuFZhocOOqq8/
zNYbt5zOi4zCAO3/WgrbMUsL2dyjPwWAspz0Z9f2l7YL9Uj0EJc5JnUwqibnH6D5
vWO5vRm29M8BhczaTanlDVOAK/uka++uVQek4dot+5WBhRJTL7Z1qjuGXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKzYIw/EZqnJ8Cgh4r+TpkrCF2xLMB8GA1UdIwQY
MBaAFIesSTzyp8tqSzT02Lb2t3sqlV6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYt
MzQxNDM2N2IyZDdlLzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hNThhMWUtZjczMy00ZDllLTg4ZjYtMzQxNDM2N2IyZDdl
LzEvaDZ4SlBQS255MnBMTlBUWXR2YTNleXFWWHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV7rk96IA
xPcMt+T2lzharMhfEvg3SKWa5Fzhgc3kqRsBNyEUyB1iCGSMX/gLzs2+KsFdhaoP
CIhcBa1mu4TZvAG4YJiS+N5JNwUeFqEqWMJ1dZEEoRLymORLDu+q3Rw9VExgA0ux
GWRMeK++PbbFhprrlZYBCou1TA6mYoSOwQsmJFxTyEuWjtdiQZ03d91YtzXfOgN/
anXNq6u9+kvaNUxTA0gAcqCrK64zOg0b9DJ9dcaM33+tEvbR6w8SsmxI7oJO8N5m
OBWes5Qz4wbsOOQ2K5KKdiz30La+rySKLqdvtMHOBkjChmVAW1axKVxz56CDifY+
BkiVXb2gU14ojw==
-----END CERTIFICATE-----