Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
File:                     KMaADXS8QQW0DnfqCFugJtvuw18.mft (raw, json)
Hash identifier:          duJGvHaz766Zz83Boexr0yIrCDZB+jV+Wnwu30UgztY=
Subject key identifier:   AA:CC:E0:6F:69:2B:DF:A7:55:66:50:95:CE:8D:A4:0E:18:95:5C:BD
Authority key identifier: 28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F
Certificate issuer:       /CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
Certificate serial:       018F10683D8C2F5AC50DDB7B36C28A04476D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
Manifest number:          0B78
Signing time:             Wed 24 Apr 2024 14:00:17 +0000
Manifest this update:     Wed 24 Apr 2024 14:00:17 +0000
Manifest next update:     Thu 25 Apr 2024 14:00:17 +0000
Files and hashes:         1: KMaADXS8QQW0DnfqCFugJtvuw18.crl (hash: LkCo8Xh8aUREKQiFxfom5jexU3GwnTvn1n+80NPa27I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 25 Apr 2024 14:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:10:68:3d:8c:2f:5a:c5:0d:db:7b:36:c2:8a:04:47:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28c6800d74bc4105b40e77ea085ba026dbeec35f
        Validity
            Not Before: Apr 24 14:00:17 2024 GMT
            Not After : Apr 25 14:00:17 2024 GMT
        Subject: CN=aacce06f692bdfa755665095ce8da40e18955cbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e0:10:67:c1:64:d8:b8:b6:02:15:62:f7:c4:
                    f8:37:8e:a6:90:1e:d7:eb:7c:6d:fc:03:12:74:07:
                    7a:13:55:73:ea:8b:46:0e:ff:42:cd:fd:13:a9:b3:
                    e1:2b:91:c6:64:33:7b:e7:a9:94:51:2c:9f:a9:d2:
                    ec:40:dc:09:73:f7:2b:47:24:fa:bb:10:3f:36:0a:
                    2b:13:d5:a9:43:79:65:7c:2c:2d:89:e9:fc:49:2e:
                    59:dd:2e:37:b6:cd:0f:5e:48:52:69:a7:27:da:86:
                    59:33:97:46:02:45:0c:c3:43:77:cf:6c:18:01:c9:
                    bd:de:ac:d1:fb:8f:46:d2:4a:8e:2d:4f:45:e3:0a:
                    c6:01:91:23:1a:35:b7:a8:c6:3f:9c:83:ba:5d:cc:
                    de:c0:c8:0c:e0:73:8e:42:d4:9f:ac:7a:14:0b:d1:
                    29:77:b5:f7:fc:10:b8:1b:3b:78:f4:b5:f9:a5:d9:
                    bf:18:83:14:f7:03:83:c1:c0:69:dd:7a:9d:28:84:
                    38:59:dd:6d:e8:3d:8f:26:ee:3a:f6:73:86:26:fa:
                    86:66:15:4c:f6:c8:71:6d:25:c7:62:2d:d9:67:c1:
                    53:c6:23:68:23:33:a3:81:fe:f5:33:69:3f:6f:b4:
                    8d:fb:86:16:1d:a9:5b:be:55:2f:49:5b:1b:0c:d2:
                    8f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:CC:E0:6F:69:2B:DF:A7:55:66:50:95:CE:8D:A4:0E:18:95:5C:BD
            X509v3 Authority Key Identifier:
                keyid:28:C6:80:0D:74:BC:41:05:B4:0E:77:EA:08:5B:A0:26:DB:EE:C3:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMaADXS8QQW0DnfqCFugJtvuw18.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/242911-93c0-45e7-9012-4939bbfdfb86/1/KMaADXS8QQW0DnfqCFugJtvuw18.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:8a:07:d6:97:c7:9a:9a:10:c5:00:e4:c4:40:9d:a5:a2:81:
         be:23:bf:f1:48:2b:5b:94:1b:09:46:02:36:8d:a0:e5:42:7f:
         c6:94:fc:86:fe:35:1f:79:92:d6:5c:e5:41:b4:cd:c0:62:84:
         4b:af:b8:8b:0a:ad:cf:b2:16:ce:eb:3d:d1:32:50:f2:a3:0a:
         50:17:5a:31:c5:87:32:28:04:70:8d:08:dc:12:39:60:82:57:
         c0:d8:36:f9:79:1f:0e:21:22:ac:0c:62:b2:a9:ec:d8:ae:ac:
         c3:86:cc:56:00:c1:44:b4:d9:1f:d4:34:55:84:e1:ca:df:cb:
         c9:db:1b:ca:ae:e7:26:ec:bf:f2:da:6d:1a:64:f3:07:e7:01:
         be:06:27:cf:26:22:59:bb:6b:76:09:a1:2a:fc:a3:46:ad:bf:
         65:6e:5f:5d:b6:bf:5b:35:54:70:8e:4c:33:d7:aa:fe:ff:31:
         8c:70:59:ba:3f:02:c1:1b:de:31:5b:34:ee:57:27:59:27:07:
         f1:d3:0d:a3:63:ab:fa:84:dd:d3:2f:b2:11:76:3e:1b:5d:bb:
         54:60:44:42:f0:49:30:ac:d5:e5:12:3f:66:99:28:17:c3:c8:
         37:dd:89:43:a8:71:f9:88:2c:d8:48:20:38:c6:13:a9:51:85:
         30:66:fc:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8QaD2ML1rFDdt7NsKKBEdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YzY4MDBkNzRiYzQxMDViNDBlNzdlYTA4NWJhMDI2ZGJl
ZWMzNWYwHhcNMjQwNDI0MTQwMDE3WhcNMjQwNDI1MTQwMDE3WjAzMTEwLwYDVQQD
EyhhYWNjZTA2ZjY5MmJkZmE3NTU2NjUwOTVjZThkYTQwZTE4OTU1Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOAQZ8Fk2Li2AhVi98T4N46mkB7X
63xt/AMSdAd6E1Vz6otGDv9Czf0TqbPhK5HGZDN756mUUSyfqdLsQNwJc/crRyT6
uxA/NgorE9WpQ3llfCwtien8SS5Z3S43ts0PXkhSaacn2oZZM5dGAkUMw0N3z2wY
Acm93qzR+49G0kqOLU9F4wrGAZEjGjW3qMY/nIO6XczewMgM4HOOQtSfrHoUC9Ep
d7X3/BC4Gzt49LX5pdm/GIMU9wODwcBp3XqdKIQ4Wd1t6D2PJu469nOGJvqGZhVM
9shxbSXHYi3ZZ8FTxiNoIzOjgf71M2k/b7SN+4YWHalbvlUvSVsbDNKPEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKrM4G9pK9+nVWZQlc6NpA4YlVy9MB8GA1UdIwQY
MBaAFCjGgA10vEEFtA536ghboCbb7sNfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTIt
NDkzOWJiZmRmYjg2LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8yNDI5MTEtOTNjMC00NWU3LTkwMTItNDkzOWJiZmRmYjg2
LzEvS01hQURYUzhRUVcwRG5mcUNGdWdKdHZ1dzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfooH1pfH
mpoQxQDkxECdpaKBviO/8UgrW5QbCUYCNo2g5UJ/xpT8hv41H3mS1lzlQbTNwGKE
S6+4iwqtz7IWzus90TJQ8qMKUBdaMcWHMigEcI0I3BI5YIJXwNg2+XkfDiEirAxi
sqns2K6sw4bMVgDBRLTZH9Q0VYThyt/Lydsbyq7nJuy/8tptGmTzB+cBvgYnzyYi
WbtrdgmhKvyjRq2/ZW5fXba/WzVUcI5MM9eq/v8xjHBZuj8CwRveMVs07lcnWScH
8dMNo2Or+oTd0y+yEXY+G127VGBEQvBJMKzV5RI/ZpkoF8PIN92JQ6hx+Ygs2Egg
OMYTqVGFMGb8og==
-----END CERTIFICATE-----