Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
File:                     LkWQWSMqS7ky9j-w37ZUk-ucgng.mft (raw, json)
Hash identifier:          /t68HB++mk/7DJxPf1WHiFDgy1jY5q1+3FAzveO6MmY=
Subject key identifier:   D6:A8:78:36:66:62:98:EC:81:99:3D:6C:02:91:A6:D3:16:07:84:F9
Authority key identifier: 2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78
Certificate issuer:       /CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
Certificate serial:       018F87494363FFB8E864AFB331FE79102EB3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
Manifest number:          1107
Signing time:             Fri 17 May 2024 16:01:16 +0000
Manifest this update:     Fri 17 May 2024 16:01:16 +0000
Manifest next update:     Sat 18 May 2024 16:01:16 +0000
Files and hashes:         1: LkWQWSMqS7ky9j-w37ZUk-ucgng.crl (hash: Vhlso22WfqwcjCEIcSEmd75LvLeWk7NLCMIFDONZzc0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:43:63:ff:b8:e8:64:af:b3:31:fe:79:10:2e:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e459059232a4bb932f63fb0dfb65493eb9c8278
        Validity
            Not Before: May 17 16:01:16 2024 GMT
            Not After : May 18 16:01:16 2024 GMT
        Subject: CN=d6a87836666298ec81993d6c0291a6d3160784f9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4e:0a:6b:a3:33:ff:da:89:b9:22:a6:05:78:
                    33:ef:1b:65:61:ed:01:13:ed:f2:42:44:83:94:2f:
                    37:97:24:f8:19:20:7a:c5:4a:96:b0:34:58:2e:b6:
                    22:69:6b:65:57:e1:f3:16:73:31:c9:87:76:73:09:
                    29:b5:94:30:7d:d2:63:fb:59:cc:86:17:e9:3d:ef:
                    7c:d9:81:b8:c7:96:9d:6f:cc:1d:35:78:2a:4a:fb:
                    69:42:bc:14:3a:8d:b2:a8:1c:0d:06:15:dd:17:b7:
                    06:84:17:59:9c:8d:e0:c3:62:1d:4c:a9:56:ff:59:
                    f7:87:70:91:47:5c:33:b9:81:00:8e:b8:e4:eb:36:
                    f2:0c:3f:38:ea:58:35:de:9d:bf:27:83:1f:d9:4a:
                    67:bc:6f:23:b6:b7:4e:e7:f8:a2:76:60:bd:58:92:
                    62:c0:bc:e5:0c:25:11:b4:3d:9c:0e:9c:3b:dd:32:
                    66:d3:60:1a:9f:b4:74:fe:7d:ea:7c:82:4a:98:df:
                    e8:77:11:29:e4:af:1f:9a:32:cc:53:5f:f0:ed:b6:
                    44:fe:d6:77:35:47:25:7c:51:83:1d:7f:85:e8:cc:
                    a8:98:85:7a:ae:62:2b:d1:e7:35:8a:e5:4b:b1:5c:
                    a8:49:c6:17:35:34:5c:6b:71:76:57:ba:55:18:d1:
                    3c:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:A8:78:36:66:62:98:EC:81:99:3D:6C:02:91:A6:D3:16:07:84:F9
            X509v3 Authority Key Identifier:
                keyid:2E:45:90:59:23:2A:4B:B9:32:F6:3F:B0:DF:B6:54:93:EB:9C:82:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkWQWSMqS7ky9j-w37ZUk-ucgng.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/668bf3-77dc-43ea-8fdd-485eda34998f/1/LkWQWSMqS7ky9j-w37ZUk-ucgng.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:1b:82:66:ee:15:59:f5:a5:8b:e2:f3:d0:64:89:a7:c3:30:
         bc:a5:e6:97:aa:04:ee:ba:1e:e1:42:6b:54:dd:62:78:bf:3d:
         71:7f:35:d1:01:7a:0c:a7:45:35:b7:51:02:a0:4e:70:5b:0b:
         a2:a9:9f:ca:5f:00:1a:85:03:5f:4a:72:a5:3c:de:ad:60:b5:
         30:16:38:a3:e6:b2:5f:f9:48:a0:16:12:ea:2b:a8:54:14:6f:
         52:b4:77:b8:25:37:12:59:46:10:c3:46:19:9d:c2:c1:fe:25:
         64:b2:96:7a:82:d0:15:18:9f:95:27:10:5e:e2:e2:c8:57:be:
         e6:5b:21:05:8b:f4:8c:e7:38:a8:de:08:74:03:62:e8:e7:7a:
         5a:fa:d4:d3:6c:a6:6e:1f:09:fd:05:99:37:f0:7a:7a:1e:3b:
         1e:bd:20:1b:a8:24:bc:ad:41:f6:e0:04:f6:a6:ba:33:3a:ed:
         bf:22:e3:04:9c:6c:a2:93:d1:7a:c0:c4:77:84:6f:ee:d1:d2:
         b6:ea:52:51:8d:7f:89:93:a8:3a:31:67:87:e6:9c:aa:02:36:
         b0:a5:91:8c:c3:48:32:43:07:2d:04:70:2c:72:d9:f2:e2:c8:
         87:3a:1f:88:1b:df:3e:8a:90:aa:45:18:3d:b1:52:73:fc:32:
         f0:15:10:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSUNj/7joZK+zMf55EC6zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDU5MDU5MjMyYTRiYjkzMmY2M2ZiMGRmYjY1NDkzZWI5
YzgyNzgwHhcNMjQwNTE3MTYwMTE2WhcNMjQwNTE4MTYwMTE2WjAzMTEwLwYDVQQD
EyhkNmE4NzgzNjY2NjI5OGVjODE5OTNkNmMwMjkxYTZkMzE2MDc4NGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU4Ka6Mz/9qJuSKmBXgz7xtlYe0B
E+3yQkSDlC83lyT4GSB6xUqWsDRYLrYiaWtlV+HzFnMxyYd2cwkptZQwfdJj+1nM
hhfpPe982YG4x5adb8wdNXgqSvtpQrwUOo2yqBwNBhXdF7cGhBdZnI3gw2IdTKlW
/1n3h3CRR1wzuYEAjrjk6zbyDD846lg13p2/J4Mf2UpnvG8jtrdO5/iidmC9WJJi
wLzlDCURtD2cDpw73TJm02Aan7R0/n3qfIJKmN/odxEp5K8fmjLMU1/w7bZE/tZ3
NUclfFGDHX+F6MyomIV6rmIr0ec1iuVLsVyoScYXNTRca3F2V7pVGNE81wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNaoeDZmYpjsgZk9bAKRptMWB4T5MB8GA1UdIwQY
MBaAFC5FkFkjKku5MvY/sN+2VJPrnIJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQt
NDg1ZWRhMzQ5OThmLzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82NjhiZjMtNzdkYy00M2VhLThmZGQtNDg1ZWRhMzQ5OThm
LzEvTGtXUVdTTXFTN2t5OWotdzM3WlVrLXVjZ25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUBuCZu4V
WfWli+Lz0GSJp8MwvKXml6oE7roe4UJrVN1ieL89cX810QF6DKdFNbdRAqBOcFsL
oqmfyl8AGoUDX0pypTzerWC1MBY4o+ayX/lIoBYS6iuoVBRvUrR3uCU3EllGEMNG
GZ3Cwf4lZLKWeoLQFRiflScQXuLiyFe+5lshBYv0jOc4qN4IdANi6Od6WvrU02ym
bh8J/QWZN/B6eh47Hr0gG6gkvK1B9uAE9qa6MzrtvyLjBJxsopPResDEd4Rv7tHS
tupSUY1/iZOoOjFnh+acqgI2sKWRjMNIMkMHLQRwLHLZ8uLIhzofiBvfPoqQqkUY
PbFSc/wy8BUQlg==
-----END CERTIFICATE-----