Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.mft
File:                     TpOBFg1llASaMTpbe9UxYo193hs.mft (raw, json)
Hash identifier:          y17U0YnhvE8qX3bn8kcWn08e7+VKei5AIlex2nR4R7M=
Subject key identifier:   AA:FC:F2:A4:B9:E2:92:F8:63:2D:E1:F1:03:2B:A7:1B:6B:7B:B1:5F
Authority key identifier: 4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B
Certificate issuer:       /CN=4e9381160d6594049a313a5b7bd531628d7dde1b
Certificate serial:       018EFE61E1DA69DA1608E81CD5C4A9D6ACAA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.mft
Manifest number:          0156
Signing time:             Sun 21 Apr 2024 02:00:11 +0000
Manifest this update:     Sun 21 Apr 2024 02:00:11 +0000
Manifest next update:     Mon 22 Apr 2024 02:00:11 +0000
Files and hashes:         1: TpOBFg1llASaMTpbe9UxYo193hs.crl (hash: LG3HQ3sHNDeu69v1UUlohV2A/3vESudrE5CbiFuBEUk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 21 Apr 2024 20:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:fe:61:e1:da:69:da:16:08:e8:1c:d5:c4:a9:d6:ac:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e9381160d6594049a313a5b7bd531628d7dde1b
        Validity
            Not Before: Apr 21 02:00:11 2024 GMT
            Not After : Apr 22 02:00:11 2024 GMT
        Subject: CN=aafcf2a4b9e292f8632de1f1032ba71b6b7bb15f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:56:f5:69:31:0c:82:5c:f9:09:53:f9:f6:49:
                    85:4d:84:7b:6e:56:03:57:67:87:12:42:da:55:65:
                    90:20:a6:37:5f:90:7d:53:23:16:f9:e7:16:7c:a6:
                    a4:5a:69:fe:43:4f:6d:80:36:5c:80:af:ef:f7:bb:
                    29:f1:40:09:f8:73:fb:b8:c9:36:6d:42:cd:52:da:
                    dc:da:ff:a3:93:e0:98:ef:01:f4:89:4d:74:3f:3f:
                    ff:f0:8d:db:25:62:ac:d7:30:53:c2:06:39:65:ea:
                    a3:0b:70:02:b3:e7:a7:22:e9:23:d6:28:b4:d4:78:
                    f5:49:e6:69:8c:66:4d:57:3b:07:d1:3e:e0:ff:de:
                    9c:cf:b8:03:8e:77:67:cf:7e:48:40:d4:cf:92:ea:
                    1a:4f:d3:71:b0:bc:34:13:f0:ee:4c:ef:21:21:61:
                    12:44:1a:00:19:db:45:43:db:c0:34:ca:d2:43:02:
                    9a:f1:a6:18:3d:53:cd:82:90:b4:c2:fe:a8:ee:dd:
                    d5:90:98:de:c3:44:42:b0:ab:f1:04:53:f8:f1:de:
                    36:e1:53:0d:1d:c2:ca:bb:6b:fe:f3:c3:42:25:1e:
                    6a:17:f3:f2:9c:55:25:b2:4a:bf:4b:7b:8d:c3:0a:
                    14:70:a5:84:f3:20:c5:ac:6a:ee:c3:dd:ff:44:bf:
                    d5:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FC:F2:A4:B9:E2:92:F8:63:2D:E1:F1:03:2B:A7:1B:6B:7B:B1:5F
            X509v3 Authority Key Identifier:
                keyid:4E:93:81:16:0D:65:94:04:9A:31:3A:5B:7B:D5:31:62:8D:7D:DE:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpOBFg1llASaMTpbe9UxYo193hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7a13c8-2223-4aa4-8094-964111a9eb22/1/TpOBFg1llASaMTpbe9UxYo193hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7d:af:2a:75:ed:19:6f:46:7a:8e:d8:95:1e:4c:21:18:97:9e:
         1b:b1:bd:00:e6:4b:67:f6:f3:fc:c8:b9:b6:9a:0e:28:0f:ff:
         6a:32:49:89:1d:6b:7e:70:31:78:a1:2b:a3:87:23:57:b0:8e:
         f0:ec:d0:74:c7:29:5b:12:03:2b:83:1a:07:7b:d0:51:3f:75:
         09:78:b6:e6:70:e7:3c:6a:8d:a9:83:38:42:6d:a2:dc:a7:a4:
         c1:81:93:f8:ea:68:1c:38:79:01:e5:76:0c:c3:e0:4e:d4:73:
         84:97:33:09:12:05:ab:be:79:e3:b5:de:38:45:b0:a3:02:ee:
         8d:ff:51:98:12:8d:c3:fc:df:6a:1c:87:44:f1:0e:27:0e:34:
         4c:5c:26:b5:2a:e4:61:cb:e4:fa:ed:2c:a0:ad:37:45:89:db:
         38:7d:13:7d:ae:12:33:90:ca:e5:00:e8:8a:ce:f1:1f:8c:2f:
         d8:c0:97:fe:8f:23:39:87:3c:36:56:7d:eb:a0:61:c1:f4:d5:
         38:f6:dd:1e:e8:5b:06:7d:51:fb:04:94:63:2d:9d:8e:ca:17:
         71:ad:c7:e9:52:f8:64:16:14:72:28:77:65:b0:db:a8:d6:e9:
         08:bc:c7:3d:0a:f3:be:7c:7a:0d:c6:b8:6d:81:d9:a2:43:78:
         65:98:ac:99
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY7+YeHaadoWCOgc1cSp1qyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlOTM4MTE2MGQ2NTk0MDQ5YTMxM2E1YjdiZDUzMTYyOGQ3
ZGRlMWIwHhcNMjQwNDIxMDIwMDExWhcNMjQwNDIyMDIwMDExWjAzMTEwLwYDVQQD
EyhhYWZjZjJhNGI5ZTI5MmY4NjMyZGUxZjEwMzJiYTcxYjZiN2JiMTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh1b1aTEMglz5CVP59kmFTYR7blYD
V2eHEkLaVWWQIKY3X5B9UyMW+ecWfKakWmn+Q09tgDZcgK/v97sp8UAJ+HP7uMk2
bULNUtrc2v+jk+CY7wH0iU10Pz//8I3bJWKs1zBTwgY5ZeqjC3ACs+enIukj1ii0
1Hj1SeZpjGZNVzsH0T7g/96cz7gDjndnz35IQNTPkuoaT9NxsLw0E/DuTO8hIWES
RBoAGdtFQ9vANMrSQwKa8aYYPVPNgpC0wv6o7t3VkJjew0RCsKvxBFP48d424VMN
HcLKu2v+88NCJR5qF/PynFUlskq/S3uNwwoUcKWE8yDFrGruw93/RL/V9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKr88qS54pL4Yy3h8QMrpxtre7FfMB8GA1UdIwQY
MBaAFE6TgRYNZZQEmjE6W3vVMWKNfd4bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQt
OTY0MTExYTllYjIyLzEvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YTEzYzgtMjIyMy00YWE0LTgwOTQtOTY0MTExYTllYjIy
LzEvVHBPQkZnMWxsQVNhTVRwYmU5VXhZbzE5M2hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfa8qde0Z
b0Z6jtiVHkwhGJeeG7G9AOZLZ/bz/Mi5tpoOKA//ajJJiR1rfnAxeKEro4cjV7CO
8OzQdMcpWxIDK4MaB3vQUT91CXi25nDnPGqNqYM4Qm2i3KekwYGT+OpoHDh5AeV2
DMPgTtRzhJczCRIFq75547XeOEWwowLujf9RmBKNw/zfahyHRPEOJw40TFwmtSrk
Ycvk+u0soK03RYnbOH0Tfa4SM5DK5QDois7xH4wv2MCX/o8jOYc8NlZ966BhwfTV
OPbdHuhbBn1R+wSUYy2djsoXca3H6VL4ZBYUcih3ZbDbqNbpCLzHPQrzvnx6Dca4
bYHZokN4ZZismQ==
-----END CERTIFICATE-----