Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
File:                     jHFLbLK61OdjmoqicQKPWqG8asI.mft (raw, json)
Hash identifier:          fLPyS4paqAROQ6b3HH1hZD1Hol2jTz8diug894d8LIE=
Subject key identifier:   15:A9:0F:40:FE:A6:3F:0B:2F:DC:86:0D:3A:9C:B9:13:63:7B:43:53
Authority key identifier: 8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2
Certificate issuer:       /CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
Certificate serial:       018F96168329CED1DF0EC313977C3FE65AB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
Manifest number:          012F
Signing time:             Mon 20 May 2024 13:00:08 +0000
Manifest this update:     Mon 20 May 2024 13:00:08 +0000
Manifest next update:     Tue 21 May 2024 13:00:08 +0000
Files and hashes:         1: jHFLbLK61OdjmoqicQKPWqG8asI.crl (hash: g8pAW6u8kFTIVBfXA5Be2BHvtYHL0g+tbfQRS4Uv0uI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:96:16:83:29:ce:d1:df:0e:c3:13:97:7c:3f:e6:5a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8c714b6cb2bad4e7639a8aa271028f5aa1bc6ac2
        Validity
            Not Before: May 20 13:00:08 2024 GMT
            Not After : May 21 13:00:08 2024 GMT
        Subject: CN=15a90f40fea63f0b2fdc860d3a9cb913637b4353
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9d:d9:e9:fb:46:1d:06:83:5c:30:e9:60:de:
                    50:d9:fd:52:21:84:2f:77:98:48:5c:35:56:dd:47:
                    81:cf:4e:64:5e:77:6b:42:6c:5c:49:65:2f:42:17:
                    1d:bc:8d:3a:45:70:79:b3:ba:d8:05:40:5f:b9:7c:
                    8a:cd:e7:15:a4:04:e2:6b:05:7a:72:32:c1:66:8c:
                    7a:e8:da:53:74:e5:fc:73:64:7c:a4:93:cc:ab:d1:
                    cd:d8:78:db:32:24:15:83:51:36:03:da:71:a1:dc:
                    be:58:28:ef:49:df:18:dc:cd:50:fa:4c:4f:f9:27:
                    01:85:d5:a7:ff:fe:3a:80:1e:68:51:2f:03:8b:dc:
                    03:f3:0d:76:bc:14:ff:e1:98:ac:53:61:eb:37:53:
                    89:bc:13:41:4a:4b:7b:2e:95:c9:ea:c0:e1:b3:b8:
                    75:b1:27:d7:c4:ca:3b:37:f9:31:2b:63:6c:58:a3:
                    18:8e:8c:99:8d:62:48:1d:18:4e:bf:08:4f:0e:7f:
                    fe:f2:43:82:c4:28:75:9f:bf:f9:0b:a0:84:93:ba:
                    64:eb:ba:00:e2:f0:a0:fb:1a:cc:ca:4b:50:29:5d:
                    22:d6:c4:b9:41:68:46:fe:fc:cd:44:99:d2:ee:bf:
                    52:d3:f8:c5:c4:ae:04:2a:f3:e5:e4:ae:54:4f:c4:
                    96:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:A9:0F:40:FE:A6:3F:0B:2F:DC:86:0D:3A:9C:B9:13:63:7B:43:53
            X509v3 Authority Key Identifier:
                keyid:8C:71:4B:6C:B2:BA:D4:E7:63:9A:8A:A2:71:02:8F:5A:A1:BC:6A:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHFLbLK61OdjmoqicQKPWqG8asI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/02a8d6-9158-4aeb-a750-78753a104226/1/jHFLbLK61OdjmoqicQKPWqG8asI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:42:c3:2f:d0:6f:a6:16:09:e9:67:d8:fe:b2:ca:f3:16:e0:
         db:1b:d3:26:04:8e:eb:a5:2c:a6:ae:8b:c5:c3:0a:46:3b:13:
         38:ec:d9:7a:eb:20:e4:85:50:0d:b0:cf:d0:65:fa:88:ea:03:
         8d:07:52:60:f5:e0:58:f3:10:2e:ef:44:16:38:7a:1c:4b:94:
         b9:ab:d5:47:c4:7a:79:2a:96:d6:84:6a:5c:dc:24:55:53:6e:
         3d:eb:26:b7:f4:95:65:fc:fc:da:1b:cb:3d:0c:d8:06:95:08:
         66:7c:43:5f:0c:00:3c:ac:93:e3:07:f9:8f:1e:80:10:37:ca:
         4d:1e:86:5b:c5:39:d0:56:c0:c2:be:62:76:39:25:73:70:59:
         4d:00:89:2d:46:2b:c2:fa:f9:94:50:76:e8:ea:73:63:fc:fa:
         54:4b:69:ee:ee:06:26:61:42:54:6b:27:35:17:b0:b7:2d:d9:
         c6:50:30:54:3f:67:11:2e:85:17:f7:da:5d:41:1e:c7:51:b7:
         3d:74:ef:68:07:42:c6:a0:55:7e:07:1a:9e:01:22:d8:43:8b:
         b4:a2:ff:dd:9a:b0:45:10:9c:7b:23:d9:62:df:eb:0b:c8:0f:
         c1:bd:aa:3a:89:e2:28:34:d6:67:ad:25:43:34:28:09:43:56:
         58:33:2a:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+WFoMpztHfDsMTl3w/5lq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzE0YjZjYjJiYWQ0ZTc2MzlhOGFhMjcxMDI4ZjVhYTFi
YzZhYzIwHhcNMjQwNTIwMTMwMDA4WhcNMjQwNTIxMTMwMDA4WjAzMTEwLwYDVQQD
EygxNWE5MGY0MGZlYTYzZjBiMmZkYzg2MGQzYTljYjkxMzYzN2I0MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp3Z6ftGHQaDXDDpYN5Q2f1SIYQv
d5hIXDVW3UeBz05kXndrQmxcSWUvQhcdvI06RXB5s7rYBUBfuXyKzecVpATiawV6
cjLBZox66NpTdOX8c2R8pJPMq9HN2HjbMiQVg1E2A9pxody+WCjvSd8Y3M1Q+kxP
+ScBhdWn//46gB5oUS8Di9wD8w12vBT/4ZisU2HrN1OJvBNBSkt7LpXJ6sDhs7h1
sSfXxMo7N/kxK2NsWKMYjoyZjWJIHRhOvwhPDn/+8kOCxCh1n7/5C6CEk7pk67oA
4vCg+xrMyktQKV0i1sS5QWhG/vzNRJnS7r9S0/jFxK4EKvPl5K5UT8SWAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBWpD0D+pj8LL9yGDTqcuRNje0NTMB8GA1UdIwQY
MBaAFIxxS2yyutTnY5qKonECj1qhvGrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAt
Nzg3NTNhMTA0MjI2LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wMmE4ZDYtOTE1OC00YWViLWE3NTAtNzg3NTNhMTA0MjI2
LzEvakhGTGJMSzYxT2RqbW9xaWNRS1BXcUc4YXNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX0LDL9Bv
phYJ6WfY/rLK8xbg2xvTJgSO66Uspq6LxcMKRjsTOOzZeusg5IVQDbDP0GX6iOoD
jQdSYPXgWPMQLu9EFjh6HEuUuavVR8R6eSqW1oRqXNwkVVNuPesmt/SVZfz82hvL
PQzYBpUIZnxDXwwAPKyT4wf5jx6AEDfKTR6GW8U50FbAwr5idjklc3BZTQCJLUYr
wvr5lFB26OpzY/z6VEtp7u4GJmFCVGsnNRewty3ZxlAwVD9nES6FF/faXUEex1G3
PXTvaAdCxqBVfgcangEi2EOLtKL/3ZqwRRCceyPZYt/rC8gPwb2qOoniKDTWZ60l
QzQoCUNWWDMqnQ==
-----END CERTIFICATE-----