Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
File:                     raavh7Q2lN05mUwOMhQwaHVRny4.mft (raw, json)
Hash identifier:          mfeDxh4BNUIsNATNk5aYQJoQNARnVvggKvuGKPIFRNw=
Subject key identifier:   C0:C0:83:9E:76:76:E3:27:BA:CE:51:7D:64:32:95:9B:43:3F:E2:54
Authority key identifier: AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E
Certificate issuer:       /CN=ada6af87b43694dd39994c0e3214306875519f2e
Certificate serial:       018F89394F5A48D72324814BAFC638C3A039
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
Manifest number:          06D5
Signing time:             Sat 18 May 2024 01:03:05 +0000
Manifest this update:     Sat 18 May 2024 01:03:05 +0000
Manifest next update:     Sun 19 May 2024 01:03:05 +0000
Files and hashes:         1: raavh7Q2lN05mUwOMhQwaHVRny4.crl (hash: C0bi80t0HINGv8N3pGLyD2Iw95edmyyWliIt+lK7UCk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:39:4f:5a:48:d7:23:24:81:4b:af:c6:38:c3:a0:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ada6af87b43694dd39994c0e3214306875519f2e
        Validity
            Not Before: May 18 01:03:05 2024 GMT
            Not After : May 19 01:03:05 2024 GMT
        Subject: CN=c0c0839e7676e327bace517d6432959b433fe254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:13:6c:5f:87:4d:a5:25:ed:dd:4c:33:2f:d4:
                    bf:ba:84:29:cf:3c:33:92:aa:60:44:91:59:d8:5f:
                    63:53:91:e1:55:9a:05:b2:e4:25:d2:29:67:6f:23:
                    e1:da:b4:1a:fc:98:f4:84:98:25:f5:22:f0:2a:2f:
                    cf:a8:c1:3e:a6:f1:1a:c2:85:b0:8e:66:ab:9f:33:
                    4a:45:2f:16:d7:cd:79:61:0d:79:60:a6:96:bd:ee:
                    67:7f:69:d0:29:81:bf:cd:9d:6b:9d:f2:cb:b5:a4:
                    33:29:34:76:22:ed:3f:0d:5e:2b:bf:00:c3:97:4a:
                    85:87:e4:24:fb:da:c6:20:cc:08:8f:8e:ac:85:db:
                    2e:00:b0:57:0a:42:65:25:7a:bb:7e:2f:0e:70:fc:
                    79:4b:1f:83:92:07:d2:4a:74:f2:a7:f4:34:0a:ef:
                    b3:90:2b:4a:09:6e:75:b3:50:2f:c6:49:aa:2d:ce:
                    e7:f3:f0:ec:02:bc:08:62:3f:e5:3d:e4:b1:79:a6:
                    c1:60:d4:c3:0c:a0:77:ff:15:80:6d:08:f2:06:8e:
                    84:8d:96:ff:ce:95:58:c4:d6:18:e6:cd:4a:1d:09:
                    80:dc:5c:af:d9:a0:96:f4:b9:f8:21:1b:6c:13:9f:
                    3d:d1:dc:75:63:13:92:83:8a:60:14:26:a0:e4:c6:
                    26:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:C0:83:9E:76:76:E3:27:BA:CE:51:7D:64:32:95:9B:43:3F:E2:54
            X509v3 Authority Key Identifier:
                keyid:AD:A6:AF:87:B4:36:94:DD:39:99:4C:0E:32:14:30:68:75:51:9F:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raavh7Q2lN05mUwOMhQwaHVRny4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c5c8be-7db9-4057-a807-39e357384ae4/1/raavh7Q2lN05mUwOMhQwaHVRny4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:d7:39:64:33:62:95:24:b2:9d:b1:b6:c0:79:18:fb:dd:ca:
         b6:7a:34:77:42:12:47:6c:f3:ca:6a:c7:81:99:73:2b:da:69:
         8c:ea:87:e0:e6:58:d4:7e:31:4d:19:bb:72:7e:8c:08:19:4e:
         60:52:93:9f:d2:d5:96:14:d0:f9:ce:fc:ba:6d:a8:c5:83:56:
         5e:54:91:71:49:63:05:1e:e7:d0:66:87:8d:93:db:25:83:31:
         58:bf:42:2c:e8:c7:17:5a:f9:04:fa:87:36:d0:b3:6f:95:d3:
         4d:bb:7d:11:eb:75:ac:9e:89:22:b2:9f:5c:c9:56:f4:b6:e9:
         7b:c9:98:6b:51:fd:98:e3:13:b4:a8:d8:25:7c:a2:e2:ef:d9:
         58:c8:37:b5:ad:e0:42:23:cf:ff:e9:3d:2d:01:2f:7b:82:34:
         64:75:f5:7b:36:5f:ce:0a:c3:ed:94:f0:4e:bd:59:4a:82:9f:
         4c:06:44:d8:ac:38:c1:f6:67:74:2e:3b:a7:12:9d:a4:f9:0b:
         dd:64:ef:40:43:38:fd:5c:93:13:f9:09:6f:01:43:73:56:61:
         a2:70:8f:19:4e:f3:a6:5a:1b:75:5b:aa:6c:42:89:d7:a3:f5:
         fb:83:a5:0c:2c:5f:f5:16:28:88:16:99:2d:8c:2d:97:aa:d6:
         2f:e7:96:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JOU9aSNcjJIFLr8Y4w6A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTZhZjg3YjQzNjk0ZGQzOTk5NGMwZTMyMTQzMDY4NzU1
MTlmMmUwHhcNMjQwNTE4MDEwMzA1WhcNMjQwNTE5MDEwMzA1WjAzMTEwLwYDVQQD
EyhjMGMwODM5ZTc2NzZlMzI3YmFjZTUxN2Q2NDMyOTU5YjQzM2ZlMjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBNsX4dNpSXt3UwzL9S/uoQpzzwz
kqpgRJFZ2F9jU5HhVZoFsuQl0ilnbyPh2rQa/Jj0hJgl9SLwKi/PqME+pvEawoWw
jmarnzNKRS8W1815YQ15YKaWve5nf2nQKYG/zZ1rnfLLtaQzKTR2Iu0/DV4rvwDD
l0qFh+Qk+9rGIMwIj46shdsuALBXCkJlJXq7fi8OcPx5Sx+DkgfSSnTyp/Q0Cu+z
kCtKCW51s1AvxkmqLc7n8/DsArwIYj/lPeSxeabBYNTDDKB3/xWAbQjyBo6EjZb/
zpVYxNYY5s1KHQmA3Fyv2aCW9Ln4IRtsE5890dx1YxOSg4pgFCag5MYmGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDAg552duMnus5RfWQylZtDP+JUMB8GA1UdIwQY
MBaAFK2mr4e0NpTdOZlMDjIUMGh1UZ8uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDct
MzllMzU3Mzg0YWU0LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jNWM4YmUtN2RiOS00MDU3LWE4MDctMzllMzU3Mzg0YWU0
LzEvcmFhdmg3UTJsTjA1bVV3T01oUXdhSFZSbnk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj9c5ZDNi
lSSynbG2wHkY+93Ktno0d0ISR2zzymrHgZlzK9ppjOqH4OZY1H4xTRm7cn6MCBlO
YFKTn9LVlhTQ+c78um2oxYNWXlSRcUljBR7n0GaHjZPbJYMxWL9CLOjHF1r5BPqH
NtCzb5XTTbt9Eet1rJ6JIrKfXMlW9Lbpe8mYa1H9mOMTtKjYJXyi4u/ZWMg3ta3g
QiPP/+k9LQEve4I0ZHX1ezZfzgrD7ZTwTr1ZSoKfTAZE2Kw4wfZndC47pxKdpPkL
3WTvQEM4/VyTE/kJbwFDc1ZhonCPGU7zplobdVuqbEKJ16P1+4OlDCxf9RYoiBaZ
LYwtl6rWL+eWgw==
-----END CERTIFICATE-----