Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
File:                     DwQeIIaCRVpnlCzipkhYygcEfos.mft (raw, json)
Hash identifier:          MFJ2bmNpjL2xN7ItaZjYvQgcqM9IM8jXyiEhojZ39jk=
Subject key identifier:   B8:35:50:F5:B7:55:D3:1C:05:70:6A:9E:4F:4B:A4:A2:9C:C2:46:A2
Authority key identifier: 0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B
Certificate issuer:       /CN=0f041e208682455a67942ce2a64858ca07047e8b
Certificate serial:       018FD3E3AE70EEEA948EE3FB3D970E020D22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
Manifest number:          119E
Signing time:             Sat 01 Jun 2024 13:01:04 +0000
Manifest this update:     Sat 01 Jun 2024 13:01:04 +0000
Manifest next update:     Sun 02 Jun 2024 13:01:04 +0000
Files and hashes:         1: DwQeIIaCRVpnlCzipkhYygcEfos.crl (hash: QR3TN6BnQ8RLe1B9NiWELDlgwmOBIZ4Cia3ubZ4NJFQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Jun 2024 10:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:d3:e3:ae:70:ee:ea:94:8e:e3:fb:3d:97:0e:02:0d:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f041e208682455a67942ce2a64858ca07047e8b
        Validity
            Not Before: Jun  1 13:01:04 2024 GMT
            Not After : Jun  2 13:01:04 2024 GMT
        Subject: CN=b83550f5b755d31c05706a9e4f4ba4a29cc246a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:9f:cb:4a:35:86:19:1b:0f:aa:24:70:8a:41:
                    4b:56:28:20:1d:ab:ef:40:03:d7:02:c8:3f:dd:bf:
                    ae:4c:ae:12:47:7d:97:6a:15:ee:48:fa:57:95:7e:
                    11:71:1a:55:a2:45:c5:a3:51:ee:2e:24:60:a5:60:
                    9c:9b:8c:11:7d:86:bb:21:3b:aa:0f:b5:31:d7:2e:
                    58:f4:d2:d3:c0:70:2b:35:19:cf:0f:c9:fd:f7:f1:
                    b3:fb:56:3a:d2:bd:8f:90:59:d1:3e:89:5c:75:a8:
                    a5:69:55:0d:51:ed:95:71:2f:8d:ea:7e:d4:03:d7:
                    c3:f4:2e:d9:53:72:35:29:07:0c:37:fd:68:0e:f6:
                    0d:de:e6:5f:f6:6b:7b:b0:1a:44:14:29:5f:6b:ca:
                    93:61:0c:24:23:bd:3b:7d:10:09:77:8c:9d:eb:ea:
                    ff:1b:cd:b6:7a:a8:04:12:74:63:4d:1b:46:e8:17:
                    9d:34:af:14:a6:83:5a:ca:64:ae:f6:91:ba:f6:c2:
                    82:e9:86:5e:82:35:bb:48:ea:8e:55:22:e7:86:11:
                    df:eb:3c:f7:86:0f:67:ef:c5:d8:dc:5f:6e:84:80:
                    ce:88:99:c0:47:8c:be:57:bb:a7:03:f3:7c:d4:b4:
                    30:bc:1a:41:30:c9:03:ed:aa:db:6c:3d:55:2e:9e:
                    13:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:35:50:F5:B7:55:D3:1C:05:70:6A:9E:4F:4B:A4:A2:9C:C2:46:A2
            X509v3 Authority Key Identifier:
                keyid:0F:04:1E:20:86:82:45:5A:67:94:2C:E2:A6:48:58:CA:07:04:7E:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwQeIIaCRVpnlCzipkhYygcEfos.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f922e7-d53e-4daf-8770-7ffdfee57f52/1/DwQeIIaCRVpnlCzipkhYygcEfos.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:f0:ec:7f:a2:b2:91:9a:1f:70:bb:9d:95:15:29:1d:58:2a:
         43:f5:93:b8:16:5b:68:63:71:c4:5c:ab:a7:f9:cc:58:00:be:
         2c:ae:79:e9:c0:37:d0:e9:19:ae:98:f3:ca:56:5c:d2:4b:25:
         d0:8f:eb:69:38:30:8c:8f:11:ac:66:47:c8:b1:74:12:57:33:
         62:80:64:97:b6:da:86:cb:20:07:9e:27:15:80:fc:3b:c4:ff:
         ea:d4:dd:99:17:7c:09:42:e8:ae:ed:ec:ec:dc:4b:22:47:66:
         82:2f:af:30:09:ef:f3:24:4e:ef:98:ac:02:1f:17:ec:cd:6f:
         1c:56:0d:a5:b0:0c:28:b5:6b:a8:fb:e4:62:2a:d5:02:10:0d:
         22:78:9c:f7:1e:35:99:24:51:8d:ad:19:c9:76:db:10:28:60:
         43:fb:c7:f6:61:7f:e6:67:b6:8c:a5:d7:53:bf:12:44:68:57:
         86:69:66:ad:e1:08:3c:a6:f7:12:e3:fd:b5:0c:b0:0c:c2:60:
         0e:54:c3:79:3e:54:34:d0:02:31:57:0c:58:96:72:52:90:ce:
         85:f9:75:6a:69:fc:a6:dd:75:e6:32:6b:4d:9f:00:76:1e:95:
         51:61:1a:3a:2e:45:cc:9e:9c:a4:cb:63:27:96:82:25:f9:6d:
         05:9e:6b:f4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY/T465w7uqUjuP7PZcOAg0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDQxZTIwODY4MjQ1NWE2Nzk0MmNlMmE2NDg1OGNhMDcw
NDdlOGIwHhcNMjQwNjAxMTMwMTA0WhcNMjQwNjAyMTMwMTA0WjAzMTEwLwYDVQQD
EyhiODM1NTBmNWI3NTVkMzFjMDU3MDZhOWU0ZjRiYTRhMjljYzI0NmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ/LSjWGGRsPqiRwikFLViggHavv
QAPXAsg/3b+uTK4SR32XahXuSPpXlX4RcRpVokXFo1HuLiRgpWCcm4wRfYa7ITuq
D7Ux1y5Y9NLTwHArNRnPD8n99/Gz+1Y60r2PkFnRPolcdailaVUNUe2VcS+N6n7U
A9fD9C7ZU3I1KQcMN/1oDvYN3uZf9mt7sBpEFClfa8qTYQwkI707fRAJd4yd6+r/
G822eqgEEnRjTRtG6BedNK8UpoNaymSu9pG69sKC6YZegjW7SOqOVSLnhhHf6zz3
hg9n78XY3F9uhIDOiJnAR4y+V7unA/N81LQwvBpBMMkD7arbbD1VLp4T9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLg1UPW3VdMcBXBqnk9LpKKcwkaiMB8GA1UdIwQY
MBaAFA8EHiCGgkVaZ5Qs4qZIWMoHBH6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAt
N2ZmZGZlZTU3ZjUyLzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mOTIyZTctZDUzZS00ZGFmLTg3NzAtN2ZmZGZlZTU3ZjUy
LzEvRHdRZUlJYUNSVnBubEN6aXBraFl5Z2NFZm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg/Dsf6Ky
kZofcLudlRUpHVgqQ/WTuBZbaGNxxFyrp/nMWAC+LK556cA30OkZrpjzylZc0ksl
0I/raTgwjI8RrGZHyLF0ElczYoBkl7bahssgB54nFYD8O8T/6tTdmRd8CULoru3s
7NxLIkdmgi+vMAnv8yRO75isAh8X7M1vHFYNpbAMKLVrqPvkYirVAhANInic9x41
mSRRja0ZyXbbEChgQ/vH9mF/5me2jKXXU78SRGhXhmlmreEIPKb3EuP9tQywDMJg
DlTDeT5UNNACMVcMWJZyUpDOhfl1amn8pt115jJrTZ8Adh6VUWEaOi5FzJ6cpMtj
J5aCJfltBZ5r9A==
-----END CERTIFICATE-----