Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
File:                     214_2Taim0KaFIK070HDJuKTfSo.mft (raw, json)
Hash identifier:          oMcnZwwgzlgbOaPfGMnI8BalIMF5IJhgqHQZvEQUCS8=
Subject key identifier:   EA:C9:44:FB:E6:D0:E0:48:E7:F0:8B:27:9E:6A:EE:64:98:71:B4:D3
Authority key identifier: DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A
Certificate issuer:       /CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
Certificate serial:       018F38893A333EF04F4C43A6193D13FB3925
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
Manifest number:          114C
Signing time:             Thu 02 May 2024 09:01:08 +0000
Manifest this update:     Thu 02 May 2024 09:01:08 +0000
Manifest next update:     Fri 03 May 2024 09:01:08 +0000
Files and hashes:         1: 214_2Taim0KaFIK070HDJuKTfSo.crl (hash: L9B8LrT3BFczBzwbxzFNy2h/WSzS6LQkHaHZ1acjVlk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:38:89:3a:33:3e:f0:4f:4c:43:a6:19:3d:13:fb:39:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=db5e3fd936a29b429a1482b4ef41c326e2937d2a
        Validity
            Not Before: May  2 09:01:08 2024 GMT
            Not After : May  3 09:01:08 2024 GMT
        Subject: CN=eac944fbe6d0e048e7f08b279e6aee649871b4d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e2:27:2c:ea:4e:15:ec:74:c9:a3:4d:02:34:
                    fd:5b:98:c8:e6:d0:91:a6:03:41:54:ea:43:f7:3a:
                    9c:c5:72:41:6d:d6:9e:72:50:5a:9c:19:94:b2:f9:
                    ed:2f:0e:67:f0:69:04:ac:08:61:b2:b9:dc:cb:a0:
                    20:c8:b8:10:7b:23:d9:15:d5:3a:18:14:47:64:6e:
                    f2:bb:17:bf:40:0b:69:27:6c:e5:5e:a9:04:25:ae:
                    f0:40:ae:c0:4c:28:83:c7:cb:b7:92:c5:bf:ee:80:
                    42:29:a7:21:be:8e:94:6c:1a:4d:2d:ac:9d:2a:0c:
                    9d:29:7e:bd:61:57:60:84:42:49:0e:ce:c9:55:f9:
                    e6:f7:d1:24:f6:2b:d2:d4:dd:9c:3e:06:42:e0:a9:
                    55:a0:fa:87:5c:43:d0:96:18:07:cf:c9:1c:7f:ee:
                    0f:a7:3f:dd:9b:e8:f9:7d:0a:ff:ee:e9:24:f5:22:
                    18:81:8d:37:6e:47:79:28:2e:4b:6d:19:68:9a:6e:
                    d7:3d:38:6a:5e:fa:c2:b5:b1:f5:b1:8a:00:a1:bf:
                    a8:8a:bf:d0:b6:6c:d4:d6:26:34:1c:8d:4b:bb:37:
                    ee:55:6c:9c:ca:32:20:da:96:5c:7c:76:38:5d:8c:
                    04:af:e3:b3:0a:92:1c:c8:1d:fd:2b:ca:68:0c:5a:
                    7c:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:C9:44:FB:E6:D0:E0:48:E7:F0:8B:27:9E:6A:EE:64:98:71:B4:D3
            X509v3 Authority Key Identifier:
                keyid:DB:5E:3F:D9:36:A2:9B:42:9A:14:82:B4:EF:41:C3:26:E2:93:7D:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/214_2Taim0KaFIK070HDJuKTfSo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/aae17f-c35b-407c-896b-7e57691bbed9/1/214_2Taim0KaFIK070HDJuKTfSo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1b:a9:7a:c5:ba:9c:31:27:34:25:a6:c2:7b:62:6b:ae:30:4f:
         db:72:f1:a0:3c:37:40:d2:94:2c:aa:5c:ff:aa:4c:64:2b:22:
         eb:ce:58:9b:83:d2:1b:0e:04:c3:42:19:a6:75:1d:62:9c:cc:
         46:df:67:1a:80:1a:49:7d:f2:8e:b1:8d:ba:0d:ef:39:e4:20:
         c1:35:e2:e2:b6:96:7e:d7:40:28:33:aa:e6:f2:dd:9a:2d:6c:
         42:1e:ed:fc:e6:04:34:49:9d:2e:6a:38:e7:ff:46:be:c1:fc:
         19:32:ef:cd:f7:4e:46:35:8d:b9:e9:54:48:f3:7b:07:31:8f:
         89:95:ed:54:88:73:ba:77:19:b6:fe:c8:b1:7b:27:a3:27:ec:
         fb:3f:a2:74:c3:3e:af:11:dc:78:0b:fd:2d:a8:74:69:67:83:
         a4:97:46:15:12:2f:e1:63:ea:40:1a:df:ff:52:26:3d:9c:ea:
         e0:36:62:fe:44:61:e5:bc:99:d5:64:8e:da:d2:fd:33:97:48:
         33:2f:8b:61:53:62:aa:c8:d3:ef:69:87:9b:8f:53:1e:83:b2:
         65:48:d2:83:3b:56:bc:2d:e4:cb:a2:c2:6e:66:76:ed:52:a7:
         b4:31:d7:c1:cb:4e:b0:e4:c1:95:5d:b7:7a:b1:97:79:9c:c3:
         eb:08:db:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY84iTozPvBPTEOmGT0T+zklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNWUzZmQ5MzZhMjliNDI5YTE0ODJiNGVmNDFjMzI2ZTI5
MzdkMmEwHhcNMjQwNTAyMDkwMTA4WhcNMjQwNTAzMDkwMTA4WjAzMTEwLwYDVQQD
EyhlYWM5NDRmYmU2ZDBlMDQ4ZTdmMDhiMjc5ZTZhZWU2NDk4NzFiNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OInLOpOFex0yaNNAjT9W5jI5tCR
pgNBVOpD9zqcxXJBbdaeclBanBmUsvntLw5n8GkErAhhsrncy6AgyLgQeyPZFdU6
GBRHZG7yuxe/QAtpJ2zlXqkEJa7wQK7ATCiDx8u3ksW/7oBCKachvo6UbBpNLayd
KgydKX69YVdghEJJDs7JVfnm99Ek9ivS1N2cPgZC4KlVoPqHXEPQlhgHz8kcf+4P
pz/dm+j5fQr/7ukk9SIYgY03bkd5KC5LbRlomm7XPThqXvrCtbH1sYoAob+oir/Q
tmzU1iY0HI1LuzfuVWycyjIg2pZcfHY4XYwEr+OzCpIcyB39K8poDFp8jwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOrJRPvm0OBI5/CLJ55q7mSYcbTTMB8GA1UdIwQY
MBaAFNteP9k2optCmhSCtO9Bwybik30qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmIt
N2U1NzY5MWJiZWQ5LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9hYWUxN2YtYzM1Yi00MDdjLTg5NmItN2U1NzY5MWJiZWQ5
LzEvMjE0XzJUYWltMEthRklLMDcwSERKdUtUZlNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6l6xbqc
MSc0JabCe2JrrjBP23LxoDw3QNKULKpc/6pMZCsi685Ym4PSGw4Ew0IZpnUdYpzM
Rt9nGoAaSX3yjrGNug3vOeQgwTXi4raWftdAKDOq5vLdmi1sQh7t/OYENEmdLmo4
5/9GvsH8GTLvzfdORjWNuelUSPN7BzGPiZXtVIhzuncZtv7IsXsnoyfs+z+idMM+
rxHceAv9Lah0aWeDpJdGFRIv4WPqQBrf/1ImPZzq4DZi/kRh5byZ1WSO2tL9M5dI
My+LYVNiqsjT72mHm49THoOyZUjSgztWvC3ky6LCbmZ27VKntDHXwctOsOTBlV23
erGXeZzD6wjbzw==
-----END CERTIFICATE-----