Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
File:                     l213R7vhqAE1QKcW0lzHh_h9tmo.mft (raw, json)
Hash identifier:          S4UvFmRl05/OXpPbmCvTgmrHWQmRmM6pR9TV3fBS558=
Subject key identifier:   44:71:DC:F0:CF:B8:27:B6:05:82:E1:BD:E2:F6:FE:7B:89:AD:A1:65
Authority key identifier: 97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A
Certificate issuer:       /CN=976d7747bbe1a8013540a716d25cc787f87db66a
Certificate serial:       018F96BC3FFD140BD574DE172051D771D182
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
Manifest number:          082A
Signing time:             Mon 20 May 2024 16:01:10 +0000
Manifest this update:     Mon 20 May 2024 16:01:10 +0000
Manifest next update:     Tue 21 May 2024 16:01:10 +0000
Files and hashes:         1: l213R7vhqAE1QKcW0lzHh_h9tmo.crl (hash: im9PPylpN7tXpK9rEfjM7A0ahtePXP6s8pFbzlqfQZo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 08:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:96:bc:3f:fd:14:0b:d5:74:de:17:20:51:d7:71:d1:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=976d7747bbe1a8013540a716d25cc787f87db66a
        Validity
            Not Before: May 20 16:01:10 2024 GMT
            Not After : May 21 16:01:10 2024 GMT
        Subject: CN=4471dcf0cfb827b60582e1bde2f6fe7b89ada165
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:56:64:31:51:bc:8b:d0:eb:b4:1c:c3:32:e5:
                    29:83:c9:d9:5e:41:93:da:da:ac:03:30:3c:d2:1f:
                    b9:2c:1e:f8:a1:b4:6c:71:de:91:bb:f2:8e:05:3f:
                    19:af:04:c5:9c:d4:20:ae:38:9d:ac:94:9e:b6:d7:
                    5f:a8:e2:29:3f:fa:61:58:a2:77:22:ed:59:ee:9d:
                    69:62:32:55:4d:ff:79:cf:3d:bc:ef:d9:06:53:fe:
                    81:af:24:1b:41:a6:31:2b:dd:30:4f:90:92:94:55:
                    50:bc:4f:dc:85:8c:f0:08:b7:de:71:34:c3:52:ac:
                    44:2d:c6:b8:73:5c:2f:d3:53:cd:6e:f8:ac:75:8e:
                    12:0f:b6:ef:d1:b0:10:34:12:f8:8b:a6:ec:f2:88:
                    a5:51:14:4b:9b:c3:81:34:34:41:18:4f:e1:ae:20:
                    68:85:cb:b7:48:9a:42:ac:b3:25:b2:7a:72:fc:e8:
                    77:36:0c:67:30:2a:7b:89:4a:4d:e0:8e:6a:38:be:
                    57:ed:5c:3d:48:af:17:65:9e:a2:51:11:ca:b5:a3:
                    af:b8:1c:80:6b:59:88:e1:e9:fb:1a:e5:65:89:7e:
                    ee:a4:a8:cd:8c:ba:61:07:54:1d:55:40:2a:de:f6:
                    5c:40:4a:63:ed:88:95:60:88:59:2c:e2:e0:34:e2:
                    66:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:71:DC:F0:CF:B8:27:B6:05:82:E1:BD:E2:F6:FE:7B:89:AD:A1:65
            X509v3 Authority Key Identifier:
                keyid:97:6D:77:47:BB:E1:A8:01:35:40:A7:16:D2:5C:C7:87:F8:7D:B6:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l213R7vhqAE1QKcW0lzHh_h9tmo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b492ff-3154-4304-b927-d99832657a45/1/l213R7vhqAE1QKcW0lzHh_h9tmo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         72:4f:0b:01:cc:9c:99:bc:47:7e:7b:b9:34:87:43:83:33:dc:
         c2:97:22:9f:38:ae:3c:4c:e3:d7:0d:c5:7c:96:27:f7:de:55:
         f1:bc:23:d0:5f:39:5f:eb:43:54:fd:55:5b:94:50:69:d5:1b:
         26:af:e6:ae:c9:5d:b6:e7:50:59:b0:bc:89:f0:1d:60:b5:58:
         90:cf:d1:7e:51:7e:71:e7:f4:3a:f2:34:d5:fb:e1:02:10:3d:
         29:81:07:59:e6:8b:de:35:e9:b6:84:fb:0a:13:9b:62:f3:9f:
         dc:96:62:be:7a:ca:94:45:88:2a:9f:67:de:c7:d8:1c:39:de:
         19:08:88:da:83:f1:d6:ec:50:a5:22:c9:42:7d:90:5a:ad:4a:
         16:12:63:9f:68:6d:da:be:d7:ec:02:46:ec:ca:58:27:ac:0d:
         d4:0f:93:e0:fb:bc:6f:94:da:34:99:cf:20:9f:04:e6:bd:b2:
         17:8e:19:f4:cd:6d:4b:84:36:dd:d7:e3:3f:5a:8a:72:b7:2b:
         48:3b:c2:c8:6b:be:bc:a7:24:53:85:e3:c2:a2:2a:3b:97:7b:
         d7:f9:8a:86:68:f3:d7:56:2a:bf:cf:29:aa:d1:51:d2:10:d1:
         c3:88:51:07:29:9a:58:8d:63:5c:d2:ac:9a:7a:fc:e3:a8:95:
         10:54:aa:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+WvD/9FAvVdN4XIFHXcdGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NmQ3NzQ3YmJlMWE4MDEzNTQwYTcxNmQyNWNjNzg3Zjg3
ZGI2NmEwHhcNMjQwNTIwMTYwMTEwWhcNMjQwNTIxMTYwMTEwWjAzMTEwLwYDVQQD
Eyg0NDcxZGNmMGNmYjgyN2I2MDU4MmUxYmRlMmY2ZmU3Yjg5YWRhMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVZkMVG8i9DrtBzDMuUpg8nZXkGT
2tqsAzA80h+5LB74obRscd6Ru/KOBT8ZrwTFnNQgrjidrJSettdfqOIpP/phWKJ3
Iu1Z7p1pYjJVTf95zz2879kGU/6BryQbQaYxK90wT5CSlFVQvE/chYzwCLfecTTD
UqxELca4c1wv01PNbvisdY4SD7bv0bAQNBL4i6bs8oilURRLm8OBNDRBGE/hriBo
hcu3SJpCrLMlsnpy/Oh3NgxnMCp7iUpN4I5qOL5X7Vw9SK8XZZ6iURHKtaOvuByA
a1mI4en7GuVliX7upKjNjLphB1QdVUAq3vZcQEpj7YiVYIhZLOLgNOJmBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERx3PDPuCe2BYLhveL2/nuJraFlMB8GA1UdIwQY
MBaAFJdtd0e74agBNUCnFtJcx4f4fbZqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5Mjct
ZDk5ODMyNjU3YTQ1LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iNDkyZmYtMzE1NC00MzA0LWI5MjctZDk5ODMyNjU3YTQ1
LzEvbDIxM1I3dmhxQUUxUUtjVzBsekhoX2g5dG1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAck8LAcyc
mbxHfnu5NIdDgzPcwpcinziuPEzj1w3FfJYn995V8bwj0F85X+tDVP1VW5RQadUb
Jq/mrsldtudQWbC8ifAdYLVYkM/RflF+cef0OvI01fvhAhA9KYEHWeaL3jXptoT7
ChObYvOf3JZivnrKlEWIKp9n3sfYHDneGQiI2oPx1uxQpSLJQn2QWq1KFhJjn2ht
2r7X7AJG7MpYJ6wN1A+T4Pu8b5TaNJnPIJ8E5r2yF44Z9M1tS4Q23dfjP1qKcrcr
SDvCyGu+vKckU4XjwqIqO5d71/mKhmjz11Yqv88pqtFR0hDRw4hRBymaWI1jXNKs
mnr846iVEFSqAQ==
-----END CERTIFICATE-----