Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
File:                     8R8omgChsRW386TRuAEb-Q0aL3I.mft (raw, json)
Hash identifier:          J5t97qBo9n9KjMo5g005OQDpOakQTQfoS2Qc/rabQtU=
Subject key identifier:   A5:28:71:32:82:74:17:62:B8:7C:5A:DB:6A:D2:DD:D4:9A:C6:4F:FE
Authority key identifier: F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72
Certificate issuer:       /CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
Certificate serial:       018F3DE8A20A2834BAD80E587BD2E41E72E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
Manifest number:          0520
Signing time:             Fri 03 May 2024 10:03:26 +0000
Manifest this update:     Fri 03 May 2024 10:03:26 +0000
Manifest next update:     Sat 04 May 2024 10:03:26 +0000
Files and hashes:         1: 8R8omgChsRW386TRuAEb-Q0aL3I.crl (hash: U6eGu4sAKgUL7UrCfHD0PUhYfkdHoZHiISMdPXIK/mI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 10:03:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3d:e8:a2:0a:28:34:ba:d8:0e:58:7b:d2:e4:1e:72:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f11f289a00a1b115b7f3a4d1b8011bf90d1a2f72
        Validity
            Not Before: May  3 10:03:26 2024 GMT
            Not After : May  4 10:03:26 2024 GMT
        Subject: CN=a528713282741762b87c5adb6ad2ddd49ac64ffe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:63:21:b7:b9:fd:4b:21:2b:a9:36:e8:dc:31:
                    ff:5d:44:a5:b4:48:11:39:bc:00:00:bc:0f:46:c4:
                    2f:b7:89:cb:06:b1:2e:4c:60:18:73:74:37:fa:df:
                    79:42:b2:e0:aa:3a:a1:34:eb:c5:85:27:dd:0f:b1:
                    72:67:22:c1:95:da:7c:25:c1:cf:76:dd:8d:22:2a:
                    f0:2c:ee:ea:c9:0f:38:e8:af:3c:b2:94:93:d1:f2:
                    81:39:66:b3:00:37:bd:f1:1c:1a:06:cf:39:a9:d1:
                    e9:0f:4b:88:61:1f:89:28:ec:ee:42:1c:20:6f:23:
                    4a:b6:ca:a1:e5:64:2d:12:80:de:6f:ab:ea:39:50:
                    8c:0b:d2:1b:e8:35:ab:e5:b1:d3:7e:f3:15:0c:6a:
                    a1:ec:a1:c0:a1:6c:4b:1f:28:40:66:22:98:d5:74:
                    a4:c6:80:5f:9b:5a:94:b4:be:6f:28:7c:74:b7:3e:
                    c0:1f:73:5d:56:09:b8:a2:40:49:9f:df:a6:a4:13:
                    e9:61:be:82:40:5b:92:d1:ce:7f:03:4a:47:18:e7:
                    eb:ad:67:9f:96:04:79:14:88:5a:d1:e2:2c:d3:16:
                    b3:57:7f:4a:cd:84:f9:53:ad:18:e1:c0:7e:4c:4a:
                    98:57:fe:48:1d:7b:50:b4:85:7b:5d:59:3b:24:9a:
                    50:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:28:71:32:82:74:17:62:B8:7C:5A:DB:6A:D2:DD:D4:9A:C6:4F:FE
            X509v3 Authority Key Identifier:
                keyid:F1:1F:28:9A:00:A1:B1:15:B7:F3:A4:D1:B8:01:1B:F9:0D:1A:2F:72

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8R8omgChsRW386TRuAEb-Q0aL3I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/5151e1-36b7-4205-9af7-74e84967168b/1/8R8omgChsRW386TRuAEb-Q0aL3I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:12:8b:d9:e2:57:27:17:02:e5:1b:89:5d:54:70:93:2d:7d:
         4d:81:d8:f6:a1:9e:5e:94:5b:0c:82:e5:59:d1:32:2e:74:3a:
         15:5e:de:ca:64:e7:66:11:50:a3:35:c0:27:0b:0b:50:71:15:
         b3:d7:44:cb:40:bf:a2:91:a8:ac:bb:6e:0b:72:88:58:b4:57:
         51:42:0a:95:a5:97:e1:5f:fb:fd:d4:85:54:e3:17:4c:af:b9:
         17:e7:ff:e5:64:04:bb:77:70:a5:49:d2:7c:cd:a7:b3:a5:2c:
         62:22:7d:32:e8:0d:f7:8d:f8:b3:6a:7b:94:81:cd:46:aa:d7:
         f8:dc:f4:61:8c:7c:0b:90:14:f3:85:b7:f6:fd:fb:9a:78:04:
         f7:c0:43:96:31:64:b4:22:0d:75:3b:5c:38:2a:2c:ea:4d:f0:
         c8:f6:06:1f:8d:ee:12:b1:ba:35:2b:05:0c:1b:4b:67:bc:98:
         45:05:39:e9:dc:72:05:dd:1e:6f:49:16:e5:ee:97:b5:4b:0c:
         0b:0e:48:4f:5c:53:39:c5:5c:97:24:9d:2b:79:b8:ba:00:0c:
         3f:92:19:93:0b:16:80:ad:28:f6:57:15:b4:4e:29:cc:66:a9:
         c3:4a:53:df:1b:5d:08:a1:b8:ae:96:80:ea:5c:39:84:c5:a5:
         a3:79:38:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY896KIKKDS62A5Ye9LkHnLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMWYyODlhMDBhMWIxMTViN2YzYTRkMWI4MDExYmY5MGQx
YTJmNzIwHhcNMjQwNTAzMTAwMzI2WhcNMjQwNTA0MTAwMzI2WjAzMTEwLwYDVQQD
EyhhNTI4NzEzMjgyNzQxNzYyYjg3YzVhZGI2YWQyZGRkNDlhYzY0ZmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmMht7n9SyErqTbo3DH/XUSltEgR
ObwAALwPRsQvt4nLBrEuTGAYc3Q3+t95QrLgqjqhNOvFhSfdD7FyZyLBldp8JcHP
dt2NIirwLO7qyQ846K88spST0fKBOWazADe98RwaBs85qdHpD0uIYR+JKOzuQhwg
byNKtsqh5WQtEoDeb6vqOVCMC9Ib6DWr5bHTfvMVDGqh7KHAoWxLHyhAZiKY1XSk
xoBfm1qUtL5vKHx0tz7AH3NdVgm4okBJn9+mpBPpYb6CQFuS0c5/A0pHGOfrrWef
lgR5FIha0eIs0xazV39KzYT5U60Y4cB+TEqYV/5IHXtQtIV7XVk7JJpQZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUocTKCdBdiuHxa22rS3dSaxk/+MB8GA1UdIwQY
MBaAFPEfKJoAobEVt/Ok0bgBG/kNGi9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjct
NzRlODQ5NjcxNjhiLzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS81MTUxZTEtMzZiNy00MjA1LTlhZjctNzRlODQ5NjcxNjhi
LzEvOFI4b21nQ2hzUlczODZUUnVBRWItUTBhTDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYhKL2eJX
JxcC5RuJXVRwky19TYHY9qGeXpRbDILlWdEyLnQ6FV7eymTnZhFQozXAJwsLUHEV
s9dEy0C/opGorLtuC3KIWLRXUUIKlaWX4V/7/dSFVOMXTK+5F+f/5WQEu3dwpUnS
fM2ns6UsYiJ9MugN9434s2p7lIHNRqrX+Nz0YYx8C5AU84W39v37mngE98BDljFk
tCINdTtcOCos6k3wyPYGH43uErG6NSsFDBtLZ7yYRQU56dxyBd0eb0kW5e6XtUsM
Cw5IT1xTOcVclySdK3m4ugAMP5IZkwsWgK0o9lcVtE4pzGapw0pT3xtdCKG4rpaA
6lw5hMWlo3k4/w==
-----END CERTIFICATE-----