Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
File:                     YhcForItk4GoI8l5xvTnc0I1I20.mft (raw, json)
Hash identifier:          omMQE/hIMLcTWCee367lOPDJI2jRTswXIYijXLpknhc=
Subject key identifier:   BD:F5:C8:40:E4:4B:46:2D:7F:D5:61:07:F3:67:D0:B3:30:C8:C9:E6
Authority key identifier: 62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D
Certificate issuer:       /CN=621705a2b22d9381a823c979c6f4e7734235236d
Certificate serial:       018F8823E5E276B7F71428375A34DA28FCAE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
Manifest number:          0A5A
Signing time:             Fri 17 May 2024 20:00:04 +0000
Manifest this update:     Fri 17 May 2024 20:00:04 +0000
Manifest next update:     Sat 18 May 2024 20:00:04 +0000
Files and hashes:         1: YhcForItk4GoI8l5xvTnc0I1I20.crl (hash: Y/LiQvQFl8Kdr0dJ4qlYveqMQ5dIKwmMFRbLyvpJL+Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:23:e5:e2:76:b7:f7:14:28:37:5a:34:da:28:fc:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=621705a2b22d9381a823c979c6f4e7734235236d
        Validity
            Not Before: May 17 20:00:04 2024 GMT
            Not After : May 18 20:00:04 2024 GMT
        Subject: CN=bdf5c840e44b462d7fd56107f367d0b330c8c9e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:ac:2f:ca:29:75:7d:02:fa:31:95:07:b4:24:
                    d8:99:e2:36:34:34:9e:e0:08:02:b2:18:9e:10:cf:
                    9d:18:55:cc:e9:f4:a9:c4:45:f2:64:74:40:d3:ae:
                    ae:6a:4a:a7:19:f2:1f:91:99:7d:94:b0:8d:52:0f:
                    54:d0:2a:e5:1a:02:bb:71:58:ab:09:b6:79:e0:7c:
                    68:ee:3d:5f:a4:df:1d:13:00:5c:8e:2a:df:ff:8f:
                    79:72:ae:96:e0:7e:8b:e4:77:9a:2f:80:9b:9f:ac:
                    3e:b4:87:a8:67:08:80:09:a1:f4:0d:e3:ba:94:6f:
                    37:c4:07:30:89:c9:c5:49:9c:b5:f4:1c:5f:09:61:
                    0d:d8:74:cb:5e:6c:af:3d:c7:11:7b:dd:19:6b:5c:
                    c3:aa:85:5f:8f:e5:87:c0:ef:69:73:9f:a1:69:1c:
                    59:55:61:5a:16:57:67:0d:68:9a:25:d9:6c:47:ba:
                    45:a5:66:22:6a:a7:65:59:16:7d:d2:bf:ce:dd:5b:
                    4b:c0:ed:e9:89:85:2a:29:09:8e:09:d2:30:3e:de:
                    22:1e:e7:47:f8:31:8c:7a:8b:e6:b3:da:e7:c5:99:
                    21:97:0c:4e:13:0a:14:ef:cd:d7:2f:59:eb:da:d1:
                    cc:8a:92:92:c3:4e:9a:fd:ef:6c:f6:5c:9f:9f:66:
                    19:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:F5:C8:40:E4:4B:46:2D:7F:D5:61:07:F3:67:D0:B3:30:C8:C9:E6
            X509v3 Authority Key Identifier:
                keyid:62:17:05:A2:B2:2D:93:81:A8:23:C9:79:C6:F4:E7:73:42:35:23:6D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhcForItk4GoI8l5xvTnc0I1I20.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c9234d-e133-4194-84ac-71a39db88a23/1/YhcForItk4GoI8l5xvTnc0I1I20.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         63:27:32:c7:50:1a:f5:a2:00:b5:a1:92:b1:b4:85:37:81:02:
         c1:9c:20:b5:04:56:d8:4e:a2:ca:ab:1f:8d:89:5d:82:8e:96:
         51:15:a0:aa:99:c5:61:0a:6d:13:07:a8:90:81:f4:59:a0:2e:
         36:e7:1a:63:98:85:48:57:11:65:e9:fe:57:ed:7f:a7:d0:3c:
         db:81:49:b8:d6:07:7f:f3:27:37:5d:3b:3b:91:ce:d6:f2:09:
         8f:0e:93:03:c5:51:e4:ff:17:3e:ea:c0:88:10:37:bd:f4:5a:
         86:fd:d8:52:a8:dd:8f:35:f5:ca:35:15:b7:e9:95:4f:18:de:
         11:04:f6:17:d1:9f:63:42:ab:92:4a:04:a4:25:b9:a1:9a:9d:
         c8:63:31:ac:59:ab:c6:49:f9:61:08:71:a5:18:b5:1d:71:26:
         de:b9:1e:e2:b3:c0:61:32:b2:00:a9:c5:17:e5:5b:4c:5c:6a:
         fa:35:cb:3d:ff:75:c2:96:27:2d:f9:c9:da:61:c2:17:5a:e2:
         8d:a8:f8:7d:52:38:25:1d:f8:1a:92:35:b2:6a:90:e3:0c:08:
         b2:dc:f9:c9:e1:b7:a9:9b:c5:2b:91:a8:a8:0e:c2:46:46:a7:
         3b:22:13:8a:f0:66:77:c7:fb:46:3e:7b:06:43:09:e6:d6:0f:
         cb:b5:22:1c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+II+Xidrf3FCg3WjTaKPyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTcwNWEyYjIyZDkzODFhODIzYzk3OWM2ZjRlNzczNDIz
NTIzNmQwHhcNMjQwNTE3MjAwMDA0WhcNMjQwNTE4MjAwMDA0WjAzMTEwLwYDVQQD
EyhiZGY1Yzg0MGU0NGI0NjJkN2ZkNTYxMDdmMzY3ZDBiMzMwYzhjOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qwvyil1fQL6MZUHtCTYmeI2NDSe
4AgCshieEM+dGFXM6fSpxEXyZHRA066uakqnGfIfkZl9lLCNUg9U0CrlGgK7cVir
CbZ54Hxo7j1fpN8dEwBcjirf/495cq6W4H6L5HeaL4Cbn6w+tIeoZwiACaH0DeO6
lG83xAcwicnFSZy19BxfCWEN2HTLXmyvPccRe90Za1zDqoVfj+WHwO9pc5+haRxZ
VWFaFldnDWiaJdlsR7pFpWYiaqdlWRZ90r/O3VtLwO3piYUqKQmOCdIwPt4iHudH
+DGMeovms9rnxZkhlwxOEwoU783XL1nr2tHMipKSw06a/e9s9lyfn2YZKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL31yEDkS0Ytf9VhB/Nn0LMwyMnmMB8GA1UdIwQY
MBaAFGIXBaKyLZOBqCPJecb053NCNSNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMt
NzFhMzlkYjg4YTIzLzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jOTIzNGQtZTEzMy00MTk0LTg0YWMtNzFhMzlkYjg4YTIz
LzEvWWhjRm9ySXRrNEdvSThsNXh2VG5jMEkxSTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYycyx1Aa
9aIAtaGSsbSFN4ECwZwgtQRW2E6iyqsfjYldgo6WURWgqpnFYQptEweokIH0WaAu
NucaY5iFSFcRZen+V+1/p9A824FJuNYHf/MnN107O5HO1vIJjw6TA8VR5P8XPurA
iBA3vfRahv3YUqjdjzX1yjUVt+mVTxjeEQT2F9GfY0KrkkoEpCW5oZqdyGMxrFmr
xkn5YQhxpRi1HXEm3rke4rPAYTKyAKnFF+VbTFxq+jXLPf91wpYnLfnJ2mHCF1ri
jaj4fVI4JR34GpI1smqQ4wwIstz5yeG3qZvFK5GoqA7CRkanOyITivBmd8f7Rj57
BkMJ5tYPy7UiHA==
-----END CERTIFICATE-----