Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
File:                     jRHN6i8zL8ztMzil3x-y30Uh-OI.mft (raw, json)
Hash identifier:          Skv43saElLvBg/FoNfTETeh8BkdZ53c3ErgFs8hTbCQ=
Subject key identifier:   FC:3B:82:F7:DD:20:BC:B6:41:9D:24:70:6E:EF:2C:18:DB:79:F7:DD
Authority key identifier: 8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2
Certificate issuer:       /CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
Certificate serial:       018F874A18066D748017E819389944D30182
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
Manifest number:          0C8C
Signing time:             Fri 17 May 2024 16:02:10 +0000
Manifest this update:     Fri 17 May 2024 16:02:10 +0000
Manifest next update:     Sat 18 May 2024 16:02:10 +0000
Files and hashes:         1: jRHN6i8zL8ztMzil3x-y30Uh-OI.crl (hash: 7b0RXkuSsNuNtff+4eWc+vvqusveuumAJR57vi8nd3s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:18:06:6d:74:80:17:e8:19:38:99:44:d3:01:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d11cdea2f332fcced3338a5df1fb2df4521f8e2
        Validity
            Not Before: May 17 16:02:10 2024 GMT
            Not After : May 18 16:02:10 2024 GMT
        Subject: CN=fc3b82f7dd20bcb6419d24706eef2c18db79f7dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:31:d4:e2:2b:e1:4b:83:e6:75:c9:42:6e:a7:
                    18:cb:92:32:42:c1:ff:20:76:90:72:fb:a8:70:90:
                    76:26:32:91:ed:2a:73:68:28:a3:34:0c:b2:ae:0b:
                    da:fe:fc:0a:80:c3:90:93:d2:67:59:9a:bb:e2:a8:
                    a4:31:da:cc:ae:0a:ef:15:79:31:92:69:89:e5:d6:
                    da:85:bf:86:3d:92:29:c1:d5:23:c2:c8:0b:6e:fc:
                    76:f0:9e:f2:ed:07:6f:bc:1d:61:9b:b9:70:7a:19:
                    fc:95:f7:49:49:77:2e:49:c5:0a:d2:1e:79:ac:15:
                    c3:f2:fb:8a:14:c7:11:63:30:48:73:bd:45:6b:e5:
                    d6:c2:f8:3a:87:ed:ae:7a:a0:a3:08:5c:4a:3f:af:
                    c4:d0:63:5a:d8:06:5b:a5:87:69:d3:13:e7:33:82:
                    9a:b2:61:0a:72:4a:11:c8:56:d8:a3:f5:45:8e:6e:
                    53:ec:bf:bf:73:aa:f0:54:3d:4f:af:87:17:ae:20:
                    49:a8:e3:5a:38:3f:f6:e8:dc:7c:cf:9b:56:91:d4:
                    63:f4:d1:e7:0a:ab:ac:ab:26:4a:62:0f:9c:a5:f5:
                    ed:8e:25:57:f0:54:f7:5d:1a:fc:00:aa:d1:6c:b8:
                    ac:10:72:89:ed:d2:8c:95:e6:e5:01:06:7d:fe:98:
                    fa:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:3B:82:F7:DD:20:BC:B6:41:9D:24:70:6E:EF:2C:18:DB:79:F7:DD
            X509v3 Authority Key Identifier:
                keyid:8D:11:CD:EA:2F:33:2F:CC:ED:33:38:A5:DF:1F:B2:DF:45:21:F8:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHN6i8zL8ztMzil3x-y30Uh-OI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/7dadd3-3e55-46be-94e1-c90658ebd697/1/jRHN6i8zL8ztMzil3x-y30Uh-OI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         80:da:59:99:f0:20:e1:e6:5f:a0:27:64:ae:3d:bb:ca:a4:af:
         d1:27:e4:e2:37:20:90:6d:e2:c8:d8:41:db:2f:1d:4e:69:44:
         31:c6:f6:32:c6:8d:36:01:0a:34:44:f2:2c:a9:68:73:cd:9b:
         e0:3f:4e:99:62:a9:f9:e5:bb:50:82:fa:ba:02:b4:61:0d:6f:
         ad:56:f3:6b:dc:81:15:6c:73:a6:f1:a7:d2:52:74:c7:00:0c:
         ad:e2:ac:8b:19:d7:0d:7c:19:fc:55:fe:d3:f7:d2:52:a0:b9:
         5d:98:f1:fe:ea:ba:f6:5d:44:d1:fc:3b:77:5e:d4:48:3e:43:
         14:49:ad:52:d8:31:45:3d:45:37:3d:dc:fa:f1:0a:0c:87:b5:
         f0:86:39:9a:53:7c:ba:1e:3b:e0:0b:e8:b1:93:3d:5c:d2:b6:
         5e:9f:fa:75:38:8c:63:d1:89:7c:7a:7e:95:ec:28:cd:ab:5d:
         8f:bd:c0:91:ce:1c:37:a0:dd:d8:cc:1f:f7:e4:ef:0a:7f:83:
         22:59:5c:d5:c9:39:b3:26:53:de:6d:77:2e:46:cb:a6:56:5e:
         88:fc:db:79:30:67:99:09:36:97:bb:4d:6d:2a:5b:64:9b:81:
         8e:df:b4:b1:65:fc:ba:02:22:29:60:1d:08:48:01:50:6e:23:
         94:5b:12:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HShgGbXSAF+gZOJlE0wGCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjZGVhMmYzMzJmY2NlZDMzMzhhNWRmMWZiMmRmNDUy
MWY4ZTIwHhcNMjQwNTE3MTYwMjEwWhcNMjQwNTE4MTYwMjEwWjAzMTEwLwYDVQQD
EyhmYzNiODJmN2RkMjBiY2I2NDE5ZDI0NzA2ZWVmMmMxOGRiNzlmN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTHU4ivhS4PmdclCbqcYy5IyQsH/
IHaQcvuocJB2JjKR7SpzaCijNAyyrgva/vwKgMOQk9JnWZq74qikMdrMrgrvFXkx
kmmJ5dbahb+GPZIpwdUjwsgLbvx28J7y7QdvvB1hm7lwehn8lfdJSXcuScUK0h55
rBXD8vuKFMcRYzBIc71Fa+XWwvg6h+2ueqCjCFxKP6/E0GNa2AZbpYdp0xPnM4Ka
smEKckoRyFbYo/VFjm5T7L+/c6rwVD1Pr4cXriBJqONaOD/26Nx8z5tWkdRj9NHn
CqusqyZKYg+cpfXtjiVX8FT3XRr8AKrRbLisEHKJ7dKMleblAQZ9/pj6QwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPw7gvfdILy2QZ0kcG7vLBjbeffdMB8GA1UdIwQY
MBaAFI0RzeovMy/M7TM4pd8fst9FIfjiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEt
YzkwNjU4ZWJkNjk3LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC83ZGFkZDMtM2U1NS00NmJlLTk0ZTEtYzkwNjU4ZWJkNjk3
LzEvalJITjZpOHpMOHp0TXppbDN4LXkzMFVoLU9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgNpZmfAg
4eZfoCdkrj27yqSv0Sfk4jcgkG3iyNhB2y8dTmlEMcb2MsaNNgEKNETyLKloc82b
4D9OmWKp+eW7UIL6ugK0YQ1vrVbza9yBFWxzpvGn0lJ0xwAMreKsixnXDXwZ/FX+
0/fSUqC5XZjx/uq69l1E0fw7d17USD5DFEmtUtgxRT1FNz3c+vEKDIe18IY5mlN8
uh474AvosZM9XNK2Xp/6dTiMY9GJfHp+lewozatdj73Akc4cN6Dd2Mwf9+TvCn+D
Illc1ck5syZT3m13LkbLplZeiPzbeTBnmQk2l7tNbSpbZJuBjt+0sWX8ugIiKWAd
CEgBUG4jlFsSeg==
-----END CERTIFICATE-----