Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
File:                     AVgEEYI7SHN2g27WavP4qrsgEZw.mft (raw, json)
Hash identifier:          Qw6kIGKd0kB0k8iUb9fXTrv1ewBEX9X2nOBhv7+FKGM=
Subject key identifier:   BE:9D:1E:3D:AC:1B:A5:D1:55:E5:36:56:3D:B2:03:50:99:85:E9:57
Authority key identifier: 01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C
Certificate issuer:       /CN=01580411823b487376836ed66af3f8aabb20119c
Certificate serial:       018F362CE5354A527804A819A24FEF8746DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
Manifest number:          114B
Signing time:             Wed 01 May 2024 22:01:02 +0000
Manifest this update:     Wed 01 May 2024 22:01:02 +0000
Manifest next update:     Thu 02 May 2024 22:01:02 +0000
Files and hashes:         1: AVgEEYI7SHN2g27WavP4qrsgEZw.crl (hash: 2L38kpiFx7t2x1GT5ChuzUwWeGscMc03EoX4i6ODHFM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 22:01:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:36:2c:e5:35:4a:52:78:04:a8:19:a2:4f:ef:87:46:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01580411823b487376836ed66af3f8aabb20119c
        Validity
            Not Before: May  1 22:01:02 2024 GMT
            Not After : May  2 22:01:02 2024 GMT
        Subject: CN=be9d1e3dac1ba5d155e536563db203509985e957
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:9e:25:26:be:5f:44:94:6f:1c:92:7f:cf:cf:
                    86:e2:89:6c:7a:1d:64:27:ef:d3:96:0b:23:78:3d:
                    24:8a:a0:1e:35:db:f7:07:e8:55:22:9b:d6:96:34:
                    5a:a2:8b:9c:e1:50:f4:54:b6:e7:08:dc:73:7d:ab:
                    cb:0e:1c:30:fc:62:b7:41:e1:4e:d9:fd:76:2b:f2:
                    d2:d9:df:be:1d:8e:18:e4:86:b4:fd:91:5e:d9:ce:
                    2f:6a:88:1d:fa:eb:c6:0b:2d:5b:2b:e6:fa:76:20:
                    6c:8e:02:e1:9d:cf:ac:3c:db:3c:85:d5:4a:8e:2c:
                    2b:d5:1e:28:bb:3b:6c:8e:23:8a:8b:f4:ad:a9:fe:
                    b7:bb:b2:19:d3:71:a1:62:ff:89:c7:12:ee:dc:18:
                    84:7a:29:79:fa:c5:c6:87:87:7c:f1:50:5a:69:27:
                    bd:e4:f9:87:d7:8c:02:2e:1c:5c:02:89:75:3f:d2:
                    3c:5e:37:75:9b:c5:68:ab:25:12:77:21:0f:4d:51:
                    cd:6b:59:fa:af:ea:2f:07:6f:26:fc:b4:7b:2c:6a:
                    05:77:a2:55:77:62:30:d6:86:9e:47:85:de:ad:82:
                    10:8a:dc:89:a3:36:7b:db:50:dc:38:cc:af:10:0f:
                    ed:76:ee:10:70:0a:c7:ae:63:ae:42:da:62:b1:ef:
                    78:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:9D:1E:3D:AC:1B:A5:D1:55:E5:36:56:3D:B2:03:50:99:85:E9:57
            X509v3 Authority Key Identifier:
                keyid:01:58:04:11:82:3B:48:73:76:83:6E:D6:6A:F3:F8:AA:BB:20:11:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVgEEYI7SHN2g27WavP4qrsgEZw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/09d667-b1c5-4521-8b5f-c18abecdd524/1/AVgEEYI7SHN2g27WavP4qrsgEZw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:6f:80:02:76:49:48:48:fc:1b:aa:1f:6b:a4:b1:38:16:d1:
         88:b5:1f:48:9a:bc:0d:fb:35:56:ee:50:dd:c0:d4:a6:19:92:
         67:a3:60:88:21:49:91:da:14:03:78:2b:97:b2:9b:24:cb:03:
         1d:d4:a8:1d:d7:d7:73:ec:a5:26:e6:67:fa:45:ee:98:99:21:
         fc:b4:b6:f9:62:2d:8f:a2:f0:67:f0:75:11:b7:11:40:ff:d8:
         ca:24:24:4e:fb:4b:15:79:6f:0c:a1:7c:4e:c9:89:c8:30:e5:
         cf:46:5a:45:fc:f1:85:08:9a:07:8c:d4:5d:32:51:7d:a0:12:
         f6:a0:54:60:9a:84:f3:36:86:e7:26:d1:b8:d4:74:8f:45:95:
         ab:36:75:e8:21:1f:13:55:d7:86:5d:fe:11:85:dd:73:d6:2a:
         16:7e:08:9e:2b:16:77:05:b5:34:63:aa:20:ec:d8:6a:96:8d:
         18:6d:07:44:96:ea:27:97:1b:88:e8:1d:7d:93:c8:93:d4:30:
         25:28:af:0b:e2:c1:ec:e0:b0:e0:01:eb:53:94:ef:a8:fd:69:
         44:a3:71:8b:bc:a7:fa:7a:7e:bf:80:18:9c:dd:d0:6a:8e:43:
         ce:44:59:98:39:f9:57:3e:00:ce:58:40:92:f0:35:96:d3:38:
         f7:9a:07:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY82LOU1SlJ4BKgZok/vh0bbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTgwNDExODIzYjQ4NzM3NjgzNmVkNjZhZjNmOGFhYmIy
MDExOWMwHhcNMjQwNTAxMjIwMTAyWhcNMjQwNTAyMjIwMTAyWjAzMTEwLwYDVQQD
EyhiZTlkMWUzZGFjMWJhNWQxNTVlNTM2NTYzZGIyMDM1MDk5ODVlOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJ4lJr5fRJRvHJJ/z8+G4olseh1k
J+/TlgsjeD0kiqAeNdv3B+hVIpvWljRaoouc4VD0VLbnCNxzfavLDhww/GK3QeFO
2f12K/LS2d++HY4Y5Ia0/ZFe2c4vaogd+uvGCy1bK+b6diBsjgLhnc+sPNs8hdVK
jiwr1R4ouztsjiOKi/Stqf63u7IZ03GhYv+JxxLu3BiEeil5+sXGh4d88VBaaSe9
5PmH14wCLhxcAol1P9I8Xjd1m8VoqyUSdyEPTVHNa1n6r+ovB28m/LR7LGoFd6JV
d2Iw1oaeR4XerYIQityJozZ721DcOMyvEA/tdu4QcArHrmOuQtpise94sQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL6dHj2sG6XRVeU2Vj2yA1CZhelXMB8GA1UdIwQY
MBaAFAFYBBGCO0hzdoNu1mrz+Kq7IBGcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYt
YzE4YWJlY2RkNTI0LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8wOWQ2NjctYjFjNS00NTIxLThiNWYtYzE4YWJlY2RkNTI0
LzEvQVZnRUVZSTdTSE4yZzI3V2F2UDRxcnNnRVp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATW+AAnZJ
SEj8G6ofa6SxOBbRiLUfSJq8Dfs1Vu5Q3cDUphmSZ6NgiCFJkdoUA3grl7KbJMsD
HdSoHdfXc+ylJuZn+kXumJkh/LS2+WItj6LwZ/B1EbcRQP/YyiQkTvtLFXlvDKF8
TsmJyDDlz0ZaRfzxhQiaB4zUXTJRfaAS9qBUYJqE8zaG5ybRuNR0j0WVqzZ16CEf
E1XXhl3+EYXdc9YqFn4InisWdwW1NGOqIOzYapaNGG0HRJbqJ5cbiOgdfZPIk9Qw
JSivC+LB7OCw4AHrU5TvqP1pRKNxi7yn+np+v4AYnN3Qao5DzkRZmDn5Vz4AzlhA
kvA1ltM495oHBQ==
-----END CERTIFICATE-----