Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
File:                     FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft (raw, json)
Hash identifier:          Ua7IW4T4E1MlOvu00newdxOkB8nDqTU5rrtfQh+Eoj0=
Subject key identifier:   9B:78:AF:9B:8A:A4:20:49:E2:6C:92:55:BD:4C:B9:F7:2D:34:7C:5D
Authority key identifier: 16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08
Certificate issuer:       /CN=16536fc756a5864aaa2c1e77bb764248dabe2608
Certificate serial:       018F991791716134E9658D3BAFC7580BFA95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
Manifest number:          01D3
Signing time:             Tue 21 May 2024 03:00:09 +0000
Manifest this update:     Tue 21 May 2024 03:00:09 +0000
Manifest next update:     Wed 22 May 2024 03:00:09 +0000
Files and hashes:         1: FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl (hash: /vg2NCNmECCixOSjZKFbvj6YUjK/7KLqOczsQv6NlvE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 May 2024 02:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:99:17:91:71:61:34:e9:65:8d:3b:af:c7:58:0b:fa:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16536fc756a5864aaa2c1e77bb764248dabe2608
        Validity
            Not Before: May 21 03:00:09 2024 GMT
            Not After : May 22 03:00:09 2024 GMT
        Subject: CN=9b78af9b8aa42049e26c9255bd4cb9f72d347c5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:41:e4:84:d8:37:d6:63:d1:46:ba:25:b6:43:
                    f6:3b:eb:e9:96:9e:9e:69:2d:d7:41:f7:8d:83:e6:
                    ae:c2:47:83:35:a6:3b:8e:2b:a6:a8:b1:bd:0e:2c:
                    b0:c1:95:58:8d:18:9c:d5:df:bb:28:ee:84:94:e4:
                    86:98:9e:5e:0c:81:f0:88:c6:a1:f3:11:b3:50:20:
                    bf:68:40:02:90:db:a6:84:2b:64:da:34:75:a5:af:
                    69:67:69:df:dd:f7:45:c3:80:de:c9:e4:77:2b:28:
                    4d:c6:39:94:75:57:ae:6e:89:00:db:30:37:d7:2d:
                    01:e9:bd:55:b3:3f:1b:ee:e0:bf:68:99:7a:12:33:
                    f2:0a:c4:32:c5:83:e9:76:91:22:f8:27:47:81:e7:
                    18:03:12:c9:87:41:51:6c:8d:3e:86:e5:46:a3:ee:
                    df:cc:06:94:3b:bd:3c:c9:4e:ec:83:47:ee:59:d2:
                    ff:df:6c:a0:e0:9a:1c:5a:c5:6b:90:4d:fc:74:4a:
                    5e:5a:74:e7:67:50:d1:7c:2f:0f:71:a5:5b:83:d0:
                    37:f3:b9:83:ef:a1:f8:5d:b3:a6:c3:40:46:75:c4:
                    60:d6:23:99:0e:50:e7:d9:fc:fa:c2:e3:83:b9:22:
                    bc:2c:9c:0c:64:6a:66:7b:54:cf:40:74:ef:37:79:
                    14:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:78:AF:9B:8A:A4:20:49:E2:6C:92:55:BD:4C:B9:F7:2D:34:7C:5D
            X509v3 Authority Key Identifier:
                keyid:16:53:6F:C7:56:A5:86:4A:AA:2C:1E:77:BB:76:42:48:DA:BE:26:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlNvx1alhkqqLB53u3ZCSNq-Jgg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a4b45-dac0-4c79-8e14-7f3eb7546102/1/FlNvx1alhkqqLB53u3ZCSNq-Jgg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         62:90:0b:b0:e6:2c:0b:78:a5:c5:47:bf:02:62:c0:fe:ad:b4:
         5d:a7:ac:3e:78:db:d9:0f:ea:78:8c:25:f9:3a:e6:81:ff:1c:
         ba:a4:40:b6:11:d8:95:46:06:73:11:e1:fb:68:40:35:98:43:
         4b:77:4e:ae:30:08:03:e8:bb:a4:5b:c1:f3:f8:d3:cf:93:66:
         0d:2d:57:ef:2a:4b:48:50:dd:30:20:5c:5b:b0:18:1c:10:53:
         8b:3a:a3:3a:bf:f2:d8:c6:8f:9b:d2:71:25:23:64:8f:9b:e8:
         5a:82:ea:c4:2d:ab:31:ce:3b:cd:c6:a5:2f:8c:17:36:10:b1:
         78:e8:ff:d1:2f:5d:db:ef:06:55:4c:e3:d0:4e:2d:1b:13:65:
         0b:b8:33:40:72:c8:29:64:8a:3b:d9:40:fd:c8:f0:69:01:d4:
         0b:28:43:b4:92:2f:8c:fd:15:45:69:22:7f:bb:5a:5b:c1:07:
         36:75:64:13:56:47:1e:9a:ce:73:e7:9c:fc:68:3c:59:ec:2d:
         7e:b6:4f:a8:1b:06:f4:01:2d:ed:ed:36:58:86:26:24:f9:ad:
         39:a3:7b:08:1c:91:0a:96:ee:67:f3:f4:aa:21:3d:f1:05:5f:
         3a:1a:d1:6b:55:7b:e0:aa:d6:91:6c:b4:3e:6a:b7:38:00:ef:
         06:4a:42:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+ZF5FxYTTpZY07r8dYC/qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTM2ZmM3NTZhNTg2NGFhYTJjMWU3N2JiNzY0MjQ4ZGFi
ZTI2MDgwHhcNMjQwNTIxMDMwMDA5WhcNMjQwNTIyMDMwMDA5WjAzMTEwLwYDVQQD
Eyg5Yjc4YWY5YjhhYTQyMDQ5ZTI2YzkyNTViZDRjYjlmNzJkMzQ3YzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEHkhNg31mPRRroltkP2O+vplp6e
aS3XQfeNg+auwkeDNaY7jiumqLG9DiywwZVYjRic1d+7KO6ElOSGmJ5eDIHwiMah
8xGzUCC/aEACkNumhCtk2jR1pa9pZ2nf3fdFw4DeyeR3KyhNxjmUdVeubokA2zA3
1y0B6b1Vsz8b7uC/aJl6EjPyCsQyxYPpdpEi+CdHgecYAxLJh0FRbI0+huVGo+7f
zAaUO708yU7sg0fuWdL/32yg4JocWsVrkE38dEpeWnTnZ1DRfC8PcaVbg9A387mD
76H4XbOmw0BGdcRg1iOZDlDn2fz6wuODuSK8LJwMZGpme1TPQHTvN3kURwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJt4r5uKpCBJ4mySVb1MufctNHxdMB8GA1UdIwQY
MBaAFBZTb8dWpYZKqiwed7t2QkjaviYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQt
N2YzZWI3NTQ2MTAyLzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTRiNDUtZGFjMC00Yzc5LThlMTQtN2YzZWI3NTQ2MTAy
LzEvRmxOdngxYWxoa3FxTEI1M3UzWkNTTnEtSmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYpALsOYs
C3ilxUe/AmLA/q20XaesPnjb2Q/qeIwl+Trmgf8cuqRAthHYlUYGcxHh+2hANZhD
S3dOrjAIA+i7pFvB8/jTz5NmDS1X7ypLSFDdMCBcW7AYHBBTizqjOr/y2MaPm9Jx
JSNkj5voWoLqxC2rMc47zcalL4wXNhCxeOj/0S9d2+8GVUzj0E4tGxNlC7gzQHLI
KWSKO9lA/cjwaQHUCyhDtJIvjP0VRWkif7taW8EHNnVkE1ZHHprOc+ec/Gg8Wewt
frZPqBsG9AEt7e02WIYmJPmtOaN7CByRCpbuZ/P0qiE98QVfOhrRa1V74KrWkWy0
Pmq3OADvBkpCgg==
-----END CERTIFICATE-----