Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
File:                     afY2pbazoordg_l0Rtewg7lMPa4.mft (raw, json)
Hash identifier:          rllAs+Dcsahoworcoz6SIpkILkDdY1m3QdUGJ5VUITw=
Subject key identifier:   6D:82:46:23:D7:0E:DC:FA:18:C2:87:AE:B9:2E:41:98:D5:B0:99:7F
Authority key identifier: 69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE
Certificate issuer:       /CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
Certificate serial:       018F87B6925057C6C1CDB48776FC578239B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
Manifest number:          0146
Signing time:             Fri 17 May 2024 18:00:40 +0000
Manifest this update:     Fri 17 May 2024 18:00:40 +0000
Manifest next update:     Sat 18 May 2024 18:00:40 +0000
Files and hashes:         1: afY2pbazoordg_l0Rtewg7lMPa4.crl (hash: Yuqx+jHQd8mmoDCNTk5sqNG6J4RLROZvGHMXw1G3wrU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:92:50:57:c6:c1:cd:b4:87:76:fc:57:82:39:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69f636a5b6b3a28add83f97446d7b083b94c3dae
        Validity
            Not Before: May 17 18:00:40 2024 GMT
            Not After : May 18 18:00:40 2024 GMT
        Subject: CN=6d824623d70edcfa18c287aeb92e4198d5b0997f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:04:8d:a5:93:59:de:bc:ce:a0:bb:b8:f8:36:
                    e2:3e:53:d2:9f:c7:9c:20:88:95:fb:31:55:cc:fe:
                    dc:a9:c2:8d:2f:87:9e:fa:e7:81:f9:08:f0:6c:3e:
                    66:46:f0:e1:0d:2b:c2:c4:0b:f9:50:97:26:53:29:
                    1c:9b:47:bb:15:ff:15:89:fe:25:81:a0:46:ec:f2:
                    4c:ba:c5:d3:e5:e8:31:59:21:74:26:ce:ab:d2:27:
                    42:95:7c:da:25:cf:54:eb:54:2e:08:59:e5:ae:88:
                    97:c0:55:58:fd:4a:01:7f:f7:3e:a3:3b:eb:8a:cf:
                    bd:8a:b5:53:f5:c8:ef:ef:b7:6b:93:f7:d9:29:c9:
                    66:48:d0:16:cc:8e:a4:18:cd:89:d3:8b:b3:0f:a6:
                    9a:bc:61:25:0d:76:1a:60:4c:12:d8:7f:53:28:42:
                    0c:af:12:fc:50:21:44:76:69:25:d2:48:22:30:cd:
                    03:56:d1:b4:2f:2f:26:36:29:18:ac:44:0f:df:28:
                    67:a4:aa:8f:59:12:49:2d:ee:ae:46:d1:04:3a:ab:
                    15:3f:dd:37:81:35:c1:df:b1:ec:e6:c1:28:4c:6c:
                    af:ae:e7:56:fb:a7:22:bf:da:c0:1d:a0:18:56:35:
                    cc:80:a6:4f:0e:9a:23:53:c0:bd:a9:6b:54:2f:46:
                    1e:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:82:46:23:D7:0E:DC:FA:18:C2:87:AE:B9:2E:41:98:D5:B0:99:7F
            X509v3 Authority Key Identifier:
                keyid:69:F6:36:A5:B6:B3:A2:8A:DD:83:F9:74:46:D7:B0:83:B9:4C:3D:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/afY2pbazoordg_l0Rtewg7lMPa4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/e99954-c00f-4014-8e71-8aee2bf89b91/1/afY2pbazoordg_l0Rtewg7lMPa4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:f0:ce:18:ac:cd:97:e0:fb:dd:57:d2:0b:78:27:95:28:8a:
         df:46:0f:b9:2b:e3:a2:4e:8d:5d:e2:11:8f:f9:9d:26:bd:61:
         bd:a0:97:8d:30:b1:f1:c0:36:75:04:ad:69:2d:ae:cb:71:b4:
         9c:43:59:0b:27:af:5a:b7:ea:9e:a1:5f:89:3f:9f:7e:d0:2d:
         52:83:9c:dc:5f:ac:61:d3:cc:43:9c:a2:c4:a6:2e:97:75:2b:
         4e:40:c8:80:3f:60:52:bd:97:ad:d1:24:a3:ab:ba:23:43:4b:
         32:c6:42:07:38:53:c0:3b:01:15:0b:c6:22:3e:9c:7f:90:2b:
         fd:7f:aa:09:cb:c0:d3:43:01:35:ca:62:db:38:07:35:7d:59:
         d4:28:a0:0a:40:19:fb:1c:23:c1:d1:26:88:9a:0d:52:bb:57:
         ff:ab:2d:a3:49:c1:95:22:30:b4:bb:4a:8d:0b:9b:cf:b5:d2:
         27:74:85:cd:25:03:47:85:99:ef:6a:e6:83:87:78:fc:21:75:
         7e:43:37:a2:a2:a2:0f:f8:9c:70:ec:80:f4:99:c0:c9:f5:50:
         81:8c:2a:d1:8d:7b:53:b6:62:9f:c7:af:1d:46:20:77:f6:60:
         38:37:7f:cd:6a:fc:1b:8c:7f:4c:78:17:15:94:b8:b4:4e:98:
         10:e3:16:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtpJQV8bBzbSHdvxXgjm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZjYzNmE1YjZiM2EyOGFkZDgzZjk3NDQ2ZDdiMDgzYjk0
YzNkYWUwHhcNMjQwNTE3MTgwMDQwWhcNMjQwNTE4MTgwMDQwWjAzMTEwLwYDVQQD
Eyg2ZDgyNDYyM2Q3MGVkY2ZhMThjMjg3YWViOTJlNDE5OGQ1YjA5OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQSNpZNZ3rzOoLu4+DbiPlPSn8ec
IIiV+zFVzP7cqcKNL4ee+ueB+QjwbD5mRvDhDSvCxAv5UJcmUykcm0e7Ff8Vif4l
gaBG7PJMusXT5egxWSF0Js6r0idClXzaJc9U61QuCFnlroiXwFVY/UoBf/c+ozvr
is+9irVT9cjv77drk/fZKclmSNAWzI6kGM2J04uzD6aavGElDXYaYEwS2H9TKEIM
rxL8UCFEdmkl0kgiMM0DVtG0Ly8mNikYrEQP3yhnpKqPWRJJLe6uRtEEOqsVP903
gTXB37Hs5sEoTGyvrudW+6civ9rAHaAYVjXMgKZPDpojU8C9qWtUL0YeMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2CRiPXDtz6GMKHrrkuQZjVsJl/MB8GA1UdIwQY
MBaAFGn2NqW2s6KK3YP5dEbXsIO5TD2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEt
OGFlZTJiZjg5YjkxLzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lOTk5NTQtYzAwZi00MDE0LThlNzEtOGFlZTJiZjg5Yjkx
LzEvYWZZMnBiYXpvb3JkZ19sMFJ0ZXdnN2xNUGE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGPDOGKzN
l+D73VfSC3gnlSiK30YPuSvjok6NXeIRj/mdJr1hvaCXjTCx8cA2dQStaS2uy3G0
nENZCyevWrfqnqFfiT+fftAtUoOc3F+sYdPMQ5yixKYul3UrTkDIgD9gUr2XrdEk
o6u6I0NLMsZCBzhTwDsBFQvGIj6cf5Ar/X+qCcvA00MBNcpi2zgHNX1Z1CigCkAZ
+xwjwdEmiJoNUrtX/6sto0nBlSIwtLtKjQubz7XSJ3SFzSUDR4WZ72rmg4d4/CF1
fkM3oqKiD/iccOyA9JnAyfVQgYwq0Y17U7Zin8evHUYgd/ZgODd/zWr8G4x/THgX
FZS4tE6YEOMWsg==
-----END CERTIFICATE-----