Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
File:                     8M0rO57YMSbUXboSAD1sbjWms4A.mft (raw, json)
Hash identifier:          EnwMk4RdW9pCQVTdQ3r4YYAgnOmwL4AXOBjU71UK3lQ=
Subject key identifier:   9A:52:F9:ED:60:44:B4:EA:6B:FD:89:B3:B2:B3:1F:8F:18:76:C0:B9
Authority key identifier: F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80
Certificate issuer:       /CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
Certificate serial:       018F2049669E710EABE8002CECC6C583A248
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
Manifest number:          0E69
Signing time:             Sat 27 Apr 2024 16:00:32 +0000
Manifest this update:     Sat 27 Apr 2024 16:00:32 +0000
Manifest next update:     Sun 28 Apr 2024 16:00:32 +0000
Files and hashes:         1: 8M0rO57YMSbUXboSAD1sbjWms4A.crl (hash: 9pVzraJlpU6pSSAtbSUIIazORzvWh9AwEIr0UxI8gnU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 11:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:20:49:66:9e:71:0e:ab:e8:00:2c:ec:c6:c5:83:a2:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0cd2b3b9ed83126d45dba12003d6c6e35a6b380
        Validity
            Not Before: Apr 27 16:00:32 2024 GMT
            Not After : Apr 28 16:00:32 2024 GMT
        Subject: CN=9a52f9ed6044b4ea6bfd89b3b2b31f8f1876c0b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5a:17:df:6c:18:2d:87:bd:c8:a7:f3:1f:82:
                    a9:c5:26:e8:70:42:e5:cc:a2:f8:37:ea:7b:dd:12:
                    00:dc:a8:b5:4b:e9:e9:4c:52:51:dd:30:d2:91:75:
                    3f:b9:e6:f4:64:b3:67:4f:f0:f6:66:2d:ce:86:40:
                    7c:8b:29:4d:0b:3e:33:ec:b7:98:5b:27:10:f8:d2:
                    e1:36:ae:cc:5c:3e:e4:16:8a:17:b1:a6:a6:c2:8d:
                    d7:98:e9:ed:8a:75:d6:8a:48:ec:7d:19:3b:01:4a:
                    27:f5:3f:cb:9d:70:a3:41:57:ed:13:8c:d3:76:ca:
                    9a:cc:b3:d7:7d:f2:3e:59:f3:2a:bf:20:5b:f4:4d:
                    48:44:79:9f:fe:3f:74:90:14:cc:07:37:13:23:f0:
                    b1:a1:0f:3c:b3:94:65:8f:12:8c:f7:df:1f:41:0f:
                    7d:a5:6a:67:02:17:a9:2b:8c:8f:8b:62:74:58:5d:
                    6b:4b:f9:cd:a6:70:a5:8c:a0:4d:62:b6:3a:56:2a:
                    67:d0:6b:81:5a:9f:91:db:d9:6f:12:fb:f2:8b:2d:
                    66:c3:fe:a7:3a:50:0e:0d:8c:46:ec:9d:d7:2d:72:
                    7c:43:a1:db:ad:9b:e8:1c:ab:e5:9f:e1:b7:d5:65:
                    5d:0b:0f:a1:b9:b8:85:aa:14:61:5f:5c:c1:5a:d9:
                    6b:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:52:F9:ED:60:44:B4:EA:6B:FD:89:B3:B2:B3:1F:8F:18:76:C0:B9
            X509v3 Authority Key Identifier:
                keyid:F0:CD:2B:3B:9E:D8:31:26:D4:5D:BA:12:00:3D:6C:6E:35:A6:B3:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M0rO57YMSbUXboSAD1sbjWms4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/047982-37de-4e70-bebd-7c9e10517c25/1/8M0rO57YMSbUXboSAD1sbjWms4A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a0:d9:65:08:bf:e6:bb:99:d3:e6:62:73:7a:a0:05:2c:39:8a:
         c1:0b:9b:81:5a:82:00:54:1c:ba:4f:8e:8c:52:3d:89:fa:eb:
         bb:21:a1:c4:9a:71:86:e0:ad:99:30:00:4e:27:b5:1d:27:4e:
         5b:98:87:5b:65:59:59:cd:24:a3:71:62:fa:88:7d:45:ce:56:
         0b:94:90:79:66:78:90:e6:48:03:20:07:13:ac:8c:c6:7b:fa:
         a0:c3:bb:82:18:da:97:fc:34:7f:07:86:9d:cd:28:e5:22:c3:
         cb:6f:2e:1b:78:f6:1b:77:49:f5:a0:7a:6f:51:68:c2:4e:5e:
         2f:2b:ab:78:b4:7d:77:cb:7d:09:41:3f:30:7d:5a:2b:f4:c7:
         40:e4:02:0b:32:ef:87:96:f4:7a:5e:ae:36:c0:9d:fd:54:ab:
         51:6c:f0:30:9a:c5:97:e0:4d:5f:cf:42:64:4e:02:4e:ac:ed:
         90:02:02:21:f7:f3:e6:03:84:72:79:dd:8f:a0:a8:03:c4:d5:
         39:cf:8a:d7:cc:a4:2d:e6:bb:42:86:9d:a1:c7:88:b9:76:63:
         76:48:b6:e3:8a:dc:c1:d5:b1:46:dd:67:99:61:88:ef:26:75:
         ca:67:bf:7d:a2:52:95:61:f3:79:ea:db:5b:48:5d:ab:c5:2c:
         a8:75:42:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8gSWaecQ6r6AAs7MbFg6JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwY2QyYjNiOWVkODMxMjZkNDVkYmExMjAwM2Q2YzZlMzVh
NmIzODAwHhcNMjQwNDI3MTYwMDMyWhcNMjQwNDI4MTYwMDMyWjAzMTEwLwYDVQQD
Eyg5YTUyZjllZDYwNDRiNGVhNmJmZDg5YjNiMmIzMWY4ZjE4NzZjMGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFoX32wYLYe9yKfzH4KpxSbocELl
zKL4N+p73RIA3Ki1S+npTFJR3TDSkXU/ueb0ZLNnT/D2Zi3OhkB8iylNCz4z7LeY
WycQ+NLhNq7MXD7kFooXsaamwo3XmOntinXWikjsfRk7AUon9T/LnXCjQVftE4zT
dsqazLPXffI+WfMqvyBb9E1IRHmf/j90kBTMBzcTI/CxoQ88s5RljxKM998fQQ99
pWpnAhepK4yPi2J0WF1rS/nNpnCljKBNYrY6Vipn0GuBWp+R29lvEvvyiy1mw/6n
OlAODYxG7J3XLXJ8Q6HbrZvoHKvln+G31WVdCw+hubiFqhRhX1zBWtlrhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpS+e1gRLTqa/2Js7KzH48YdsC5MB8GA1UdIwQY
MBaAFPDNKzue2DEm1F26EgA9bG41prOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQt
N2M5ZTEwNTE3YzI1LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wNDc5ODItMzdkZS00ZTcwLWJlYmQtN2M5ZTEwNTE3YzI1
LzEvOE0wck81N1lNU2JVWGJvU0FEMXNialdtczRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoNllCL/m
u5nT5mJzeqAFLDmKwQubgVqCAFQcuk+OjFI9ifrruyGhxJpxhuCtmTAATie1HSdO
W5iHW2VZWc0ko3Fi+oh9Rc5WC5SQeWZ4kOZIAyAHE6yMxnv6oMO7ghjal/w0fweG
nc0o5SLDy28uG3j2G3dJ9aB6b1Fowk5eLyureLR9d8t9CUE/MH1aK/THQOQCCzLv
h5b0el6uNsCd/VSrUWzwMJrFl+BNX89CZE4CTqztkAICIffz5gOEcnndj6CoA8TV
Oc+K18ykLea7QoadoceIuXZjdki244rcwdWxRt1nmWGI7yZ1yme/faJSlWHzeerb
W0hdq8UsqHVCrQ==
-----END CERTIFICATE-----