Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
File:                     9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft (raw, json)
Hash identifier:          CZHeg52sbp4+sLBTAO4AkHd0VT1ApISA7llfYSaNDIs=
Subject key identifier:   7F:0A:7A:C9:D4:8F:F1:BF:66:9A:E4:60:D0:C5:C7:92:95:2A:68:1D
Authority key identifier: F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE
Certificate issuer:       /CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
Certificate serial:       018F2538C61F9C721621DA92975884DC7DB8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
Manifest number:          10D1
Signing time:             Sun 28 Apr 2024 15:00:28 +0000
Manifest this update:     Sun 28 Apr 2024 15:00:28 +0000
Manifest next update:     Mon 29 Apr 2024 15:00:28 +0000
Files and hashes:         1: 9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl (hash: y4zTc54LNkqMM4rwppTY7mdtx0Q1qGtB3THcv1PRPbA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 29 Apr 2024 12:48:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:25:38:c6:1f:9c:72:16:21:da:92:97:58:84:dc:7d:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f656fa18b119c3a49cbbcc56a60457439a4492ce
        Validity
            Not Before: Apr 28 15:00:28 2024 GMT
            Not After : Apr 29 15:00:28 2024 GMT
        Subject: CN=7f0a7ac9d48ff1bf669ae460d0c5c792952a681d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:ef:ec:d8:a9:48:c2:1b:91:07:00:85:c4:bf:
                    a6:f2:71:42:47:9c:c7:9e:dd:7d:51:8d:43:51:6d:
                    5e:31:4b:31:eb:07:72:97:1f:c1:65:e5:ed:a2:bf:
                    a9:3a:8f:9f:96:5c:73:e5:5b:d1:c0:27:1d:87:83:
                    f3:46:41:3f:04:b4:df:8c:8f:f8:3d:24:ed:e4:30:
                    45:e2:6d:8a:b9:58:be:25:5f:b3:72:c1:24:fa:fb:
                    84:ec:58:d3:6f:05:a9:2f:25:66:27:ea:a8:25:1d:
                    c4:c2:81:dc:0b:85:5a:cb:da:ea:bd:41:4f:6e:b0:
                    8e:41:b3:43:86:bd:2d:2d:c0:94:21:a3:42:56:c0:
                    f2:e2:ed:14:2b:43:0a:cb:f9:28:5d:8a:28:54:ad:
                    45:ae:d3:4b:86:62:80:64:b9:34:0a:29:81:7f:7f:
                    39:72:c9:be:e3:84:63:a0:ba:5d:d1:2f:05:b8:19:
                    31:d8:19:8d:f7:3d:b0:af:24:21:0d:9b:e4:7b:11:
                    b0:82:8d:5a:a4:c2:33:f9:e6:2b:58:8c:25:0d:89:
                    e6:ec:46:cf:e8:1c:61:64:e5:70:29:2d:28:23:66:
                    e5:59:7d:64:4e:20:4f:db:cb:c5:47:16:0b:60:2a:
                    0a:e8:3a:68:26:27:f9:03:51:85:a1:de:8c:0a:f3:
                    cf:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:0A:7A:C9:D4:8F:F1:BF:66:9A:E4:60:D0:C5:C7:92:95:2A:68:1D
            X509v3 Authority Key Identifier:
                keyid:F6:56:FA:18:B1:19:C3:A4:9C:BB:CC:56:A6:04:57:43:9A:44:92:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9lb6GLEZw6Scu8xWpgRXQ5pEks4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/f2d3a2-b14a-411a-8629-c920f1646c9c/1/9lb6GLEZw6Scu8xWpgRXQ5pEks4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:68:c8:22:be:56:a9:97:3f:d0:c1:f6:17:9b:a4:c3:2c:5c:
         99:1c:90:a1:00:27:4a:c8:25:11:8c:f2:69:92:3b:5b:0c:e5:
         2c:69:62:f4:19:fc:d8:d0:56:ef:6f:fb:e9:69:88:ad:df:b4:
         c3:07:3e:55:c9:71:d7:97:64:f1:d2:8f:99:63:f3:b2:08:c0:
         4f:d1:77:6e:72:3e:3d:4e:d4:9c:25:f9:eb:79:fb:20:1e:37:
         da:f7:46:82:56:51:27:46:81:4d:0e:d9:dc:5d:0e:5e:99:13:
         60:fc:03:08:52:7c:9f:d1:bd:a9:95:19:ff:37:d9:f3:3a:0c:
         9f:70:8a:ad:60:10:ba:81:4c:f5:4f:df:d0:df:c6:2e:57:6e:
         21:f4:e6:84:5b:4b:eb:92:70:8a:61:3f:a1:c8:87:ed:99:18:
         cc:c8:04:66:f1:1c:9b:88:f2:65:1c:9b:07:90:8a:90:7e:3d:
         ab:8e:24:1b:84:a0:53:b2:40:61:ab:af:e8:d2:b4:5a:f4:97:
         22:25:1c:72:e9:e3:88:91:69:b6:bd:9e:66:f0:1e:84:7c:e5:
         eb:77:b1:10:71:68:7a:1c:18:22:5a:af:7d:0e:10:f0:cf:30:
         26:c8:db:05:09:22:06:c6:6a:ff:4c:b6:a0:f1:7b:39:dd:60:
         1f:20:2c:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8lOMYfnHIWIdqSl1iE3H24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2NTZmYTE4YjExOWMzYTQ5Y2JiY2M1NmE2MDQ1NzQzOWE0
NDkyY2UwHhcNMjQwNDI4MTUwMDI4WhcNMjQwNDI5MTUwMDI4WjAzMTEwLwYDVQQD
Eyg3ZjBhN2FjOWQ0OGZmMWJmNjY5YWU0NjBkMGM1Yzc5Mjk1MmE2ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5e/s2KlIwhuRBwCFxL+m8nFCR5zH
nt19UY1DUW1eMUsx6wdylx/BZeXtor+pOo+fllxz5VvRwCcdh4PzRkE/BLTfjI/4
PSTt5DBF4m2KuVi+JV+zcsEk+vuE7FjTbwWpLyVmJ+qoJR3EwoHcC4Vay9rqvUFP
brCOQbNDhr0tLcCUIaNCVsDy4u0UK0MKy/koXYooVK1FrtNLhmKAZLk0CimBf385
csm+44RjoLpd0S8FuBkx2BmN9z2wryQhDZvkexGwgo1apMIz+eYrWIwlDYnm7EbP
6BxhZOVwKS0oI2blWX1kTiBP28vFRxYLYCoK6DpoJif5A1GFod6MCvPPSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8KesnUj/G/ZprkYNDFx5KVKmgdMB8GA1UdIwQY
MBaAFPZW+hixGcOknLvMVqYEV0OaRJLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2Mjkt
YzkyMGYxNjQ2YzljLzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9mMmQzYTItYjE0YS00MTFhLTg2MjktYzkyMGYxNjQ2Yzlj
LzEvOWxiNkdMRVp3NlNjdTh4V3BnUlhRNXBFa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAmjIIr5W
qZc/0MH2F5ukwyxcmRyQoQAnSsglEYzyaZI7WwzlLGli9Bn82NBW72/76WmIrd+0
wwc+Vclx15dk8dKPmWPzsgjAT9F3bnI+PU7UnCX563n7IB432vdGglZRJ0aBTQ7Z
3F0OXpkTYPwDCFJ8n9G9qZUZ/zfZ8zoMn3CKrWAQuoFM9U/f0N/GLlduIfTmhFtL
65JwimE/ociH7ZkYzMgEZvEcm4jyZRybB5CKkH49q44kG4SgU7JAYauv6NK0WvSX
IiUccunjiJFptr2eZvAehHzl63exEHFoehwYIlqvfQ4Q8M8wJsjbBQkiBsZq/0y2
oPF7Od1gHyAsmg==
-----END CERTIFICATE-----