Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
File:                     52vcVigM5dn89QMlGKfsm2HizO0.mft (raw, json)
Hash identifier:          YJoZ0gXzmL1Fko7/J24huMBckKzCSE9aWKqzUP43/TI=
Subject key identifier:   55:F1:DC:B7:08:76:8C:D3:EB:54:FD:57:09:E6:CB:5A:21:76:6C:EC
Authority key identifier: E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED
Certificate issuer:       /CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
Certificate serial:       018F3BF841642BBDA1098201AE969AAE77F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
Manifest number:          0C1A
Signing time:             Fri 03 May 2024 01:01:16 +0000
Manifest this update:     Fri 03 May 2024 01:01:16 +0000
Manifest next update:     Sat 04 May 2024 01:01:16 +0000
Files and hashes:         1: 52vcVigM5dn89QMlGKfsm2HizO0.crl (hash: up3prhH0Qqg9bIt3fhiCOFVKOc4TDdbAJ5jV9KMY5JA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 01:01:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3b:f8:41:64:2b:bd:a1:09:82:01:ae:96:9a:ae:77:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e76bdc56280ce5d9fcf5032518a7ec9b61e2cced
        Validity
            Not Before: May  3 01:01:16 2024 GMT
            Not After : May  4 01:01:16 2024 GMT
        Subject: CN=55f1dcb708768cd3eb54fd5709e6cb5a21766cec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:5b:3f:dd:ad:08:c3:73:32:3a:88:a0:4f:23:
                    d8:2a:61:58:b4:6d:97:78:20:6b:eb:0a:72:39:85:
                    fa:53:85:8e:83:09:88:ef:61:0d:72:af:f8:99:63:
                    bf:ad:70:f3:fc:01:96:54:9e:7d:09:a9:74:a7:6c:
                    8c:33:a1:f7:dd:c8:f3:a8:e0:f3:58:1f:0d:b2:14:
                    e8:4d:d9:17:b4:46:d2:f1:74:5f:8f:4e:a9:8c:15:
                    d6:18:b9:cb:c0:cd:bf:d6:69:07:e2:db:26:46:70:
                    f7:fd:db:16:a6:2e:57:ad:e2:13:2c:14:51:c2:13:
                    c8:5b:b4:51:a6:a9:7b:d8:a9:42:39:d7:89:77:34:
                    1d:37:b4:d4:53:c6:ef:8c:6c:fd:64:bb:22:56:a4:
                    b1:86:8e:b4:a3:d3:8a:e3:64:1f:60:35:fa:c0:eb:
                    7a:48:29:69:ce:6c:86:d7:36:18:b1:2d:7e:1f:72:
                    31:38:b7:29:44:97:23:8d:73:c5:5d:80:6f:dd:29:
                    cb:44:e9:41:2a:e4:49:98:2e:cb:1c:f5:7b:d5:84:
                    ff:55:32:9f:7c:01:2a:fe:81:0c:bc:ae:e5:2a:15:
                    f4:05:05:e0:7b:86:16:b5:d2:83:aa:8f:64:71:34:
                    0b:e9:f0:8a:48:7f:75:26:35:15:fc:b2:1f:68:c5:
                    a0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F1:DC:B7:08:76:8C:D3:EB:54:FD:57:09:E6:CB:5A:21:76:6C:EC
            X509v3 Authority Key Identifier:
                keyid:E7:6B:DC:56:28:0C:E5:D9:FC:F5:03:25:18:A7:EC:9B:61:E2:CC:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52vcVigM5dn89QMlGKfsm2HizO0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/3ddd6a-3025-4196-84c2-f1c24a8139db/1/52vcVigM5dn89QMlGKfsm2HizO0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         45:ec:76:23:93:a5:70:d4:11:a8:24:0d:3f:a1:15:9e:3a:91:
         4f:40:49:86:29:58:ba:d5:5e:1c:5a:bc:29:dd:7c:b4:39:88:
         fa:1c:9f:80:de:ff:b1:da:7d:56:cb:c9:b7:8a:d1:e1:87:47:
         a5:59:7b:6a:82:33:ee:80:7b:ed:ce:60:38:b7:14:6f:9a:14:
         a8:7e:76:6a:43:af:82:b3:4b:5f:2c:8a:43:b5:e1:54:7a:74:
         72:71:5c:78:cc:bf:6b:96:50:df:10:2c:43:16:a2:92:32:02:
         5c:3b:a1:87:58:f6:94:0b:1c:ca:f5:58:01:6a:45:6b:2a:13:
         18:94:cb:2c:74:89:59:34:8e:93:9c:52:b9:ec:72:76:b2:d1:
         fb:6d:bb:5c:cc:46:9e:88:12:24:64:5e:dd:90:d6:46:be:aa:
         d6:e6:8b:39:e2:93:be:f7:ea:ca:16:09:1a:3d:e8:0b:e3:bc:
         81:e5:c3:2f:87:07:73:38:60:54:2b:47:08:a1:d5:73:7b:5a:
         fa:4f:82:70:60:d2:74:e7:26:2d:a2:09:25:a7:f6:f8:ed:38:
         3a:99:68:af:73:cc:b1:9f:9c:04:b7:92:00:ab:74:71:b2:b6:
         9d:59:e5:56:6b:ef:08:55:c2:a7:41:e7:0d:b5:4f:d5:ee:70:
         e4:05:d8:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY87+EFkK72hCYIBrpaarnfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmJkYzU2MjgwY2U1ZDlmY2Y1MDMyNTE4YTdlYzliNjFl
MmNjZWQwHhcNMjQwNTAzMDEwMTE2WhcNMjQwNTA0MDEwMTE2WjAzMTEwLwYDVQQD
Eyg1NWYxZGNiNzA4NzY4Y2QzZWI1NGZkNTcwOWU2Y2I1YTIxNzY2Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmls/3a0Iw3MyOoigTyPYKmFYtG2X
eCBr6wpyOYX6U4WOgwmI72ENcq/4mWO/rXDz/AGWVJ59Cal0p2yMM6H33cjzqODz
WB8NshToTdkXtEbS8XRfj06pjBXWGLnLwM2/1mkH4tsmRnD3/dsWpi5XreITLBRR
whPIW7RRpql72KlCOdeJdzQdN7TUU8bvjGz9ZLsiVqSxho60o9OK42QfYDX6wOt6
SClpzmyG1zYYsS1+H3IxOLcpRJcjjXPFXYBv3SnLROlBKuRJmC7LHPV71YT/VTKf
fAEq/oEMvK7lKhX0BQXge4YWtdKDqo9kcTQL6fCKSH91JjUV/LIfaMWguwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFXx3LcIdozT61T9Vwnmy1ohdmzsMB8GA1UdIwQY
MBaAFOdr3FYoDOXZ/PUDJRin7Jth4sztMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzIt
ZjFjMjRhODEzOWRiLzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8zZGRkNmEtMzAyNS00MTk2LTg0YzItZjFjMjRhODEzOWRi
LzEvNTJ2Y1ZpZ001ZG44OVFNbEdLZnNtMkhpek8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARex2I5Ol
cNQRqCQNP6EVnjqRT0BJhilYutVeHFq8Kd18tDmI+hyfgN7/sdp9VsvJt4rR4YdH
pVl7aoIz7oB77c5gOLcUb5oUqH52akOvgrNLXyyKQ7XhVHp0cnFceMy/a5ZQ3xAs
QxaikjICXDuhh1j2lAscyvVYAWpFayoTGJTLLHSJWTSOk5xSuexydrLR+227XMxG
nogSJGRe3ZDWRr6q1uaLOeKTvvfqyhYJGj3oC+O8geXDL4cHczhgVCtHCKHVc3ta
+k+CcGDSdOcmLaIJJaf2+O04Oplor3PMsZ+cBLeSAKt0cbK2nVnlVmvvCFXCp0Hn
DbVP1e5w5AXYCg==
-----END CERTIFICATE-----