Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
File:                     YsuMEjOwFrHwSBCJc9asPnYvY-0.mft (raw, json)
Hash identifier:          y7WHV2QxxATqnNKFVxjiPbKPBX8pKoD/EPsJ/BxXTrQ=
Subject key identifier:   82:65:5F:93:A2:23:C9:64:66:F2:21:04:9B:5A:2D:56:43:64:C4:C1
Authority key identifier: 62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED
Certificate issuer:       /CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
Certificate serial:       018F87B66CF3F8E84C072824BFE666BC72B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
Manifest number:          0D20
Signing time:             Fri 17 May 2024 18:00:30 +0000
Manifest this update:     Fri 17 May 2024 18:00:30 +0000
Manifest next update:     Sat 18 May 2024 18:00:30 +0000
Files and hashes:         1: YsuMEjOwFrHwSBCJc9asPnYvY-0.crl (hash: QlYbVncXOdtL4J8xuLjjHQUP4sTOfELfPOQ82hypjms=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:6c:f3:f8:e8:4c:07:28:24:bf:e6:66:bc:72:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62cb8c1233b016b1f048108973d6ac3e762f63ed
        Validity
            Not Before: May 17 18:00:30 2024 GMT
            Not After : May 18 18:00:30 2024 GMT
        Subject: CN=82655f93a223c96466f221049b5a2d564364c4c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:28:6c:1f:3b:de:91:6f:4d:46:58:c4:ce:3c:
                    25:2f:f4:e1:61:e7:f4:47:a9:5f:12:37:4c:78:1f:
                    5e:02:ee:8d:2b:9f:18:c0:5d:d6:80:d3:c3:c3:05:
                    c2:a5:2b:bc:da:0b:a5:d7:57:42:4c:53:76:9d:b9:
                    c7:c8:1c:51:0a:65:50:fa:ff:db:75:1f:74:0f:ae:
                    c9:89:53:59:b7:2c:29:0f:c9:59:00:64:35:d6:27:
                    a9:ec:9c:b9:2b:9e:65:42:27:f6:0c:af:37:c7:ac:
                    27:29:56:0c:0a:84:22:44:ba:bc:bb:12:d3:ea:33:
                    73:fe:0c:4d:90:88:7f:d8:c1:e3:38:85:42:f2:d5:
                    b0:4b:4d:54:41:8d:ae:1e:38:05:0a:95:59:65:3c:
                    fd:95:41:5e:2c:9e:48:f1:12:07:a6:d4:c2:e5:ba:
                    e7:ae:1f:40:9c:f1:50:37:65:90:77:33:e1:5f:25:
                    bd:8b:5c:81:53:27:bb:ad:c6:42:90:d3:25:dd:b2:
                    5d:39:fe:db:12:16:ff:4f:45:d7:f1:5f:11:16:cb:
                    1b:76:fb:f4:e4:2f:0e:55:15:89:80:aa:04:09:aa:
                    a5:c0:4f:cd:9b:d8:e5:3d:67:cf:4a:d7:ce:1d:11:
                    db:a3:a2:b3:e3:41:1c:dd:4f:cf:3e:30:61:f6:45:
                    dd:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:65:5F:93:A2:23:C9:64:66:F2:21:04:9B:5A:2D:56:43:64:C4:C1
            X509v3 Authority Key Identifier:
                keyid:62:CB:8C:12:33:B0:16:B1:F0:48:10:89:73:D6:AC:3E:76:2F:63:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YsuMEjOwFrHwSBCJc9asPnYvY-0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/402eea-4814-4877-8d7a-3ca2f796b596/1/YsuMEjOwFrHwSBCJc9asPnYvY-0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:bc:c1:27:0a:91:85:0f:68:e4:73:f4:73:c3:14:f7:c3:27:
         b9:af:33:76:fa:06:d4:dd:cb:1e:c0:73:8e:19:63:50:25:f2:
         62:d6:dc:0c:08:a2:50:ff:d0:c1:a6:be:aa:b4:f3:5e:6c:e4:
         fe:72:11:ef:c4:ee:8f:5e:8d:f8:e9:e4:43:d3:8b:c6:90:c3:
         30:23:b2:25:5d:62:cf:08:45:6a:21:64:c2:ab:cc:20:ab:34:
         f0:c3:c6:e5:84:a8:46:6c:f3:3e:30:a8:e4:e6:4a:c5:9f:84:
         30:0e:e0:26:42:da:2d:29:22:8b:26:1c:39:fc:b7:ae:59:a0:
         93:1a:f8:1e:96:84:98:ee:27:91:31:71:56:76:16:7d:1d:20:
         af:f5:20:1d:bd:ac:12:8c:ef:50:c0:3d:ac:d0:74:c8:d8:1c:
         ec:18:f0:a5:18:ce:10:2d:11:fa:d1:92:4c:47:5f:23:a7:28:
         b7:b4:cd:b9:dd:3f:6a:be:e5:57:d4:b8:9d:ab:2a:1d:6a:0b:
         67:26:50:4e:a8:1c:23:ee:bf:0e:e3:db:90:91:41:1d:00:df:
         04:4a:ce:9d:14:2a:4b:df:71:0f:56:92:49:f0:ae:f2:46:b2:
         cc:b0:f6:77:35:57:bf:f2:11:e6:03:20:b6:54:c6:2b:21:93:
         75:d9:23:1d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Htmzz+OhMBygkv+ZmvHKzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyY2I4YzEyMzNiMDE2YjFmMDQ4MTA4OTczZDZhYzNlNzYy
ZjYzZWQwHhcNMjQwNTE3MTgwMDMwWhcNMjQwNTE4MTgwMDMwWjAzMTEwLwYDVQQD
Eyg4MjY1NWY5M2EyMjNjOTY0NjZmMjIxMDQ5YjVhMmQ1NjQzNjRjNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvChsHzvekW9NRljEzjwlL/ThYef0
R6lfEjdMeB9eAu6NK58YwF3WgNPDwwXCpSu82gul11dCTFN2nbnHyBxRCmVQ+v/b
dR90D67JiVNZtywpD8lZAGQ11iep7Jy5K55lQif2DK83x6wnKVYMCoQiRLq8uxLT
6jNz/gxNkIh/2MHjOIVC8tWwS01UQY2uHjgFCpVZZTz9lUFeLJ5I8RIHptTC5brn
rh9AnPFQN2WQdzPhXyW9i1yBUye7rcZCkNMl3bJdOf7bEhb/T0XX8V8RFssbdvv0
5C8OVRWJgKoECaqlwE/Nm9jlPWfPStfOHRHbo6Kz40Ec3U/PPjBh9kXdgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIJlX5OiI8lkZvIhBJtaLVZDZMTBMB8GA1UdIwQY
MBaAFGLLjBIzsBax8EgQiXPWrD52L2PtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2Et
M2NhMmY3OTZiNTk2LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80MDJlZWEtNDgxNC00ODc3LThkN2EtM2NhMmY3OTZiNTk2
LzEvWXN1TUVqT3dGckh3U0JDSmM5YXNQbll2WS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqLzBJwqR
hQ9o5HP0c8MU98Mnua8zdvoG1N3LHsBzjhljUCXyYtbcDAiiUP/Qwaa+qrTzXmzk
/nIR78Tuj16N+OnkQ9OLxpDDMCOyJV1izwhFaiFkwqvMIKs08MPG5YSoRmzzPjCo
5OZKxZ+EMA7gJkLaLSkiiyYcOfy3rlmgkxr4HpaEmO4nkTFxVnYWfR0gr/UgHb2s
EozvUMA9rNB0yNgc7BjwpRjOEC0R+tGSTEdfI6cot7TNud0/ar7lV9S4nasqHWoL
ZyZQTqgcI+6/DuPbkJFBHQDfBErOnRQqS99xD1aSSfCu8kayzLD2dzVXv/IR5gMg
tlTGKyGTddkjHQ==
-----END CERTIFICATE-----