Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
File:                     1OXVJHHqh0idSKBiCEem1VbxY9s.mft (raw, json)
Hash identifier:          zUL72MKv+0EB6Fssl9zGZNJYdVehN1UTW4UVEXyggTo=
Subject key identifier:   54:71:3E:5D:29:4E:96:6B:35:01:07:59:B8:C1:09:97:BF:AB:E5:27
Authority key identifier: D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB
Certificate issuer:       /CN=d4e5d52471ea87489d48a0620847a6d556f163db
Certificate serial:       018F3B53B797D006E21D27606AA65AF5A511
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
Manifest number:          10DF
Signing time:             Thu 02 May 2024 22:01:33 +0000
Manifest this update:     Thu 02 May 2024 22:01:33 +0000
Manifest next update:     Fri 03 May 2024 22:01:33 +0000
Files and hashes:         1: 1OXVJHHqh0idSKBiCEem1VbxY9s.crl (hash: VetJmdBm0GtV8vjNdVQ8+rXgbW9tkmfxLKfSDXM5Ih4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:59:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3b:53:b7:97:d0:06:e2:1d:27:60:6a:a6:5a:f5:a5:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4e5d52471ea87489d48a0620847a6d556f163db
        Validity
            Not Before: May  2 22:01:33 2024 GMT
            Not After : May  3 22:01:33 2024 GMT
        Subject: CN=54713e5d294e966b35010759b8c10997bfabe527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:cd:7d:11:0d:46:cf:d4:49:a8:03:79:b7:47:
                    dc:41:35:de:59:7d:b1:d6:34:90:a6:70:f4:d9:8e:
                    12:c4:3f:04:b8:a7:29:d1:72:93:21:c8:b1:dc:7e:
                    fd:27:34:e4:d3:90:07:b3:86:6e:98:cb:eb:c6:cd:
                    04:fa:df:9b:e1:dc:9e:52:eb:39:8c:c5:88:17:28:
                    8d:f7:dc:f8:e6:21:2b:87:e0:66:66:c6:f7:39:63:
                    b7:ee:2e:84:51:3c:99:4b:13:b6:90:49:e8:89:4d:
                    3e:9d:48:e1:2e:b3:68:97:cc:f9:65:27:61:45:5c:
                    96:a3:2c:5f:1c:62:56:4a:e8:28:08:90:f5:47:55:
                    6c:7a:3b:47:c5:00:c0:61:9b:dd:6c:1a:f2:5e:ee:
                    7d:dd:97:34:22:d6:21:e4:81:e6:91:3e:9d:f1:7e:
                    7c:86:98:7d:8d:34:9e:85:4b:a2:f3:d8:51:17:9a:
                    44:63:fc:1c:4d:bb:d2:7d:61:58:29:40:8b:d3:9a:
                    8d:cf:06:ce:88:c4:96:ca:77:89:1c:76:a2:14:b2:
                    ab:8b:9d:ce:24:6b:16:86:d7:50:22:dc:5a:f6:30:
                    b7:cc:c9:55:ee:f5:07:b5:ee:c7:3b:fe:dc:4c:92:
                    4e:0f:25:ea:41:04:a4:75:d0:08:fc:9d:c9:cd:2d:
                    b7:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:71:3E:5D:29:4E:96:6B:35:01:07:59:B8:C1:09:97:BF:AB:E5:27
            X509v3 Authority Key Identifier:
                keyid:D4:E5:D5:24:71:EA:87:48:9D:48:A0:62:08:47:A6:D5:56:F1:63:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OXVJHHqh0idSKBiCEem1VbxY9s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/d808d8-03ed-44c4-9b1c-0182cb02c800/1/1OXVJHHqh0idSKBiCEem1VbxY9s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         01:27:0b:ed:9e:2c:b6:82:a2:42:c7:9b:1e:c1:7b:f1:98:82:
         12:fb:29:a9:44:eb:88:c3:c8:6e:c3:27:28:77:9a:0c:0c:63:
         96:2a:02:51:fb:d2:d9:07:0b:4e:38:4a:8b:c7:d2:f7:b7:ec:
         25:5c:14:1f:0d:72:87:31:fd:85:66:e9:3e:17:d3:05:7c:0d:
         6d:e4:dc:86:10:fc:d9:23:3b:e7:29:f8:33:a2:9d:3b:cf:85:
         39:87:e0:62:a7:40:b2:5b:88:f2:c8:a7:92:17:19:aa:85:ea:
         27:59:28:a5:a5:89:f7:e5:2e:98:d8:7f:72:9c:33:f9:56:9b:
         44:a4:ee:dd:b9:45:3c:f2:7c:58:c8:2e:31:1d:3f:4d:a2:49:
         d4:ec:58:c8:38:ac:2d:d6:05:c4:cd:2a:2c:49:b8:59:21:d7:
         2a:e9:a6:e9:41:d2:4c:66:84:ff:e1:19:56:1f:aa:f4:c2:89:
         04:71:6a:67:13:41:4a:03:a0:1a:2d:16:88:7e:85:f9:fb:ed:
         72:d9:b8:88:8b:65:8c:19:2a:1f:f6:ba:8f:17:59:ad:d4:7c:
         1b:4f:49:1b:81:dd:3e:0f:9f:9c:a9:b3:1f:09:83:30:55:af:
         28:0f:19:7c:39:6e:ba:04:98:59:8d:2d:5b:0e:85:92:36:cf:
         27:e1:c5:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY87U7eX0AbiHSdgaqZa9aURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZTVkNTI0NzFlYTg3NDg5ZDQ4YTA2MjA4NDdhNmQ1NTZm
MTYzZGIwHhcNMjQwNTAyMjIwMTMzWhcNMjQwNTAzMjIwMTMzWjAzMTEwLwYDVQQD
Eyg1NDcxM2U1ZDI5NGU5NjZiMzUwMTA3NTliOGMxMDk5N2JmYWJlNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM19EQ1Gz9RJqAN5t0fcQTXeWX2x
1jSQpnD02Y4SxD8EuKcp0XKTIcix3H79JzTk05AHs4ZumMvrxs0E+t+b4dyeUus5
jMWIFyiN99z45iErh+BmZsb3OWO37i6EUTyZSxO2kEnoiU0+nUjhLrNol8z5ZSdh
RVyWoyxfHGJWSugoCJD1R1VsejtHxQDAYZvdbBryXu593Zc0ItYh5IHmkT6d8X58
hph9jTSehUui89hRF5pEY/wcTbvSfWFYKUCL05qNzwbOiMSWyneJHHaiFLKri53O
JGsWhtdQItxa9jC3zMlV7vUHte7HO/7cTJJODyXqQQSkddAI/J3JzS233QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRxPl0pTpZrNQEHWbjBCZe/q+UnMB8GA1UdIwQY
MBaAFNTl1SRx6odInUigYghHptVW8WPbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMt
MDE4MmNiMDJjODAwLzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kODA4ZDgtMDNlZC00NGM0LTliMWMtMDE4MmNiMDJjODAw
LzEvMU9YVkpISHFoMGlkU0tCaUNFZW0xVmJ4WTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAScL7Z4s
toKiQsebHsF78ZiCEvspqUTriMPIbsMnKHeaDAxjlioCUfvS2QcLTjhKi8fS97fs
JVwUHw1yhzH9hWbpPhfTBXwNbeTchhD82SM75yn4M6KdO8+FOYfgYqdAsluI8sin
khcZqoXqJ1kopaWJ9+UumNh/cpwz+VabRKTu3blFPPJ8WMguMR0/TaJJ1OxYyDis
LdYFxM0qLEm4WSHXKumm6UHSTGaE/+EZVh+q9MKJBHFqZxNBSgOgGi0WiH6F+fvt
ctm4iItljBkqH/a6jxdZrdR8G09JG4HdPg+fnKmzHwmDMFWvKA8ZfDluugSYWY0t
Ww6FkjbPJ+HFag==
-----END CERTIFICATE-----