Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
File:                     AVkheESIrdmgVmH_EXh-x1TmBeU.mft (raw, json)
Hash identifier:          KpJ3FdYpwb2Fvgwd3y1903SjZBkoAe15qB49/3tpF2Q=
Subject key identifier:   50:F5:D0:DC:65:EA:4F:3F:BF:22:AC:4B:BA:23:21:62:57:66:6E:99
Authority key identifier: 01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5
Certificate issuer:       /CN=015921784488add9a05661ff11787ec754e605e5
Certificate serial:       018F3A0C70C5173450C0650E7D94A0D3A388
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
Manifest number:          114D
Signing time:             Thu 02 May 2024 16:04:04 +0000
Manifest this update:     Thu 02 May 2024 16:04:04 +0000
Manifest next update:     Fri 03 May 2024 16:04:04 +0000
Files and hashes:         1: AVkheESIrdmgVmH_EXh-x1TmBeU.crl (hash: GH54a0znFyACnrr1jbnhEWnyuaKbaAhwoGjrlLMUsGQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 16:04:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3a:0c:70:c5:17:34:50:c0:65:0e:7d:94:a0:d3:a3:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=015921784488add9a05661ff11787ec754e605e5
        Validity
            Not Before: May  2 16:04:04 2024 GMT
            Not After : May  3 16:04:04 2024 GMT
        Subject: CN=50f5d0dc65ea4f3fbf22ac4bba23216257666e99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:63:ee:f5:0c:b4:23:ee:55:35:04:a5:e2:11:
                    76:76:4c:65:fc:da:bf:20:8b:61:15:bf:92:08:79:
                    ec:6b:67:ac:f7:ab:4a:b7:a1:fe:a6:1e:d6:8b:f4:
                    1a:af:d7:16:91:8f:6a:29:2d:4d:25:bf:df:1e:c2:
                    09:9b:db:3f:aa:1d:ff:d3:2c:31:12:9c:0e:e8:ad:
                    ba:b6:25:83:91:c7:47:d8:5d:78:ad:f3:66:96:27:
                    08:87:1e:72:cb:96:d8:1a:55:79:a8:b5:73:f4:e4:
                    2e:ec:a5:3b:c3:e5:21:8e:32:2f:dc:29:7b:0e:f8:
                    65:44:52:8c:a0:eb:33:24:74:7c:a9:5c:90:f1:58:
                    14:af:93:ea:6f:c8:98:aa:28:8a:1f:aa:b0:45:42:
                    cc:b6:45:f0:c4:4d:30:2b:86:77:23:ec:7f:83:32:
                    77:e6:d7:9a:31:15:d9:a1:bd:69:a7:fd:78:c4:09:
                    e6:4b:3f:69:ae:cc:3a:68:f4:44:c5:a7:e4:ef:e5:
                    8e:cf:e8:ec:40:62:da:f8:ba:da:d5:ea:e1:cb:f7:
                    8a:16:fa:a7:82:77:cc:e8:8a:57:99:3b:9f:fe:1f:
                    94:d3:d8:b3:e0:3d:f6:af:ad:aa:cd:bb:cc:a5:f0:
                    9c:4e:57:bd:16:0d:5d:50:89:a8:46:7b:ef:66:67:
                    5f:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:F5:D0:DC:65:EA:4F:3F:BF:22:AC:4B:BA:23:21:62:57:66:6E:99
            X509v3 Authority Key Identifier:
                keyid:01:59:21:78:44:88:AD:D9:A0:56:61:FF:11:78:7E:C7:54:E6:05:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVkheESIrdmgVmH_EXh-x1TmBeU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/129d62-d1c8-4842-9549-8a918400f260/1/AVkheESIrdmgVmH_EXh-x1TmBeU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         59:8b:3f:b2:5b:db:be:57:76:ec:51:45:c7:91:c0:c0:5f:cc:
         d7:96:db:f1:4f:ed:5f:fe:60:4a:15:9b:f3:21:84:5b:72:41:
         9b:39:0d:cf:24:c2:5c:42:b4:e1:61:84:4b:e8:26:ef:5b:24:
         60:e2:18:00:2b:1d:d7:99:12:80:3d:a1:17:4c:7e:91:76:c2:
         62:ab:17:bc:86:7a:5b:8b:7f:21:51:15:5e:d4:fa:77:73:d3:
         4f:bb:31:1f:ec:9f:e1:62:ec:25:91:95:66:3f:a1:2e:80:cd:
         92:b3:b8:a9:f5:1c:1b:76:19:a1:91:2c:a8:bd:d6:54:2d:97:
         7b:02:71:ed:f3:81:99:bd:cd:06:94:0c:74:47:58:40:b9:ae:
         38:77:61:86:7d:3b:16:d3:13:2f:09:87:a7:84:79:85:7e:5a:
         ae:50:09:ad:e2:6d:c0:86:f3:45:41:31:c0:9a:4c:76:34:b5:
         03:d2:e5:80:f7:ed:56:65:ec:88:06:1d:71:42:6a:61:75:47:
         75:3c:23:cd:d5:af:8e:fb:36:2e:a5:8e:69:73:8b:20:b2:1b:
         6e:c6:00:fb:60:f1:39:b7:77:4f:d7:d4:56:66:33:0f:c3:d0:
         62:e2:aa:f5:73:f9:d2:a2:ec:62:b1:c5:51:59:5c:38:18:cf:
         58:6e:9c:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY86DHDFFzRQwGUOfZSg06OIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNTkyMTc4NDQ4OGFkZDlhMDU2NjFmZjExNzg3ZWM3NTRl
NjA1ZTUwHhcNMjQwNTAyMTYwNDA0WhcNMjQwNTAzMTYwNDA0WjAzMTEwLwYDVQQD
Eyg1MGY1ZDBkYzY1ZWE0ZjNmYmYyMmFjNGJiYTIzMjE2MjU3NjY2ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mPu9Qy0I+5VNQSl4hF2dkxl/Nq/
IIthFb+SCHnsa2es96tKt6H+ph7Wi/Qar9cWkY9qKS1NJb/fHsIJm9s/qh3/0ywx
EpwO6K26tiWDkcdH2F14rfNmlicIhx5yy5bYGlV5qLVz9OQu7KU7w+UhjjIv3Cl7
DvhlRFKMoOszJHR8qVyQ8VgUr5Pqb8iYqiiKH6qwRULMtkXwxE0wK4Z3I+x/gzJ3
5teaMRXZob1pp/14xAnmSz9prsw6aPRExafk7+WOz+jsQGLa+Lra1erhy/eKFvqn
gnfM6IpXmTuf/h+U09iz4D32r62qzbvMpfCcTle9Fg1dUImoRnvvZmdfQQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFD10Nxl6k8/vyKsS7ojIWJXZm6ZMB8GA1UdIwQY
MBaAFAFZIXhEiK3ZoFZh/xF4fsdU5gXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDkt
OGE5MTg0MDBmMjYwLzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8xMjlkNjItZDFjOC00ODQyLTk1NDktOGE5MTg0MDBmMjYw
LzEvQVZraGVFU0lyZG1nVm1IX0VYaC14MVRtQmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWYs/slvb
vld27FFFx5HAwF/M15bb8U/tX/5gShWb8yGEW3JBmzkNzyTCXEK04WGES+gm71sk
YOIYACsd15kSgD2hF0x+kXbCYqsXvIZ6W4t/IVEVXtT6d3PTT7sxH+yf4WLsJZGV
Zj+hLoDNkrO4qfUcG3YZoZEsqL3WVC2XewJx7fOBmb3NBpQMdEdYQLmuOHdhhn07
FtMTLwmHp4R5hX5arlAJreJtwIbzRUExwJpMdjS1A9LlgPftVmXsiAYdcUJqYXVH
dTwjzdWvjvs2LqWOaXOLILIbbsYA+2DxObd3T9fUVmYzD8PQYuKq9XP50qLsYrHF
UVlcOBjPWG6cjA==
-----END CERTIFICATE-----