Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
File:                     bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft (raw, json)
Hash identifier:          6s0CSZcABAn3byAOZeenE3PJmcwqXbBA7hMHmI1geR8=
Subject key identifier:   CC:E3:1E:85:8D:C5:D0:65:98:61:1F:7F:33:56:45:50:02:91:A0:25
Authority key identifier: 6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C
Certificate issuer:       /CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
Certificate serial:       0191FAB508401B63AE0D98F20E7187092CF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
Manifest number:          DC
Signing time:             Mon 16 Sep 2024 12:00:53 +0000
Manifest this update:     Mon 16 Sep 2024 12:00:53 +0000
Manifest next update:     Tue 17 Sep 2024 12:00:53 +0000
Files and hashes:         1: bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl (hash: GCiKKEL7lSehK1qt+pCLIgAMQuxeE+fvU9TMY6flkIQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 12:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:b5:08:40:1b:63:ae:0d:98:f2:0e:71:87:09:2c:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c70d6eec2b5605f8b1be6ce84395f246c42df1c
        Validity
            Not Before: Sep 16 12:00:53 2024 GMT
            Not After : Sep 17 12:00:53 2024 GMT
        Subject: CN=cce31e858dc5d06598611f7f335645500291a025
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:da:e9:07:6c:10:64:6b:ce:29:b4:85:80:16:
                    a8:83:3d:66:b1:01:63:98:b2:44:12:9c:8d:aa:b0:
                    57:df:ad:7c:40:5f:24:a6:c6:ab:0e:82:01:77:58:
                    be:cc:7e:8a:06:a1:22:89:9a:46:53:da:40:1f:c7:
                    d4:1b:74:bd:de:d2:f0:92:f1:2f:4a:96:88:e4:be:
                    24:83:08:ea:e5:ce:b3:50:9b:7b:7e:98:76:1e:a8:
                    ad:b1:72:8c:59:6a:b3:5e:21:03:b7:ea:2c:8d:67:
                    97:52:e2:41:00:14:61:31:fc:3e:11:49:b5:f6:e3:
                    e2:89:f9:4a:97:51:5f:f3:d7:00:1a:54:a2:11:9f:
                    c7:5b:cc:85:db:e0:24:e0:c1:51:c9:3c:99:a2:5f:
                    b0:1c:7f:b4:2a:cd:f2:2c:27:aa:57:ba:b1:7c:a5:
                    5e:a4:a0:ff:dd:dd:7a:70:b3:34:3b:fa:97:91:0c:
                    65:f0:7d:7b:48:35:d8:38:f0:71:00:9f:4b:5e:5b:
                    12:86:63:45:27:ea:11:96:ec:a4:8c:fe:01:7c:7a:
                    51:98:2b:de:e0:03:09:9b:7e:3b:90:e8:1e:29:1c:
                    c4:2a:82:a0:bf:69:45:38:a3:7e:25:3f:89:81:d0:
                    3e:f2:22:a6:10:c4:b3:fe:16:8b:70:1f:d7:6f:cf:
                    29:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:E3:1E:85:8D:C5:D0:65:98:61:1F:7F:33:56:45:50:02:91:A0:25
            X509v3 Authority Key Identifier:
                keyid:6C:70:D6:EE:C2:B5:60:5F:8B:1B:E6:CE:84:39:5F:24:6C:42:DF:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bHDW7sK1YF-LG-bOhDlfJGxC3xw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/119c70-3950-4636-8395-2fc486015564/1/bHDW7sK1YF-LG-bOhDlfJGxC3xw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d6:ea:e0:93:13:fa:8a:6b:86:29:20:6d:29:2e:bb:49:e3:55:
         f8:89:ed:c2:70:78:72:69:68:29:54:ae:de:dc:c6:24:97:bf:
         ec:9b:41:76:67:d7:28:3b:73:4e:60:c8:76:bf:5f:05:4d:14:
         1b:e9:f9:40:cd:fd:a9:d3:8b:e0:18:c9:94:fb:43:9e:05:07:
         33:3e:2d:b4:a3:67:a8:3f:f3:36:8d:c5:a0:56:58:8f:07:70:
         c1:02:07:01:f5:33:e3:06:8b:e7:9c:59:81:af:04:4c:b2:24:
         ec:5a:12:89:74:42:74:91:8b:48:e8:6e:10:d6:ee:ad:dd:b0:
         c7:22:69:50:8e:02:5c:63:1f:43:a9:6c:c2:3e:05:a2:52:49:
         43:32:e9:bd:97:97:41:79:e5:55:fc:61:06:36:55:62:13:e7:
         7e:45:82:5b:2d:21:73:03:86:bb:ba:3b:6a:32:47:e7:53:9e:
         86:aa:67:20:9a:b5:70:2c:bb:5e:c4:02:00:0b:ec:b9:42:05:
         4c:bf:cd:6a:90:a2:68:36:c1:38:86:d1:7d:67:1e:f2:3c:8f:
         2f:03:b2:bf:c0:d6:c3:36:fd:5f:5e:b1:da:f9:07:14:c0:4e:
         93:3d:ab:1a:82:5c:1a:5e:33:7a:b0:a2:44:fd:d7:c0:e2:10:
         f0:55:a8:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6tQhAG2OuDZjyDnGHCSz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNzBkNmVlYzJiNTYwNWY4YjFiZTZjZTg0Mzk1ZjI0NmM0
MmRmMWMwHhcNMjQwOTE2MTIwMDUzWhcNMjQwOTE3MTIwMDUzWjAzMTEwLwYDVQQD
EyhjY2UzMWU4NThkYzVkMDY1OTg2MTFmN2YzMzU2NDU1MDAyOTFhMDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNrpB2wQZGvOKbSFgBaogz1msQFj
mLJEEpyNqrBX3618QF8kpsarDoIBd1i+zH6KBqEiiZpGU9pAH8fUG3S93tLwkvEv
SpaI5L4kgwjq5c6zUJt7fph2HqitsXKMWWqzXiEDt+osjWeXUuJBABRhMfw+EUm1
9uPiiflKl1Ff89cAGlSiEZ/HW8yF2+Ak4MFRyTyZol+wHH+0Ks3yLCeqV7qxfKVe
pKD/3d16cLM0O/qXkQxl8H17SDXYOPBxAJ9LXlsShmNFJ+oRluykjP4BfHpRmCve
4AMJm347kOgeKRzEKoKgv2lFOKN+JT+JgdA+8iKmEMSz/haLcB/Xb88pSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMzjHoWNxdBlmGEffzNWRVACkaAlMB8GA1UdIwQY
MBaAFGxw1u7CtWBfixvmzoQ5XyRsQt8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUt
MmZjNDg2MDE1NTY0LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi8xMTljNzAtMzk1MC00NjM2LTgzOTUtMmZjNDg2MDE1NTY0
LzEvYkhEVzdzSzFZRi1MRy1iT2hEbGZKR3hDM3h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1urgkxP6
imuGKSBtKS67SeNV+IntwnB4cmloKVSu3tzGJJe/7JtBdmfXKDtzTmDIdr9fBU0U
G+n5QM39qdOL4BjJlPtDngUHMz4ttKNnqD/zNo3FoFZYjwdwwQIHAfUz4waL55xZ
ga8ETLIk7FoSiXRCdJGLSOhuENburd2wxyJpUI4CXGMfQ6lswj4FolJJQzLpvZeX
QXnlVfxhBjZVYhPnfkWCWy0hcwOGu7o7ajJH51OehqpnIJq1cCy7XsQCAAvsuUIF
TL/NapCiaDbBOIbRfWce8jyPLwOyv8DWwzb9X16x2vkHFMBOkz2rGoJcGl4zerCi
RP3XwOIQ8FWoXg==
-----END CERTIFICATE-----