Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
File:                     PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft (raw, json)
Hash identifier:          yOKcjpE5Ma/m4AteuNa5UF/0xqs+o1UT7fO7QEgMtQ8=
Subject key identifier:   CB:12:45:25:50:A3:F3:AA:FA:37:20:76:13:C3:E8:2C:36:DD:DF:6B
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       01901D468C3AA65F8F37B3B0C461DC6F4989
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
Manifest number:          0C99
Signing time:             Sat 15 Jun 2024 19:01:20 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:20 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:20 +0000
Files and hashes:         1: PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl (hash: 7Smrfb+w5PKD3j1n9LZx0EhsUM4CV3OmsMoHQYf1uKg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:01:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:8c:3a:a6:5f:8f:37:b3:b0:c4:61:dc:6f:49:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Jun 15 19:01:20 2024 GMT
            Not After : Jun 16 19:01:20 2024 GMT
        Subject: CN=cb12452550a3f3aafa37207613c3e82c36dddf6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:92:c3:9f:d6:d9:d3:85:c2:7a:d4:7f:03:fe:
                    bb:db:56:54:f1:8d:d2:21:67:fc:94:a8:5c:6a:3c:
                    f9:e3:ae:db:a1:03:fc:39:b2:1d:2a:2d:01:a3:50:
                    9e:6b:b5:3d:d8:97:41:dd:30:7e:c1:13:8b:6b:97:
                    da:56:3e:8d:d4:6b:9c:ed:bb:2a:22:06:ba:c3:b3:
                    a8:aa:33:34:e6:1b:ba:e1:a6:f4:a2:4d:28:e7:28:
                    cd:b9:48:66:56:0f:a9:da:7e:58:3b:87:d8:f8:d6:
                    77:1d:78:da:16:53:f4:14:d5:42:f2:33:e4:7e:9b:
                    02:80:c8:c8:58:a5:f2:67:fa:06:82:00:2f:89:1b:
                    db:9f:f6:79:82:0f:79:9d:b9:b9:cf:62:55:b2:96:
                    0d:51:92:c6:ff:86:5e:6c:2b:21:16:25:77:cb:24:
                    a8:db:c5:81:86:ff:c3:74:9d:df:0b:7c:ce:65:b6:
                    1d:f1:3c:03:5e:d9:5c:5a:5b:dc:84:f9:0a:69:16:
                    b6:0f:8e:a0:ca:66:f2:ea:da:16:f5:cd:61:9e:25:
                    b3:12:14:af:7d:4f:84:86:0d:75:f7:58:a4:3a:7c:
                    c2:19:04:35:c0:cd:d2:14:3d:62:31:ca:cc:64:be:
                    7c:ac:33:92:3a:be:1a:d5:e3:53:09:2a:4c:9b:7e:
                    c1:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:12:45:25:50:A3:F3:AA:FA:37:20:76:13:C3:E8:2C:36:DD:DF:6B
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:03:cc:e7:b5:ea:c5:57:eb:c1:db:69:59:60:59:37:18:03:
         2d:c4:c0:df:03:4b:cd:01:87:69:f7:cb:51:d9:35:1c:34:52:
         aa:6e:e2:eb:a6:e3:ee:00:6a:8f:c7:40:bb:f7:f7:cd:4f:cc:
         86:e7:68:3e:c2:f1:ad:55:6c:bb:3d:61:56:cb:80:4a:16:83:
         15:ed:83:1e:ec:2a:5c:aa:bd:73:d2:00:7d:2d:65:a1:b4:81:
         18:8e:44:e4:18:44:f7:37:a6:f4:0d:99:7c:3c:b6:4c:a3:1f:
         c5:9c:bd:c9:5b:94:a3:f2:36:3b:cd:65:5b:c7:4f:1e:51:c2:
         95:11:ec:24:3d:07:67:68:a3:7c:6b:08:85:d6:a3:96:d9:fa:
         79:7f:81:b7:cf:99:17:19:f2:f8:bf:3f:b4:cb:d1:c5:ae:be:
         2a:26:5d:c5:6d:b7:23:e0:f0:3c:26:db:03:67:d6:0e:20:93:
         d9:6d:ef:cb:e9:3b:65:92:2e:e6:f2:4a:b4:f2:ce:e0:22:ff:
         39:9d:56:16:cf:73:95:8e:bb:e5:a5:b7:b9:58:a1:26:a6:97:
         29:33:9e:c1:71:cc:21:d4:51:6e:46:82:be:1b:f8:a0:6c:8e:
         e4:2a:56:7d:1c:d6:ef:22:db:c8:9b:19:1d:b3:13:24:c0:e3:
         dd:43:23:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRow6pl+PN7OwxGHcb0mJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjQwNjE1MTkwMTIwWhcNMjQwNjE2MTkwMTIwWjAzMTEwLwYDVQQD
EyhjYjEyNDUyNTUwYTNmM2FhZmEzNzIwNzYxM2MzZTgyYzM2ZGRkZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZLDn9bZ04XCetR/A/6721ZU8Y3S
IWf8lKhcajz5467boQP8ObIdKi0Bo1Cea7U92JdB3TB+wROLa5faVj6N1Guc7bsq
Iga6w7OoqjM05hu64ab0ok0o5yjNuUhmVg+p2n5YO4fY+NZ3HXjaFlP0FNVC8jPk
fpsCgMjIWKXyZ/oGggAviRvbn/Z5gg95nbm5z2JVspYNUZLG/4ZebCshFiV3yySo
28WBhv/DdJ3fC3zOZbYd8TwDXtlcWlvchPkKaRa2D46gymby6toW9c1hniWzEhSv
fU+Ehg1191ikOnzCGQQ1wM3SFD1iMcrMZL58rDOSOr4a1eNTCSpMm37B3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMsSRSVQo/Oq+jcgdhPD6Cw23d9rMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAPM57Xq
xVfrwdtpWWBZNxgDLcTA3wNLzQGHaffLUdk1HDRSqm7i66bj7gBqj8dAu/f3zU/M
hudoPsLxrVVsuz1hVsuAShaDFe2DHuwqXKq9c9IAfS1lobSBGI5E5BhE9zem9A2Z
fDy2TKMfxZy9yVuUo/I2O81lW8dPHlHClRHsJD0HZ2ijfGsIhdajltn6eX+Bt8+Z
Fxny+L8/tMvRxa6+KiZdxW23I+DwPCbbA2fWDiCT2W3vy+k7ZZIu5vJKtPLO4CL/
OZ1WFs9zlY675aW3uVihJqaXKTOewXHMIdRRbkaCvhv4oGyO5CpWfRzW7yLbyJsZ
HbMTJMDj3UMjQA==
-----END CERTIFICATE-----