Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
File:                     PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft (raw, json)
Hash identifier:          pHPGzg5OJrpaUMZ2x/jCp4JBpfEo4k6RqDQBg6xcRXs=
Subject key identifier:   DD:1E:8F:16:34:B4:62:50:D6:0C:9C:35:D1:B9:36:7E:DD:A2:D7:6D
Authority key identifier: 3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04
Certificate issuer:       /CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
Certificate serial:       019045D415BE36B92E076D938CE5C71C4F4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
Manifest number:          0C7A
Signing time:             Sun 23 Jun 2024 16:00:45 +0000
Manifest this update:     Sun 23 Jun 2024 16:00:45 +0000
Manifest next update:     Mon 24 Jun 2024 16:00:45 +0000
Files and hashes:         1: PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl (hash: Sd4ogVzh/gxGo+NSHt2y1QAt2EHYIYmwzepvOb6Pspw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 14:49:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:45:d4:15:be:36:b9:2e:07:6d:93:8c:e5:c7:1c:4f:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
        Validity
            Not Before: Jun 23 16:00:45 2024 GMT
            Not After : Jun 24 16:00:45 2024 GMT
        Subject: CN=dd1e8f1634b46250d60c9c35d1b9367edda2d76d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:60:0f:9a:57:43:33:10:9d:0a:60:3c:62:4c:
                    80:22:2c:54:15:70:c8:4f:8f:ef:da:0a:6c:02:77:
                    5e:7b:0c:a1:18:d3:61:a8:a3:07:31:b8:71:ad:02:
                    7b:d1:79:57:cf:61:b3:1b:74:2a:ff:fa:d4:2c:bb:
                    8d:14:1b:84:c1:91:47:39:fe:d7:33:18:de:94:fe:
                    fe:01:21:bc:e1:50:d3:79:8b:c4:9e:3b:30:a1:e9:
                    ae:36:d7:1c:bf:b3:a6:22:71:24:0d:bd:26:ab:ac:
                    3a:cc:dc:b0:48:b2:83:fc:5d:73:1d:78:cc:0f:d4:
                    9e:c2:3c:1e:47:4f:8c:7e:66:ec:3b:f1:f5:2c:0d:
                    0d:82:74:f8:ac:8d:f3:a1:8b:04:88:6a:2c:38:ae:
                    75:8a:61:dc:00:8d:eb:84:3d:71:2a:6d:eb:d3:43:
                    cc:89:91:b3:4e:14:29:b1:21:d5:86:eb:aa:1e:d2:
                    70:76:ac:a7:1f:86:bd:45:44:c2:44:40:5a:de:f1:
                    da:02:00:ef:fa:ec:32:e1:bc:b7:73:94:c2:3b:6c:
                    5f:ee:6d:2f:67:37:b9:de:3c:33:a8:42:2f:75:85:
                    3d:06:6c:c8:26:05:1c:01:b2:6c:ef:4f:4b:58:2c:
                    30:da:ee:be:9b:ae:83:3e:20:e0:b6:28:42:bd:7a:
                    1a:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:1E:8F:16:34:B4:62:50:D6:0C:9C:35:D1:B9:36:7E:DD:A2:D7:6D
            X509v3 Authority Key Identifier:
                keyid:3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         20:d2:8a:1f:ae:ed:a9:87:ea:25:72:7a:9d:1e:34:45:93:61:
         8b:ef:be:5f:a1:95:49:78:c1:ec:7a:57:79:7d:14:de:03:f7:
         6d:49:e6:a2:1e:59:c5:2d:3d:4b:6e:c8:20:4d:73:c1:a4:9a:
         b2:2a:3b:02:46:bf:33:66:9a:82:a9:04:8c:82:4e:b6:7d:5f:
         21:f2:e9:c2:67:17:bc:4f:34:82:d1:27:c1:49:df:ef:36:ab:
         1b:ad:3b:30:b1:5c:45:e0:28:6a:f8:4f:9b:35:f5:67:66:e9:
         c1:d8:61:a6:c7:de:b7:ae:2d:26:a1:98:79:75:5b:20:9e:c1:
         45:d4:dd:d8:6c:8a:01:c3:50:6b:79:b2:f8:65:f6:4d:c3:5a:
         69:d1:4d:12:b6:55:d6:59:06:b3:56:fc:7a:8e:4c:63:8d:68:
         00:06:2f:22:a0:5d:5f:15:e1:75:4f:57:bf:e9:33:43:a1:4c:
         ed:3f:43:dc:db:01:21:72:28:36:35:28:c7:01:70:e0:fe:62:
         cb:ca:5c:c8:70:21:17:a0:38:93:86:03:8b:aa:02:80:ba:3d:
         d2:ca:b0:48:74:3d:d4:4c:c3:43:75:bd:4c:94:42:fd:f2:b7:
         77:12:8c:20:9e:c7:ff:11:be:5a:ff:d2:11:6c:69:9b:74:5f:
         5f:28:20:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBF1BW+NrkuB22TjOXHHE9KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzdjOTRhOTZjNDhmY2Y4NDEyOGU4NDdhZTkwMjBkNmJj
NjYzMDQwHhcNMjQwNjIzMTYwMDQ1WhcNMjQwNjI0MTYwMDQ1WjAzMTEwLwYDVQQD
EyhkZDFlOGYxNjM0YjQ2MjUwZDYwYzljMzVkMWI5MzY3ZWRkYTJkNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWAPmldDMxCdCmA8YkyAIixUFXDI
T4/v2gpsAndeewyhGNNhqKMHMbhxrQJ70XlXz2GzG3Qq//rULLuNFBuEwZFHOf7X
MxjelP7+ASG84VDTeYvEnjswoemuNtccv7OmInEkDb0mq6w6zNywSLKD/F1zHXjM
D9SewjweR0+MfmbsO/H1LA0NgnT4rI3zoYsEiGosOK51imHcAI3rhD1xKm3r00PM
iZGzThQpsSHVhuuqHtJwdqynH4a9RUTCREBa3vHaAgDv+uwy4by3c5TCO2xf7m0v
Zze53jwzqEIvdYU9BmzIJgUcAbJs709LWCww2u6+m66DPiDgtihCvXoamQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN0ejxY0tGJQ1gycNdG5Nn7dotdtMB8GA1UdIwQY
MBaAFD83yUqWxI/PhBKOhHrpAg1rxmMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTct
ZWY5OTBjNThiNDhiLzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTctZWY5OTBjNThiNDhi
LzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAINKKH67t
qYfqJXJ6nR40RZNhi+++X6GVSXjB7HpXeX0U3gP3bUnmoh5ZxS09S27IIE1zwaSa
sio7Aka/M2aagqkEjIJOtn1fIfLpwmcXvE80gtEnwUnf7zarG607MLFcReAoavhP
mzX1Z2bpwdhhpsfet64tJqGYeXVbIJ7BRdTd2GyKAcNQa3my+GX2TcNaadFNErZV
1lkGs1b8eo5MY41oAAYvIqBdXxXhdU9Xv+kzQ6FM7T9D3NsBIXIoNjUoxwFw4P5i
y8pcyHAhF6A4k4YDi6oCgLo90sqwSHQ91EzDQ3W9TJRC/fK3dxKMIJ7H/xG+Wv/S
EWxpm3RfXygg+Q==
-----END CERTIFICATE-----