Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
File:                     PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft (raw, json)
Hash identifier:          lnfRMJW7MDXsjd0cbFMBeU+3aAshfx0LZhSr/dkPJl0=
Subject key identifier:   FE:76:36:6C:C8:0F:68:07:F3:CF:C2:8A:0F:44:CA:5C:E0:E5:E7:99
Authority key identifier: 3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04
Certificate issuer:       /CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
Certificate serial:       01901D4639C017D9E1E416961C468C1BE825
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
Manifest number:          0C65
Signing time:             Sat 15 Jun 2024 19:00:59 +0000
Manifest this update:     Sat 15 Jun 2024 19:00:59 +0000
Manifest next update:     Sun 16 Jun 2024 19:00:59 +0000
Files and hashes:         1: PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl (hash: wxoLGSVReoTqF5+nLx2nNuaoGIo/NdPcp7/3qUeNbAc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:39:c0:17:d9:e1:e4:16:96:1c:46:8c:1b:e8:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3f37c94a96c48fcf84128e847ae9020d6bc66304
        Validity
            Not Before: Jun 15 19:00:59 2024 GMT
            Not After : Jun 16 19:00:59 2024 GMT
        Subject: CN=fe76366cc80f6807f3cfc28a0f44ca5ce0e5e799
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:4d:65:02:b2:35:41:b4:9d:15:27:50:5b:c8:
                    bc:0f:ce:1c:25:65:3c:69:bc:bb:db:2f:28:88:e2:
                    69:2b:03:4c:10:32:d5:11:7b:3d:59:c0:fc:85:25:
                    f1:8e:68:1c:73:15:13:54:41:82:0e:fb:a0:a5:0b:
                    c0:48:b4:ac:9d:6d:46:d8:53:3f:58:82:64:dc:cf:
                    e2:98:dd:db:46:db:e7:02:03:83:f7:9d:4f:72:17:
                    4d:7e:59:3e:81:50:5a:c6:d7:70:27:9d:1c:4d:2a:
                    b5:5b:e2:4e:6c:2e:44:85:2a:69:de:49:8d:4e:e7:
                    52:53:08:ea:a0:8b:53:6c:a4:46:4b:74:0b:20:ef:
                    d4:ea:9c:e4:51:67:0b:ea:d6:8f:40:39:aa:43:bf:
                    2f:a8:e7:0a:e6:4e:ae:6d:5b:5a:74:f0:e3:5d:17:
                    45:08:99:26:4e:81:5a:0a:40:57:0d:c3:a5:9c:59:
                    12:91:3d:67:23:95:c5:f5:38:ce:7a:75:f2:fc:fd:
                    97:21:ba:fb:bb:9c:4e:06:8e:7a:43:16:80:3a:db:
                    7d:00:38:98:34:72:6a:56:d2:dc:b5:58:60:1c:49:
                    fd:8f:bf:09:4a:a7:8e:a7:49:63:5f:c4:8c:73:c6:
                    15:dc:25:06:2a:91:c9:36:ab:ef:45:4d:69:4d:d4:
                    33:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:76:36:6C:C8:0F:68:07:F3:CF:C2:8A:0F:44:CA:5C:E0:E5:E7:99
            X509v3 Authority Key Identifier:
                keyid:3F:37:C9:4A:96:C4:8F:CF:84:12:8E:84:7A:E9:02:0D:6B:C6:63:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PzfJSpbEj8-EEo6EeukCDWvGYwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/35a9bc-b142-445f-81e7-ef990c58b48b/1/PzfJSpbEj8-EEo6EeukCDWvGYwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9b:0e:ec:67:0f:72:57:61:c0:fb:4d:16:6a:1f:38:9e:c0:69:
         a7:38:56:9e:dc:fa:3f:d6:33:c6:31:ed:4a:e5:48:94:2d:7e:
         98:55:c9:40:a3:51:00:e9:63:9d:47:47:62:5d:3e:65:48:c3:
         5c:00:9e:d7:88:7e:4b:10:96:ab:a7:5e:6c:56:42:50:0b:90:
         1f:93:bc:cd:50:35:30:e4:5d:84:6f:66:da:d8:c7:ec:de:f3:
         c5:2c:49:53:64:69:df:72:1d:7e:d8:38:75:d6:c6:81:45:6e:
         f8:91:43:8c:cd:a3:78:fd:37:36:9e:d8:f9:06:d7:3e:fa:42:
         12:ff:60:0b:96:31:df:5c:6d:3f:21:57:c1:96:99:1a:9f:13:
         9c:ca:3a:96:a7:5d:57:8a:bc:a9:95:ef:62:74:49:3f:99:2a:
         45:fa:76:0c:57:b0:62:ac:8a:5b:1c:01:ad:01:0f:c4:37:5e:
         d4:e8:22:ad:de:7d:38:b8:42:bd:7b:77:be:1a:1d:f3:a7:e8:
         4d:b6:c6:ac:ea:3f:e9:0c:7e:f0:19:72:da:98:06:7f:31:b3:
         c8:08:c9:5a:42:6f:c0:e1:16:7f:46:7c:76:6d:23:b6:f2:a5:
         69:71:b9:c3:08:6a:ce:e1:c0:5c:e2:29:21:d0:99:b9:80:b3:
         19:5c:a8:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRjnAF9nh5BaWHEaMG+glMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMzdjOTRhOTZjNDhmY2Y4NDEyOGU4NDdhZTkwMjBkNmJj
NjYzMDQwHhcNMjQwNjE1MTkwMDU5WhcNMjQwNjE2MTkwMDU5WjAzMTEwLwYDVQQD
EyhmZTc2MzY2Y2M4MGY2ODA3ZjNjZmMyOGEwZjQ0Y2E1Y2UwZTVlNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk1lArI1QbSdFSdQW8i8D84cJWU8
aby72y8oiOJpKwNMEDLVEXs9WcD8hSXxjmgccxUTVEGCDvugpQvASLSsnW1G2FM/
WIJk3M/imN3bRtvnAgOD951PchdNflk+gVBaxtdwJ50cTSq1W+JObC5EhSpp3kmN
TudSUwjqoItTbKRGS3QLIO/U6pzkUWcL6taPQDmqQ78vqOcK5k6ubVtadPDjXRdF
CJkmToFaCkBXDcOlnFkSkT1nI5XF9TjOenXy/P2XIbr7u5xOBo56QxaAOtt9ADiY
NHJqVtLctVhgHEn9j78JSqeOp0ljX8SMc8YV3CUGKpHJNqvvRU1pTdQzXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP52NmzID2gH88/Cig9Eylzg5eeZMB8GA1UdIwQY
MBaAFD83yUqWxI/PhBKOhHrpAg1rxmMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTct
ZWY5OTBjNThiNDhiLzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zNWE5YmMtYjE0Mi00NDVmLTgxZTctZWY5OTBjNThiNDhi
LzEvUHpmSlNwYkVqOC1FRW82RWV1a0NEV3ZHWXdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmw7sZw9y
V2HA+00Wah84nsBppzhWntz6P9YzxjHtSuVIlC1+mFXJQKNRAOljnUdHYl0+ZUjD
XACe14h+SxCWq6debFZCUAuQH5O8zVA1MORdhG9m2tjH7N7zxSxJU2Rp33Idftg4
ddbGgUVu+JFDjM2jeP03Np7Y+QbXPvpCEv9gC5Yx31xtPyFXwZaZGp8TnMo6lqdd
V4q8qZXvYnRJP5kqRfp2DFewYqyKWxwBrQEPxDde1Ogird59OLhCvXt3vhod86fo
TbbGrOo/6Qx+8Bly2pgGfzGzyAjJWkJvwOEWf0Z8dm0jtvKlaXG5wwhqzuHAXOIp
IdCZuYCzGVyoXQ==
-----END CERTIFICATE-----