Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
File:                     3cwuYUgshl3CU8D6lD49os6X2gU.mft (raw, json)
Hash identifier:          JJx5WbyiiBxoLxt3VQSL4UaRD7EXGu4co73FhuaYnDE=
Subject key identifier:   FB:31:82:B6:7E:32:BC:1E:D7:25:19:38:D0:A2:F2:04:B7:44:16:1D
Authority key identifier: DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05
Certificate issuer:       /CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
Certificate serial:       01901D463DCA4145431599F8DF23B03CEFF4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
Manifest number:          014A
Signing time:             Sat 15 Jun 2024 19:01:00 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:00 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:00 +0000
Files and hashes:         1: 3cwuYUgshl3CU8D6lD49os6X2gU.crl (hash: B5EkdZi7M41xN3QA7yeE3b/isAN3wj5xJNm5HDA1IOI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:3d:ca:41:45:43:15:99:f8:df:23:b0:3c:ef:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ddcc2e61482c865dc253c0fa943e3da2ce97da05
        Validity
            Not Before: Jun 15 19:01:00 2024 GMT
            Not After : Jun 16 19:01:00 2024 GMT
        Subject: CN=fb3182b67e32bc1ed7251938d0a2f204b744161d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e4:cf:d2:28:e3:5c:23:31:61:2f:0b:12:bf:
                    5f:0a:16:44:e4:07:a0:e2:12:1f:92:77:52:28:0a:
                    ef:a4:bb:6a:b2:b1:5e:2e:0b:2b:83:2a:01:d4:ac:
                    4e:03:20:d0:35:b7:bf:e6:f1:18:48:9b:60:c2:d3:
                    45:27:b6:a9:83:96:4f:84:5d:a4:0b:18:0c:01:44:
                    4c:b0:dd:b4:9d:33:a5:20:a3:9c:72:6e:9f:ef:dc:
                    b6:0b:ff:fb:43:50:58:be:fa:9b:24:8f:32:14:ce:
                    c7:6c:30:ad:e0:e6:db:d8:94:7e:7f:b6:59:54:a7:
                    ce:a3:59:60:b2:ee:05:c8:e5:65:ad:c9:3a:a8:d6:
                    e0:84:df:77:de:2a:ac:f4:1d:01:cd:77:ff:ff:d9:
                    bd:61:22:22:00:d3:eb:32:65:09:d0:fe:db:13:34:
                    17:27:95:e6:ab:46:4d:82:34:1d:6c:75:54:8c:22:
                    d2:5c:24:b8:2e:4c:96:5e:7e:a2:20:b2:63:c4:64:
                    06:01:c2:9f:f0:eb:d2:ba:da:14:8e:06:55:61:67:
                    61:f2:1c:2b:a6:79:98:54:3d:e5:6d:81:bf:39:89:
                    e2:0f:b0:d4:ee:4c:42:03:ff:1d:cf:e9:ba:77:d8:
                    4d:fe:89:da:94:58:af:30:9e:8e:a2:13:be:e5:63:
                    00:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:31:82:B6:7E:32:BC:1E:D7:25:19:38:D0:A2:F2:04:B7:44:16:1D
            X509v3 Authority Key Identifier:
                keyid:DD:CC:2E:61:48:2C:86:5D:C2:53:C0:FA:94:3E:3D:A2:CE:97:DA:05

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3cwuYUgshl3CU8D6lD49os6X2gU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bf7343-65a4-4714-8f90-358f59532258/1/3cwuYUgshl3CU8D6lD49os6X2gU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:01:3c:e7:b1:fd:0d:75:af:3f:ee:ec:ad:aa:cf:66:b2:6a:
         ce:85:cc:02:92:31:64:4d:be:5e:e5:52:32:68:b9:41:33:53:
         b7:d4:dc:5e:e6:c7:ce:09:66:7b:16:25:a5:73:33:2c:c7:6e:
         b5:28:bd:e2:13:23:bf:47:11:5b:2b:9a:8b:89:b7:16:fa:35:
         f2:71:2d:db:5e:34:d1:41:89:40:aa:c5:f8:c8:6e:d2:64:54:
         a6:84:5e:f4:fd:4a:4f:34:97:49:bf:29:a7:50:55:74:aa:da:
         96:22:ad:a5:a8:b5:46:9d:3c:c4:71:51:55:58:e1:d3:d6:19:
         28:82:02:63:c9:dd:91:3f:16:0b:5c:92:9c:a8:c7:81:c7:b8:
         c4:57:76:a6:b6:77:81:dc:89:d0:33:da:b6:05:d2:ec:b2:c0:
         88:d9:f5:fd:36:af:39:e0:bd:e4:10:10:20:ba:d5:df:83:1d:
         8a:40:be:63:a1:54:02:6c:24:46:4f:e1:fa:02:b3:83:24:8d:
         f6:7f:8b:a0:75:ef:29:60:df:fa:ff:59:6b:29:f3:13:ee:93:
         29:6c:32:fe:8f:1a:e9:84:30:09:b1:96:42:c3:96:f7:55:3d:
         04:9d:bd:ac:fa:1a:0c:17:a5:ff:b2:07:6f:78:d4:42:3e:39:
         d2:97:f7:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRj3KQUVDFZn43yOwPO/0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkY2MyZTYxNDgyYzg2NWRjMjUzYzBmYTk0M2UzZGEyY2U5
N2RhMDUwHhcNMjQwNjE1MTkwMTAwWhcNMjQwNjE2MTkwMTAwWjAzMTEwLwYDVQQD
EyhmYjMxODJiNjdlMzJiYzFlZDcyNTE5MzhkMGEyZjIwNGI3NDQxNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOTP0ijjXCMxYS8LEr9fChZE5Aeg
4hIfkndSKArvpLtqsrFeLgsrgyoB1KxOAyDQNbe/5vEYSJtgwtNFJ7apg5ZPhF2k
CxgMAURMsN20nTOlIKOccm6f79y2C//7Q1BYvvqbJI8yFM7HbDCt4Obb2JR+f7ZZ
VKfOo1lgsu4FyOVlrck6qNbghN933iqs9B0BzXf//9m9YSIiANPrMmUJ0P7bEzQX
J5Xmq0ZNgjQdbHVUjCLSXCS4LkyWXn6iILJjxGQGAcKf8OvSutoUjgZVYWdh8hwr
pnmYVD3lbYG/OYniD7DU7kxCA/8dz+m6d9hN/onalFivMJ6OohO+5WMAOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPsxgrZ+Mrwe1yUZONCi8gS3RBYdMB8GA1UdIwQY
MBaAFN3MLmFILIZdwlPA+pQ+PaLOl9oFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAt
MzU4ZjU5NTMyMjU4LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iZjczNDMtNjVhNC00NzE0LThmOTAtMzU4ZjU5NTMyMjU4
LzEvM2N3dVlVZ3NobDNDVThENmxENDlvczZYMmdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAgE857H9
DXWvP+7srarPZrJqzoXMApIxZE2+XuVSMmi5QTNTt9TcXubHzglmexYlpXMzLMdu
tSi94hMjv0cRWyuai4m3Fvo18nEt21400UGJQKrF+Mhu0mRUpoRe9P1KTzSXSb8p
p1BVdKraliKtpai1Rp08xHFRVVjh09YZKIICY8ndkT8WC1ySnKjHgce4xFd2prZ3
gdyJ0DPatgXS7LLAiNn1/TavOeC95BAQILrV34MdikC+Y6FUAmwkRk/h+gKzgySN
9n+LoHXvKWDf+v9ZaynzE+6TKWwy/o8a6YQwCbGWQsOW91U9BJ29rPoaDBel/7IH
b3jUQj450pf3sA==
-----END CERTIFICATE-----