Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          DorXpoifthwpZiTFx59FB89cVBabdkZtocoD5Sduda8=
Subject key identifier:   60:83:54:C9:12:DA:39:96:A2:00:E5:98:9B:0E:BC:D2:D8:D7:E6:C2
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       01901D4642A0A2E7060FDCB92E0C4C69FC43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          0CF7
Signing time:             Sat 15 Jun 2024 19:01:02 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:02 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:02 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: GDF59Qqw2L5iDfhQt0YGpXuXmh7ksrB6gIUD8z1lrUI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:42:a0:a2:e7:06:0f:dc:b9:2e:0c:4c:69:fc:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: Jun 15 19:01:02 2024 GMT
            Not After : Jun 16 19:01:02 2024 GMT
        Subject: CN=608354c912da3996a200e5989b0ebcd2d8d7e6c2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:6f:14:ed:16:bc:2a:0d:69:18:35:f6:eb:ac:
                    27:61:fc:62:02:5e:f2:68:1e:48:28:e6:dc:4d:79:
                    39:0b:5b:19:d7:d5:f8:ab:38:35:57:af:13:52:1e:
                    af:c9:2c:01:75:38:fb:8e:9f:60:6b:9b:4d:ae:78:
                    98:f5:82:d4:af:34:fd:5e:23:ca:a9:f2:d6:87:a7:
                    3a:8d:bd:5d:63:10:03:39:81:e8:58:3d:d8:05:ac:
                    4f:a4:e6:84:a7:ee:85:2f:85:e5:8d:91:29:60:37:
                    12:f9:b0:a9:f1:92:2a:a1:b5:bc:f3:a2:5f:aa:90:
                    f6:8b:ba:52:80:5d:92:6e:14:ab:ea:b9:89:aa:9f:
                    5c:6f:f5:d3:a9:72:f4:6b:21:b1:04:e7:35:30:e4:
                    7a:ac:0f:7e:05:e2:45:2d:6e:f6:0c:4e:76:e0:b0:
                    9c:c2:4c:54:de:df:bd:db:ad:24:00:13:68:dd:aa:
                    7d:d1:13:e8:46:24:e3:16:8c:32:46:1a:77:37:ad:
                    fd:1d:d9:41:b1:ea:92:4a:7c:4c:58:98:6f:d6:6d:
                    fd:a6:0d:1f:47:d7:e6:7c:9c:32:2b:f7:8b:2f:a8:
                    e9:8c:75:51:ce:6b:01:ab:59:4c:1b:33:5c:aa:07:
                    77:df:50:7b:13:09:bb:a8:3a:c2:e9:95:92:60:a5:
                    bb:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:83:54:C9:12:DA:39:96:A2:00:E5:98:9B:0E:BC:D2:D8:D7:E6:C2
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:15:89:9f:84:76:80:2c:2f:87:54:79:1b:b0:06:7c:eb:fb:
         0f:84:ba:c4:8c:ff:b6:ef:34:65:68:f5:34:35:80:08:53:57:
         d7:ed:96:9d:14:c1:fa:f6:17:26:6a:f9:fa:ec:41:83:0b:2f:
         51:e3:d3:6c:34:a3:96:d8:ee:31:99:f8:83:07:8a:6b:dd:70:
         9c:54:51:b1:57:0d:f4:a2:1e:bb:dc:d0:4c:43:66:26:46:6f:
         17:55:2b:71:26:3f:0a:7e:91:c9:07:f2:25:3a:1f:f6:dd:a4:
         f3:36:a0:8d:6b:bb:84:f8:1c:1e:51:7a:7a:a7:9e:e0:6e:1c:
         c3:ab:1c:f3:ed:f5:37:53:80:3b:97:3a:80:8f:b9:52:31:ef:
         6d:e8:fe:f2:a3:1a:ed:bc:85:b1:f4:5b:b2:7b:14:dc:22:b6:
         f8:ad:f1:a2:4d:56:95:5c:cc:58:84:98:74:60:f0:2d:a2:df:
         66:df:9a:ba:1f:97:d6:f0:67:57:25:35:ea:9a:87:4d:85:06:
         d2:bc:5c:a1:e7:fa:b6:b2:30:0b:69:a8:18:8e:d6:e3:61:5d:
         df:91:17:76:6a:79:0a:63:b8:cc:94:2a:12:51:73:c9:e5:ed:
         05:8d:5c:b2:ca:00:58:f2:4c:cc:40:d3:88:4c:29:b3:0e:68:
         fd:03:2f:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRkKgoucGD9y5LgxMafxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjQwNjE1MTkwMTAyWhcNMjQwNjE2MTkwMTAyWjAzMTEwLwYDVQQD
Eyg2MDgzNTRjOTEyZGEzOTk2YTIwMGU1OTg5YjBlYmNkMmQ4ZDdlNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx28U7Ra8Kg1pGDX266wnYfxiAl7y
aB5IKObcTXk5C1sZ19X4qzg1V68TUh6vySwBdTj7jp9ga5tNrniY9YLUrzT9XiPK
qfLWh6c6jb1dYxADOYHoWD3YBaxPpOaEp+6FL4XljZEpYDcS+bCp8ZIqobW886Jf
qpD2i7pSgF2SbhSr6rmJqp9cb/XTqXL0ayGxBOc1MOR6rA9+BeJFLW72DE524LCc
wkxU3t+9260kABNo3ap90RPoRiTjFowyRhp3N639HdlBseqSSnxMWJhv1m39pg0f
R9fmfJwyK/eLL6jpjHVRzmsBq1lMGzNcqgd331B7Ewm7qDrC6ZWSYKW7NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGCDVMkS2jmWogDlmJsOvNLY1+bCMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHRWJn4R2
gCwvh1R5G7AGfOv7D4S6xIz/tu80ZWj1NDWACFNX1+2WnRTB+vYXJmr5+uxBgwsv
UePTbDSjltjuMZn4gweKa91wnFRRsVcN9KIeu9zQTENmJkZvF1UrcSY/Cn6RyQfy
JTof9t2k8zagjWu7hPgcHlF6eqee4G4cw6sc8+31N1OAO5c6gI+5UjHvbej+8qMa
7byFsfRbsnsU3CK2+K3xok1WlVzMWISYdGDwLaLfZt+auh+X1vBnVyU16pqHTYUG
0rxcoef6trIwC2moGI7W42Fd35EXdmp5CmO4zJQqElFzyeXtBY1cssoAWPJMzEDT
iEwpsw5o/QMvEQ==
-----END CERTIFICATE-----