Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          3q0r0bkVGbP+/YEVOeGRh7+dx86J5EGQcDRhE7pRjDg=
Subject key identifier:   72:AD:1D:74:05:4A:AC:75:FD:F9:D9:27:0E:61:78:80:F5:AE:DF:CC
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       01901BFD6424E479827600AAB95BE52A51D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          04F7
Signing time:             Sat 15 Jun 2024 13:01:49 +0000
Manifest this update:     Sat 15 Jun 2024 13:01:49 +0000
Manifest next update:     Sun 16 Jun 2024 13:01:49 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: UUPSt7jyKF6aT2eXGp36+druBuVssTKiwsevq9AmlU4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 05:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1b:fd:64:24:e4:79:82:76:00:aa:b9:5b:e5:2a:51:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: Jun 15 13:01:49 2024 GMT
            Not After : Jun 16 13:01:49 2024 GMT
        Subject: CN=72ad1d74054aac75fdf9d9270e617880f5aedfcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ea:38:30:d7:53:65:39:88:08:b6:e1:b8:89:
                    c3:6b:04:fe:95:ab:01:81:59:cf:99:a7:16:16:e1:
                    5b:e5:34:e9:d9:25:35:2d:2d:0c:25:b3:b3:86:4f:
                    97:2f:f4:34:2d:06:a3:05:cc:65:c0:2a:00:57:6d:
                    20:b3:16:fb:ab:a7:46:6b:6d:85:65:ee:fc:78:c4:
                    69:35:af:ce:e7:1c:d1:73:5e:62:f8:bf:ab:e8:de:
                    af:e7:cb:5f:f5:db:a4:74:f5:86:75:6b:66:34:c3:
                    1e:46:cd:0f:37:1c:3c:05:b4:8f:01:1c:01:b2:c1:
                    64:dd:7a:f8:af:85:67:e7:4d:7d:60:da:99:5e:57:
                    2c:57:a8:13:46:7d:2b:5b:75:38:35:1d:b3:8e:c8:
                    09:63:09:ff:ad:d5:08:8a:39:49:ad:6d:f8:e4:cf:
                    39:72:8d:32:1c:1f:c1:0d:20:e9:c6:06:3e:89:54:
                    29:99:1e:bd:b7:6d:76:3e:9b:43:9c:70:93:70:1a:
                    c7:4c:16:8a:73:c6:b5:d7:1f:d8:19:d2:61:5e:f9:
                    92:15:39:79:a9:1d:a2:9e:d3:24:68:64:05:20:71:
                    f8:2c:eb:01:90:46:4f:3a:87:b0:b4:5c:17:d4:06:
                    6a:35:83:78:0a:e7:7e:5e:fe:d3:cc:33:56:94:b4:
                    65:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:AD:1D:74:05:4A:AC:75:FD:F9:D9:27:0E:61:78:80:F5:AE:DF:CC
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         83:33:7b:85:80:85:50:55:b6:22:b6:dd:aa:b1:37:8a:df:38:
         62:24:60:33:01:ba:4a:cc:e4:f0:8f:3a:dd:9f:43:f0:a3:ff:
         49:b5:04:7c:90:eb:71:f9:9d:82:67:e0:8d:f6:59:ee:ff:21:
         0c:fb:a4:e1:66:c2:77:28:f0:b7:4c:a4:35:dc:e8:73:ea:27:
         11:6f:9d:81:55:ad:b3:82:b9:67:84:d3:c7:65:18:94:2c:4f:
         02:8e:e0:42:78:bc:9d:c0:80:88:53:f4:27:a4:ce:a6:69:dd:
         f2:81:e1:c9:54:cf:2a:22:6e:87:08:b0:b1:11:c1:c6:2c:b9:
         66:82:2b:e3:0b:94:43:49:73:a0:37:c3:4a:dc:f6:cb:13:78:
         22:c1:36:8b:29:79:0e:33:09:ad:74:b5:d7:0e:f2:43:bf:19:
         79:70:95:3c:16:5d:79:6e:ed:5e:ef:4c:f0:5b:55:69:cf:d2:
         32:64:c6:99:89:2a:55:63:51:ab:1b:10:24:53:16:37:62:25:
         94:cc:4a:9b:a8:1a:bb:bb:52:c2:71:cd:64:ee:91:5d:bf:28:
         a2:dd:2c:7f:90:e1:dc:e5:e3:e2:4a:5b:be:db:c8:1e:84:37:
         54:e3:da:a5:1b:f4:78:c8:0b:cb:5c:46:32:da:ae:b7:3a:8a:
         76:44:4f:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAb/WQk5HmCdgCquVvlKlHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjQwNjE1MTMwMTQ5WhcNMjQwNjE2MTMwMTQ5WjAzMTEwLwYDVQQD
Eyg3MmFkMWQ3NDA1NGFhYzc1ZmRmOWQ5MjcwZTYxNzg4MGY1YWVkZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+o4MNdTZTmICLbhuInDawT+lasB
gVnPmacWFuFb5TTp2SU1LS0MJbOzhk+XL/Q0LQajBcxlwCoAV20gsxb7q6dGa22F
Ze78eMRpNa/O5xzRc15i+L+r6N6v58tf9dukdPWGdWtmNMMeRs0PNxw8BbSPARwB
ssFk3Xr4r4Vn5019YNqZXlcsV6gTRn0rW3U4NR2zjsgJYwn/rdUIijlJrW345M85
co0yHB/BDSDpxgY+iVQpmR69t212PptDnHCTcBrHTBaKc8a11x/YGdJhXvmSFTl5
qR2intMkaGQFIHH4LOsBkEZPOoewtFwX1AZqNYN4Cud+Xv7TzDNWlLRlgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHKtHXQFSqx1/fnZJw5heID1rt/MMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgzN7hYCF
UFW2IrbdqrE3it84YiRgMwG6Sszk8I863Z9D8KP/SbUEfJDrcfmdgmfgjfZZ7v8h
DPuk4WbCdyjwt0ykNdzoc+onEW+dgVWts4K5Z4TTx2UYlCxPAo7gQni8ncCAiFP0
J6TOpmnd8oHhyVTPKiJuhwiwsRHBxiy5ZoIr4wuUQ0lzoDfDStz2yxN4IsE2iyl5
DjMJrXS11w7yQ78ZeXCVPBZdeW7tXu9M8FtVac/SMmTGmYkqVWNRqxsQJFMWN2Il
lMxKm6gau7tSwnHNZO6RXb8oot0sf5Dh3OXj4kpbvtvIHoQ3VOPapRv0eMgLy1xG
MtqutzqKdkRPew==
-----END CERTIFICATE-----