Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.mft
File:                     Q3FIOk0xlpOmC4o7x5_YgtIScPo.mft (raw, json)
Hash identifier:          gl/HlF5c3wuQUr5M+lctjZgiWhlSc/UzokrTp8W6pk4=
Subject key identifier:   49:D2:57:24:60:44:76:ED:CE:9D:E7:39:57:67:3E:C6:9D:6B:3E:CC
Authority key identifier: 43:71:48:3A:4D:31:96:93:A6:0B:8A:3B:C7:9F:D8:82:D2:12:70:FA
Certificate issuer:       /CN=4371483a4d319693a60b8a3bc79fd882d21270fa
Certificate serial:       01901DEBA266032F00C272510284913DC1F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Q3FIOk0xlpOmC4o7x5_YgtIScPo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.mft
Manifest number:          0424
Signing time:             Sat 15 Jun 2024 22:01:40 +0000
Manifest this update:     Sat 15 Jun 2024 22:01:40 +0000
Manifest next update:     Sun 16 Jun 2024 22:01:40 +0000
Files and hashes:         1: Q3FIOk0xlpOmC4o7x5_YgtIScPo.crl (hash: KEH9TrbxNzXmUiL7CkInwbgidiJ1Y7glykK12ksTw3M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Q3FIOk0xlpOmC4o7x5_YgtIScPo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:eb:a2:66:03:2f:00:c2:72:51:02:84:91:3d:c1:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4371483a4d319693a60b8a3bc79fd882d21270fa
        Validity
            Not Before: Jun 15 22:01:40 2024 GMT
            Not After : Jun 16 22:01:40 2024 GMT
        Subject: CN=49d25724604476edce9de73957673ec69d6b3ecc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:53:3c:13:47:ea:ad:c9:67:65:5a:81:39:6b:
                    12:1e:f2:d9:f6:a9:fa:cd:e0:cf:db:3e:8c:e1:c1:
                    b6:cd:ca:a8:5c:b6:31:ef:41:87:5f:ff:aa:3f:83:
                    44:12:f5:6e:6b:b7:7b:53:62:c1:22:4a:cf:6a:9a:
                    58:2d:69:d6:f3:8e:7c:e2:2d:3d:53:7d:e4:af:d3:
                    16:46:94:23:19:07:82:bf:65:08:bb:3b:78:20:aa:
                    40:86:40:aa:9f:2d:bf:e3:4c:f3:f6:64:31:f5:97:
                    e8:71:29:98:90:f4:38:14:80:d7:7a:41:4e:12:aa:
                    61:0c:6d:61:6b:96:6c:4c:ff:16:d2:b2:7c:30:f4:
                    b6:97:9b:50:1d:7b:c0:c7:10:64:53:2b:a2:ec:6c:
                    ce:f1:f0:a1:2e:13:76:70:37:c5:0a:f9:f2:73:48:
                    b5:92:d0:a0:9f:a8:a4:26:c5:03:1e:b2:72:7d:10:
                    64:ef:dd:27:81:15:5d:c3:61:24:14:1a:b3:bf:84:
                    bb:7b:ef:62:12:4b:f2:ce:e3:94:98:36:6c:d0:16:
                    a9:c6:27:31:f5:d3:ee:e5:8f:07:58:4d:d3:db:ea:
                    0c:ba:d4:14:3f:54:0c:92:ff:eb:7d:45:5c:80:04:
                    e1:8d:d0:87:df:61:68:e6:bd:ed:3f:e9:35:7f:c3:
                    c3:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:D2:57:24:60:44:76:ED:CE:9D:E7:39:57:67:3E:C6:9D:6B:3E:CC
            X509v3 Authority Key Identifier:
                keyid:43:71:48:3A:4D:31:96:93:A6:0B:8A:3B:C7:9F:D8:82:D2:12:70:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q3FIOk0xlpOmC4o7x5_YgtIScPo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/14dd4c-d72d-4666-9242-920dd39ac62b/1/Q3FIOk0xlpOmC4o7x5_YgtIScPo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:39:21:a0:51:98:c6:90:46:a5:fe:b1:f7:d1:3b:c5:d7:58:
         ea:2a:08:9e:fa:dd:e1:3c:c7:fd:68:a4:65:1c:94:27:77:e6:
         21:a3:8f:63:68:25:54:cb:82:f6:17:91:72:ed:f9:d6:57:e8:
         66:86:da:d7:61:19:18:c6:50:63:57:78:18:a9:a7:7d:81:4c:
         22:11:02:8a:2a:e6:fe:3f:95:df:0e:01:37:03:ae:66:fb:5e:
         d8:43:15:73:83:cd:3f:76:6f:1b:50:21:f9:65:3d:bf:e9:a4:
         5d:85:d8:4b:e8:4c:53:4e:c4:7c:27:2a:44:23:7d:eb:25:09:
         98:70:78:0e:9e:92:ef:92:88:3e:38:77:cc:a6:b7:fd:97:1d:
         7d:69:1f:1c:d0:a0:f4:31:a8:25:76:7f:9c:40:8f:2c:4a:5e:
         a8:0d:aa:9c:c8:cc:07:c8:7f:18:da:4c:4b:d2:13:85:1b:41:
         a5:72:f5:c6:da:77:b8:e4:3c:47:ef:73:74:7e:9f:29:18:67:
         e3:d8:fd:5b:7e:98:f9:63:c1:a6:12:57:c9:18:a4:77:1c:9d:
         58:29:c2:3a:66:b2:17:ab:0f:ce:c7:79:7d:8b:60:c1:53:75:
         5d:f7:a1:cf:ac:55:06:e7:fb:4f:c9:46:cd:9f:a2:86:58:22:
         dd:1e:1c:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAd66JmAy8AwnJRAoSRPcH2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNzE0ODNhNGQzMTk2OTNhNjBiOGEzYmM3OWZkODgyZDIx
MjcwZmEwHhcNMjQwNjE1MjIwMTQwWhcNMjQwNjE2MjIwMTQwWjAzMTEwLwYDVQQD
Eyg0OWQyNTcyNDYwNDQ3NmVkY2U5ZGU3Mzk1NzY3M2VjNjlkNmIzZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11M8E0fqrclnZVqBOWsSHvLZ9qn6
zeDP2z6M4cG2zcqoXLYx70GHX/+qP4NEEvVua7d7U2LBIkrPappYLWnW84584i09
U33kr9MWRpQjGQeCv2UIuzt4IKpAhkCqny2/40zz9mQx9ZfocSmYkPQ4FIDXekFO
EqphDG1ha5ZsTP8W0rJ8MPS2l5tQHXvAxxBkUyui7GzO8fChLhN2cDfFCvnyc0i1
ktCgn6ikJsUDHrJyfRBk790ngRVdw2EkFBqzv4S7e+9iEkvyzuOUmDZs0Bapxicx
9dPu5Y8HWE3T2+oMutQUP1QMkv/rfUVcgAThjdCH32Fo5r3tP+k1f8PDUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEnSVyRgRHbtzp3nOVdnPsadaz7MMB8GA1UdIwQY
MBaAFENxSDpNMZaTpguKO8ef2ILSEnD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTNGSU9rMHhscE9tQzRvN3g1X1lndElTY1BvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xNGRkNGMtZDcyZC00NjY2LTkyNDIt
OTIwZGQzOWFjNjJiLzEvUTNGSU9rMHhscE9tQzRvN3g1X1lndElTY1BvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8xNGRkNGMtZDcyZC00NjY2LTkyNDItOTIwZGQzOWFjNjJi
LzEvUTNGSU9rMHhscE9tQzRvN3g1X1lndElTY1BvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcTkhoFGY
xpBGpf6x99E7xddY6ioInvrd4TzH/WikZRyUJ3fmIaOPY2glVMuC9heRcu351lfo
Zoba12EZGMZQY1d4GKmnfYFMIhECiirm/j+V3w4BNwOuZvte2EMVc4PNP3ZvG1Ah
+WU9v+mkXYXYS+hMU07EfCcqRCN96yUJmHB4Dp6S75KIPjh3zKa3/ZcdfWkfHNCg
9DGoJXZ/nECPLEpeqA2qnMjMB8h/GNpMS9IThRtBpXL1xtp3uOQ8R+9zdH6fKRhn
49j9W36Y+WPBphJXyRikdxydWCnCOmayF6sPzsd5fYtgwVN1Xfehz6xVBuf7T8lG
zZ+ihlgi3R4ciQ==
-----END CERTIFICATE-----