Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
File:                     uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft (raw, json)
Hash identifier:          vzjGSotLXbohyd4pDeDbh4/rs27nkRYu/NdAn8rNJ4E=
Subject key identifier:   0F:2E:9A:99:31:AB:FF:73:F4:E3:F0:6B:2F:8F:FC:2D:BB:9C:CD:40
Authority key identifier: B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D
Certificate issuer:       /CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
Certificate serial:       019040AE404A01F32591FBC2692DFE324399
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
Manifest number:          0B3E
Signing time:             Sat 22 Jun 2024 16:01:19 +0000
Manifest this update:     Sat 22 Jun 2024 16:01:19 +0000
Manifest next update:     Sun 23 Jun 2024 16:01:19 +0000
Files and hashes:         1: uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl (hash: v6S6h9cw27UCnRMY3kKExLoclrES9khGfpK15wLDb5I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 16:01:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:40:ae:40:4a:01:f3:25:91:fb:c2:69:2d:fe:32:43:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b88ff86c4717e0e366f290cd0d628afc46a38f0d
        Validity
            Not Before: Jun 22 16:01:19 2024 GMT
            Not After : Jun 23 16:01:19 2024 GMT
        Subject: CN=0f2e9a9931abff73f4e3f06b2f8ffc2dbb9ccd40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:49:a6:22:e0:b8:4d:91:20:3d:4e:f4:53:3a:
                    45:6d:a7:13:71:b8:bb:d9:8e:18:b4:be:22:fa:87:
                    8e:79:ec:74:29:0c:36:bb:dd:dd:c6:36:9f:21:a5:
                    ac:82:71:67:d8:8e:d2:62:66:6e:6b:59:5b:cc:28:
                    02:71:b7:c6:d3:55:8c:6c:00:3f:61:30:3d:78:6a:
                    51:53:32:2b:94:e9:20:f1:59:58:6b:34:c0:48:2b:
                    b3:91:30:96:59:b2:1d:ea:85:3b:67:fd:54:65:3d:
                    39:a8:2b:bb:28:03:24:9f:87:4c:55:c4:a8:9a:20:
                    d1:a5:19:ae:41:2c:a9:d5:cc:20:55:79:47:95:f2:
                    07:ed:15:1b:5b:ac:c5:29:37:43:af:a3:af:cd:c8:
                    f5:c8:84:70:c5:5d:f9:dd:cd:99:60:0a:b7:bc:aa:
                    f0:c7:09:99:bf:06:2a:d7:87:6b:6f:24:3e:90:76:
                    7b:9f:94:09:32:f7:fe:40:76:a5:16:4d:4d:51:15:
                    1f:3f:20:6e:ee:f2:8e:08:a8:fd:8a:3e:cf:40:33:
                    09:11:e3:49:fe:88:b5:81:05:7e:99:a5:1c:6e:fd:
                    94:3c:dc:07:d1:f7:17:06:50:8b:0c:45:49:4e:0f:
                    51:a9:a6:c0:d5:d4:e8:ef:df:c4:b2:df:bc:f8:e9:
                    de:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:2E:9A:99:31:AB:FF:73:F4:E3:F0:6B:2F:8F:FC:2D:BB:9C:CD:40
            X509v3 Authority Key Identifier:
                keyid:B8:8F:F8:6C:47:17:E0:E3:66:F2:90:CD:0D:62:8A:FC:46:A3:8F:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uI_4bEcX4ONm8pDNDWKK_Eajjw0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7e7154-c3aa-45b6-8fb0-191d534c97b9/1/uI_4bEcX4ONm8pDNDWKK_Eajjw0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         86:cc:3c:0e:be:09:f1:33:b8:ac:80:aa:68:56:16:0a:a9:ed:
         9e:94:6c:d7:0a:8d:7a:22:09:3b:1c:e3:13:fa:0d:3d:04:75:
         7b:99:b6:c4:13:7d:27:f9:63:a1:be:c1:4c:8c:6c:52:86:91:
         78:78:19:39:75:b7:78:b7:22:db:8d:d0:81:a3:00:13:56:f7:
         4a:e3:3d:52:7b:2e:50:8a:11:c2:6c:51:93:c6:e2:51:19:56:
         eb:ea:ee:f4:a0:87:67:c1:f7:20:79:ec:51:94:76:8d:3e:48:
         f6:6e:86:54:13:f3:e9:a2:d2:35:8c:ff:f1:13:1b:d0:56:17:
         c6:ce:42:3f:71:22:c3:23:ed:89:bb:3d:0c:6c:9d:74:27:09:
         b5:e1:3a:a1:88:ea:82:49:e2:e4:a4:6a:6c:7c:72:e0:90:9b:
         51:74:55:2d:57:8c:1e:b7:68:a7:a8:df:ae:b6:84:18:c7:fb:
         a5:76:0a:82:cf:53:f4:98:0b:85:59:3f:a3:88:92:a4:90:98:
         54:da:df:ab:04:83:ea:cf:7b:2b:e5:88:3a:ff:ce:0e:e3:e7:
         db:b3:4a:26:38:1d:f5:5d:c9:1c:12:85:d8:12:9b:f4:d4:9f:
         b7:45:9f:26:21:ca:00:db:39:2d:e4:45:d1:4c:9b:f4:5f:d9:
         23:54:c8:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBArkBKAfMlkfvCaS3+MkOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4OGZmODZjNDcxN2UwZTM2NmYyOTBjZDBkNjI4YWZjNDZh
MzhmMGQwHhcNMjQwNjIyMTYwMTE5WhcNMjQwNjIzMTYwMTE5WjAzMTEwLwYDVQQD
EygwZjJlOWE5OTMxYWJmZjczZjRlM2YwNmIyZjhmZmMyZGJiOWNjZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80mmIuC4TZEgPU70UzpFbacTcbi7
2Y4YtL4i+oeOeex0KQw2u93dxjafIaWsgnFn2I7SYmZua1lbzCgCcbfG01WMbAA/
YTA9eGpRUzIrlOkg8VlYazTASCuzkTCWWbId6oU7Z/1UZT05qCu7KAMkn4dMVcSo
miDRpRmuQSyp1cwgVXlHlfIH7RUbW6zFKTdDr6Ovzcj1yIRwxV353c2ZYAq3vKrw
xwmZvwYq14drbyQ+kHZ7n5QJMvf+QHalFk1NURUfPyBu7vKOCKj9ij7PQDMJEeNJ
/oi1gQV+maUcbv2UPNwH0fcXBlCLDEVJTg9RqabA1dTo79/Est+8+OneCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA8umpkxq/9z9OPway+P/C27nM1AMB8GA1UdIwQY
MBaAFLiP+GxHF+DjZvKQzQ1iivxGo48NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAt
MTkxZDUzNGM5N2I5LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZTcxNTQtYzNhYS00NWI2LThmYjAtMTkxZDUzNGM5N2I5
LzEvdUlfNGJFY1g0T05tOHBETkRXS0tfRWFqancwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsw8Dr4J
8TO4rICqaFYWCqntnpRs1wqNeiIJOxzjE/oNPQR1e5m2xBN9J/ljob7BTIxsUoaR
eHgZOXW3eLci243QgaMAE1b3SuM9UnsuUIoRwmxRk8biURlW6+ru9KCHZ8H3IHns
UZR2jT5I9m6GVBPz6aLSNYz/8RMb0FYXxs5CP3EiwyPtibs9DGyddCcJteE6oYjq
gkni5KRqbHxy4JCbUXRVLVeMHrdop6jfrraEGMf7pXYKgs9T9JgLhVk/o4iSpJCY
VNrfqwSD6s97K+WIOv/ODuPn27NKJjgd9V3JHBKF2BKb9NSft0WfJiHKANs5LeRF
0Uyb9F/ZI1TIug==
-----END CERTIFICATE-----