Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
File:                     _e3ZOtbKqmCtSfD5N32Kq_h34ts.mft (raw, json)
Hash identifier:          tGPZ2URTSmFBAYVIaodkuJvUyPrjD3Wh5RtyeFfwYtM=
Subject key identifier:   C3:21:86:42:40:7E:C5:D8:29:48:DC:F3:B9:F0:85:42:4D:B3:04:2A
Authority key identifier: FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB
Certificate issuer:       /CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
Certificate serial:       018F87492EF98502E9BBDC16E6C11B25F9F9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
Manifest number:          02F7
Signing time:             Fri 17 May 2024 16:01:11 +0000
Manifest this update:     Fri 17 May 2024 16:01:11 +0000
Manifest next update:     Sat 18 May 2024 16:01:11 +0000
Files and hashes:         1: _e3ZOtbKqmCtSfD5N32Kq_h34ts.crl (hash: u/N3FhFc1Ne/qsQn0ba6hvsuhmzTitOaI0BfvTXC0D8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:2e:f9:85:02:e9:bb:dc:16:e6:c1:1b:25:f9:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fdedd93ad6caaa60ad49f0f9377d8aabf877e2db
        Validity
            Not Before: May 17 16:01:11 2024 GMT
            Not After : May 18 16:01:11 2024 GMT
        Subject: CN=c3218642407ec5d82948dcf3b9f085424db3042a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:84:eb:49:14:30:49:d3:54:f1:e9:f5:3c:98:
                    7a:b6:eb:36:d3:e1:cd:5a:55:41:39:32:c2:9d:69:
                    cd:52:50:62:05:9b:91:b5:99:88:43:6d:30:53:6b:
                    19:cd:67:be:ef:fb:a0:fe:e9:7c:12:9d:b6:3a:59:
                    22:df:11:35:ca:48:2d:04:d1:5f:90:5d:3b:4a:63:
                    0c:96:28:bf:ce:d3:70:89:0d:88:11:90:a6:b1:60:
                    5a:ce:80:25:0d:c5:8a:3f:8a:b2:3b:5b:ae:1a:da:
                    ea:00:3c:09:c2:e3:82:79:7b:c2:f2:c9:45:ef:ca:
                    6c:96:48:7d:d0:89:a5:df:2b:6e:01:80:a3:bb:ab:
                    5b:a7:a2:b1:33:8a:09:8b:54:fe:1b:4a:f9:c9:ac:
                    77:64:89:a3:bf:3c:5d:63:2e:4d:86:d4:1f:ef:f0:
                    cb:4c:69:43:36:16:14:94:61:17:b3:7f:b4:23:96:
                    0d:14:e4:1f:83:52:40:77:1c:ad:e5:f2:5c:6a:4f:
                    dc:66:6e:d5:90:fc:a4:2f:cc:7e:1c:05:49:68:1f:
                    f5:b4:16:ed:17:68:8e:a6:99:f1:1f:dc:b4:ed:13:
                    c8:b6:27:7a:1f:4b:1c:f3:43:08:64:4a:af:b8:f9:
                    dd:9a:90:9d:d6:0a:f0:e7:33:b0:be:b0:85:5c:7d:
                    f6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:21:86:42:40:7E:C5:D8:29:48:DC:F3:B9:F0:85:42:4D:B3:04:2A
            X509v3 Authority Key Identifier:
                keyid:FD:ED:D9:3A:D6:CA:AA:60:AD:49:F0:F9:37:7D:8A:AB:F8:77:E2:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_e3ZOtbKqmCtSfD5N32Kq_h34ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/00b426-128b-4f9c-a3af-bdb5f16d46f0/1/_e3ZOtbKqmCtSfD5N32Kq_h34ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         64:9d:ed:8a:78:01:32:cf:b7:c2:16:17:ed:7b:d8:35:fb:ad:
         e1:1a:34:b0:cf:93:f6:e6:99:8c:51:94:e6:24:4c:9b:e6:da:
         a9:0b:59:1d:17:93:2c:80:75:fd:b7:d8:73:34:4c:f5:82:b9:
         39:97:b0:d2:21:b6:ed:db:6d:9d:8c:49:ab:23:ae:88:71:f0:
         d2:58:5d:85:6a:9c:27:7a:f8:c6:2d:2d:85:55:ec:27:f9:d9:
         47:ce:e7:fa:b5:79:cc:a4:95:98:50:4b:3c:52:01:d9:cc:ac:
         83:c6:20:11:95:a5:1f:17:43:f7:c9:77:be:5c:48:82:54:30:
         c8:e3:2b:03:e3:12:b1:53:04:4d:ca:7b:a5:f9:2f:07:44:b4:
         20:19:1c:2f:b3:74:6f:43:2b:a8:93:44:6c:7b:0b:d7:03:86:
         be:89:9a:4d:e3:01:06:e2:19:19:45:39:fa:d6:74:19:01:2d:
         82:ff:8f:d0:2c:58:94:f9:24:d1:5c:ed:22:f5:28:54:96:f5:
         39:31:b4:97:8c:fe:eb:4b:5d:04:db:4a:2f:be:d9:32:bb:b1:
         c1:21:f1:a2:e0:fd:15:01:68:82:ab:19:aa:c6:82:97:26:47:
         3d:9a:06:84:79:f9:56:fc:dd:94:63:ec:fc:6d:97:df:65:46:
         90:3a:31:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSS75hQLpu9wW5sEbJfn5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZWRkOTNhZDZjYWFhNjBhZDQ5ZjBmOTM3N2Q4YWFiZjg3
N2UyZGIwHhcNMjQwNTE3MTYwMTExWhcNMjQwNTE4MTYwMTExWjAzMTEwLwYDVQQD
EyhjMzIxODY0MjQwN2VjNWQ4Mjk0OGRjZjNiOWYwODU0MjRkYjMwNDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4TrSRQwSdNU8en1PJh6tus20+HN
WlVBOTLCnWnNUlBiBZuRtZmIQ20wU2sZzWe+7/ug/ul8Ep22Olki3xE1ykgtBNFf
kF07SmMMlii/ztNwiQ2IEZCmsWBazoAlDcWKP4qyO1uuGtrqADwJwuOCeXvC8slF
78pslkh90Iml3ytuAYCju6tbp6KxM4oJi1T+G0r5yax3ZImjvzxdYy5NhtQf7/DL
TGlDNhYUlGEXs3+0I5YNFOQfg1JAdxyt5fJcak/cZm7VkPykL8x+HAVJaB/1tBbt
F2iOppnxH9y07RPItid6H0sc80MIZEqvuPndmpCd1grw5zOwvrCFXH321wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMhhkJAfsXYKUjc87nwhUJNswQqMB8GA1UdIwQY
MBaAFP3t2TrWyqpgrUnw+Td9iqv4d+LbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYt
YmRiNWYxNmQ0NmYwLzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8wMGI0MjYtMTI4Yi00ZjljLWEzYWYtYmRiNWYxNmQ0NmYw
LzEvX2UzWk90YktxbUN0U2ZENU4zMktxX2gzNHRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZJ3tingB
Ms+3whYX7XvYNfut4Ro0sM+T9uaZjFGU5iRMm+baqQtZHReTLIB1/bfYczRM9YK5
OZew0iG27dttnYxJqyOuiHHw0lhdhWqcJ3r4xi0thVXsJ/nZR87n+rV5zKSVmFBL
PFIB2cysg8YgEZWlHxdD98l3vlxIglQwyOMrA+MSsVMETcp7pfkvB0S0IBkcL7N0
b0MrqJNEbHsL1wOGvomaTeMBBuIZGUU5+tZ0GQEtgv+P0CxYlPkk0VztIvUoVJb1
OTG0l4z+60tdBNtKL77ZMruxwSHxouD9FQFogqsZqsaClyZHPZoGhHn5VvzdlGPs
/G2X32VGkDoxFg==
-----END CERTIFICATE-----