Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
File:                     3DC4_dBG72WGgJfwNrinyFVyqtA.mft (raw, json)
Hash identifier:          2Q811Umwg1/zyCDmf3guRQR73FN9s4YoDUWyAX+QmVo=
Subject key identifier:   95:0D:50:0C:CB:8E:36:30:C5:24:56:DA:F1:51:28:BA:15:96:47:D7
Authority key identifier: DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0
Certificate issuer:       /CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
Certificate serial:       018F44200846B4DFBE14562FBC8E4E6751A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
Manifest number:          1152
Signing time:             Sat 04 May 2024 15:01:40 +0000
Manifest this update:     Sat 04 May 2024 15:01:40 +0000
Manifest next update:     Sun 05 May 2024 15:01:40 +0000
Files and hashes:         1: 3DC4_dBG72WGgJfwNrinyFVyqtA.crl (hash: cfhIJBtW78FyqU6TeJTV8YsLgb48KTASNDkcbnpJrJo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:44:20:08:46:b4:df:be:14:56:2f:bc:8e:4e:67:51:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc30b8fdd046ef65868097f036b8a7c85572aad0
        Validity
            Not Before: May  4 15:01:40 2024 GMT
            Not After : May  5 15:01:40 2024 GMT
        Subject: CN=950d500ccb8e3630c52456daf15128ba159647d7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:58:c9:b9:26:79:24:db:25:63:05:ca:bf:ac:
                    77:95:81:26:e3:f2:72:6a:c0:b1:0e:c2:63:be:d7:
                    78:17:38:fa:6f:4f:7a:e7:8d:63:d5:c4:7f:b8:62:
                    88:e8:b9:2e:5a:c0:e3:bb:ab:99:b5:bf:d7:6e:11:
                    34:15:8b:0b:73:f6:8b:09:b8:48:2b:80:5d:f8:ae:
                    30:c6:f4:44:0a:ee:23:36:41:93:22:68:09:1a:8c:
                    dd:90:16:81:57:ad:c6:11:4b:18:85:fd:76:52:99:
                    ed:58:60:46:3e:6f:fc:b1:46:b3:d6:d3:25:8c:25:
                    44:ec:41:f9:ba:0e:7b:8f:fa:a0:78:cb:c8:c7:f6:
                    9c:fb:2c:bf:40:54:1f:99:8f:1f:eb:4f:a8:8e:67:
                    fd:cc:a7:f5:ec:c6:f2:59:d3:bd:b0:c1:98:1f:55:
                    82:83:68:58:61:9d:d0:18:8d:35:56:a5:32:24:1b:
                    b3:a1:02:d5:a0:89:f2:7c:6e:18:7c:e6:06:85:c0:
                    5c:e0:bc:2c:a1:76:e1:30:7d:bc:8d:0d:9e:cb:b2:
                    26:3b:00:36:91:ef:f3:f1:e4:5f:83:bd:18:ec:25:
                    ad:fe:0f:d0:f4:77:54:33:d6:fd:86:fe:f8:37:78:
                    b7:72:51:18:36:db:25:2e:f0:d3:b3:2f:04:02:d7:
                    99:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:0D:50:0C:CB:8E:36:30:C5:24:56:DA:F1:51:28:BA:15:96:47:D7
            X509v3 Authority Key Identifier:
                keyid:DC:30:B8:FD:D0:46:EF:65:86:80:97:F0:36:B8:A7:C8:55:72:AA:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DC4_dBG72WGgJfwNrinyFVyqtA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/53933c-d1b8-4362-9e1f-29a0aa6c4ad1/1/3DC4_dBG72WGgJfwNrinyFVyqtA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:b4:10:de:27:37:28:b6:fd:d0:2e:00:14:03:f9:77:a0:8c:
         4d:07:42:70:fd:a3:70:b4:b1:4e:aa:fb:a0:f0:47:ee:5a:7f:
         2c:e1:83:e5:29:6d:6b:ae:5a:98:a3:0d:ed:c9:2e:d4:e8:49:
         eb:cd:c0:76:a6:30:0d:b7:dc:31:22:0c:2e:75:0b:bb:d3:60:
         04:1d:ab:ce:0d:79:27:60:d7:c0:0c:50:a2:f5:01:9f:70:f4:
         4b:48:ed:bb:a9:fb:4e:d1:b3:cb:f0:ac:46:f9:9d:22:c0:a2:
         ac:22:5c:44:8e:9a:e0:21:31:99:81:1e:64:ab:55:85:14:90:
         8c:7e:41:64:11:ab:67:5e:18:8d:d2:9c:77:88:c7:36:11:10:
         7b:06:50:ff:68:d1:97:67:52:89:e9:d0:bf:5d:a0:1c:51:3c:
         f8:2a:e8:53:cb:3c:c4:dd:db:89:7e:c2:f3:32:06:7d:29:44:
         05:dc:27:64:75:04:26:a1:2e:ef:88:fe:52:9c:12:8f:a6:99:
         e7:3d:1f:f9:a7:21:0b:b0:f2:99:a7:b1:41:d7:61:0f:b5:63:
         48:7c:84:88:b2:ad:30:74:5d:68:d6:b8:d3:8b:49:f0:c5:aa:
         83:34:5c:04:a6:ce:6a:fb:5f:48:e7:e2:a7:8a:a4:18:8d:0f:
         5b:31:f6:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9EIAhGtN++FFYvvI5OZ1GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMzBiOGZkZDA0NmVmNjU4NjgwOTdmMDM2YjhhN2M4NTU3
MmFhZDAwHhcNMjQwNTA0MTUwMTQwWhcNMjQwNTA1MTUwMTQwWjAzMTEwLwYDVQQD
Eyg5NTBkNTAwY2NiOGUzNjMwYzUyNDU2ZGFmMTUxMjhiYTE1OTY0N2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoljJuSZ5JNslYwXKv6x3lYEm4/Jy
asCxDsJjvtd4Fzj6b096541j1cR/uGKI6LkuWsDju6uZtb/XbhE0FYsLc/aLCbhI
K4Bd+K4wxvRECu4jNkGTImgJGozdkBaBV63GEUsYhf12UpntWGBGPm/8sUaz1tMl
jCVE7EH5ug57j/qgeMvIx/ac+yy/QFQfmY8f60+ojmf9zKf17MbyWdO9sMGYH1WC
g2hYYZ3QGI01VqUyJBuzoQLVoInyfG4YfOYGhcBc4LwsoXbhMH28jQ2ey7ImOwA2
ke/z8eRfg70Y7CWt/g/Q9HdUM9b9hv74N3i3clEYNtslLvDTsy8EAteZiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUNUAzLjjYwxSRW2vFRKLoVlkfXMB8GA1UdIwQY
MBaAFNwwuP3QRu9lhoCX8Da4p8hVcqrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYt
MjlhMGFhNmM0YWQxLzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81MzkzM2MtZDFiOC00MzYyLTllMWYtMjlhMGFhNmM0YWQx
LzEvM0RDNF9kQkc3MldHZ0pmd05yaW55RlZ5cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHrQQ3ic3
KLb90C4AFAP5d6CMTQdCcP2jcLSxTqr7oPBH7lp/LOGD5Slta65amKMN7cku1OhJ
683AdqYwDbfcMSIMLnULu9NgBB2rzg15J2DXwAxQovUBn3D0S0jtu6n7TtGzy/Cs
RvmdIsCirCJcRI6a4CExmYEeZKtVhRSQjH5BZBGrZ14YjdKcd4jHNhEQewZQ/2jR
l2dSienQv12gHFE8+CroU8s8xN3biX7C8zIGfSlEBdwnZHUEJqEu74j+UpwSj6aZ
5z0f+achC7DymaexQddhD7VjSHyEiLKtMHRdaNa404tJ8MWqgzRcBKbOavtfSOfi
p4qkGI0PWzH2gQ==
-----END CERTIFICATE-----