Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
File:                     q3rQAuSQheSApRIaeaJvztr_oZs.mft (raw, json)
Hash identifier:          X9ZJ2lbxhnysi+/ZxtaO39cRQz52EMa+Y8IbfLOZF14=
Subject key identifier:   B3:AA:AD:1A:7C:96:81:E9:10:EC:86:80:34:1F:FD:98:AC:B7:96:35
Authority key identifier: AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B
Certificate issuer:       /CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
Certificate serial:       018F874A978173918455BEEE494E521B67B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
Manifest number:          0E74
Signing time:             Fri 17 May 2024 16:02:43 +0000
Manifest this update:     Fri 17 May 2024 16:02:43 +0000
Manifest next update:     Sat 18 May 2024 16:02:43 +0000
Files and hashes:         1: q3rQAuSQheSApRIaeaJvztr_oZs.crl (hash: Q4XL4sXzF0UdbdmdWcgrzLhFCVuFUjtfT2NSb/0S3Zw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:97:81:73:91:84:55:be:ee:49:4e:52:1b:67:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ab7ad002e49085e480a5121a79a26fcedaffa19b
        Validity
            Not Before: May 17 16:02:43 2024 GMT
            Not After : May 18 16:02:43 2024 GMT
        Subject: CN=b3aaad1a7c9681e910ec8680341ffd98acb79635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:ec:57:46:fa:e9:bd:7b:31:dd:48:71:f2:06:
                    a2:88:63:78:a5:40:9c:35:79:a1:42:26:f9:a4:be:
                    a7:87:39:5c:c8:46:2a:41:9e:03:ae:81:6f:97:62:
                    48:4a:f3:e8:e9:79:c0:3d:20:6e:61:4c:b3:46:c0:
                    3e:98:ab:ce:49:d9:43:eb:20:11:9f:a5:2d:1d:e7:
                    09:ea:88:8e:56:50:94:34:b0:2d:e4:17:da:f3:e6:
                    60:a4:bf:09:64:ee:ab:15:3a:20:54:6d:fc:62:f1:
                    cd:d4:3b:6b:58:67:6c:47:29:04:76:ec:da:61:fe:
                    f1:a9:6a:ee:bb:1e:50:9a:ee:36:16:5e:29:3b:00:
                    e8:91:a4:66:4a:df:02:38:ec:2f:0c:3e:dc:c5:17:
                    7f:d7:e5:02:6c:3c:2d:b7:ef:4e:1b:54:5b:93:8b:
                    f7:c6:06:12:08:c2:c9:69:15:2f:9b:5e:8f:c9:5e:
                    fa:30:19:ee:b4:28:c8:5a:7a:0e:1a:27:dc:76:ba:
                    43:59:e6:fb:5e:29:06:6e:43:e4:d6:c9:19:f6:da:
                    cb:40:a0:ca:03:0f:d8:e8:09:87:0a:e2:15:2a:1b:
                    29:aa:77:97:bf:8f:78:92:df:9b:50:20:5d:e5:84:
                    81:96:1d:03:94:26:96:16:1a:b1:36:d5:94:06:30:
                    e8:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:AA:AD:1A:7C:96:81:E9:10:EC:86:80:34:1F:FD:98:AC:B7:96:35
            X509v3 Authority Key Identifier:
                keyid:AB:7A:D0:02:E4:90:85:E4:80:A5:12:1A:79:A2:6F:CE:DA:FF:A1:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3rQAuSQheSApRIaeaJvztr_oZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/22/24fbb6-86bc-46cb-88e5-b5873ba8fe47/1/q3rQAuSQheSApRIaeaJvztr_oZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:8f:e4:ec:0f:dd:62:0c:09:25:f9:4c:a1:f2:90:36:46:a5:
         e5:ed:ec:45:fd:eb:c6:fb:aa:7e:a0:05:3d:6b:f9:f2:8f:09:
         26:fe:02:14:6f:5c:81:ef:aa:df:0d:53:c1:97:a3:92:b1:9a:
         f2:0a:3c:4d:10:d9:62:d5:ca:60:17:71:68:38:6f:f2:d0:3b:
         09:a1:17:40:23:5c:6d:ab:12:e0:b2:89:09:f7:89:e4:2e:9e:
         34:77:17:29:f3:b3:3e:f5:be:a9:ce:da:8b:57:17:b9:80:c1:
         94:ae:be:c0:95:dc:74:67:3f:09:ed:3c:43:07:9b:87:ef:58:
         49:21:f8:11:6d:8e:4a:c8:68:4e:e7:af:b4:53:c4:4a:18:38:
         52:a0:d3:28:04:20:d1:51:89:33:7b:a2:b4:0d:87:f3:ad:6c:
         b5:f6:fd:06:e2:56:a8:db:b1:ac:a5:2d:46:58:e7:14:93:dd:
         67:7c:0b:f0:77:e5:11:b6:e2:b7:06:10:85:44:c6:8d:42:26:
         ce:ee:b5:a6:fd:18:58:e2:a5:83:7f:2d:30:53:ee:b5:35:70:
         fd:75:b2:c3:10:08:01:2c:7b:0d:f9:d0:11:dc:b6:f1:39:29:
         3c:8e:ea:f1:7a:30:64:83:bb:5e:48:fe:c2:f3:4f:c6:a4:34:
         e2:80:31:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSpeBc5GEVb7uSU5SG2exMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FkMDAyZTQ5MDg1ZTQ4MGE1MTIxYTc5YTI2ZmNlZGFm
ZmExOWIwHhcNMjQwNTE3MTYwMjQzWhcNMjQwNTE4MTYwMjQzWjAzMTEwLwYDVQQD
EyhiM2FhYWQxYTdjOTY4MWU5MTBlYzg2ODAzNDFmZmQ5OGFjYjc5NjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOxXRvrpvXsx3Uhx8gaiiGN4pUCc
NXmhQib5pL6nhzlcyEYqQZ4DroFvl2JISvPo6XnAPSBuYUyzRsA+mKvOSdlD6yAR
n6UtHecJ6oiOVlCUNLAt5Bfa8+ZgpL8JZO6rFTogVG38YvHN1DtrWGdsRykEduza
Yf7xqWruux5Qmu42Fl4pOwDokaRmSt8COOwvDD7cxRd/1+UCbDwtt+9OG1Rbk4v3
xgYSCMLJaRUvm16PyV76MBnutCjIWnoOGifcdrpDWeb7XikGbkPk1skZ9trLQKDK
Aw/Y6AmHCuIVKhspqneXv494kt+bUCBd5YSBlh0DlCaWFhqxNtWUBjDojQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOqrRp8loHpEOyGgDQf/Zist5Y1MB8GA1UdIwQY
MBaAFKt60ALkkIXkgKUSGnmib87a/6GbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUt
YjU4NzNiYThmZTQ3LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yNGZiYjYtODZiYy00NmNiLTg4ZTUtYjU4NzNiYThmZTQ3
LzEvcTNyUUF1U1FoZVNBcFJJYWVhSnZ6dHJfb1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKY/k7A/d
YgwJJflMofKQNkal5e3sRf3rxvuqfqAFPWv58o8JJv4CFG9cge+q3w1TwZejkrGa
8go8TRDZYtXKYBdxaDhv8tA7CaEXQCNcbasS4LKJCfeJ5C6eNHcXKfOzPvW+qc7a
i1cXuYDBlK6+wJXcdGc/Ce08Qwebh+9YSSH4EW2OSshoTuevtFPEShg4UqDTKAQg
0VGJM3uitA2H861stfb9BuJWqNuxrKUtRljnFJPdZ3wL8HflEbbitwYQhUTGjUIm
zu61pv0YWOKlg38tMFPutTVw/XWywxAIASx7DfnQEdy28TkpPI7q8XowZIO7Xkj+
wvNPxqQ04oAxzA==
-----END CERTIFICATE-----