Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
File:                     3VShBsGZ81M-VritvPpLGsPmkJ8.mft (raw, json)
Hash identifier:          /ETX6RyBmgDtiuCp4AbrhvFsxZ583/YjFD6lCmPRVUc=
Subject key identifier:   6B:9B:A4:EA:2B:38:B5:74:57:35:F3:CB:53:0B:00:CF:AC:C8:6C:60
Authority key identifier: DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F
Certificate issuer:       /CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
Certificate serial:       018F478ECE32357830BC9572610A12B55041
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
Manifest number:          0423
Signing time:             Sun 05 May 2024 07:01:32 +0000
Manifest this update:     Sun 05 May 2024 07:01:32 +0000
Manifest next update:     Mon 06 May 2024 07:01:32 +0000
Files and hashes:         1: 3VShBsGZ81M-VritvPpLGsPmkJ8.crl (hash: MnGMP7Eok3GbZlQLxd+eT3hLL+/o7MtW0SfwIJX7O44=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 07:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:47:8e:ce:32:35:78:30:bc:95:72:61:0a:12:b5:50:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd54a106c199f3533e56b8adbcfa4b1ac3e6909f
        Validity
            Not Before: May  5 07:01:32 2024 GMT
            Not After : May  6 07:01:32 2024 GMT
        Subject: CN=6b9ba4ea2b38b5745735f3cb530b00cfacc86c60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:e1:3e:94:6e:0e:94:28:46:c5:f4:71:b6:5a:
                    d5:4c:63:5e:da:64:ca:c0:09:99:ff:a4:78:65:59:
                    eb:c6:f6:f7:7b:22:44:da:cc:d9:c3:ff:b2:70:cd:
                    c9:df:f1:c9:ad:45:cd:0a:19:ca:9b:10:d4:61:46:
                    6c:ec:64:c1:fd:bf:1a:30:6f:92:4f:86:37:3a:45:
                    00:20:c4:8c:6c:ab:f4:1e:04:5b:b0:95:9e:b7:49:
                    0b:ca:4e:04:db:17:79:13:f7:bc:d4:1b:a8:6b:93:
                    72:8e:e1:1d:cf:9f:85:50:a0:3c:1e:bf:67:dd:d0:
                    ef:9e:41:6b:53:1b:64:ef:78:d1:38:80:ff:dc:90:
                    10:af:b4:41:82:dd:5d:a6:04:ef:ef:90:3a:28:3c:
                    a2:e1:12:86:d2:96:5b:5a:2a:5e:ea:94:af:16:60:
                    68:b7:7a:0d:87:8a:aa:10:22:68:34:79:36:b0:a1:
                    03:8a:e5:ae:3a:1e:3b:33:fd:c7:cd:b4:01:1e:79:
                    27:b0:9a:11:da:66:41:d2:6c:d5:cf:8a:95:70:88:
                    cf:0b:3c:2d:4a:7b:88:f0:c0:01:dc:74:63:a0:ae:
                    37:2d:23:32:f3:27:2c:72:3a:21:63:5f:c7:84:1c:
                    02:c7:9b:15:d8:d1:72:43:7d:89:1b:74:b5:56:98:
                    b8:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:9B:A4:EA:2B:38:B5:74:57:35:F3:CB:53:0B:00:CF:AC:C8:6C:60
            X509v3 Authority Key Identifier:
                keyid:DD:54:A1:06:C1:99:F3:53:3E:56:B8:AD:BC:FA:4B:1A:C3:E6:90:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VShBsGZ81M-VritvPpLGsPmkJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/c8f26c-b262-487f-ad47-341af1f0769b/1/3VShBsGZ81M-VritvPpLGsPmkJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         18:7a:cd:b8:7a:ba:dc:f2:ff:5c:dd:96:ad:25:c4:ab:ae:8b:
         ee:dc:46:98:83:3c:62:d5:59:44:44:a0:c9:26:ab:6a:ff:71:
         7c:c8:ef:e0:5b:2c:b0:93:b4:ac:e8:8c:e5:56:68:5c:1c:6b:
         47:ca:b3:2a:85:1e:a9:bb:66:b0:4c:12:72:0f:79:79:b6:8d:
         10:32:fb:b7:a4:27:0b:12:f4:09:14:39:ee:11:3c:62:5f:2b:
         04:3a:b1:42:16:3d:ad:f6:69:21:72:ca:c5:00:00:94:63:92:
         03:36:8b:5d:3c:84:1f:19:a7:86:38:32:d5:2d:29:e2:5a:e9:
         1d:d4:1e:24:86:2c:ed:7c:25:a0:cb:c8:74:b2:57:ce:90:5d:
         da:21:fd:a3:d5:56:36:ad:cd:f1:8d:15:83:d2:bc:be:59:49:
         e6:57:8d:ba:1d:bb:c5:78:9c:03:f9:df:74:47:bf:c4:3e:50:
         72:3f:38:02:72:d8:72:b1:35:b4:38:19:2e:3d:ad:9e:ee:4b:
         05:0b:9f:11:64:53:dc:eb:c8:00:f2:38:77:24:69:ad:da:e1:
         1a:f9:42:59:55:51:60:b3:c9:2a:23:64:39:01:74:83:93:ef:
         f9:9d:75:cb:6e:8a:a6:04:29:c2:f3:c2:43:a5:54:db:e4:5b:
         39:d4:4d:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Hjs4yNXgwvJVyYQoStVBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTRhMTA2YzE5OWYzNTMzZTU2YjhhZGJjZmE0YjFhYzNl
NjkwOWYwHhcNMjQwNTA1MDcwMTMyWhcNMjQwNTA2MDcwMTMyWjAzMTEwLwYDVQQD
Eyg2YjliYTRlYTJiMzhiNTc0NTczNWYzY2I1MzBiMDBjZmFjYzg2YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uE+lG4OlChGxfRxtlrVTGNe2mTK
wAmZ/6R4ZVnrxvb3eyJE2szZw/+ycM3J3/HJrUXNChnKmxDUYUZs7GTB/b8aMG+S
T4Y3OkUAIMSMbKv0HgRbsJWet0kLyk4E2xd5E/e81Buoa5NyjuEdz5+FUKA8Hr9n
3dDvnkFrUxtk73jROID/3JAQr7RBgt1dpgTv75A6KDyi4RKG0pZbWipe6pSvFmBo
t3oNh4qqECJoNHk2sKEDiuWuOh47M/3HzbQBHnknsJoR2mZB0mzVz4qVcIjPCzwt
SnuI8MAB3HRjoK43LSMy8ycscjohY1/HhBwCx5sV2NFyQ32JG3S1Vpi4JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGubpOorOLV0VzXzy1MLAM+syGxgMB8GA1UdIwQY
MBaAFN1UoQbBmfNTPla4rbz6SxrD5pCfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDct
MzQxYWYxZjA3NjliLzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9jOGYyNmMtYjI2Mi00ODdmLWFkNDctMzQxYWYxZjA3Njli
LzEvM1ZTaEJzR1o4MU0tVnJpdHZQcExHc1Bta0o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGHrNuHq6
3PL/XN2WrSXEq66L7txGmIM8YtVZRESgySarav9xfMjv4FsssJO0rOiM5VZoXBxr
R8qzKoUeqbtmsEwScg95ebaNEDL7t6QnCxL0CRQ57hE8Yl8rBDqxQhY9rfZpIXLK
xQAAlGOSAzaLXTyEHxmnhjgy1S0p4lrpHdQeJIYs7XwloMvIdLJXzpBd2iH9o9VW
Nq3N8Y0Vg9K8vllJ5leNuh27xXicA/nfdEe/xD5Qcj84AnLYcrE1tDgZLj2tnu5L
BQufEWRT3OvIAPI4dyRprdrhGvlCWVVRYLPJKiNkOQF0g5Pv+Z11y26KpgQpwvPC
Q6VU2+RbOdRNPw==
-----END CERTIFICATE-----