Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
File:                     DTr3NGYY2GMOAUanZREkQ-DCyP8.mft (raw, json)
Hash identifier:          9U7TYiFXBRE1hSiBDdou+cWosX//V2o0/6XZ7VfNmbE=
Subject key identifier:   21:F4:8E:F2:D5:BD:C7:91:97:29:7B:46:68:BC:69:B3:D6:9A:D2:F1
Authority key identifier: 0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF
Certificate issuer:       /CN=0d3af7346618d8630e0146a765112443e0c2c8ff
Certificate serial:       018F874AD3F8AC30C72477D097B48C951087
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
Manifest number:          020B
Signing time:             Fri 17 May 2024 16:02:59 +0000
Manifest this update:     Fri 17 May 2024 16:02:59 +0000
Manifest next update:     Sat 18 May 2024 16:02:59 +0000
Files and hashes:         1: DTr3NGYY2GMOAUanZREkQ-DCyP8.crl (hash: F2vRs7RLGx/oqAGazTfKNw6pO7QrMUxj93KYP4M/CuM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:d3:f8:ac:30:c7:24:77:d0:97:b4:8c:95:10:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3af7346618d8630e0146a765112443e0c2c8ff
        Validity
            Not Before: May 17 16:02:59 2024 GMT
            Not After : May 18 16:02:59 2024 GMT
        Subject: CN=21f48ef2d5bdc79197297b4668bc69b3d69ad2f1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:00:18:45:04:d0:a7:ff:5b:d1:19:bc:1f:dd:
                    51:35:c5:34:4f:fd:c5:30:df:1c:62:15:45:9d:76:
                    5d:b6:36:d7:d3:97:57:04:90:6d:84:db:1b:10:3f:
                    95:29:e0:89:a7:1b:b6:7d:56:29:04:13:c8:21:24:
                    86:94:8c:5a:c4:b9:e2:bb:cb:3e:f2:c0:43:2c:4e:
                    85:64:21:f7:33:23:91:ea:cc:88:19:74:d4:e7:53:
                    0f:d3:d8:70:bb:22:5f:7d:ef:5c:b1:0d:2e:dc:88:
                    6a:a0:5e:31:00:ec:ce:eb:07:30:92:6d:33:c5:ea:
                    56:1b:4d:3a:00:22:be:47:7f:a1:b3:94:3c:07:eb:
                    40:e9:de:c4:5f:52:81:85:c6:dd:6d:b4:a4:71:98:
                    e5:6b:28:75:02:00:02:1f:6f:12:7e:57:32:32:31:
                    f8:e0:0b:33:0d:50:be:5d:7e:f7:a5:05:39:30:07:
                    67:8a:22:f6:43:5e:e9:38:b6:5d:2d:7d:4d:cf:d5:
                    81:5e:60:96:0a:95:dd:70:91:50:e0:46:3d:0e:f9:
                    46:27:bb:0a:df:25:82:84:6a:a0:71:70:1b:23:51:
                    37:b6:c7:58:de:45:c6:df:1b:13:48:0b:a2:8d:11:
                    74:9f:25:d5:a2:5b:69:a7:5d:52:7e:36:23:3a:62:
                    23:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:F4:8E:F2:D5:BD:C7:91:97:29:7B:46:68:BC:69:B3:D6:9A:D2:F1
            X509v3 Authority Key Identifier:
                keyid:0D:3A:F7:34:66:18:D8:63:0E:01:46:A7:65:11:24:43:E0:C2:C8:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTr3NGYY2GMOAUanZREkQ-DCyP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/455702-5d5d-466b-b13a-f3b9b0b8dd70/1/DTr3NGYY2GMOAUanZREkQ-DCyP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:6a:43:5b:16:79:5f:b6:3f:0b:c1:c0:36:d9:e8:31:a3:8a:
         32:de:09:05:ea:5d:10:c5:39:f9:f0:47:4c:69:56:b8:e6:d6:
         be:bc:56:e8:61:d4:3c:c2:04:e1:de:e2:f4:b6:ef:03:b8:26:
         9d:21:4b:a3:b6:9a:e7:b2:c5:d1:60:5c:61:14:e9:90:c4:39:
         af:15:1c:5e:6d:57:52:7f:30:9a:37:cf:30:ed:36:ec:bb:fe:
         e9:fe:79:10:ea:83:7d:72:4c:1d:b3:1e:37:97:e9:86:78:64:
         90:2e:ac:8f:9f:f8:6d:8b:03:44:f0:dd:c4:5b:d4:5a:6c:0f:
         c2:5e:23:ed:43:0d:6c:b5:de:34:65:81:8a:1c:3f:8f:79:76:
         6b:e3:0a:60:da:43:b4:0c:7c:e1:ec:1e:89:4a:76:f5:36:f9:
         fb:87:74:a9:b4:a6:7c:26:74:94:ea:d1:0d:d8:47:cd:aa:dd:
         a3:59:51:98:03:6e:ed:29:75:5e:5f:31:5b:e1:5d:f4:cd:d9:
         d6:c3:89:2e:48:31:d7:d4:41:68:f8:7d:90:65:38:d2:a4:08:
         6c:c5:cf:84:5f:c4:9b:2c:57:1b:6d:43:42:03:d8:99:d0:4c:
         a4:7f:ae:15:f8:76:30:30:39:bc:b2:c0:6c:d7:56:3a:d5:89:
         4d:ee:7f:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HStP4rDDHJHfQl7SMlRCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2FmNzM0NjYxOGQ4NjMwZTAxNDZhNzY1MTEyNDQzZTBj
MmM4ZmYwHhcNMjQwNTE3MTYwMjU5WhcNMjQwNTE4MTYwMjU5WjAzMTEwLwYDVQQD
EygyMWY0OGVmMmQ1YmRjNzkxOTcyOTdiNDY2OGJjNjliM2Q2OWFkMmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wAYRQTQp/9b0Rm8H91RNcU0T/3F
MN8cYhVFnXZdtjbX05dXBJBthNsbED+VKeCJpxu2fVYpBBPIISSGlIxaxLniu8s+
8sBDLE6FZCH3MyOR6syIGXTU51MP09hwuyJffe9csQ0u3IhqoF4xAOzO6wcwkm0z
xepWG006ACK+R3+hs5Q8B+tA6d7EX1KBhcbdbbSkcZjlayh1AgACH28SflcyMjH4
4AszDVC+XX73pQU5MAdniiL2Q17pOLZdLX1Nz9WBXmCWCpXdcJFQ4EY9DvlGJ7sK
3yWChGqgcXAbI1E3tsdY3kXG3xsTSAuijRF0nyXVoltpp11SfjYjOmIjJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCH0jvLVvceRlyl7Rmi8abPWmtLxMB8GA1UdIwQY
MBaAFA069zRmGNhjDgFGp2URJEPgwsj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2Et
ZjNiOWIwYjhkZDcwLzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80NTU3MDItNWQ1ZC00NjZiLWIxM2EtZjNiOWIwYjhkZDcw
LzEvRFRyM05HWVkyR01PQVVhblpSRWtRLURDeVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfmpDWxZ5
X7Y/C8HANtnoMaOKMt4JBepdEMU5+fBHTGlWuObWvrxW6GHUPMIE4d7i9LbvA7gm
nSFLo7aa57LF0WBcYRTpkMQ5rxUcXm1XUn8wmjfPMO027Lv+6f55EOqDfXJMHbMe
N5fphnhkkC6sj5/4bYsDRPDdxFvUWmwPwl4j7UMNbLXeNGWBihw/j3l2a+MKYNpD
tAx84eweiUp29Tb5+4d0qbSmfCZ0lOrRDdhHzardo1lRmANu7Sl1Xl8xW+Fd9M3Z
1sOJLkgx19RBaPh9kGU40qQIbMXPhF/EmyxXG21DQgPYmdBMpH+uFfh2MDA5vLLA
bNdWOtWJTe5/4Q==
-----END CERTIFICATE-----