Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File:                     ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier:          xekTFROKn/pa3HaW0ZVqDU55YTqKS8Nhd8kfs791a4w=
Subject key identifier:   5C:0E:96:F6:1A:7F:1C:FB:76:E0:0E:F5:26:FD:2B:8E:10:9B:2A:7B
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer:       /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial:       018F8748BB969B59A54A587030EA6FD916B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number:          021F
Signing time:             Fri 17 May 2024 16:00:41 +0000
Manifest this update:     Fri 17 May 2024 16:00:41 +0000
Manifest next update:     Sat 18 May 2024 16:00:41 +0000
Files and hashes:         1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: LJQpckp2rSpzy6nFSZPad+uy/0ASlH0rUSMSjmo12xE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:bb:96:9b:59:a5:4a:58:70:30:ea:6f:d9:16:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
        Validity
            Not Before: May 17 16:00:41 2024 GMT
            Not After : May 18 16:00:41 2024 GMT
        Subject: CN=5c0e96f61a7f1cfb76e00ef526fd2b8e109b2a7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:d8:a8:c4:7b:b9:37:3c:88:07:71:73:8e:01:
                    89:63:66:99:17:c6:e1:2a:71:2c:99:b9:30:bf:c1:
                    43:06:ea:a1:2c:bd:cd:23:a9:f0:1d:70:8d:df:0a:
                    5a:d1:36:df:d7:9a:41:39:bd:4d:b9:57:4b:5d:12:
                    e4:71:54:95:59:e7:b1:d1:fd:77:35:e1:08:b0:45:
                    23:b1:95:28:de:b6:fb:c5:a8:70:ba:ee:80:b3:9b:
                    f9:6c:e5:07:fd:2b:d5:77:d6:5d:60:83:e0:44:f2:
                    b7:c9:d9:dd:5f:45:e6:70:fb:0f:26:df:b7:25:fb:
                    67:1a:d5:95:51:3b:0d:93:22:7c:1f:f4:14:89:63:
                    69:fb:d3:8b:19:93:35:88:2c:96:c8:54:44:b9:05:
                    a0:40:1c:fa:fb:33:bc:ea:ea:58:66:74:49:44:fa:
                    47:04:39:05:f5:51:b4:19:e8:79:6a:c9:b4:5b:e2:
                    38:89:ad:9d:17:5e:73:a9:93:d3:a9:b7:93:cf:54:
                    5b:96:f0:ce:9d:69:71:10:48:33:f1:1d:b0:c0:94:
                    84:3e:ef:8e:0c:21:fc:3c:bc:0a:88:ce:00:2d:c1:
                    ef:ee:f9:48:b6:5b:31:b1:e3:9d:4f:2e:e6:aa:9d:
                    53:74:d3:27:21:d8:5b:ba:c1:e0:89:7b:94:2e:e6:
                    ae:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:0E:96:F6:1A:7F:1C:FB:76:E0:0E:F5:26:FD:2B:8E:10:9B:2A:7B
            X509v3 Authority Key Identifier:
                keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:fc:00:d0:86:49:22:e0:c0:cf:ba:cb:69:a5:2a:ca:18:cd:
         a5:69:12:72:62:19:48:8b:73:90:9a:c8:15:6d:7b:c3:a8:87:
         16:85:e7:52:05:8c:c6:77:a2:cf:4f:b6:e2:1e:54:6e:25:74:
         5f:10:54:5e:dd:bf:8c:8d:f7:f6:4a:2c:79:ab:b6:e8:e9:e1:
         c6:13:06:bb:b2:f8:df:d1:c5:4a:6f:bc:1f:e5:93:5b:48:6c:
         1d:97:1c:e2:80:ec:fb:52:85:ca:4b:19:22:0d:60:1e:94:0d:
         2b:e3:34:cd:b2:05:29:73:fd:e5:3b:e2:81:94:c6:c4:e4:8f:
         e6:59:52:de:2f:0e:9a:20:06:18:06:0f:2b:79:34:97:9b:3b:
         6c:57:60:ad:57:5a:83:6e:96:a6:66:c4:a2:e6:79:8b:c2:af:
         57:a1:ae:a1:d8:10:a3:97:74:6b:93:2f:46:6a:05:99:dc:42:
         07:92:25:ae:50:f6:77:c6:89:b3:94:3c:a0:7d:66:a6:f7:af:
         87:39:bd:13:ee:94:65:de:3e:36:f5:9e:4c:10:86:e9:61:fa:
         7f:de:23:3f:02:fa:44:5b:62:b3:b4:53:72:2a:01:e0:c5:cd:
         0c:e7:9a:0f:54:d5:54:62:fc:bc:d3:34:ac:57:a3:61:a8:cb:
         27:03:2b:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSLuWm1mlSlhwMOpv2RayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjQwNTE3MTYwMDQxWhcNMjQwNTE4MTYwMDQxWjAzMTEwLwYDVQQD
Eyg1YzBlOTZmNjFhN2YxY2ZiNzZlMDBlZjUyNmZkMmI4ZTEwOWIyYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNioxHu5NzyIB3FzjgGJY2aZF8bh
KnEsmbkwv8FDBuqhLL3NI6nwHXCN3wpa0Tbf15pBOb1NuVdLXRLkcVSVWeex0f13
NeEIsEUjsZUo3rb7xahwuu6As5v5bOUH/SvVd9ZdYIPgRPK3ydndX0XmcPsPJt+3
JftnGtWVUTsNkyJ8H/QUiWNp+9OLGZM1iCyWyFREuQWgQBz6+zO86upYZnRJRPpH
BDkF9VG0Geh5asm0W+I4ia2dF15zqZPTqbeTz1RblvDOnWlxEEgz8R2wwJSEPu+O
DCH8PLwKiM4ALcHv7vlItlsxseOdTy7mqp1TdNMnIdhbusHgiXuULuauWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFwOlvYafxz7duAO9Sb9K44Qmyp7MB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjPwA0IZJ
IuDAz7rLaaUqyhjNpWkScmIZSItzkJrIFW17w6iHFoXnUgWMxneiz0+24h5UbiV0
XxBUXt2/jI339koseau26OnhxhMGu7L439HFSm+8H+WTW0hsHZcc4oDs+1KFyksZ
Ig1gHpQNK+M0zbIFKXP95TvigZTGxOSP5llS3i8OmiAGGAYPK3k0l5s7bFdgrVda
g26WpmbEouZ5i8KvV6GuodgQo5d0a5MvRmoFmdxCB5IlrlD2d8aJs5Q8oH1mpvev
hzm9E+6UZd4+NvWeTBCG6WH6f94jPwL6RFtis7RTcioB4MXNDOeaD1TVVGL8vNM0
rFejYajLJwMrpQ==
-----END CERTIFICATE-----