Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
File:                     MT3NGHEiZlBFhpdnM8ofkvYmH14.mft (raw, json)
Hash identifier:          MUsqxu6AkyD9xgvA56F61Vv304JrjnGqwwDS3hZF/yc=
Subject key identifier:   B1:21:B6:11:02:13:31:FF:05:90:1F:71:77:A1:5C:4C:B1:CE:E7:14
Authority key identifier: 31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E
Certificate issuer:       /CN=313dcd18712266504586976733ca1f92f6261f5e
Certificate serial:       018F89370E1079E5BE4F2315AE0B11682F2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
Manifest number:          0FA4
Signing time:             Sat 18 May 2024 01:00:37 +0000
Manifest this update:     Sat 18 May 2024 01:00:37 +0000
Manifest next update:     Sun 19 May 2024 01:00:37 +0000
Files and hashes:         1: MT3NGHEiZlBFhpdnM8ofkvYmH14.crl (hash: nRbNA1i+E2OdE/SDg/q+mtTQtyIaMYxal1beqVxVzwk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:89:37:0e:10:79:e5:be:4f:23:15:ae:0b:11:68:2f:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=313dcd18712266504586976733ca1f92f6261f5e
        Validity
            Not Before: May 18 01:00:37 2024 GMT
            Not After : May 19 01:00:37 2024 GMT
        Subject: CN=b121b611021331ff05901f7177a15c4cb1cee714
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:cc:66:88:2a:76:9f:26:be:d5:6c:13:97:b5:
                    c2:d0:7f:37:e0:df:9a:03:4e:95:c7:63:3c:18:71:
                    2f:1f:e8:76:c3:6f:cc:11:53:a3:21:2c:4c:e9:52:
                    e8:75:b2:c5:d7:b4:31:db:70:46:bf:02:21:d4:e0:
                    52:56:9a:a4:d1:53:02:e6:ee:5a:d1:08:b3:54:b7:
                    75:62:50:45:37:69:ff:80:cd:25:0e:70:12:23:7d:
                    c4:85:16:0a:cf:ba:7e:c2:3d:d7:18:66:9b:d1:fd:
                    14:ca:70:79:76:3b:94:ff:aa:74:4e:08:46:b9:12:
                    71:7f:79:6f:43:27:c7:b5:2f:e7:b4:57:5d:b0:53:
                    89:43:d7:fe:0e:cd:00:32:ea:02:1c:38:85:c9:4e:
                    b8:1d:8e:18:72:d6:cb:65:e1:f4:ce:a0:11:0b:a3:
                    a4:6c:34:a7:79:e3:f4:f3:36:b4:dc:09:c1:59:0d:
                    fb:52:63:a8:bf:22:c8:58:11:fe:4a:17:de:17:82:
                    4b:3f:b2:44:bd:5b:10:93:a6:89:ff:6d:55:b2:80:
                    65:31:52:44:0a:48:9d:c3:73:05:85:c7:53:08:f4:
                    ae:b1:ab:1f:7b:f0:98:1e:04:55:a6:0c:c5:4a:05:
                    c4:cc:ea:bb:5d:e6:d3:15:7a:c4:f1:08:69:d2:86:
                    9d:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:21:B6:11:02:13:31:FF:05:90:1F:71:77:A1:5C:4C:B1:CE:E7:14
            X509v3 Authority Key Identifier:
                keyid:31:3D:CD:18:71:22:66:50:45:86:97:67:33:CA:1F:92:F6:26:1F:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MT3NGHEiZlBFhpdnM8ofkvYmH14.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b9ecf9-3ba8-47e4-8954-c415a68af0dd/1/MT3NGHEiZlBFhpdnM8ofkvYmH14.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         02:58:9b:a4:16:9c:63:4e:b4:0c:74:75:25:6b:04:2a:8b:b0:
         f1:63:f7:58:1d:77:b0:02:bc:9b:77:3f:1f:3b:f6:6e:c8:b4:
         7d:76:44:19:28:ce:b1:8d:6c:e4:71:05:e0:de:65:66:86:83:
         1c:14:3f:ff:1f:a4:96:3f:3f:8b:52:03:ff:2b:c1:3f:06:ea:
         aa:0a:e8:c7:94:39:34:87:c3:ae:c5:b7:25:60:20:a3:ff:22:
         9f:1d:0b:26:b4:a5:1d:79:5e:bb:ba:9c:8a:e2:c7:9b:05:34:
         00:fe:e9:d1:a4:ad:f1:4d:38:cc:2a:fb:63:6a:e5:ae:da:2e:
         6e:c1:3c:16:86:3c:60:21:b9:56:af:ba:dc:0a:64:56:74:e0:
         e3:3e:86:48:ef:66:56:2c:a8:42:f9:ff:aa:5a:1a:7b:eb:8d:
         8b:43:41:d0:d1:c0:36:6d:f3:7a:fd:27:53:de:78:0e:c3:c8:
         ef:cb:0e:5f:8d:03:7b:63:86:00:1b:ad:6d:75:7e:21:7b:94:
         e1:a0:2e:1d:f9:29:aa:ff:76:96:3d:34:3e:09:e7:77:96:9b:
         19:74:9e:62:44:2d:5b:f3:da:ec:4e:a1:ab:15:52:df:8b:f7:
         68:a5:39:e6:6c:de:61:b3:65:13:9d:ce:9d:78:92:08:a1:22:
         fb:ef:31:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+JNw4QeeW+TyMVrgsRaC8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxM2RjZDE4NzEyMjY2NTA0NTg2OTc2NzMzY2ExZjkyZjYy
NjFmNWUwHhcNMjQwNTE4MDEwMDM3WhcNMjQwNTE5MDEwMDM3WjAzMTEwLwYDVQQD
EyhiMTIxYjYxMTAyMTMzMWZmMDU5MDFmNzE3N2ExNWM0Y2IxY2VlNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscxmiCp2nya+1WwTl7XC0H834N+a
A06Vx2M8GHEvH+h2w2/MEVOjISxM6VLodbLF17Qx23BGvwIh1OBSVpqk0VMC5u5a
0QizVLd1YlBFN2n/gM0lDnASI33EhRYKz7p+wj3XGGab0f0UynB5djuU/6p0TghG
uRJxf3lvQyfHtS/ntFddsFOJQ9f+Ds0AMuoCHDiFyU64HY4YctbLZeH0zqARC6Ok
bDSneeP08za03AnBWQ37UmOovyLIWBH+ShfeF4JLP7JEvVsQk6aJ/21VsoBlMVJE
Ckidw3MFhcdTCPSusasfe/CYHgRVpgzFSgXEzOq7XebTFXrE8Qhp0oadswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLEhthECEzH/BZAfcXehXEyxzucUMB8GA1UdIwQY
MBaAFDE9zRhxImZQRYaXZzPKH5L2Jh9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQt
YzQxNWE2OGFmMGRkLzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iOWVjZjktM2JhOC00N2U0LTg5NTQtYzQxNWE2OGFmMGRk
LzEvTVQzTkdIRWlabEJGaHBkbk04b2ZrdlltSDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAlibpBac
Y060DHR1JWsEKouw8WP3WB13sAK8m3c/Hzv2bsi0fXZEGSjOsY1s5HEF4N5lZoaD
HBQ//x+klj8/i1ID/yvBPwbqqgrox5Q5NIfDrsW3JWAgo/8inx0LJrSlHXleu7qc
iuLHmwU0AP7p0aSt8U04zCr7Y2rlrtoubsE8FoY8YCG5Vq+63ApkVnTg4z6GSO9m
ViyoQvn/qloae+uNi0NB0NHANm3zev0nU954DsPI78sOX40De2OGAButbXV+IXuU
4aAuHfkpqv92lj00Pgnnd5abGXSeYkQtW/Pa7E6hqxVS34v3aKU55mzeYbNlE53O
nXiSCKEi++8xVg==
-----END CERTIFICATE-----