Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
File:                     LONOJrtlYwuGk29JaTU-18hplcg.mft (raw, json)
Hash identifier:          bUNdTF4i/Zs61Zcx6eGhG8uWln0s2kme3VkJ7hVh3Ew=
Subject key identifier:   0D:42:9F:D8:CE:83:63:AE:88:31:DA:6B:8E:C2:AC:39:BF:2F:D2:34
Authority key identifier: 2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8
Certificate issuer:       /CN=2ce34e26bb65630b86936f4969353ed7c86995c8
Certificate serial:       018F8891F9FFAA2E841F342CCFE2A081B240
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
Manifest number:          10B3
Signing time:             Fri 17 May 2024 22:00:18 +0000
Manifest this update:     Fri 17 May 2024 22:00:18 +0000
Manifest next update:     Sat 18 May 2024 22:00:18 +0000
Files and hashes:         1: LONOJrtlYwuGk29JaTU-18hplcg.crl (hash: wHRP2L8nCnwOmSEA/ZDvDWbBUct98dBFOAnffsLW6LQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:91:f9:ff:aa:2e:84:1f:34:2c:cf:e2:a0:81:b2:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ce34e26bb65630b86936f4969353ed7c86995c8
        Validity
            Not Before: May 17 22:00:18 2024 GMT
            Not After : May 18 22:00:18 2024 GMT
        Subject: CN=0d429fd8ce8363ae8831da6b8ec2ac39bf2fd234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0b:83:ab:fd:21:55:55:20:85:f9:4e:e2:44:
                    c1:72:7a:89:74:76:2c:8d:d6:be:3a:bf:68:fd:41:
                    64:6e:ad:ec:4a:3a:b2:dc:55:74:ba:b1:9c:2a:36:
                    0c:3b:46:a5:fd:16:e2:e8:42:df:43:6f:3d:99:6c:
                    0c:9b:d9:8d:a7:a8:3b:e7:dd:31:bb:6a:d0:f0:b8:
                    48:33:9f:a3:6d:ae:c5:c0:0c:31:79:d8:b3:cb:59:
                    34:4d:98:55:28:7c:18:60:33:2d:ea:2e:09:a8:9b:
                    09:30:91:33:43:ac:6a:e3:c7:a2:6a:c2:23:a6:24:
                    39:83:4e:30:da:92:0e:ca:13:ff:93:64:6d:20:c7:
                    82:b8:da:ff:a5:94:43:bd:f2:74:16:2a:28:48:9a:
                    df:86:e4:33:5c:f0:5e:14:60:5a:d8:20:54:a7:b9:
                    c1:81:9f:c7:cf:8c:8c:ee:75:59:ea:83:be:2b:5b:
                    7f:2e:cf:cc:d6:66:9e:81:b5:e4:f4:01:96:84:28:
                    ec:f4:7d:b5:19:c1:eb:3a:84:fb:33:bc:1d:f4:60:
                    72:83:12:6d:72:1f:dc:85:78:46:d8:84:1a:af:83:
                    69:6f:d0:95:9f:17:99:00:6f:c9:8b:08:38:38:07:
                    a5:1c:52:50:67:9f:44:6b:b6:a2:77:fc:a2:24:ef:
                    8c:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:42:9F:D8:CE:83:63:AE:88:31:DA:6B:8E:C2:AC:39:BF:2F:D2:34
            X509v3 Authority Key Identifier:
                keyid:2C:E3:4E:26:BB:65:63:0B:86:93:6F:49:69:35:3E:D7:C8:69:95:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LONOJrtlYwuGk29JaTU-18hplcg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/1e0180-db3a-46a5-b31b-b599723fc053/1/LONOJrtlYwuGk29JaTU-18hplcg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:75:ff:90:83:03:d7:73:1c:c5:b5:e0:d4:58:0c:26:ed:94:
         f0:b2:bf:87:2c:9e:32:89:5a:fb:0a:e5:52:1d:1d:5c:1a:d1:
         6f:f1:a4:46:64:58:dd:ef:35:ec:cb:30:55:04:35:c3:83:13:
         91:b7:b2:fa:34:83:03:b1:34:a9:85:7e:6e:4a:90:d4:00:45:
         3f:16:82:41:db:11:0a:51:f8:7e:b4:38:0b:50:9d:b9:c1:6f:
         e7:29:f7:00:18:d2:38:26:eb:63:e6:4e:78:29:e3:8c:1d:a5:
         2e:d9:40:83:dd:ea:02:7d:d5:da:d6:e0:84:ef:6f:ed:d8:ed:
         1d:70:ee:b9:1b:00:4e:d6:eb:f6:99:28:a8:c5:9a:e7:28:5f:
         02:99:76:b7:15:84:a7:22:02:b1:ab:20:cb:d6:b0:70:b2:98:
         00:aa:61:39:cf:86:6f:eb:57:bd:16:3b:3e:68:a7:ca:e2:d0:
         32:a9:c1:69:73:5c:f5:c8:b9:ce:8f:72:dd:fe:a8:40:93:78:
         ce:54:0f:33:a0:f7:be:52:95:97:f0:43:89:1f:c0:f8:27:b2:
         3a:cf:ee:02:2d:ea:13:cc:1c:1e:6a:3e:46:41:a0:35:fe:47:
         fe:e9:a9:c0:29:ac:fb:29:2e:46:ac:40:5e:d2:5a:9f:f2:d1:
         6f:18:15:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikfn/qi6EHzQsz+KggbJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTM0ZTI2YmI2NTYzMGI4NjkzNmY0OTY5MzUzZWQ3Yzg2
OTk1YzgwHhcNMjQwNTE3MjIwMDE4WhcNMjQwNTE4MjIwMDE4WjAzMTEwLwYDVQQD
EygwZDQyOWZkOGNlODM2M2FlODgzMWRhNmI4ZWMyYWMzOWJmMmZkMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QuDq/0hVVUghflO4kTBcnqJdHYs
jda+Or9o/UFkbq3sSjqy3FV0urGcKjYMO0al/Rbi6ELfQ289mWwMm9mNp6g7590x
u2rQ8LhIM5+jba7FwAwxedizy1k0TZhVKHwYYDMt6i4JqJsJMJEzQ6xq48eiasIj
piQ5g04w2pIOyhP/k2RtIMeCuNr/pZRDvfJ0FiooSJrfhuQzXPBeFGBa2CBUp7nB
gZ/Hz4yM7nVZ6oO+K1t/Ls/M1maegbXk9AGWhCjs9H21GcHrOoT7M7wd9GBygxJt
ch/chXhG2IQar4Npb9CVnxeZAG/Jiwg4OAelHFJQZ59Ea7aid/yiJO+MeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA1Cn9jOg2OuiDHaa47CrDm/L9I0MB8GA1UdIwQY
MBaAFCzjTia7ZWMLhpNvSWk1PtfIaZXIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWIt
YjU5OTcyM2ZjMDUzLzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8xZTAxODAtZGIzYS00NmE1LWIzMWItYjU5OTcyM2ZjMDUz
LzEvTE9OT0pydGxZd3VHazI5SmFUVS0xOGhwbGNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdXX/kIMD
13McxbXg1FgMJu2U8LK/hyyeMola+wrlUh0dXBrRb/GkRmRY3e817MswVQQ1w4MT
kbey+jSDA7E0qYV+bkqQ1ABFPxaCQdsRClH4frQ4C1CducFv5yn3ABjSOCbrY+ZO
eCnjjB2lLtlAg93qAn3V2tbghO9v7djtHXDuuRsATtbr9pkoqMWa5yhfApl2txWE
pyICsasgy9awcLKYAKphOc+Gb+tXvRY7PminyuLQMqnBaXNc9ci5zo9y3f6oQJN4
zlQPM6D3vlKVl/BDiR/A+CeyOs/uAi3qE8wcHmo+RkGgNf5H/umpwCms+ykuRqxA
XtJan/LRbxgVNw==
-----END CERTIFICATE-----