Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
File:                     nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft (raw, json)
Hash identifier:          LBPaDolJcmazDrkxxe7lAMeHrDSjVV+YXV+RXg9l2qg=
Subject key identifier:   44:54:AB:C2:4E:5D:89:96:0A:47:0C:E3:3C:C7:EC:D6:A7:43:85:65
Authority key identifier: 9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC
Certificate issuer:       /CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
Certificate serial:       018F874A7D8D45F32BB4E5F1E2C2F8D6A8AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
Manifest number:          1173
Signing time:             Fri 17 May 2024 16:02:36 +0000
Manifest this update:     Fri 17 May 2024 16:02:36 +0000
Manifest next update:     Sat 18 May 2024 16:02:36 +0000
Files and hashes:         1: nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl (hash: AZxDgk+kl5aKpYnP2ZkzKTsQUj/rZwUYmNZqC7Tvm8A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:7d:8d:45:f3:2b:b4:e5:f1:e2:c2:f8:d6:a8:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9dfe30a014784625db2c9dc90ae3ce15e54a88ec
        Validity
            Not Before: May 17 16:02:36 2024 GMT
            Not After : May 18 16:02:36 2024 GMT
        Subject: CN=4454abc24e5d89960a470ce33cc7ecd6a7438565
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:01:ca:4c:02:98:6b:83:a5:9e:34:d6:4d:b1:
                    05:fd:d5:c4:ed:a0:b7:8f:77:9e:f8:ee:f7:31:09:
                    18:a4:39:77:c1:88:49:aa:44:d7:5f:e0:96:16:3f:
                    fb:33:28:21:12:cb:c8:0a:a1:22:35:8e:da:63:9d:
                    51:4d:e9:74:b5:0d:f3:55:dc:63:10:c2:cd:1f:a2:
                    6e:d4:a8:0a:90:c8:99:be:78:a2:5c:de:f8:df:01:
                    0e:75:9d:f6:cb:4f:64:af:f4:33:ce:cc:d2:4c:cf:
                    03:da:90:6c:2e:8b:80:a6:6e:94:44:43:33:33:ab:
                    2b:bd:fb:0a:7d:34:4b:e8:0c:bb:94:63:5c:4e:e2:
                    5b:eb:ea:16:fe:91:27:1f:d9:0c:a1:a9:af:e8:b8:
                    f9:71:70:8a:21:f1:26:88:41:56:84:09:5b:18:e4:
                    8e:9d:d6:2e:de:02:8c:5b:84:13:0c:86:17:0c:f6:
                    ed:61:87:45:ec:42:92:1d:18:f9:14:b2:d8:6d:12:
                    ea:8b:bc:33:70:b2:9c:2d:8d:71:40:5a:7b:d8:b7:
                    64:83:a9:a6:78:46:f6:c2:6c:61:80:18:d9:0b:f6:
                    a3:ac:f9:a4:fa:ea:0e:9f:3a:65:5d:08:f5:bf:b2:
                    8b:30:87:14:e5:f5:42:bb:a8:a3:25:3b:b6:b9:d9:
                    25:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:54:AB:C2:4E:5D:89:96:0A:47:0C:E3:3C:C7:EC:D6:A7:43:85:65
            X509v3 Authority Key Identifier:
                keyid:9D:FE:30:A0:14:78:46:25:DB:2C:9D:C9:0A:E3:CE:15:E5:4A:88:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nf4woBR4RiXbLJ3JCuPOFeVKiOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/3d1495-0ef8-49b1-99e2-604e23747769/1/nf4woBR4RiXbLJ3JCuPOFeVKiOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         61:6d:8d:ca:65:a1:3a:ad:f1:ee:63:e7:ad:31:5f:68:4b:31:
         66:99:49:9f:6d:01:6c:85:9e:bb:49:74:b2:d9:0e:19:4f:77:
         52:11:24:1e:8c:ca:c6:5f:a2:e4:c7:68:b0:8b:24:e7:08:34:
         4e:8a:27:1b:1d:9c:75:91:1e:b8:af:7c:6e:ac:a7:3d:0e:cb:
         4c:ba:97:2b:66:e3:00:f9:e4:30:77:da:d1:87:28:5a:98:7b:
         a4:03:b3:0e:18:53:89:d0:69:17:c4:cc:95:a7:72:35:dd:c7:
         4e:72:f4:2e:5d:e0:3d:26:cb:89:b5:82:be:70:e3:31:07:3d:
         93:c6:ec:e6:22:76:c4:7b:4c:d2:93:3a:0d:83:d1:89:f1:27:
         2e:18:df:85:04:cd:02:b6:8a:17:da:36:bf:d4:e6:eb:9b:0a:
         5a:73:09:c0:2e:3c:79:66:d2:00:ee:ab:ae:22:8d:e2:f3:6c:
         d4:57:92:fe:84:61:7f:7f:63:df:1f:96:30:15:61:35:b9:9b:
         57:43:87:d2:44:8b:09:70:0f:14:2b:b8:81:f6:e5:2d:5b:18:
         06:2a:22:c0:82:47:24:d0:a3:82:54:ad:dc:93:4a:2c:13:1d:
         71:b2:2a:ab:1e:51:e5:b4:f1:32:1b:41:a8:a2:bc:d2:4c:56:
         1d:52:24:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSn2NRfMrtOXx4sL41qiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZmUzMGEwMTQ3ODQ2MjVkYjJjOWRjOTBhZTNjZTE1ZTU0
YTg4ZWMwHhcNMjQwNTE3MTYwMjM2WhcNMjQwNTE4MTYwMjM2WjAzMTEwLwYDVQQD
Eyg0NDU0YWJjMjRlNWQ4OTk2MGE0NzBjZTMzY2M3ZWNkNmE3NDM4NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQHKTAKYa4OlnjTWTbEF/dXE7aC3
j3ee+O73MQkYpDl3wYhJqkTXX+CWFj/7MyghEsvICqEiNY7aY51RTel0tQ3zVdxj
EMLNH6Ju1KgKkMiZvniiXN743wEOdZ32y09kr/QzzszSTM8D2pBsLouApm6UREMz
M6srvfsKfTRL6Ay7lGNcTuJb6+oW/pEnH9kMoamv6Lj5cXCKIfEmiEFWhAlbGOSO
ndYu3gKMW4QTDIYXDPbtYYdF7EKSHRj5FLLYbRLqi7wzcLKcLY1xQFp72Ldkg6mm
eEb2wmxhgBjZC/ajrPmk+uoOnzplXQj1v7KLMIcU5fVCu6ijJTu2udklLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFERUq8JOXYmWCkcM4zzH7NanQ4VlMB8GA1UdIwQY
MBaAFJ3+MKAUeEYl2yydyQrjzhXlSojsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTIt
NjA0ZTIzNzQ3NzY5LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8zZDE0OTUtMGVmOC00OWIxLTk5ZTItNjA0ZTIzNzQ3NzY5
LzEvbmY0d29CUjRSaVhiTEozSkN1UE9GZVZLaU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYW2NymWh
Oq3x7mPnrTFfaEsxZplJn20BbIWeu0l0stkOGU93UhEkHozKxl+i5MdosIsk5wg0
ToonGx2cdZEeuK98bqynPQ7LTLqXK2bjAPnkMHfa0YcoWph7pAOzDhhTidBpF8TM
ladyNd3HTnL0Ll3gPSbLibWCvnDjMQc9k8bs5iJ2xHtM0pM6DYPRifEnLhjfhQTN
AraKF9o2v9Tm65sKWnMJwC48eWbSAO6rriKN4vNs1FeS/oRhf39j3x+WMBVhNbmb
V0OH0kSLCXAPFCu4gfblLVsYBioiwIJHJNCjglSt3JNKLBMdcbIqqx5R5bTxMhtB
qKK80kxWHVIk6w==
-----END CERTIFICATE-----