Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File:                     zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier:          2kEJvZ1lTo6OzIfOPmq7ZA5S8gYXVVrGG+sET1d4Rog=
Subject key identifier:   3F:14:1D:E5:D9:D0:2C:BF:55:56:94:A9:6F:D7:28:87:A4:14:07:4E
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer:       /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial:       018F87B614F5C4D26E41F914300E9DE65701
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number:          059C
Signing time:             Fri 17 May 2024 18:00:07 +0000
Manifest this update:     Fri 17 May 2024 18:00:07 +0000
Manifest next update:     Sat 18 May 2024 18:00:07 +0000
Files and hashes:         1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: 50BP8xuAhrBAin7hWhEBt5S/bh19lfugmjDS+9c8Cmg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:14:f5:c4:d2:6e:41:f9:14:30:0e:9d:e6:57:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
        Validity
            Not Before: May 17 18:00:07 2024 GMT
            Not After : May 18 18:00:07 2024 GMT
        Subject: CN=3f141de5d9d02cbf555694a96fd72887a414074e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:60:6f:7e:67:00:7c:bf:d7:83:73:0e:2f:ba:
                    40:0a:99:cb:6a:6b:23:e3:93:49:76:f1:cb:e0:0a:
                    a3:49:32:ea:b9:43:11:14:85:b5:54:63:9f:14:86:
                    31:b7:15:a0:72:f3:fa:49:92:fa:14:d4:49:60:54:
                    04:e4:97:de:04:34:31:70:e0:fe:83:ec:16:36:1a:
                    fc:09:f1:73:4c:ce:49:d1:5f:d2:10:11:6d:4a:71:
                    88:a0:e6:26:cf:27:1a:c3:56:c9:db:e4:d7:42:99:
                    ca:b7:17:33:e5:4f:66:0c:bc:02:19:9d:e5:d1:24:
                    ca:4c:a9:52:c4:e8:7d:8d:6c:3f:73:b5:b4:87:97:
                    f4:82:7d:f7:3c:21:c0:9d:3b:e9:6e:e9:a3:fb:fb:
                    82:29:83:ec:a1:15:17:45:8a:54:36:5c:2d:46:b0:
                    e2:07:fa:5d:63:3a:10:82:0f:b8:6f:98:ba:dd:fe:
                    90:2c:e3:04:65:96:85:c9:80:66:b0:7f:aa:6f:39:
                    3e:24:1f:64:54:5b:08:ac:67:a5:7c:cc:39:ca:39:
                    e8:b6:55:f6:18:29:bb:0e:e0:79:62:65:5b:c0:cf:
                    3b:93:ae:78:85:bd:27:b2:d3:7c:d8:85:e6:2b:a5:
                    6c:9f:b1:f8:56:19:99:75:d8:c0:e4:11:1a:0b:73:
                    d5:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:14:1D:E5:D9:D0:2C:BF:55:56:94:A9:6F:D7:28:87:A4:14:07:4E
            X509v3 Authority Key Identifier:
                keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:84:39:64:99:82:6d:6a:aa:2f:e1:fd:23:ae:a9:a8:c7:39:
         89:26:46:30:cc:33:71:59:d7:af:3b:14:d2:10:47:33:40:56:
         9f:3f:a9:e1:9c:62:0b:76:93:10:81:9a:bb:bf:95:20:1a:33:
         17:23:9b:f7:2b:4f:9e:7b:dc:6d:12:da:9e:53:cf:c3:e9:15:
         4c:85:36:63:68:70:c6:19:14:c4:25:f5:18:77:c5:9b:8d:ef:
         dc:d5:ef:c8:7f:e3:41:19:d3:db:f9:7b:cd:94:94:a3:22:d0:
         1c:20:9c:d4:65:db:03:2f:99:b9:9e:11:d4:c6:96:1d:54:a0:
         f7:96:b6:f6:ff:ff:68:d1:8e:84:d5:5e:f2:b4:2f:99:d2:f3:
         24:46:d1:11:11:13:6f:7e:d0:8a:50:6e:cd:a7:9f:9f:37:38:
         6e:66:84:f1:84:a6:e8:c5:b5:b7:33:da:34:7b:1a:11:e8:18:
         bf:2a:a2:94:9b:80:b0:36:9f:b2:b8:bb:5d:e2:20:9d:91:6c:
         e9:4a:3f:b5:c9:1f:e9:d8:fb:1c:c1:5a:16:b6:67:f9:49:ed:
         e6:7e:00:da:cd:9e:cb:8b:72:22:82:f8:db:9e:f2:6a:0b:5d:
         4d:d1:eb:d8:70:52:ef:43:aa:90:4f:2a:4c:24:b2:1d:b8:42:
         b5:eb:e2:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HthT1xNJuQfkUMA6d5lcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjQwNTE3MTgwMDA3WhcNMjQwNTE4MTgwMDA3WjAzMTEwLwYDVQQD
EygzZjE0MWRlNWQ5ZDAyY2JmNTU1Njk0YTk2ZmQ3Mjg4N2E0MTQwNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mBvfmcAfL/Xg3MOL7pACpnLamsj
45NJdvHL4AqjSTLquUMRFIW1VGOfFIYxtxWgcvP6SZL6FNRJYFQE5JfeBDQxcOD+
g+wWNhr8CfFzTM5J0V/SEBFtSnGIoOYmzycaw1bJ2+TXQpnKtxcz5U9mDLwCGZ3l
0STKTKlSxOh9jWw/c7W0h5f0gn33PCHAnTvpbumj+/uCKYPsoRUXRYpUNlwtRrDi
B/pdYzoQgg+4b5i63f6QLOMEZZaFyYBmsH+qbzk+JB9kVFsIrGelfMw5yjnotlX2
GCm7DuB5YmVbwM87k654hb0nstN82IXmK6Vsn7H4VhmZddjA5BEaC3PVCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8UHeXZ0Cy/VVaUqW/XKIekFAdOMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa4Q5ZJmC
bWqqL+H9I66pqMc5iSZGMMwzcVnXrzsU0hBHM0BWnz+p4ZxiC3aTEIGau7+VIBoz
FyOb9ytPnnvcbRLanlPPw+kVTIU2Y2hwxhkUxCX1GHfFm43v3NXvyH/jQRnT2/l7
zZSUoyLQHCCc1GXbAy+ZuZ4R1MaWHVSg95a29v//aNGOhNVe8rQvmdLzJEbRERET
b37QilBuzaefnzc4bmaE8YSm6MW1tzPaNHsaEegYvyqilJuAsDafsri7XeIgnZFs
6Uo/tckf6dj7HMFaFrZn+Unt5n4A2s2ey4tyIoL4257yagtdTdHr2HBS70OqkE8q
TCSyHbhCtevi9w==
-----END CERTIFICATE-----