Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
File:                     pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft (raw, json)
Hash identifier:          fJ9Pgpub3DolZ9k5RrA6owg6NVevh/Q8HqQm2MG8yb0=
Subject key identifier:   E2:8F:96:69:1D:B8:97:BB:3E:EA:03:13:19:BE:3B:AA:DA:3D:71:8E
Authority key identifier: A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34
Certificate issuer:       /CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
Certificate serial:       018F8748A76DE91DC1C83F4EBBEA82E2A8E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
Manifest number:          1148
Signing time:             Fri 17 May 2024 16:00:36 +0000
Manifest this update:     Fri 17 May 2024 16:00:36 +0000
Manifest next update:     Sat 18 May 2024 16:00:36 +0000
Files and hashes:         1: pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl (hash: tosV0/OioJGLw4lz7/FM5ikScZ15OLntQYH/Uu1bxo4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:a7:6d:e9:1d:c1:c8:3f:4e:bb:ea:82:e2:a8:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4d38041ae4e73157724aa9f3ee04305e5f12834
        Validity
            Not Before: May 17 16:00:36 2024 GMT
            Not After : May 18 16:00:36 2024 GMT
        Subject: CN=e28f96691db897bb3eea031319be3baada3d718e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4c:79:e3:32:4e:7b:b5:39:3a:5e:bd:57:50:
                    91:5f:ec:5e:17:8e:c9:70:7b:94:48:d0:8f:72:31:
                    a7:cc:71:68:63:4c:cb:dc:71:6c:a4:46:15:8a:ed:
                    be:08:ef:dd:01:a2:f5:5b:1e:0f:43:5f:7d:53:83:
                    b0:53:44:be:b9:4c:23:38:3c:92:7a:69:24:55:9c:
                    d4:1c:27:9b:f9:4b:00:70:44:91:fe:f9:ce:d0:c0:
                    df:55:b5:86:74:6c:7e:f7:f3:86:58:c9:18:7d:f4:
                    3e:06:f5:fb:db:25:b4:e2:c4:5f:41:35:69:93:18:
                    ba:17:0f:a8:40:43:6c:57:38:83:cd:73:13:8a:2f:
                    0a:80:7b:93:ca:1f:c7:5b:63:8a:29:ae:c8:e5:76:
                    1b:de:2e:65:f0:36:a3:14:9c:27:e6:69:d8:ed:0c:
                    bf:42:ca:7f:18:d7:43:02:c5:b4:4d:d4:4d:83:79:
                    68:a2:a7:0f:14:9b:c5:d4:0b:c0:81:55:ca:55:b6:
                    09:48:c4:eb:28:e4:a1:95:2d:0b:5e:49:f9:13:27:
                    0e:41:b5:b5:bf:00:cc:07:2b:43:14:3f:1b:4e:a5:
                    26:4c:83:8e:a2:de:29:40:d1:af:31:0b:7e:bb:8d:
                    05:f0:60:3f:4b:f1:38:24:5c:21:72:91:bf:98:b7:
                    3f:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:8F:96:69:1D:B8:97:BB:3E:EA:03:13:19:BE:3B:AA:DA:3D:71:8E
            X509v3 Authority Key Identifier:
                keyid:A4:D3:80:41:AE:4E:73:15:77:24:AA:9F:3E:E0:43:05:E5:F1:28:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4b48f3-8808-473d-a7e6-186b286854be/1/pNOAQa5OcxV3JKqfPuBDBeXxKDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         99:26:47:d0:01:a0:68:66:03:2a:66:0e:d2:cf:a9:33:1f:dc:
         cc:7c:d8:c1:fb:e9:24:5f:99:37:cc:f4:14:92:db:e6:5e:52:
         92:3f:0a:2b:d9:6e:e1:2f:bc:3d:79:c9:7a:8c:7c:ba:8e:d9:
         c4:14:fd:f3:f3:5d:cc:b0:23:c9:0c:5e:d7:18:24:43:df:1d:
         7d:f5:69:6c:7c:35:fa:26:cb:56:2b:36:fe:21:87:7e:6d:71:
         94:05:16:5c:c0:a8:bb:d0:e5:ec:5b:45:b8:ec:a2:42:ee:d0:
         fa:dd:98:a2:87:94:97:43:7b:52:5b:b0:45:fa:a5:2a:ad:7f:
         8d:f5:bb:a9:4c:5b:01:d2:74:17:80:6d:0d:b2:23:dc:e0:32:
         54:db:a5:a7:50:36:56:c2:36:e6:eb:6e:8b:35:af:15:96:3c:
         aa:b3:fb:71:de:31:69:ad:15:a2:89:19:cf:8a:83:ea:41:be:
         eb:5c:e7:8c:68:e4:46:11:b9:17:0e:f3:2c:a2:f8:1b:41:d1:
         83:05:46:56:ef:18:fc:6a:3e:bd:0f:3b:a2:98:f8:40:21:23:
         54:3d:18:67:8c:39:bb:f2:e7:33:a8:88:c9:b6:68:ed:d0:a2:
         a1:52:4f:88:92:da:8f:1c:c8:ad:03:84:60:42:f2:e1:e9:d8:
         0b:d4:d8:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSKdt6R3ByD9Ou+qC4qjhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZDM4MDQxYWU0ZTczMTU3NzI0YWE5ZjNlZTA0MzA1ZTVm
MTI4MzQwHhcNMjQwNTE3MTYwMDM2WhcNMjQwNTE4MTYwMDM2WjAzMTEwLwYDVQQD
EyhlMjhmOTY2OTFkYjg5N2JiM2VlYTAzMTMxOWJlM2JhYWRhM2Q3MThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0x54zJOe7U5Ol69V1CRX+xeF47J
cHuUSNCPcjGnzHFoY0zL3HFspEYViu2+CO/dAaL1Wx4PQ199U4OwU0S+uUwjODyS
emkkVZzUHCeb+UsAcESR/vnO0MDfVbWGdGx+9/OGWMkYffQ+BvX72yW04sRfQTVp
kxi6Fw+oQENsVziDzXMTii8KgHuTyh/HW2OKKa7I5XYb3i5l8DajFJwn5mnY7Qy/
Qsp/GNdDAsW0TdRNg3looqcPFJvF1AvAgVXKVbYJSMTrKOShlS0LXkn5EycOQbW1
vwDMBytDFD8bTqUmTIOOot4pQNGvMQt+u40F8GA/S/E4JFwhcpG/mLc/6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOKPlmkduJe7PuoDExm+O6raPXGOMB8GA1UdIwQY
MBaAFKTTgEGuTnMVdySqnz7gQwXl8Sg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYt
MTg2YjI4Njg1NGJlLzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YjQ4ZjMtODgwOC00NzNkLWE3ZTYtMTg2YjI4Njg1NGJl
LzEvcE5PQVFhNU9jeFYzSktxZlB1QkRCZVh4S0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmSZH0AGg
aGYDKmYO0s+pMx/czHzYwfvpJF+ZN8z0FJLb5l5Skj8KK9lu4S+8PXnJeox8uo7Z
xBT98/NdzLAjyQxe1xgkQ98dffVpbHw1+ibLVis2/iGHfm1xlAUWXMCou9Dl7FtF
uOyiQu7Q+t2YooeUl0N7UluwRfqlKq1/jfW7qUxbAdJ0F4BtDbIj3OAyVNulp1A2
VsI25utuizWvFZY8qrP7cd4xaa0VookZz4qD6kG+61znjGjkRhG5Fw7zLKL4G0HR
gwVGVu8Y/Go+vQ87opj4QCEjVD0YZ4w5u/LnM6iIybZo7dCioVJPiJLajxzIrQOE
YELy4enYC9TYlw==
-----END CERTIFICATE-----