Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
File:                     TNN3vorxFHipq-Jx-L3i3j0zNAg.mft (raw, json)
Hash identifier:          /KtoizGn608kX8+vb74BUYgTxaSFz0QanuCAWGucWhg=
Subject key identifier:   A8:8B:61:5C:75:86:AC:F7:DB:89:C1:49:6B:F2:79:FD:D4:C0:1F:7F
Authority key identifier: 4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08
Certificate issuer:       /CN=4cd377be8af11478a9abe271f8bde2de3d333408
Certificate serial:       018F87B6E8A00E5A92A8E9FE667F3BD91001
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
Manifest number:          03C8
Signing time:             Fri 17 May 2024 18:01:02 +0000
Manifest this update:     Fri 17 May 2024 18:01:02 +0000
Manifest next update:     Sat 18 May 2024 18:01:02 +0000
Files and hashes:         1: TNN3vorxFHipq-Jx-L3i3j0zNAg.crl (hash: aWAT1UjSixO8+KTiywPouUeEx9SzVGzYHfFO0j9LJ5c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:e8:a0:0e:5a:92:a8:e9:fe:66:7f:3b:d9:10:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cd377be8af11478a9abe271f8bde2de3d333408
        Validity
            Not Before: May 17 18:01:02 2024 GMT
            Not After : May 18 18:01:02 2024 GMT
        Subject: CN=a88b615c7586acf7db89c1496bf279fdd4c01f7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5c:37:af:05:ce:63:43:e7:e8:c1:30:15:76:
                    63:89:64:76:5b:1e:3a:ca:57:44:4f:2a:3a:09:44:
                    f4:b6:9b:75:14:9d:09:5b:cd:45:38:bc:aa:10:24:
                    8c:c1:ed:ad:a9:08:94:67:72:49:9d:a4:9c:76:40:
                    44:ce:9f:bb:27:7d:cd:3f:c3:4b:47:55:da:8e:c3:
                    39:a3:86:2a:c8:c6:ca:23:31:4f:60:8d:c3:d3:d2:
                    67:92:b2:be:ae:69:07:c8:87:f1:e9:f8:27:de:e6:
                    37:cc:c1:7b:fc:a6:ad:5b:39:1c:42:8f:ec:de:ea:
                    0f:5c:3a:0f:dd:b7:a1:e0:80:5b:64:02:e7:27:d4:
                    6c:61:41:16:d6:50:fe:04:41:55:11:26:94:44:a9:
                    3b:6f:f6:fd:47:a1:72:d7:91:69:45:42:5a:b6:bb:
                    88:d4:26:c0:41:54:da:93:10:da:1b:c0:4d:36:80:
                    30:60:f0:54:ff:37:60:e2:4e:b8:a4:ba:8f:83:23:
                    4a:c0:64:30:a9:8f:82:11:ba:92:05:b8:b9:cc:9b:
                    10:b6:96:a7:b7:0a:a1:73:ef:9a:ee:4a:94:23:b0:
                    83:12:49:f1:88:45:a4:99:bb:4c:14:49:89:f3:ac:
                    dd:a2:0a:1b:cb:ef:71:ca:ff:d7:3d:bd:d1:19:0f:
                    8c:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:8B:61:5C:75:86:AC:F7:DB:89:C1:49:6B:F2:79:FD:D4:C0:1F:7F
            X509v3 Authority Key Identifier:
                keyid:4C:D3:77:BE:8A:F1:14:78:A9:AB:E2:71:F8:BD:E2:DE:3D:33:34:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNN3vorxFHipq-Jx-L3i3j0zNAg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/51e8b5-7e2c-4008-bf83-b12eb1ceaa14/1/TNN3vorxFHipq-Jx-L3i3j0zNAg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         27:cc:69:7e:dd:35:9b:02:07:bc:e6:44:a1:70:ae:de:5b:44:
         fd:c8:34:79:3f:e7:de:d6:34:82:f3:69:57:60:1f:b5:df:77:
         3e:d1:ba:de:38:a1:b5:dd:e0:b6:64:7c:28:56:a0:9d:10:19:
         bb:25:0f:f4:19:b0:f4:b0:cd:1e:2f:ed:80:03:80:3a:8a:45:
         20:c0:1e:6a:02:0f:63:63:52:5b:da:11:58:83:ae:45:89:d1:
         3f:ad:35:ba:90:46:b0:9b:33:42:31:86:c6:82:62:e4:85:4f:
         66:33:c7:be:5b:db:6f:73:b4:8f:a6:52:4a:0f:6b:81:9a:f0:
         70:85:80:5e:59:2f:34:47:dd:5d:9e:c6:3a:f4:d2:4a:fe:be:
         87:73:fa:3a:99:5c:a0:a1:24:86:61:b2:0e:b5:7e:31:26:07:
         66:47:a7:79:01:e2:53:1f:cd:ad:b0:83:4a:ef:c0:c4:d5:6f:
         8c:c8:ad:db:78:0b:19:9d:26:fb:83:d8:3b:93:88:47:d4:73:
         02:4d:c1:f6:bb:1b:3a:c5:e6:7c:1c:bb:34:fa:e7:7d:d2:6e:
         5c:38:6a:c4:77:3a:5d:84:cc:db:7e:e0:fa:32:82:7d:ad:f3:
         43:91:a1:7e:7f:93:44:66:e7:0a:a7:64:d7:11:c1:5d:0c:06:
         0d:08:c7:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtuigDlqSqOn+Zn872RABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZDM3N2JlOGFmMTE0NzhhOWFiZTI3MWY4YmRlMmRlM2Qz
MzM0MDgwHhcNMjQwNTE3MTgwMTAyWhcNMjQwNTE4MTgwMTAyWjAzMTEwLwYDVQQD
EyhhODhiNjE1Yzc1ODZhY2Y3ZGI4OWMxNDk2YmYyNzlmZGQ0YzAxZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1w3rwXOY0Pn6MEwFXZjiWR2Wx46
yldETyo6CUT0tpt1FJ0JW81FOLyqECSMwe2tqQiUZ3JJnaScdkBEzp+7J33NP8NL
R1XajsM5o4YqyMbKIzFPYI3D09JnkrK+rmkHyIfx6fgn3uY3zMF7/KatWzkcQo/s
3uoPXDoP3beh4IBbZALnJ9RsYUEW1lD+BEFVESaURKk7b/b9R6Fy15FpRUJatruI
1CbAQVTakxDaG8BNNoAwYPBU/zdg4k64pLqPgyNKwGQwqY+CEbqSBbi5zJsQtpan
twqhc++a7kqUI7CDEknxiEWkmbtMFEmJ86zdogoby+9xyv/XPb3RGQ+MaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKiLYVx1hqz324nBSWvyef3UwB9/MB8GA1UdIwQY
MBaAFEzTd76K8RR4qavicfi94t49MzQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMt
YjEyZWIxY2VhYTE0LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81MWU4YjUtN2UyYy00MDA4LWJmODMtYjEyZWIxY2VhYTE0
LzEvVE5OM3ZvcnhGSGlwcS1KeC1MM2kzajB6TkFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8xpft01
mwIHvOZEoXCu3ltE/cg0eT/n3tY0gvNpV2Aftd93PtG63jihtd3gtmR8KFagnRAZ
uyUP9Bmw9LDNHi/tgAOAOopFIMAeagIPY2NSW9oRWIOuRYnRP601upBGsJszQjGG
xoJi5IVPZjPHvlvbb3O0j6ZSSg9rgZrwcIWAXlkvNEfdXZ7GOvTSSv6+h3P6Oplc
oKEkhmGyDrV+MSYHZkeneQHiUx/NrbCDSu/AxNVvjMit23gLGZ0m+4PYO5OIR9Rz
Ak3B9rsbOsXmfBy7NPrnfdJuXDhqxHc6XYTM237g+jKCfa3zQ5Ghfn+TRGbnCqdk
1xHBXQwGDQjHiA==
-----END CERTIFICATE-----