Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
File:                     3ySnzbcPLOjN3aURtEWeA0_375s.mft (raw, json)
Hash identifier:          wfzdCetc11l0q5x9GRU0hHwYpnpe6XvLFzunO+w3fro=
Subject key identifier:   E2:42:ED:95:CD:29:61:D7:9C:63:8A:4C:44:5D:58:57:F5:80:1E:C9
Authority key identifier: DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B
Certificate issuer:       /CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
Certificate serial:       019406B39F85722AF2455310C0E856EDAB12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
Manifest number:          0B77
Signing time:             Fri 27 Dec 2024 06:00:22 +0000
Manifest this update:     Fri 27 Dec 2024 06:00:22 +0000
Manifest next update:     Sat 28 Dec 2024 06:00:22 +0000
Files and hashes:         1: 3ySnzbcPLOjN3aURtEWeA0_375s.crl (hash: OpigWeCUnO7G8+f8amyMvTm/DQKz8oiHN/E0adp7juM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Dec 2024 06:00:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:06:b3:9f:85:72:2a:f2:45:53:10:c0:e8:56:ed:ab:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df24a7cdb70f2ce8cddda511b4459e034ff7ef9b
        Validity
            Not Before: Dec 27 06:00:22 2024 GMT
            Not After : Dec 28 06:00:22 2024 GMT
        Subject: CN=e242ed95cd2961d79c638a4c445d5857f5801ec9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:58:28:c7:2f:36:83:69:b1:83:3a:ad:89:76:
                    3d:36:ac:37:01:f9:96:b9:4d:88:f1:3f:4e:96:90:
                    d9:f3:b9:a1:b8:d5:2c:11:7b:39:ca:c1:c3:de:14:
                    a8:22:b9:0e:d5:8a:f0:68:d4:eb:26:b0:d3:ac:e2:
                    27:94:74:dd:66:69:41:4f:33:23:35:86:68:38:ed:
                    4a:c5:a0:84:fe:d9:57:bb:23:6c:38:b2:50:6f:9b:
                    61:82:1f:cf:56:2c:b1:aa:22:bd:71:6a:b4:de:9e:
                    1b:b0:d9:4d:ba:da:e7:bb:df:ab:fd:ab:82:40:60:
                    18:22:e4:7b:8d:32:ec:ec:4f:57:03:ca:87:2c:4b:
                    ab:c1:8b:17:9e:d4:d3:86:79:30:82:55:b2:14:60:
                    a3:8f:69:8b:48:b5:7c:d5:8b:73:49:c3:66:64:1e:
                    d4:fb:9d:91:4a:e3:96:e0:19:96:9b:00:ef:00:89:
                    bc:13:8c:0b:6f:9e:6f:eb:31:c4:15:ce:e0:e4:89:
                    b8:73:e6:93:67:d6:80:b9:17:67:f2:4e:43:11:ae:
                    a5:27:69:f5:69:f4:94:dc:4e:bd:6a:5a:cd:0a:94:
                    f2:16:33:76:d0:e4:b7:20:dd:fd:1c:37:7f:aa:fa:
                    24:a4:c3:26:cd:63:45:8c:54:5a:7c:97:e5:8c:f8:
                    49:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:42:ED:95:CD:29:61:D7:9C:63:8A:4C:44:5D:58:57:F5:80:1E:C9
            X509v3 Authority Key Identifier:
                keyid:DF:24:A7:CD:B7:0F:2C:E8:CD:DD:A5:11:B4:45:9E:03:4F:F7:EF:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ySnzbcPLOjN3aURtEWeA0_375s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/7570f8-c2a8-4dd4-9ef2-f69d7397458e/1/3ySnzbcPLOjN3aURtEWeA0_375s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:cf:d0:b4:7a:ed:56:97:27:15:17:69:d7:2c:35:7b:de:11:
         0d:4c:7e:db:8b:3b:64:cc:51:c3:5d:28:e3:ed:ee:5d:29:8e:
         36:3a:0c:03:11:c6:eb:17:41:51:ff:85:56:02:8c:50:33:f1:
         38:95:6d:ae:48:20:5b:03:fa:06:22:5a:fc:50:fa:b9:4e:05:
         f4:49:ef:e3:17:c3:61:2d:a1:65:48:4f:0b:01:6e:f1:ba:91:
         0d:88:f6:c2:76:1e:44:6e:0f:d7:18:51:8d:8b:33:96:1f:e4:
         9f:54:95:49:f2:94:ae:0a:e2:91:17:02:84:a8:1c:f8:d9:25:
         65:9b:97:b7:b1:da:0c:87:e5:b7:dd:06:b8:21:8c:e9:fe:c7:
         5c:be:fa:ba:95:63:96:5a:73:12:99:9d:4f:14:4b:e8:d3:35:
         e5:8c:79:ea:95:1b:ee:75:44:12:fe:8d:07:fc:f1:ed:bc:58:
         d6:ef:0a:4a:3b:eb:cc:e2:8b:df:fd:0d:4f:d0:02:7b:a2:67:
         b5:5c:09:bb:12:6c:64:b1:9b:12:90:dc:1a:1a:26:7b:08:be:
         c3:29:3e:d7:5a:fb:53:47:83:24:a0:1d:8c:17:e6:e6:7f:85:
         f5:5d:d1:1b:9d:c3:fb:d9:73:cd:07:f4:68:a8:73:02:2e:5d:
         34:e6:60:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQGs5+FciryRVMQwOhW7asSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMjRhN2NkYjcwZjJjZThjZGRkYTUxMWI0NDU5ZTAzNGZm
N2VmOWIwHhcNMjQxMjI3MDYwMDIyWhcNMjQxMjI4MDYwMDIyWjAzMTEwLwYDVQQD
EyhlMjQyZWQ5NWNkMjk2MWQ3OWM2MzhhNGM0NDVkNTg1N2Y1ODAxZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lgoxy82g2mxgzqtiXY9Nqw3AfmW
uU2I8T9OlpDZ87mhuNUsEXs5ysHD3hSoIrkO1YrwaNTrJrDTrOInlHTdZmlBTzMj
NYZoOO1KxaCE/tlXuyNsOLJQb5thgh/PViyxqiK9cWq03p4bsNlNutrnu9+r/auC
QGAYIuR7jTLs7E9XA8qHLEurwYsXntTThnkwglWyFGCjj2mLSLV81YtzScNmZB7U
+52RSuOW4BmWmwDvAIm8E4wLb55v6zHEFc7g5Im4c+aTZ9aAuRdn8k5DEa6lJ2n1
afSU3E69alrNCpTyFjN20OS3IN39HDd/qvokpMMmzWNFjFRafJfljPhJswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOJC7ZXNKWHXnGOKTERdWFf1gB7JMB8GA1UdIwQY
MBaAFN8kp823Dyzozd2lEbRFngNP9++bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjIt
ZjY5ZDczOTc0NThlLzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi83NTcwZjgtYzJhOC00ZGQ0LTllZjItZjY5ZDczOTc0NThl
LzEvM3lTbnpiY1BMT2pOM2FVUnRFV2VBMF8zNzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdc/QtHrt
VpcnFRdp1yw1e94RDUx+24s7ZMxRw10o4+3uXSmONjoMAxHG6xdBUf+FVgKMUDPx
OJVtrkggWwP6BiJa/FD6uU4F9Env4xfDYS2hZUhPCwFu8bqRDYj2wnYeRG4P1xhR
jYszlh/kn1SVSfKUrgrikRcChKgc+NklZZuXt7HaDIflt90GuCGM6f7HXL76upVj
llpzEpmdTxRL6NM15Yx56pUb7nVEEv6NB/zx7bxY1u8KSjvrzOKL3/0NT9ACe6Jn
tVwJuxJsZLGbEpDcGhomewi+wyk+11r7U0eDJKAdjBfm5n+F9V3RG53D+9lzzQf0
aKhzAi5dNOZgcg==
-----END CERTIFICATE-----