Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
File:                     3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft (raw, json)
Hash identifier:          9USGbIcDi8RxvY6shgBOceXESyXc+A66aXwRJpQyXhM=
Subject key identifier:   1A:16:D2:49:4B:0B:1B:CA:93:93:FF:CD:0D:32:7E:B4:42:C3:F4:A9
Authority key identifier: DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3
Certificate issuer:       /CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
Certificate serial:       018F8748CBCFA6908AE6A45C39B561C88184
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
Manifest number:          029E
Signing time:             Fri 17 May 2024 16:00:45 +0000
Manifest this update:     Fri 17 May 2024 16:00:45 +0000
Manifest next update:     Sat 18 May 2024 16:00:45 +0000
Files and hashes:         1: 3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl (hash: GcKwLcUFAkOU24S0/r5HIGlta3Pq/ruii3qDUrl1+TY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:cb:cf:a6:90:8a:e6:a4:5c:39:b5:61:c8:81:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd0b836fd7003f831604a03f23447a7f2f4907b3
        Validity
            Not Before: May 17 16:00:45 2024 GMT
            Not After : May 18 16:00:45 2024 GMT
        Subject: CN=1a16d2494b0b1bca9393ffcd0d327eb442c3f4a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a0:7b:11:5d:5d:0b:e3:22:cb:c6:8c:58:b3:
                    c6:20:fb:7b:b6:9d:dd:6d:e8:be:bd:40:92:27:46:
                    e4:1b:bd:6e:3a:c8:0f:f2:d1:00:99:c9:b5:73:5f:
                    7e:d4:64:ad:30:9d:a5:48:3f:ae:fe:80:3b:6c:b0:
                    98:40:5d:a8:fc:fa:90:e5:5a:4b:f1:f5:51:85:67:
                    1f:1f:7c:e8:c1:d2:8f:78:63:93:cc:72:98:bc:bd:
                    39:fc:a4:a0:90:46:88:31:c3:57:74:55:7a:1a:ce:
                    a2:9f:85:f3:d5:5d:ca:2f:ea:11:47:bc:16:ec:a0:
                    70:44:a0:fa:8f:bd:3f:82:8f:d1:aa:e5:e7:1d:86:
                    c8:1c:0f:87:25:a1:9d:ba:bf:3a:05:09:09:73:f1:
                    d5:c1:03:65:f0:fa:d1:62:fb:4b:cc:9c:44:fd:bb:
                    ee:e8:64:60:5b:8b:a3:7e:bb:c5:02:08:ca:4e:0c:
                    48:72:6c:ca:a3:eb:0e:aa:5d:bf:d6:b1:53:51:83:
                    99:0a:ba:41:55:28:96:b5:22:76:a7:07:3f:45:ea:
                    7f:fa:06:31:5d:95:a8:dc:ab:6c:62:6f:b5:8b:b6:
                    bf:4b:57:42:d3:cb:a2:81:e2:ee:ee:e4:1e:c7:e7:
                    d1:c6:c4:8b:ba:60:93:5b:8a:ea:42:6a:6b:44:c4:
                    77:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:16:D2:49:4B:0B:1B:CA:93:93:FF:CD:0D:32:7E:B4:42:C3:F4:A9
            X509v3 Authority Key Identifier:
                keyid:DD:0B:83:6F:D7:00:3F:83:16:04:A0:3F:23:44:7A:7F:2F:49:07:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QuDb9cAP4MWBKA_I0R6fy9JB7M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/963c2c-0993-4621-8b20-da032353b79f/1/3QuDb9cAP4MWBKA_I0R6fy9JB7M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:a4:5e:80:9d:b8:96:23:6f:d6:1b:4f:18:1a:ed:4f:84:ae:
         c0:3e:89:10:d2:e5:cd:56:ee:b7:8f:39:ad:5f:7e:19:b9:77:
         13:78:6e:f9:08:c9:e9:63:33:9d:ac:80:14:a3:07:69:bb:48:
         49:96:03:ce:d6:63:a7:ff:24:77:3b:d5:10:02:ab:f8:58:a0:
         95:8f:9d:d4:ba:af:7f:c1:51:e8:bd:d2:55:a8:b2:32:07:49:
         a4:9a:22:bd:e0:f8:6d:ba:7e:ee:27:62:2d:19:71:68:39:b8:
         b4:cd:e4:1f:9d:98:e1:77:ae:2b:d8:05:da:a6:ed:82:b2:ea:
         1b:d4:cc:c0:56:04:dd:cc:d3:d0:6b:36:be:58:68:61:d3:81:
         b9:f9:53:e0:bb:65:14:a8:d5:ae:3f:c3:22:71:a9:f8:e0:38:
         3e:ea:ca:69:58:f0:e1:91:c6:e3:6a:87:c3:79:f3:bc:02:ed:
         c8:43:7c:a2:20:c8:ed:f9:e3:47:d0:3c:95:53:79:53:8a:19:
         28:5e:17:ef:18:aa:a2:74:4e:51:0e:d1:69:81:5c:16:e7:ce:
         25:0a:4f:9b:76:fb:9f:e1:d1:25:d1:18:09:d7:15:1f:fa:20:
         57:bf:39:22:bd:0c:01:b5:64:64:c1:47:46:65:03:7b:54:5e:
         f3:8a:31:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSMvPppCK5qRcObVhyIGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI4MzZmZDcwMDNmODMxNjA0YTAzZjIzNDQ3YTdmMmY0
OTA3YjMwHhcNMjQwNTE3MTYwMDQ1WhcNMjQwNTE4MTYwMDQ1WjAzMTEwLwYDVQQD
EygxYTE2ZDI0OTRiMGIxYmNhOTM5M2ZmY2QwZDMyN2ViNDQyYzNmNGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraB7EV1dC+Miy8aMWLPGIPt7tp3d
bei+vUCSJ0bkG71uOsgP8tEAmcm1c19+1GStMJ2lSD+u/oA7bLCYQF2o/PqQ5VpL
8fVRhWcfH3zowdKPeGOTzHKYvL05/KSgkEaIMcNXdFV6Gs6in4Xz1V3KL+oRR7wW
7KBwRKD6j70/go/RquXnHYbIHA+HJaGdur86BQkJc/HVwQNl8PrRYvtLzJxE/bvu
6GRgW4ujfrvFAgjKTgxIcmzKo+sOql2/1rFTUYOZCrpBVSiWtSJ2pwc/Rep/+gYx
XZWo3KtsYm+1i7a/S1dC08uigeLu7uQex+fRxsSLumCTW4rqQmprRMR3VwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBoW0klLCxvKk5P/zQ0yfrRCw/SpMB8GA1UdIwQY
MBaAFN0Lg2/XAD+DFgSgPyNEen8vSQezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAt
ZGEwMzIzNTNiNzlmLzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NjNjMmMtMDk5My00NjIxLThiMjAtZGEwMzIzNTNiNzlm
LzEvM1F1RGI5Y0FQNE1XQktBX0kwUjZmeTlKQjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbqRegJ24
liNv1htPGBrtT4SuwD6JENLlzVbut485rV9+Gbl3E3hu+QjJ6WMznayAFKMHabtI
SZYDztZjp/8kdzvVEAKr+FiglY+d1Lqvf8FR6L3SVaiyMgdJpJoiveD4bbp+7idi
LRlxaDm4tM3kH52Y4XeuK9gF2qbtgrLqG9TMwFYE3czT0Gs2vlhoYdOBuflT4Ltl
FKjVrj/DInGp+OA4PurKaVjw4ZHG42qHw3nzvALtyEN8oiDI7fnjR9A8lVN5U4oZ
KF4X7xiqonROUQ7RaYFcFufOJQpPm3b7n+HRJdEYCdcVH/ogV785Ir0MAbVkZMFH
RmUDe1Re84oxjw==
-----END CERTIFICATE-----