Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
File:                     3C8IdW9U7NcoDR6sz4eK6z8orE8.mft (raw, json)
Hash identifier:          hnnSRWqbK4GtPXrPwbJqb2dZvbn1rwC7RXQ3Wcir4PI=
Subject key identifier:   28:A5:1F:DB:58:D6:44:19:C5:E8:A8:0D:7A:A5:E6:F2:5E:5F:61:17
Authority key identifier: DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F
Certificate issuer:       /CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
Certificate serial:       01901C6AD114816AD954A60C15E586AFB9D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
Manifest number:          0ED3
Signing time:             Sat 15 Jun 2024 15:01:20 +0000
Manifest this update:     Sat 15 Jun 2024 15:01:20 +0000
Manifest next update:     Sun 16 Jun 2024 15:01:20 +0000
Files and hashes:         1: 3C8IdW9U7NcoDR6sz4eK6z8orE8.crl (hash: eYWsog4nB3z6y/Iu/ybprwdE+7JswXOkdsG2ENBxckc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 14:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:6a:d1:14:81:6a:d9:54:a6:0c:15:e5:86:af:b9:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc2f08756f54ecd7280d1eaccf878aeb3f28ac4f
        Validity
            Not Before: Jun 15 15:01:20 2024 GMT
            Not After : Jun 16 15:01:20 2024 GMT
        Subject: CN=28a51fdb58d64419c5e8a80d7aa5e6f25e5f6117
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:5b:b2:70:a4:21:d6:1a:ec:b0:de:dc:fe:1d:
                    23:31:97:e7:1a:a2:8e:f1:30:b3:a9:41:9e:ef:0d:
                    b4:50:5d:70:61:83:7a:ae:89:63:bf:eb:a8:70:3c:
                    ec:48:71:b0:c8:22:58:6d:39:ff:91:ab:14:ba:87:
                    19:50:23:7a:79:c7:ab:82:a9:c8:74:a8:f8:6e:87:
                    6f:ff:02:fb:4c:2c:18:05:de:f3:a5:e8:01:f4:b9:
                    16:90:90:9e:ef:a4:98:fa:b0:98:b2:54:6c:5f:3f:
                    49:b9:0f:3c:6d:cb:c8:3f:4a:16:69:59:57:f1:7b:
                    98:30:7c:c9:11:70:12:e6:4f:68:d1:2b:38:4f:f1:
                    3a:1b:0f:e1:2a:f2:3d:29:a4:52:9e:7f:aa:e8:10:
                    b5:be:21:c4:ee:16:63:21:61:99:d2:d7:66:d7:27:
                    8c:13:1a:77:1c:96:2c:e8:84:1b:35:57:bf:17:87:
                    c3:17:eb:ae:3a:41:4f:14:94:4c:b2:b8:ff:ab:81:
                    f2:d4:70:a6:49:3b:46:b2:dc:1a:be:a6:e7:a6:c8:
                    f4:07:1a:8d:0a:15:4a:e7:59:fe:94:ca:5a:a7:ec:
                    88:c8:d4:7e:98:5e:a0:b6:d9:e5:7e:a3:de:2c:f7:
                    9c:31:44:32:a5:7b:3c:83:47:9d:f6:ba:48:db:62:
                    fd:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:A5:1F:DB:58:D6:44:19:C5:E8:A8:0D:7A:A5:E6:F2:5E:5F:61:17
            X509v3 Authority Key Identifier:
                keyid:DC:2F:08:75:6F:54:EC:D7:28:0D:1E:AC:CF:87:8A:EB:3F:28:AC:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3C8IdW9U7NcoDR6sz4eK6z8orE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/389477-5870-4e2d-ac87-cc6bc94538fa/1/3C8IdW9U7NcoDR6sz4eK6z8orE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         68:a6:47:06:fc:2a:a5:3f:09:d2:9c:e5:c1:45:ea:93:db:66:
         45:30:b6:b2:bd:a1:7c:28:a7:de:e9:a1:74:a1:40:e1:32:b7:
         3f:0a:6a:48:b0:f7:43:68:76:3d:84:b9:e2:b6:44:62:7a:98:
         27:13:61:80:34:24:25:39:17:2f:ac:a1:42:87:3d:c8:b0:16:
         9c:6b:7b:7a:99:19:5b:db:a7:df:25:80:69:e3:94:73:d5:b5:
         f7:4c:db:98:00:32:ee:fa:67:3f:ac:59:18:16:0b:dd:6f:61:
         b7:4b:40:f6:c3:13:07:48:a2:db:20:c4:4d:1b:56:11:d5:c6:
         92:7d:02:33:0d:b2:64:2d:de:01:23:6b:05:5e:50:b0:b0:43:
         25:e9:28:0d:b8:8a:55:ff:75:27:96:4d:e0:e3:1c:d3:79:c0:
         38:c6:1d:bf:16:5e:15:08:68:be:3d:f9:cd:91:7a:ee:b9:d3:
         c8:4d:24:d0:52:f4:73:31:d6:c6:c0:d1:15:be:6a:fc:d1:af:
         81:90:4d:3a:ab:2d:8d:fe:0a:2c:59:bf:08:17:cd:c6:3d:25:
         f8:73:b5:2f:46:7b:e7:8a:cb:27:cf:d3:fb:98:7f:71:fb:53:
         f6:7d:42:b2:ae:7a:f4:83:eb:56:d7:0f:be:8e:82:81:6d:47:
         3d:86:6c:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAcatEUgWrZVKYMFeWGr7nTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMmYwODc1NmY1NGVjZDcyODBkMWVhY2NmODc4YWViM2Yy
OGFjNGYwHhcNMjQwNjE1MTUwMTIwWhcNMjQwNjE2MTUwMTIwWjAzMTEwLwYDVQQD
EygyOGE1MWZkYjU4ZDY0NDE5YzVlOGE4MGQ3YWE1ZTZmMjVlNWY2MTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqluycKQh1hrssN7c/h0jMZfnGqKO
8TCzqUGe7w20UF1wYYN6roljv+uocDzsSHGwyCJYbTn/kasUuocZUCN6ecergqnI
dKj4bodv/wL7TCwYBd7zpegB9LkWkJCe76SY+rCYslRsXz9JuQ88bcvIP0oWaVlX
8XuYMHzJEXAS5k9o0Ss4T/E6Gw/hKvI9KaRSnn+q6BC1viHE7hZjIWGZ0tdm1yeM
Exp3HJYs6IQbNVe/F4fDF+uuOkFPFJRMsrj/q4Hy1HCmSTtGstwavqbnpsj0BxqN
ChVK51n+lMpap+yIyNR+mF6gttnlfqPeLPecMUQypXs8g0ed9rpI22L94wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCilH9tY1kQZxeioDXql5vJeX2EXMB8GA1UdIwQY
MBaAFNwvCHVvVOzXKA0erM+Hius/KKxPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODct
Y2M2YmM5NDUzOGZhLzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8zODk0NzctNTg3MC00ZTJkLWFjODctY2M2YmM5NDUzOGZh
LzEvM0M4SWRXOVU3TmNvRFI2c3o0ZUs2ejhvckU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaKZHBvwq
pT8J0pzlwUXqk9tmRTC2sr2hfCin3umhdKFA4TK3PwpqSLD3Q2h2PYS54rZEYnqY
JxNhgDQkJTkXL6yhQoc9yLAWnGt7epkZW9un3yWAaeOUc9W190zbmAAy7vpnP6xZ
GBYL3W9ht0tA9sMTB0ii2yDETRtWEdXGkn0CMw2yZC3eASNrBV5QsLBDJekoDbiK
Vf91J5ZN4OMc03nAOMYdvxZeFQhovj35zZF67rnTyE0k0FL0czHWxsDRFb5q/NGv
gZBNOqstjf4KLFm/CBfNxj0l+HO1L0Z754rLJ8/T+5h/cftT9n1Csq569IPrVtcP
vo6CgW1HPYZsRQ==
-----END CERTIFICATE-----