Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
File:                     PuzIGOGpxqhRe81paldEKNbRekQ.mft (raw, json)
Hash identifier:          S828xQ5ey4o60xHYEn/yyxM8oohZgm2irm0IfV/CMxA=
Subject key identifier:   B1:91:D5:B6:B4:7A:B0:AE:39:0B:AE:84:04:53:AB:76:62:BD:6E:BB
Authority key identifier: 3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44
Certificate issuer:       /CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
Certificate serial:       0191FB22EB6CB14246812B7E47232E2BFA7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
Manifest number:          016C
Signing time:             Mon 16 Sep 2024 14:00:55 +0000
Manifest this update:     Mon 16 Sep 2024 14:00:55 +0000
Manifest next update:     Tue 17 Sep 2024 14:00:55 +0000
Files and hashes:         1: PuzIGOGpxqhRe81paldEKNbRekQ.crl (hash: Rc8MTAwb4S1qb/38gzomXa9ILLXl8SdV+uJOmRVwHHI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:22:eb:6c:b1:42:46:81:2b:7e:47:23:2e:2b:fa:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3eecc818e1a9c6a8517bcd696a574428d6d17a44
        Validity
            Not Before: Sep 16 14:00:55 2024 GMT
            Not After : Sep 17 14:00:55 2024 GMT
        Subject: CN=b191d5b6b47ab0ae390bae840453ab7662bd6ebb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:07:fc:ee:00:55:f9:ef:23:d9:50:58:28:b9:
                    b1:7e:2e:3b:73:65:b0:8d:76:63:7f:5e:08:33:b4:
                    af:ff:91:fe:7a:9d:6e:25:05:f9:8e:4f:e1:2f:29:
                    dd:96:c0:28:22:ef:cf:95:45:b9:d6:92:04:81:52:
                    b9:dd:ea:3b:22:7c:5c:e9:5e:b4:c1:6e:f1:8c:44:
                    88:91:e4:fe:49:a6:dd:23:d8:b4:cc:f1:34:1d:72:
                    d7:9e:18:d7:85:52:bc:a7:5f:df:a6:26:8d:31:46:
                    9f:db:33:83:0b:93:94:33:d5:d2:24:e5:fa:8c:b2:
                    81:ce:16:36:77:96:2d:ec:2d:dc:41:ba:79:02:bd:
                    99:ea:17:c8:65:06:77:a3:91:9f:16:24:46:5c:da:
                    75:bd:5e:3a:5e:a5:99:f0:cd:e6:e8:91:cc:a1:01:
                    a0:65:13:2f:7b:87:61:73:23:e0:ff:4f:d7:6a:0e:
                    60:a0:73:20:22:82:08:78:cc:2a:13:0d:f0:5e:b1:
                    bf:bf:6f:28:ef:fd:66:cd:54:dc:7b:28:5e:d1:51:
                    16:e5:38:4b:d2:f2:bb:88:50:47:fb:05:e4:38:8b:
                    09:1b:f2:ea:6f:74:c4:73:98:49:3c:fb:87:44:e2:
                    e8:c3:d1:34:ae:73:d4:28:98:49:25:ba:af:5b:4d:
                    f2:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:91:D5:B6:B4:7A:B0:AE:39:0B:AE:84:04:53:AB:76:62:BD:6E:BB
            X509v3 Authority Key Identifier:
                keyid:3E:EC:C8:18:E1:A9:C6:A8:51:7B:CD:69:6A:57:44:28:D6:D1:7A:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PuzIGOGpxqhRe81paldEKNbRekQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/28860d-3c90-449f-a43e-8d3d50480d9d/1/PuzIGOGpxqhRe81paldEKNbRekQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6b:14:a7:ed:61:68:69:e1:71:c6:9e:9b:28:7a:89:55:19:01:
         47:2a:07:52:9b:78:31:d3:4d:91:9f:d6:93:b0:1e:27:8d:24:
         98:2f:fc:95:59:2e:02:dc:0d:5c:73:16:e8:55:02:0c:e9:01:
         7b:c1:d1:87:8f:a3:95:20:1e:65:07:d9:53:31:9f:40:b9:49:
         2c:c2:87:5b:3e:7e:df:9a:f4:42:50:19:9b:7f:67:54:c3:60:
         a0:72:52:eb:0b:77:c3:61:36:44:a9:56:4d:31:a5:c0:77:78:
         45:05:4d:1e:6c:58:04:b8:77:7c:d2:95:12:32:ed:9f:33:30:
         a5:d3:cd:aa:99:95:f5:7f:2e:69:3d:77:d2:3f:1c:26:9e:02:
         f4:97:ca:61:fb:e7:c5:c9:42:41:42:3e:d8:f9:44:98:e9:9e:
         21:00:b6:a8:44:cf:a4:42:7e:62:f1:2a:c0:ac:f7:eb:d6:2d:
         d1:7a:03:59:d0:5c:d9:cd:f5:c6:d0:1c:5b:9f:24:8b:9d:77:
         8b:27:24:8a:cf:80:f9:b7:5d:b8:77:0f:04:5b:d5:b1:73:a0:
         78:cd:80:a9:90:4a:c6:a9:da:3e:23:63:2a:01:e5:b0:42:a2:
         9a:23:63:f4:b6:79:46:c4:b2:72:ed:10:04:63:bf:3b:a4:d1:
         72:08:3a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7IutssUJGgSt+RyMuK/p/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZWNjODE4ZTFhOWM2YTg1MTdiY2Q2OTZhNTc0NDI4ZDZk
MTdhNDQwHhcNMjQwOTE2MTQwMDU1WhcNMjQwOTE3MTQwMDU1WjAzMTEwLwYDVQQD
EyhiMTkxZDViNmI0N2FiMGFlMzkwYmFlODQwNDUzYWI3NjYyYmQ2ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgf87gBV+e8j2VBYKLmxfi47c2Ww
jXZjf14IM7Sv/5H+ep1uJQX5jk/hLyndlsAoIu/PlUW51pIEgVK53eo7Inxc6V60
wW7xjESIkeT+SabdI9i0zPE0HXLXnhjXhVK8p1/fpiaNMUaf2zODC5OUM9XSJOX6
jLKBzhY2d5Yt7C3cQbp5Ar2Z6hfIZQZ3o5GfFiRGXNp1vV46XqWZ8M3m6JHMoQGg
ZRMve4dhcyPg/0/Xag5goHMgIoIIeMwqEw3wXrG/v28o7/1mzVTceyhe0VEW5ThL
0vK7iFBH+wXkOIsJG/Lqb3TEc5hJPPuHROLow9E0rnPUKJhJJbqvW03ycQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLGR1ba0erCuOQuuhARTq3ZivW67MB8GA1UdIwQY
MBaAFD7syBjhqcaoUXvNaWpXRCjW0XpEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2Ut
OGQzZDUwNDgwZDlkLzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yODg2MGQtM2M5MC00NDlmLWE0M2UtOGQzZDUwNDgwZDlk
LzEvUHV6SUdPR3B4cWhSZTgxcGFsZEVLTmJSZWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaxSn7WFo
aeFxxp6bKHqJVRkBRyoHUpt4MdNNkZ/Wk7AeJ40kmC/8lVkuAtwNXHMW6FUCDOkB
e8HRh4+jlSAeZQfZUzGfQLlJLMKHWz5+35r0QlAZm39nVMNgoHJS6wt3w2E2RKlW
TTGlwHd4RQVNHmxYBLh3fNKVEjLtnzMwpdPNqpmV9X8uaT130j8cJp4C9JfKYfvn
xclCQUI+2PlEmOmeIQC2qETPpEJ+YvEqwKz369Yt0XoDWdBc2c31xtAcW58ki513
iyckis+A+bdduHcPBFvVsXOgeM2AqZBKxqnaPiNjKgHlsEKimiNj9LZ5RsSycu0Q
BGO/O6TRcgg6Yg==
-----END CERTIFICATE-----