Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
File:                     t38R7tTnnIXMxWLfPR8oPjOdou0.mft (raw, json)
Hash identifier:          /TcliIYiXuxqa4HNnY/qNtFsxV2jBLFfMXgj8Eo7DYc=
Subject key identifier:   2F:95:25:D9:0A:F8:5E:4A:DD:40:CF:D5:E9:D4:8A:E1:C9:32:7E:5A
Authority key identifier: B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED
Certificate issuer:       /CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
Certificate serial:       018F96BD58AF039BBEDE14CAB7C81B2522FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
Manifest number:          0822
Signing time:             Mon 20 May 2024 16:02:22 +0000
Manifest this update:     Mon 20 May 2024 16:02:22 +0000
Manifest next update:     Tue 21 May 2024 16:02:22 +0000
Files and hashes:         1: t38R7tTnnIXMxWLfPR8oPjOdou0.crl (hash: kHKsBnKDV8dgAwR0XUPbUUp/Rzm9wwT0CTzIR9TFXW4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 21 May 2024 16:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:96:bd:58:af:03:9b:be:de:14:ca:b7:c8:1b:25:22:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77f11eed4e79c85ccc562df3d1f283e339da2ed
        Validity
            Not Before: May 20 16:02:22 2024 GMT
            Not After : May 21 16:02:22 2024 GMT
        Subject: CN=2f9525d90af85e4add40cfd5e9d48ae1c9327e5a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:ed:97:6c:17:c4:f5:07:cd:b3:7a:8e:7a:bd:
                    cb:3d:e7:77:7a:2a:34:8f:d0:60:ae:40:aa:8c:de:
                    ce:73:56:be:c3:a1:7e:f6:3f:68:05:2a:9a:0a:01:
                    32:5d:cb:0d:e7:e7:3c:fc:74:e4:37:9d:7b:3f:cb:
                    f7:75:ca:49:84:3f:51:06:1a:36:0c:7e:a0:0e:e7:
                    47:44:3c:55:6a:00:36:dd:02:60:03:1d:2e:72:b5:
                    06:90:c3:47:80:ef:cc:e7:8b:b0:ac:70:fa:2a:99:
                    ec:3e:fa:41:8b:03:8d:f8:cc:8a:d5:cb:56:61:47:
                    ed:3c:98:ea:72:61:fa:52:9a:39:8b:32:98:2d:f8:
                    7e:de:b0:d6:ba:1d:19:8b:fa:64:bb:96:57:e5:bb:
                    3c:42:40:24:d1:a7:7a:ae:24:12:f6:3e:98:e7:8c:
                    71:1c:bd:32:43:1e:cd:35:5d:04:0a:bd:da:29:44:
                    5c:58:67:28:4a:d5:ce:7a:17:59:13:97:cb:79:7a:
                    62:29:64:d3:fc:cb:e7:a9:95:91:33:15:53:a2:ea:
                    1d:c1:d6:61:76:e2:4f:ad:5a:73:10:b5:60:09:0f:
                    4a:4e:9f:a5:4a:01:6a:a5:94:6f:a7:48:d0:84:e4:
                    5a:f7:d4:f5:4a:e8:0c:58:38:c9:eb:64:69:ba:fb:
                    26:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:95:25:D9:0A:F8:5E:4A:DD:40:CF:D5:E9:D4:8A:E1:C9:32:7E:5A
            X509v3 Authority Key Identifier:
                keyid:B7:7F:11:EE:D4:E7:9C:85:CC:C5:62:DF:3D:1F:28:3E:33:9D:A2:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t38R7tTnnIXMxWLfPR8oPjOdou0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/975030-43b2-400b-8dc9-0c77559d9db0/1/t38R7tTnnIXMxWLfPR8oPjOdou0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         bc:e2:85:c3:3c:0b:ff:40:ad:ff:4b:03:c7:f0:e4:75:bf:66:
         77:da:1f:12:d7:ff:26:52:9d:ad:5d:7b:02:49:53:74:3d:3f:
         e1:1a:c1:a4:62:43:b4:46:ba:e9:88:93:44:0e:30:9c:b5:e4:
         2f:8f:2e:96:50:83:fe:5e:d3:a2:79:50:d3:75:34:ba:68:b0:
         84:f9:11:63:a0:1e:d6:41:15:01:95:de:78:a8:d9:44:05:36:
         01:40:5b:f8:81:b8:a1:a5:71:be:40:1a:52:23:9a:7d:25:68:
         18:de:3e:b5:c9:00:45:77:38:cd:d9:94:9a:5b:5c:d3:ad:2c:
         ca:10:31:d6:a6:a4:31:a4:85:65:40:44:38:f4:50:64:8f:15:
         1a:37:a2:a1:e5:fd:f3:af:4f:f1:5d:df:e5:70:5c:16:ed:b9:
         30:87:3c:34:07:82:92:0c:2c:15:02:0e:23:c6:21:59:b4:d2:
         53:d1:ec:a0:41:a3:67:bb:ae:3b:b9:5b:e3:62:64:c1:4d:fe:
         07:e7:1d:37:10:d8:63:a6:31:5f:db:b7:8a:5f:48:40:fa:5f:
         9f:fd:61:9f:7c:c0:80:17:7c:58:ee:82:73:dd:7a:45:73:8a:
         a1:0c:5f:b2:e4:80:71:aa:09:d5:b0:8f:b0:08:0c:78:1f:03:
         ac:65:f5:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+WvVivA5u+3hTKt8gbJSL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3N2YxMWVlZDRlNzljODVjY2M1NjJkZjNkMWYyODNlMzM5
ZGEyZWQwHhcNMjQwNTIwMTYwMjIyWhcNMjQwNTIxMTYwMjIyWjAzMTEwLwYDVQQD
EygyZjk1MjVkOTBhZjg1ZTRhZGQ0MGNmZDVlOWQ0OGFlMWM5MzI3ZTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+2XbBfE9QfNs3qOer3LPed3eio0
j9BgrkCqjN7Oc1a+w6F+9j9oBSqaCgEyXcsN5+c8/HTkN517P8v3dcpJhD9RBho2
DH6gDudHRDxVagA23QJgAx0ucrUGkMNHgO/M54uwrHD6KpnsPvpBiwON+MyK1ctW
YUftPJjqcmH6Upo5izKYLfh+3rDWuh0Zi/pku5ZX5bs8QkAk0ad6riQS9j6Y54xx
HL0yQx7NNV0ECr3aKURcWGcoStXOehdZE5fLeXpiKWTT/MvnqZWRMxVTouodwdZh
duJPrVpzELVgCQ9KTp+lSgFqpZRvp0jQhORa99T1SugMWDjJ62Rpuvsm+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC+VJdkK+F5K3UDP1enUiuHJMn5aMB8GA1UdIwQY
MBaAFLd/Ee7U55yFzMVi3z0fKD4znaLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzkt
MGM3NzU1OWQ5ZGIwLzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi85NzUwMzAtNDNiMi00MDBiLThkYzktMGM3NzU1OWQ5ZGIw
LzEvdDM4Ujd0VG5uSVhNeFdMZlBSOG9Qak9kb3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvOKFwzwL
/0Ct/0sDx/Dkdb9md9ofEtf/JlKdrV17AklTdD0/4RrBpGJDtEa66YiTRA4wnLXk
L48ullCD/l7TonlQ03U0umiwhPkRY6Ae1kEVAZXeeKjZRAU2AUBb+IG4oaVxvkAa
UiOafSVoGN4+tckARXc4zdmUmltc060syhAx1qakMaSFZUBEOPRQZI8VGjeioeX9
869P8V3f5XBcFu25MIc8NAeCkgwsFQIOI8YhWbTSU9HsoEGjZ7uuO7lb42JkwU3+
B+cdNxDYY6YxX9u3il9IQPpfn/1hn3zAgBd8WO6Cc916RXOKoQxfsuSAcaoJ1bCP
sAgMeB8DrGX1pg==
-----END CERTIFICATE-----