Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
File:                     qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft (raw, json)
Hash identifier:          zPKBhkFO4+x34AwgXUuTk+uNziffnaB5IeKuEpd8sEE=
Subject key identifier:   C3:B4:3C:A5:E1:AC:39:F6:3C:91:44:D3:D2:A4:87:D6:51:EF:08:8E
Authority key identifier: A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F
Certificate issuer:       /CN=a9240f027a9409229c59ff630aa2a80f9378a93f
Certificate serial:       018F88921A7393E0CED8DCB013BE6109A202
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
Manifest number:          0CCB
Signing time:             Fri 17 May 2024 22:00:27 +0000
Manifest this update:     Fri 17 May 2024 22:00:27 +0000
Manifest next update:     Sat 18 May 2024 22:00:27 +0000
Files and hashes:         1: qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl (hash: 2TxnzAVez+gjNywccwoSSaU0gHkUvof1kk31lGQnwHY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:92:1a:73:93:e0:ce:d8:dc:b0:13:be:61:09:a2:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a9240f027a9409229c59ff630aa2a80f9378a93f
        Validity
            Not Before: May 17 22:00:27 2024 GMT
            Not After : May 18 22:00:27 2024 GMT
        Subject: CN=c3b43ca5e1ac39f63c9144d3d2a487d651ef088e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:61:20:ec:55:e8:69:fb:53:4a:f2:ef:86:c9:
                    93:d1:37:24:03:02:81:f9:98:9a:bc:43:56:d0:21:
                    fd:af:22:0d:6f:34:19:1d:10:61:a2:66:15:0c:9b:
                    74:da:a8:8c:09:60:df:f2:32:72:1c:bc:a1:f1:58:
                    ab:d9:21:c3:08:e7:0c:fd:b0:e5:3e:7d:8d:62:eb:
                    2e:41:60:42:0f:9a:cc:28:8e:9f:e7:8d:e0:11:28:
                    8e:7c:5a:63:8d:95:47:6e:76:8e:e7:24:3b:59:c0:
                    9d:18:0c:ec:01:3d:c9:e3:91:99:45:04:cb:10:8d:
                    a2:2b:d5:50:d9:69:ec:7b:04:62:31:78:99:d0:02:
                    3e:68:5f:8e:f9:f7:47:ca:9f:67:33:75:af:c3:1d:
                    cd:53:90:e0:5d:66:2b:01:5b:94:86:a8:19:bd:d9:
                    ac:ed:02:8b:7e:52:f9:46:da:9d:28:75:cf:c9:d5:
                    c4:6d:56:1b:32:1f:f1:b2:99:2f:46:f3:8c:d4:fe:
                    0b:50:c0:5f:a6:45:44:1f:8a:48:72:47:82:c9:72:
                    53:ef:fc:5f:6c:61:f5:4c:b0:16:8e:79:be:c8:df:
                    7c:1e:b1:d3:d4:a1:f2:7a:5c:7c:96:f7:85:50:60:
                    20:78:35:cf:a4:43:64:8c:db:00:e7:57:7f:8a:20:
                    df:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:B4:3C:A5:E1:AC:39:F6:3C:91:44:D3:D2:A4:87:D6:51:EF:08:8E
            X509v3 Authority Key Identifier:
                keyid:A9:24:0F:02:7A:94:09:22:9C:59:FF:63:0A:A2:A8:0F:93:78:A9:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSQPAnqUCSKcWf9jCqKoD5N4qT8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/bfcf7f-930c-4ed4-96cd-3d1b3a86ce87/1/qSQPAnqUCSKcWf9jCqKoD5N4qT8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:40:13:fc:13:ec:71:41:00:14:3e:87:71:e4:82:b7:ff:a3:
         97:76:63:aa:85:d6:c8:4d:2b:e1:a8:0a:b5:1f:fd:7b:82:ef:
         1d:75:8f:ea:62:8b:10:b3:d7:f9:7f:6c:b9:e8:02:22:77:12:
         5f:21:18:2c:80:97:d7:17:90:7a:a4:d3:0d:08:cb:a3:73:61:
         a2:91:17:91:06:05:9c:0a:50:ec:d2:10:44:a6:1f:8d:a4:ca:
         a4:3d:ef:2a:a1:e9:11:bf:1c:ff:b2:1a:15:8b:f7:06:76:f2:
         4b:61:94:8f:f8:77:b7:a8:7e:9d:74:4f:9d:39:2a:e5:c4:5c:
         ae:4d:ba:ec:48:45:92:2a:1d:d5:02:87:36:66:6a:34:79:e0:
         ac:dc:9b:01:d6:b0:67:82:5f:82:19:8f:c8:58:3f:9a:e0:04:
         b8:0a:84:f6:d8:47:9d:19:11:e4:36:2d:35:c9:1c:70:d1:bd:
         95:02:77:4b:38:c2:19:6f:ea:f5:ae:ae:ce:65:88:00:a4:c1:
         e4:57:bc:9b:b5:45:d7:67:ab:83:1f:a8:06:e7:34:8d:7a:5e:
         1d:a0:20:95:0d:b4:41:76:25:38:aa:b4:ff:d2:f9:06:06:84:
         d7:e6:21:05:a6:e0:a4:17:19:76:00:d4:14:b8:71:38:67:cb:
         e2:af:36:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikhpzk+DO2NywE75hCaICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MjQwZjAyN2E5NDA5MjI5YzU5ZmY2MzBhYTJhODBmOTM3
OGE5M2YwHhcNMjQwNTE3MjIwMDI3WhcNMjQwNTE4MjIwMDI3WjAzMTEwLwYDVQQD
EyhjM2I0M2NhNWUxYWMzOWY2M2M5MTQ0ZDNkMmE0ODdkNjUxZWYwODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2Eg7FXoaftTSvLvhsmT0TckAwKB
+ZiavENW0CH9ryINbzQZHRBhomYVDJt02qiMCWDf8jJyHLyh8Vir2SHDCOcM/bDl
Pn2NYusuQWBCD5rMKI6f543gESiOfFpjjZVHbnaO5yQ7WcCdGAzsAT3J45GZRQTL
EI2iK9VQ2WnsewRiMXiZ0AI+aF+O+fdHyp9nM3Wvwx3NU5DgXWYrAVuUhqgZvdms
7QKLflL5RtqdKHXPydXEbVYbMh/xspkvRvOM1P4LUMBfpkVEH4pIckeCyXJT7/xf
bGH1TLAWjnm+yN98HrHT1KHyelx8lveFUGAgeDXPpENkjNsA51d/iiDfrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMO0PKXhrDn2PJFE09Kkh9ZR7wiOMB8GA1UdIwQY
MBaAFKkkDwJ6lAkinFn/YwqiqA+TeKk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2Qt
M2QxYjNhODZjZTg3LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9iZmNmN2YtOTMwYy00ZWQ0LTk2Y2QtM2QxYjNhODZjZTg3
LzEvcVNRUEFucVVDU0tjV2Y5akNxS29ENU40cVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATUAT/BPs
cUEAFD6HceSCt/+jl3ZjqoXWyE0r4agKtR/9e4LvHXWP6mKLELPX+X9suegCIncS
XyEYLICX1xeQeqTTDQjLo3NhopEXkQYFnApQ7NIQRKYfjaTKpD3vKqHpEb8c/7Ia
FYv3BnbyS2GUj/h3t6h+nXRPnTkq5cRcrk267EhFkiod1QKHNmZqNHngrNybAdaw
Z4JfghmPyFg/muAEuAqE9thHnRkR5DYtNckccNG9lQJ3SzjCGW/q9a6uzmWIAKTB
5Fe8m7VF12ergx+oBuc0jXpeHaAglQ20QXYlOKq0/9L5BgaE1+YhBabgpBcZdgDU
FLhxOGfL4q82Mw==
-----END CERTIFICATE-----