Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
File:                     MCbiQi-nIkVOYIMX0hhitmqjfTM.mft (raw, json)
Hash identifier:          MbGQpavx55zMv/5mHm8sQusrSg5MKnzL5IqxoRdcseA=
Subject key identifier:   03:09:64:80:83:BA:15:83:BF:41:CE:56:BF:F6:AF:7C:BD:2A:B5:0F
Authority key identifier: 30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33
Certificate issuer:       /CN=3026e2422fa722454e608317d21862b66aa37d33
Certificate serial:       018F874A5BA801971A943439C425261C85E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
Manifest number:          10C8
Signing time:             Fri 17 May 2024 16:02:28 +0000
Manifest this update:     Fri 17 May 2024 16:02:28 +0000
Manifest next update:     Sat 18 May 2024 16:02:28 +0000
Files and hashes:         1: MCbiQi-nIkVOYIMX0hhitmqjfTM.crl (hash: tpIP7y/ulsHgyK5agSOj2AJOlgpm4V2UkjpJSeNC7Hw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:5b:a8:01:97:1a:94:34:39:c4:25:26:1c:85:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3026e2422fa722454e608317d21862b66aa37d33
        Validity
            Not Before: May 17 16:02:28 2024 GMT
            Not After : May 18 16:02:28 2024 GMT
        Subject: CN=0309648083ba1583bf41ce56bff6af7cbd2ab50f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:85:fe:42:2a:23:cf:d4:12:c1:e7:58:17:9d:
                    65:39:29:84:f6:cf:08:af:d0:b1:ab:ee:f8:bd:7e:
                    92:c7:c6:de:88:0a:d9:f8:11:e1:13:93:31:a9:61:
                    e4:5b:c5:5f:8f:69:d3:09:59:fe:5b:89:0e:c8:d1:
                    11:dd:74:5f:26:d2:f2:58:ff:9f:06:78:68:2a:60:
                    26:14:6c:4c:27:40:7f:cb:2f:40:b5:f2:40:fd:ed:
                    db:54:c3:e3:be:67:80:fe:08:40:ca:0a:d9:25:14:
                    8e:30:de:12:68:32:8b:82:07:e7:c0:0a:9d:66:09:
                    d5:c8:54:1d:f2:33:c7:7f:4c:8c:95:e2:35:20:b2:
                    0e:3e:03:cb:e1:72:77:09:ee:dc:1b:08:f3:2e:04:
                    1e:5e:48:0f:22:88:f1:19:b3:4d:9e:fe:1b:14:13:
                    93:cf:ad:73:3a:d1:da:fc:a9:cf:90:7f:4c:0f:63:
                    8d:80:2c:fe:86:fe:89:f6:33:54:af:19:e6:e2:99:
                    1f:21:02:a0:10:ab:ae:2c:2f:49:dc:7d:57:3e:ff:
                    a3:52:be:84:12:97:ac:c8:fc:99:6a:45:cd:22:a9:
                    d1:f5:06:f9:c7:97:74:c7:98:4a:77:ee:1f:26:ef:
                    71:cf:a8:ba:79:4d:21:74:a9:cb:41:fd:ce:e2:10:
                    02:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:09:64:80:83:BA:15:83:BF:41:CE:56:BF:F6:AF:7C:BD:2A:B5:0F
            X509v3 Authority Key Identifier:
                keyid:30:26:E2:42:2F:A7:22:45:4E:60:83:17:D2:18:62:B6:6A:A3:7D:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCbiQi-nIkVOYIMX0hhitmqjfTM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/b792cc-ab96-456e-9d3e-a1ee440ffe3e/1/MCbiQi-nIkVOYIMX0hhitmqjfTM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7c:33:88:87:83:5d:69:bf:29:09:d3:4c:e9:d5:2d:db:4e:43:
         2d:be:d5:a9:64:9f:b5:12:d4:85:54:8f:37:1e:4a:b3:84:3e:
         42:21:fa:08:10:46:ae:3a:91:02:90:9f:43:87:48:35:25:78:
         1d:2f:a3:00:ef:48:fa:1e:bc:7f:18:17:47:f6:b0:4e:9c:48:
         b1:63:08:5a:db:73:80:8e:c7:fd:fd:af:79:1a:d0:fc:9e:f3:
         8d:67:7c:b4:3d:4c:ab:75:76:6d:29:5d:9c:e4:3e:e9:46:38:
         fb:0e:ee:b3:a6:bc:35:d4:24:d8:ac:a5:12:4e:40:7a:70:16:
         dc:68:09:f0:8f:ab:6f:2e:ab:05:d9:5b:53:dd:4c:d8:1c:b4:
         60:59:3f:2a:e3:7f:b5:9a:18:52:45:bc:18:d7:28:7d:f3:94:
         ef:a2:a5:cc:38:91:24:ce:6b:f9:a0:a2:81:1b:5d:7b:34:b1:
         62:7a:f7:6b:5d:a3:02:f5:4f:f8:da:ec:ed:7b:15:d0:d2:84:
         dc:60:8e:14:a5:44:de:da:3d:2d:74:1d:93:ac:7d:04:a4:61:
         95:57:32:6d:af:b5:d3:88:63:b0:a2:61:fb:9d:54:00:a4:8a:
         6a:25:c8:6c:b5:41:fc:e1:78:35:43:f0:37:83:de:38:f2:40:
         33:74:7e:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSluoAZcalDQ5xCUmHIXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjZlMjQyMmZhNzIyNDU0ZTYwODMxN2QyMTg2MmI2NmFh
MzdkMzMwHhcNMjQwNTE3MTYwMjI4WhcNMjQwNTE4MTYwMjI4WjAzMTEwLwYDVQQD
EygwMzA5NjQ4MDgzYmExNTgzYmY0MWNlNTZiZmY2YWY3Y2JkMmFiNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74X+Qiojz9QSwedYF51lOSmE9s8I
r9Cxq+74vX6Sx8beiArZ+BHhE5MxqWHkW8Vfj2nTCVn+W4kOyNER3XRfJtLyWP+f
BnhoKmAmFGxMJ0B/yy9AtfJA/e3bVMPjvmeA/ghAygrZJRSOMN4SaDKLggfnwAqd
ZgnVyFQd8jPHf0yMleI1ILIOPgPL4XJ3Ce7cGwjzLgQeXkgPIojxGbNNnv4bFBOT
z61zOtHa/KnPkH9MD2ONgCz+hv6J9jNUrxnm4pkfIQKgEKuuLC9J3H1XPv+jUr6E
EpesyPyZakXNIqnR9Qb5x5d0x5hKd+4fJu9xz6i6eU0hdKnLQf3O4hACTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMJZICDuhWDv0HOVr/2r3y9KrUPMB8GA1UdIwQY
MBaAFDAm4kIvpyJFTmCDF9IYYrZqo30zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2Ut
YTFlZTQ0MGZmZTNlLzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9iNzkyY2MtYWI5Ni00NTZlLTlkM2UtYTFlZTQ0MGZmZTNl
LzEvTUNiaVFpLW5Ja1ZPWUlNWDBoaGl0bXFqZlRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfDOIh4Nd
ab8pCdNM6dUt205DLb7VqWSftRLUhVSPNx5Ks4Q+QiH6CBBGrjqRApCfQ4dINSV4
HS+jAO9I+h68fxgXR/awTpxIsWMIWttzgI7H/f2veRrQ/J7zjWd8tD1Mq3V2bSld
nOQ+6UY4+w7us6a8NdQk2KylEk5AenAW3GgJ8I+rby6rBdlbU91M2By0YFk/KuN/
tZoYUkW8GNcoffOU76KlzDiRJM5r+aCigRtdezSxYnr3a12jAvVP+Nrs7XsV0NKE
3GCOFKVE3to9LXQdk6x9BKRhlVcyba+104hjsKJh+51UAKSKaiXIbLVB/OF4NUPw
N4PeOPJAM3R+VQ==
-----END CERTIFICATE-----