Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
File:                     3ohLjkYvPsE6QCTWaamdlK8FzbI.mft (raw, json)
Hash identifier:          i1i/xtf1vpgkanQcvmN0Z2wXq4WWoU4saYBgvHBFGjM=
Subject key identifier:   D0:79:5C:5B:ED:F9:39:53:D7:19:C8:0B:C0:AA:DC:72:33:1B:51:EA
Authority key identifier: DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2
Certificate issuer:       /CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
Certificate serial:       018F87ED61F6370C0ED4C067B81918CCA139
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
Manifest number:          0227
Signing time:             Fri 17 May 2024 19:00:32 +0000
Manifest this update:     Fri 17 May 2024 19:00:32 +0000
Manifest next update:     Sat 18 May 2024 19:00:32 +0000
Files and hashes:         1: 3ohLjkYvPsE6QCTWaamdlK8FzbI.crl (hash: UHVaoxRHoiCx6XDmsP4xkOgGmDq5bIbHMpJgpUzvs0Y=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:61:f6:37:0c:0e:d4:c0:67:b8:19:18:cc:a1:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=de884b8e462f3ec13a4024d669a99d94af05cdb2
        Validity
            Not Before: May 17 19:00:32 2024 GMT
            Not After : May 18 19:00:32 2024 GMT
        Subject: CN=d0795c5bedf93953d719c80bc0aadc72331b51ea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4a:33:be:91:4e:ee:62:bf:b0:3b:62:76:b9:
                    fc:20:44:77:d1:01:76:8d:22:7b:d2:af:43:06:27:
                    75:25:1a:cd:c9:be:df:e5:7a:9b:7f:c1:da:4e:c8:
                    fd:c0:f1:1f:5d:ef:95:73:5d:c0:22:24:4d:86:c9:
                    76:30:4f:d2:97:af:66:90:f8:54:ab:4b:13:0f:c2:
                    35:07:b9:e1:92:4c:c5:ab:72:e3:44:9f:8e:5a:a8:
                    57:1a:af:84:e3:05:22:bd:2d:fc:80:50:d1:da:2a:
                    b5:72:5e:71:04:4c:8b:e9:04:8e:e9:08:28:30:c6:
                    43:07:da:2d:42:fb:81:66:d6:48:2e:c5:9e:ef:22:
                    fa:18:fa:4d:be:a3:50:2a:fc:5f:d1:7c:bc:76:ab:
                    28:7e:00:cf:0c:0c:cb:e2:eb:3b:18:fc:bb:04:56:
                    f8:43:02:d7:33:5e:72:d7:f9:e3:38:0a:26:8b:02:
                    a3:96:4f:07:b5:fc:69:36:a8:dc:c7:05:3d:8d:b9:
                    bc:7c:c2:ed:87:19:b1:cf:e3:9a:e8:15:62:fe:67:
                    05:5a:cf:4b:94:e7:cb:38:79:8a:94:85:f7:1a:ff:
                    06:f6:84:e5:04:2b:dd:5e:c4:1e:f3:fa:c1:b2:da:
                    32:c8:0f:24:9c:46:21:5f:f4:c1:da:df:f0:51:5b:
                    f2:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:79:5C:5B:ED:F9:39:53:D7:19:C8:0B:C0:AA:DC:72:33:1B:51:EA
            X509v3 Authority Key Identifier:
                keyid:DE:88:4B:8E:46:2F:3E:C1:3A:40:24:D6:69:A9:9D:94:AF:05:CD:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ohLjkYvPsE6QCTWaamdlK8FzbI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/45df56-dd32-433c-b44e-4af70402b270/1/3ohLjkYvPsE6QCTWaamdlK8FzbI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8a:35:20:e4:f0:c2:12:c1:99:17:52:9d:09:17:27:d5:ac:80:
         5d:6b:9d:8e:7c:58:0c:b7:ad:ed:48:a0:a3:64:8e:eb:49:55:
         00:25:5e:e0:ad:10:6e:bd:27:63:59:83:ea:cc:d5:67:8e:ed:
         6a:4b:7d:b9:ae:61:1a:c2:bb:86:02:de:ab:71:63:3e:be:db:
         51:97:1d:56:b8:6f:80:ba:ca:f3:6f:7a:77:f3:2a:a9:09:f6:
         25:e1:f7:c5:a4:1d:3e:df:3c:da:8e:17:65:88:88:15:8c:86:
         ad:d8:bd:4e:2a:56:32:3d:5f:48:6e:41:6f:65:73:ef:42:b5:
         92:fb:c1:5f:3c:1b:f4:c9:f2:3b:a7:22:2f:34:6a:dd:fe:34:
         92:26:77:69:c6:d5:dd:dd:40:11:57:99:e8:6d:19:c3:d5:98:
         1b:57:be:3c:30:fb:f9:90:7e:5a:7d:f7:3e:55:69:5f:01:b7:
         d9:2e:2f:70:57:03:72:5f:a1:fd:f3:d0:df:55:1c:f1:23:90:
         65:c5:dc:bf:a9:ee:2e:d1:61:50:dc:2b:4b:fb:04:fb:b8:3d:
         ab:23:ea:ea:8a:cf:8b:2c:df:eb:0e:0f:34:96:a9:45:aa:6c:
         eb:66:e4:78:e9:fc:40:44:4b:86:dc:67:3c:74:71:29:97:a0:
         a5:da:24:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7WH2NwwO1MBnuBkYzKE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODg0YjhlNDYyZjNlYzEzYTQwMjRkNjY5YTk5ZDk0YWYw
NWNkYjIwHhcNMjQwNTE3MTkwMDMyWhcNMjQwNTE4MTkwMDMyWjAzMTEwLwYDVQQD
EyhkMDc5NWM1YmVkZjkzOTUzZDcxOWM4MGJjMGFhZGM3MjMzMWI1MWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukozvpFO7mK/sDtidrn8IER30QF2
jSJ70q9DBid1JRrNyb7f5Xqbf8HaTsj9wPEfXe+Vc13AIiRNhsl2ME/Sl69mkPhU
q0sTD8I1B7nhkkzFq3LjRJ+OWqhXGq+E4wUivS38gFDR2iq1cl5xBEyL6QSO6Qgo
MMZDB9otQvuBZtZILsWe7yL6GPpNvqNQKvxf0Xy8dqsofgDPDAzL4us7GPy7BFb4
QwLXM15y1/njOAomiwKjlk8HtfxpNqjcxwU9jbm8fMLthxmxz+Oa6BVi/mcFWs9L
lOfLOHmKlIX3Gv8G9oTlBCvdXsQe8/rBstoyyA8knEYhX/TB2t/wUVvyzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNB5XFvt+TlT1xnIC8Cq3HIzG1HqMB8GA1UdIwQY
MBaAFN6IS45GLz7BOkAk1mmpnZSvBc2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUt
NGFmNzA0MDJiMjcwLzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NWRmNTYtZGQzMi00MzNjLWI0NGUtNGFmNzA0MDJiMjcw
LzEvM29oTGprWXZQc0U2UUNUV2FhbWRsSzhGemJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijUg5PDC
EsGZF1KdCRcn1ayAXWudjnxYDLet7Uigo2SO60lVACVe4K0Qbr0nY1mD6szVZ47t
akt9ua5hGsK7hgLeq3FjPr7bUZcdVrhvgLrK8296d/MqqQn2JeH3xaQdPt882o4X
ZYiIFYyGrdi9TipWMj1fSG5Bb2Vz70K1kvvBXzwb9MnyO6ciLzRq3f40kiZ3acbV
3d1AEVeZ6G0Zw9WYG1e+PDD7+ZB+Wn33PlVpXwG32S4vcFcDcl+h/fPQ31Uc8SOQ
ZcXcv6nuLtFhUNwrS/sE+7g9qyPq6orPiyzf6w4PNJapRaps62bkeOn8QERLhtxn
PHRxKZegpdokJQ==
-----END CERTIFICATE-----