Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
File:                     DW3GbMOENrasMel-cS0hlAfIPPQ.mft (raw, json)
Hash identifier:          j7gnqxbr5viNa+Ch91DfYfojc5x6PLp5mOwszPpHiUM=
Subject key identifier:   D7:13:1A:FE:14:7F:4A:91:C1:5F:DC:47:64:0B:69:A9:46:6D:96:05
Authority key identifier: 0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4
Certificate issuer:       /CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
Certificate serial:       0191FA47C3D0CEE90D47E4F64FE9976A8C8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
Manifest number:          0140
Signing time:             Mon 16 Sep 2024 10:01:32 +0000
Manifest this update:     Mon 16 Sep 2024 10:01:32 +0000
Manifest next update:     Tue 17 Sep 2024 10:01:32 +0000
Files and hashes:         1: DW3GbMOENrasMel-cS0hlAfIPPQ.crl (hash: mJO49gQtPVLKljBeY8x4L4QvtsxsX6mZ/MRlSz9Z6bI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 10:01:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:47:c3:d0:ce:e9:0d:47:e4:f6:4f:e9:97:6a:8c:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d6dc66cc38436b6ac31e97e712d219407c83cf4
        Validity
            Not Before: Sep 16 10:01:32 2024 GMT
            Not After : Sep 17 10:01:32 2024 GMT
        Subject: CN=d7131afe147f4a91c15fdc47640b69a9466d9605
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7d:83:79:1e:ac:df:9c:4b:10:ff:17:9a:e0:
                    86:b0:8e:ad:d3:4c:38:da:c1:7c:56:d8:a4:1c:42:
                    99:90:ba:32:2c:91:9f:a7:f9:78:23:af:34:83:72:
                    72:74:5b:dd:5b:ec:92:81:e8:9d:ae:4d:0d:0a:d1:
                    25:3d:07:cf:75:3f:5f:ed:ae:aa:88:e1:8c:de:50:
                    26:0e:8d:22:60:60:3f:c5:76:20:8e:63:bb:b0:75:
                    e8:61:bd:96:de:c6:80:65:cc:85:14:cc:84:c2:3f:
                    ef:b9:ac:30:3b:34:14:fc:42:e5:38:88:1c:48:d9:
                    b0:1a:0e:30:24:ea:8e:fb:9c:be:0f:c9:3e:58:d5:
                    1f:ea:be:a2:be:f4:a6:3e:9b:92:40:f0:9e:c7:d8:
                    03:57:f2:aa:18:51:1f:14:1b:05:b3:9b:20:d9:d6:
                    d5:36:92:83:59:0a:5c:34:d9:f8:63:3d:e6:3b:0a:
                    5f:46:3b:5e:ed:92:a5:f3:42:37:64:6e:88:ca:33:
                    c4:2b:65:e0:4c:0a:95:e6:e5:1d:ea:9a:d6:e3:d0:
                    f1:a8:fe:0b:eb:7c:e0:d1:9b:72:56:49:ed:da:41:
                    96:a6:39:b9:c2:56:c3:e8:bd:93:9a:62:38:a1:3e:
                    91:77:05:3f:ce:33:2c:27:1e:94:af:97:0c:04:a0:
                    ff:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:13:1A:FE:14:7F:4A:91:C1:5F:DC:47:64:0B:69:A9:46:6D:96:05
            X509v3 Authority Key Identifier:
                keyid:0D:6D:C6:6C:C3:84:36:B6:AC:31:E9:7E:71:2D:21:94:07:C8:3C:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DW3GbMOENrasMel-cS0hlAfIPPQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3859e6-43ac-4c74-b4fa-9dd52313ae7c/1/DW3GbMOENrasMel-cS0hlAfIPPQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         42:87:78:c5:2f:a0:59:c8:d1:48:8b:5d:ba:b5:d4:62:2d:76:
         5d:24:ef:ac:57:78:34:8a:9e:0e:cf:21:93:35:68:2a:ca:15:
         7d:30:c6:2c:99:7d:d2:67:d6:ae:66:58:c0:2c:ea:c4:5a:11:
         dd:cd:5a:5e:60:07:8f:13:78:ab:03:91:95:8f:62:ae:87:d6:
         74:25:00:67:64:a3:11:d7:22:fe:47:ec:f9:d5:af:88:3e:a0:
         28:5a:99:89:98:71:c0:f0:f3:12:2b:c4:5e:35:4f:a4:cd:d1:
         53:63:5a:2f:3b:a7:b4:7f:5e:bb:a7:92:30:44:69:63:2f:3c:
         de:e0:49:29:e9:2f:e9:e6:ca:29:98:3c:dc:56:29:d1:45:53:
         65:50:a5:09:23:81:f9:69:6c:ce:dc:9f:6e:6c:b9:df:91:90:
         c9:95:46:5b:ab:42:fd:6d:55:3a:c6:2a:93:57:38:07:2f:ba:
         38:9b:6b:36:6d:fa:81:a5:a5:a2:14:4b:39:d7:0a:50:d9:0e:
         0d:ad:82:12:87:46:4f:df:92:7b:e5:5c:e0:9a:26:9e:89:df:
         91:9a:48:95:82:93:22:d8:c3:2f:5a:96:f3:98:e6:d0:46:12:
         f9:14:f8:fc:17:34:99:a5:6d:5b:61:76:a1:28:0a:a3:2c:b9:
         9f:2b:5a:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6R8PQzukNR+T2T+mXaoyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNmRjNjZjYzM4NDM2YjZhYzMxZTk3ZTcxMmQyMTk0MDdj
ODNjZjQwHhcNMjQwOTE2MTAwMTMyWhcNMjQwOTE3MTAwMTMyWjAzMTEwLwYDVQQD
EyhkNzEzMWFmZTE0N2Y0YTkxYzE1ZmRjNDc2NDBiNjlhOTQ2NmQ5NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2H2DeR6s35xLEP8XmuCGsI6t00w4
2sF8VtikHEKZkLoyLJGfp/l4I680g3JydFvdW+ySgeidrk0NCtElPQfPdT9f7a6q
iOGM3lAmDo0iYGA/xXYgjmO7sHXoYb2W3saAZcyFFMyEwj/vuawwOzQU/ELlOIgc
SNmwGg4wJOqO+5y+D8k+WNUf6r6ivvSmPpuSQPCex9gDV/KqGFEfFBsFs5sg2dbV
NpKDWQpcNNn4Yz3mOwpfRjte7ZKl80I3ZG6IyjPEK2XgTAqV5uUd6prW49DxqP4L
63zg0ZtyVknt2kGWpjm5wlbD6L2TmmI4oT6RdwU/zjMsJx6Ur5cMBKD/UQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNcTGv4Uf0qRwV/cR2QLaalGbZYFMB8GA1UdIwQY
MBaAFA1txmzDhDa2rDHpfnEtIZQHyDz0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEt
OWRkNTIzMTNhZTdjLzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8zODU5ZTYtNDNhYy00Yzc0LWI0ZmEtOWRkNTIzMTNhZTdj
LzEvRFczR2JNT0VOcmFzTWVsLWNTMGhsQWZJUFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQod4xS+g
WcjRSItdurXUYi12XSTvrFd4NIqeDs8hkzVoKsoVfTDGLJl90mfWrmZYwCzqxFoR
3c1aXmAHjxN4qwORlY9irofWdCUAZ2SjEdci/kfs+dWviD6gKFqZiZhxwPDzEivE
XjVPpM3RU2NaLzuntH9eu6eSMERpYy883uBJKekv6ebKKZg83FYp0UVTZVClCSOB
+Wlsztyfbmy535GQyZVGW6tC/W1VOsYqk1c4By+6OJtrNm36gaWlohRLOdcKUNkO
Da2CEodGT9+Se+Vc4JomnonfkZpIlYKTItjDL1qW85jm0EYS+RT4/Bc0maVtW2F2
oSgKoyy5nytaYg==
-----END CERTIFICATE-----