Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
File:                     knaysJMpLF-nXm4UwqSZrIR-QWs.mft (raw, json)
Hash identifier:          3gAg3J1PC4fbIJrdhRb+pakhy+UU624hArBX7oI5JzQ=
Subject key identifier:   C6:9F:2C:19:B3:68:1E:66:E9:FC:AC:94:2C:32:1C:82:F3:6A:C8:EF
Authority key identifier: 92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B
Certificate issuer:       /CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
Certificate serial:       018F874A9212146E9E5A87B98148F9405977
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
Manifest number:          0F48
Signing time:             Fri 17 May 2024 16:02:42 +0000
Manifest this update:     Fri 17 May 2024 16:02:42 +0000
Manifest next update:     Sat 18 May 2024 16:02:42 +0000
Files and hashes:         1: knaysJMpLF-nXm4UwqSZrIR-QWs.crl (hash: bYqmV7P09iE9wg53P51yayeV0Td9jc0t2ZbVj1NDWpo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:92:12:14:6e:9e:5a:87:b9:81:48:f9:40:59:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9276b2b093292c5fa75e6e14c2a499ac847e416b
        Validity
            Not Before: May 17 16:02:42 2024 GMT
            Not After : May 18 16:02:42 2024 GMT
        Subject: CN=c69f2c19b3681e66e9fcac942c321c82f36ac8ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a3:1f:c5:2d:b8:91:94:45:65:c9:d9:26:33:
                    d1:5a:25:50:22:12:6f:21:90:3f:4b:43:02:65:af:
                    c8:a0:5f:fe:9d:ea:7c:32:62:3c:5e:b6:e8:ec:dc:
                    b8:c3:80:c1:21:ba:08:ba:b0:e4:cb:46:94:8d:81:
                    b6:c3:8f:31:4e:f7:ed:4d:a9:4a:9c:40:e8:5b:d1:
                    4b:35:69:75:26:cd:ec:d5:6d:fc:84:bb:15:09:55:
                    da:5a:79:78:21:11:73:30:13:ff:f6:58:33:12:1a:
                    fe:2a:0d:a8:78:72:64:62:a4:0d:cd:e8:ad:9e:eb:
                    66:5f:5f:97:ef:6d:26:8e:a6:dc:fb:89:d7:cf:23:
                    da:dd:b0:3f:20:5c:bb:58:f5:49:fe:4f:3b:2d:0c:
                    e5:f6:09:63:ff:2a:37:bc:a3:39:62:f5:c7:05:4c:
                    1e:f5:08:4e:67:ef:88:17:eb:cb:e0:13:a2:cc:f6:
                    cd:6a:bd:1a:e2:91:ac:87:25:a0:03:1f:73:ca:f4:
                    2a:75:9c:af:13:6f:e9:16:53:59:17:84:cf:ac:77:
                    33:41:8c:f4:5e:7b:97:ab:ec:27:9b:d2:22:a5:e2:
                    df:42:d7:f7:51:62:8d:7d:00:e0:2f:05:ca:45:59:
                    07:aa:2c:09:e0:0c:ec:e0:62:c5:b3:02:0b:7b:6a:
                    a1:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:9F:2C:19:B3:68:1E:66:E9:FC:AC:94:2C:32:1C:82:F3:6A:C8:EF
            X509v3 Authority Key Identifier:
                keyid:92:76:B2:B0:93:29:2C:5F:A7:5E:6E:14:C2:A4:99:AC:84:7E:41:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knaysJMpLF-nXm4UwqSZrIR-QWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/3fa92f-cabd-413b-ae5c-69b733cbc528/1/knaysJMpLF-nXm4UwqSZrIR-QWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         98:22:bd:3d:32:a9:42:09:50:a6:6d:b9:77:04:86:fb:a1:41:
         de:3a:d0:e4:01:7d:12:d7:9b:43:0e:85:54:f5:ee:d3:31:66:
         39:e2:80:f9:81:9f:83:96:11:93:3a:24:86:ed:c6:1b:60:d6:
         72:4e:07:e5:3b:23:9b:c1:6e:67:9b:d4:c7:95:a0:84:41:46:
         42:08:25:14:74:62:b6:2a:00:d2:06:5d:28:aa:8f:74:7b:9a:
         84:5c:e2:e3:f8:c0:79:df:c9:31:52:48:65:e5:cb:28:2e:a3:
         74:8a:74:d2:d0:9a:b2:02:94:23:70:e7:1d:c5:38:05:bf:ce:
         fd:d3:68:a4:72:64:34:4d:ff:f2:af:78:2f:b6:7a:1a:f4:11:
         2e:db:44:71:fd:bc:e7:91:bc:21:b1:e6:88:d6:62:2c:aa:78:
         50:9a:78:90:a9:e9:87:60:1e:70:d3:40:a4:4e:46:57:b5:7b:
         73:61:30:26:22:ac:1e:58:cf:5c:66:a1:8d:2b:56:6a:a7:e8:
         3b:5d:5b:90:c0:30:5f:44:f5:df:b9:e1:3a:18:db:4b:8d:e2:
         81:f2:ac:13:ef:b9:a8:47:bc:b3:df:d4:53:aa:80:4c:57:87:
         95:c7:b5:5c:16:db:20:8d:a0:cc:a1:bf:f1:0c:1a:2e:3c:80:
         a2:00:f6:67
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSpISFG6eWoe5gUj5QFl3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNzZiMmIwOTMyOTJjNWZhNzVlNmUxNGMyYTQ5OWFjODQ3
ZTQxNmIwHhcNMjQwNTE3MTYwMjQyWhcNMjQwNTE4MTYwMjQyWjAzMTEwLwYDVQQD
EyhjNjlmMmMxOWIzNjgxZTY2ZTlmY2FjOTQyYzMyMWM4MmYzNmFjOGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKMfxS24kZRFZcnZJjPRWiVQIhJv
IZA/S0MCZa/IoF/+nep8MmI8Xrbo7Ny4w4DBIboIurDky0aUjYG2w48xTvftTalK
nEDoW9FLNWl1Js3s1W38hLsVCVXaWnl4IRFzMBP/9lgzEhr+Kg2oeHJkYqQNzeit
nutmX1+X720mjqbc+4nXzyPa3bA/IFy7WPVJ/k87LQzl9glj/yo3vKM5YvXHBUwe
9QhOZ++IF+vL4BOizPbNar0a4pGshyWgAx9zyvQqdZyvE2/pFlNZF4TPrHczQYz0
XnuXq+wnm9IipeLfQtf3UWKNfQDgLwXKRVkHqiwJ4Azs4GLFswILe2qhaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMafLBmzaB5m6fyslCwyHILzasjvMB8GA1UdIwQY
MBaAFJJ2srCTKSxfp15uFMKkmayEfkFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMt
NjliNzMzY2JjNTI4LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8zZmE5MmYtY2FiZC00MTNiLWFlNWMtNjliNzMzY2JjNTI4
LzEva25heXNKTXBMRi1uWG00VXdxU1pySVItUVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCK9PTKp
QglQpm25dwSG+6FB3jrQ5AF9EtebQw6FVPXu0zFmOeKA+YGfg5YRkzokhu3GG2DW
ck4H5Tsjm8FuZ5vUx5WghEFGQgglFHRitioA0gZdKKqPdHuahFzi4/jAed/JMVJI
ZeXLKC6jdIp00tCasgKUI3DnHcU4Bb/O/dNopHJkNE3/8q94L7Z6GvQRLttEcf28
55G8IbHmiNZiLKp4UJp4kKnph2AecNNApE5GV7V7c2EwJiKsHljPXGahjStWaqfo
O11bkMAwX0T137nhOhjbS43igfKsE++5qEe8s9/UU6qATFeHlce1XBbbII2gzKG/
8QwaLjyAogD2Zw==
-----END CERTIFICATE-----