Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
File:                     N28vTtsjIwxkt5O0GVfvSjI-PFM.mft (raw, json)
Hash identifier:          q7PWoB/rfImaTd22u7smTF9/J9ntm03enFg1vc96fS8=
Subject key identifier:   5D:21:84:4E:DE:3A:E6:EE:BA:46:4A:72:77:79:97:1A:5E:A0:07:F3
Authority key identifier: 37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53
Certificate issuer:       /CN=376f2f4edb23230c64b793b41957ef4a323e3c53
Certificate serial:       018F86A3F45E4DCB35372F6C236835FC0B45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
Manifest number:          0C23
Signing time:             Fri 17 May 2024 13:00:42 +0000
Manifest this update:     Fri 17 May 2024 13:00:42 +0000
Manifest next update:     Sat 18 May 2024 13:00:42 +0000
Files and hashes:         1: N28vTtsjIwxkt5O0GVfvSjI-PFM.crl (hash: 2bZC+bGpIhCGYojB/MGodNbNwacUVAX7vQHxYKqzkLM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:f4:5e:4d:cb:35:37:2f:6c:23:68:35:fc:0b:45
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=376f2f4edb23230c64b793b41957ef4a323e3c53
        Validity
            Not Before: May 17 13:00:42 2024 GMT
            Not After : May 18 13:00:42 2024 GMT
        Subject: CN=5d21844ede3ae6eeba464a727779971a5ea007f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:7e:37:08:df:2a:4d:2c:f7:38:32:59:9e:3c:
                    c5:ce:69:9f:a2:a5:39:28:fa:c3:6a:0f:9a:b5:3c:
                    23:4b:cb:c1:76:2a:d2:cf:a3:51:12:bd:73:ec:12:
                    de:b3:47:66:ac:b9:e0:eb:c8:8d:9d:84:22:23:1c:
                    3c:26:58:3c:f1:68:6c:93:2e:9f:60:1f:97:13:c7:
                    d8:59:80:78:89:46:e9:60:b2:b6:57:ad:4d:33:69:
                    72:a0:c5:ee:6b:33:e1:5f:b0:dd:f4:5c:42:ed:b9:
                    43:84:a6:a4:cb:1e:94:a5:f8:5e:2e:5a:cc:94:e6:
                    50:5d:d0:ae:86:05:dd:ed:92:04:95:7b:b4:16:3e:
                    c0:69:83:47:5e:25:8d:40:27:d3:02:03:a8:83:77:
                    bf:dd:d2:ce:03:04:b4:ec:6d:3a:09:06:f2:fc:73:
                    3e:42:ea:b7:66:66:16:33:69:c9:42:07:fb:e0:6f:
                    86:d8:ef:ec:ca:2d:bd:70:85:83:fd:ac:e2:4e:72:
                    10:f3:e0:2f:c7:5a:f7:ac:8b:20:f2:a5:c6:9c:78:
                    2e:38:7c:6a:fb:e3:32:f4:ca:1e:91:4c:27:87:18:
                    e3:cf:99:e0:d8:3d:9c:77:b7:6c:d5:a9:2f:73:90:
                    f6:a0:9f:98:3c:29:f2:08:9a:71:2b:85:09:ab:f7:
                    e5:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:21:84:4E:DE:3A:E6:EE:BA:46:4A:72:77:79:97:1A:5E:A0:07:F3
            X509v3 Authority Key Identifier:
                keyid:37:6F:2F:4E:DB:23:23:0C:64:B7:93:B4:19:57:EF:4A:32:3E:3C:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N28vTtsjIwxkt5O0GVfvSjI-PFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/399d34-e4d0-4b80-8ecd-b7892f76e8c5/1/N28vTtsjIwxkt5O0GVfvSjI-PFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         92:0d:bd:68:0e:bb:a3:8d:0e:13:c4:57:25:f7:57:5f:b9:3f:
         9b:5b:86:85:97:5b:e6:eb:5d:1b:40:7f:a0:2c:53:a1:b2:fc:
         fe:ec:2c:27:50:3c:1b:32:fd:ac:ff:90:c7:9f:ea:4c:e4:53:
         2a:5b:b8:e3:86:da:b4:5b:c9:39:d5:1a:05:b0:0b:15:9f:8b:
         26:ee:5d:40:21:31:ce:e8:1d:75:f5:d7:46:61:7c:1b:16:1b:
         e1:49:1b:04:84:a0:38:3f:ab:1b:25:77:54:70:2c:7d:1c:f6:
         92:97:25:3c:41:f1:dd:3b:d3:2f:d3:e5:3f:18:39:77:29:fa:
         f2:3d:67:4c:4c:75:75:0c:6a:fe:12:d0:19:a2:6c:e4:53:eb:
         06:d8:5a:06:85:36:7d:71:29:2e:8e:92:20:4e:0d:25:b1:0e:
         ea:2c:7d:a3:6a:ce:30:56:96:db:cd:eb:26:78:b0:44:c4:31:
         2f:6b:e8:57:06:da:49:f3:8b:b7:61:29:18:6b:c9:ac:b4:72:
         43:a6:8c:eb:e0:83:c5:ef:4d:90:7f:be:ce:1b:16:a4:59:54:
         72:7f:4c:a7:e9:90:bc:a4:3e:ed:cd:be:ed:a9:4f:b9:8c:15:
         5b:43:31:81:47:a0:5b:5d:89:ca:0b:9a:79:c0:0a:25:9f:e9:
         13:39:ea:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go/ReTcs1Ny9sI2g1/AtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NmYyZjRlZGIyMzIzMGM2NGI3OTNiNDE5NTdlZjRhMzIz
ZTNjNTMwHhcNMjQwNTE3MTMwMDQyWhcNMjQwNTE4MTMwMDQyWjAzMTEwLwYDVQQD
Eyg1ZDIxODQ0ZWRlM2FlNmVlYmE0NjRhNzI3Nzc5OTcxYTVlYTAwN2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn43CN8qTSz3ODJZnjzFzmmfoqU5
KPrDag+atTwjS8vBdirSz6NREr1z7BLes0dmrLng68iNnYQiIxw8Jlg88Whsky6f
YB+XE8fYWYB4iUbpYLK2V61NM2lyoMXuazPhX7Dd9FxC7blDhKakyx6UpfheLlrM
lOZQXdCuhgXd7ZIElXu0Fj7AaYNHXiWNQCfTAgOog3e/3dLOAwS07G06CQby/HM+
Quq3ZmYWM2nJQgf74G+G2O/syi29cIWD/aziTnIQ8+Avx1r3rIsg8qXGnHguOHxq
++My9MoekUwnhxjjz5ng2D2cd7ds1akvc5D2oJ+YPCnyCJpxK4UJq/flqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0hhE7eOubuukZKcnd5lxpeoAfzMB8GA1UdIwQY
MBaAFDdvL07bIyMMZLeTtBlX70oyPjxTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2Qt
Yjc4OTJmNzZlOGM1LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zOTlkMzQtZTRkMC00YjgwLThlY2QtYjc4OTJmNzZlOGM1
LzEvTjI4dlR0c2pJd3hrdDVPMEdWZnZTakktUEZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkg29aA67
o40OE8RXJfdXX7k/m1uGhZdb5utdG0B/oCxTobL8/uwsJ1A8GzL9rP+Qx5/qTORT
Klu444batFvJOdUaBbALFZ+LJu5dQCExzugddfXXRmF8GxYb4UkbBISgOD+rGyV3
VHAsfRz2kpclPEHx3TvTL9PlPxg5dyn68j1nTEx1dQxq/hLQGaJs5FPrBthaBoU2
fXEpLo6SIE4NJbEO6ix9o2rOMFaW283rJniwRMQxL2voVwbaSfOLt2EpGGvJrLRy
Q6aM6+CDxe9NkH++zhsWpFlUcn9Mp+mQvKQ+7c2+7alPuYwVW0MxgUegW12Jygua
ecAKJZ/pEznqXg==
-----END CERTIFICATE-----