Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
File:                     s3fTy2Ur05jE2752zbAILp3u1tQ.mft (raw, json)
Hash identifier:          sCxD+Vy7h3SKyDbxG+wPnesoGyehbPsNNOZm+JynRqs=
Subject key identifier:   C2:E5:11:16:38:04:E8:0E:8D:37:75:9C:84:4C:5E:61:5E:28:28:31
Authority key identifier: B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4
Certificate issuer:       /CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
Certificate serial:       0191FB22EC64C082340FC516134044F0C373
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
Manifest number:          0151
Signing time:             Mon 16 Sep 2024 14:00:55 +0000
Manifest this update:     Mon 16 Sep 2024 14:00:55 +0000
Manifest next update:     Tue 17 Sep 2024 14:00:55 +0000
Files and hashes:         1: s3fTy2Ur05jE2752zbAILp3u1tQ.crl (hash: HWOHVFQrqcoXY7QYj+HOrltpzwp3rtaJc87s/ySP38A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:22:ec:64:c0:82:34:0f:c5:16:13:40:44:f0:c3:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b377d3cb652bd398c4dbbe76cdb0082e9deed6d4
        Validity
            Not Before: Sep 16 14:00:55 2024 GMT
            Not After : Sep 17 14:00:55 2024 GMT
        Subject: CN=c2e511163804e80e8d37759c844c5e615e282831
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:c6:58:c4:0c:83:9f:b9:52:07:a1:93:85:1a:
                    43:8a:6a:b4:75:ad:de:b1:1f:af:2a:62:b6:6a:ae:
                    fe:3b:52:fe:7f:05:ef:e7:84:9e:ed:14:64:5c:fb:
                    4f:35:2a:04:bb:20:93:45:a1:83:20:bb:37:c7:e3:
                    7d:fc:3c:fc:e1:d7:96:17:5f:19:42:82:48:3c:bd:
                    a7:54:42:76:7e:2e:6e:89:30:e5:c5:1a:5e:d2:e1:
                    f9:a4:dc:81:ef:e2:f3:68:b0:3d:d9:95:d3:70:4e:
                    ed:ba:35:1a:3e:32:9f:6a:5b:aa:2b:78:5a:de:7a:
                    f3:f5:69:d2:1c:d9:0d:ec:d7:cf:a1:f3:71:0a:15:
                    bd:d2:64:c6:57:15:49:e9:96:93:52:06:00:6e:27:
                    b5:82:6c:16:aa:41:e8:39:75:40:50:a4:1b:3d:40:
                    bd:46:6b:ba:f8:2c:e3:94:44:66:02:ac:63:88:67:
                    3c:a4:d1:66:80:4e:84:1f:03:5b:37:ac:a7:27:db:
                    8f:fb:c8:c1:b7:1b:84:0b:c4:39:60:74:29:5b:3b:
                    c4:6a:f6:f2:45:a5:84:cf:87:02:88:6d:12:34:20:
                    d6:6e:e1:8d:db:dd:57:b1:6d:0e:20:aa:7d:8b:8f:
                    46:7a:a3:d1:1f:8d:6f:19:51:33:2f:78:49:fd:d6:
                    1e:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:E5:11:16:38:04:E8:0E:8D:37:75:9C:84:4C:5E:61:5E:28:28:31
            X509v3 Authority Key Identifier:
                keyid:B3:77:D3:CB:65:2B:D3:98:C4:DB:BE:76:CD:B0:08:2E:9D:EE:D6:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3fTy2Ur05jE2752zbAILp3u1tQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/57021d-7345-4eab-a710-d73a4573c1b4/1/s3fTy2Ur05jE2752zbAILp3u1tQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a8:69:a4:1d:26:86:99:ac:55:5c:4e:2e:0b:86:4c:74:37:2b:
         87:86:9e:50:cf:8c:42:04:d3:7d:59:d9:2f:54:0d:2a:13:29:
         59:3c:e0:89:2a:08:cd:dd:cc:2a:ef:00:04:27:b5:d6:fd:ad:
         5c:24:28:72:73:90:59:fd:2b:14:9e:2b:13:42:f2:df:56:4b:
         72:2d:e4:c6:ab:43:fd:98:cf:14:4c:fb:81:cf:81:38:c1:ed:
         a2:4f:0d:86:bf:12:75:3c:74:c4:c5:64:88:a2:61:e1:ea:ac:
         0b:b0:d2:58:ac:35:a9:42:a9:4d:19:fd:8b:27:a8:09:ea:ac:
         3b:9a:ac:b9:0c:8b:10:12:02:50:30:27:f4:16:9a:2b:b5:23:
         8c:f0:4c:7b:d7:70:5e:3d:5f:36:c6:22:58:a4:fe:2a:3c:da:
         31:49:ae:26:22:d0:1c:e4:2c:ee:4b:ea:3b:af:06:1d:83:e3:
         42:50:53:60:d3:53:56:1b:1c:a8:65:94:12:8b:c9:41:ef:76:
         6c:3e:a6:00:b9:a4:9e:e9:b4:9e:31:d8:e0:f0:dc:c7:85:13:
         58:1c:5d:ae:fa:fc:5d:20:de:ff:20:09:8f:17:b6:b3:78:8b:
         3a:91:e0:72:d1:e8:52:08:c5:15:44:f8:e4:4f:26:69:1d:8f:
         49:d7:d5:08
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7IuxkwII0D8UWE0BE8MNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzdkM2NiNjUyYmQzOThjNGRiYmU3NmNkYjAwODJlOWRl
ZWQ2ZDQwHhcNMjQwOTE2MTQwMDU1WhcNMjQwOTE3MTQwMDU1WjAzMTEwLwYDVQQD
EyhjMmU1MTExNjM4MDRlODBlOGQzNzc1OWM4NDRjNWU2MTVlMjgyODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcZYxAyDn7lSB6GThRpDimq0da3e
sR+vKmK2aq7+O1L+fwXv54Se7RRkXPtPNSoEuyCTRaGDILs3x+N9/Dz84deWF18Z
QoJIPL2nVEJ2fi5uiTDlxRpe0uH5pNyB7+LzaLA92ZXTcE7tujUaPjKfaluqK3ha
3nrz9WnSHNkN7NfPofNxChW90mTGVxVJ6ZaTUgYAbie1gmwWqkHoOXVAUKQbPUC9
Rmu6+CzjlERmAqxjiGc8pNFmgE6EHwNbN6ynJ9uP+8jBtxuEC8Q5YHQpWzvEavby
RaWEz4cCiG0SNCDWbuGN291XsW0OIKp9i49GeqPRH41vGVEzL3hJ/dYedwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMLlERY4BOgOjTd1nIRMXmFeKCgxMB8GA1UdIwQY
MBaAFLN308tlK9OYxNu+ds2wCC6d7tbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAt
ZDczYTQ1NzNjMWI0LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81NzAyMWQtNzM0NS00ZWFiLWE3MTAtZDczYTQ1NzNjMWI0
LzEvczNmVHkyVXIwNWpFMjc1MnpiQUlMcDN1MXRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqGmkHSaG
maxVXE4uC4ZMdDcrh4aeUM+MQgTTfVnZL1QNKhMpWTzgiSoIzd3MKu8ABCe11v2t
XCQocnOQWf0rFJ4rE0Ly31ZLci3kxqtD/ZjPFEz7gc+BOMHtok8Nhr8SdTx0xMVk
iKJh4eqsC7DSWKw1qUKpTRn9iyeoCeqsO5qsuQyLEBICUDAn9BaaK7UjjPBMe9dw
Xj1fNsYiWKT+KjzaMUmuJiLQHOQs7kvqO68GHYPjQlBTYNNTVhscqGWUEovJQe92
bD6mALmknum0njHY4PDcx4UTWBxdrvr8XSDe/yAJjxe2s3iLOpHgctHoUgjFFUT4
5E8maR2PSdfVCA==
-----END CERTIFICATE-----