Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
File:                     OpzyvclyZDBARldYsyWap8kubhw.mft (raw, json)
Hash identifier:          Assv60DPlgPkJfK45Hj3GWKclrm7rFRXE1ez8CrXQAE=
Subject key identifier:   77:AC:37:04:45:87:EF:82:42:9E:48:C6:13:64:94:9E:8F:37:86:91
Authority key identifier: 3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C
Certificate issuer:       /CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
Certificate serial:       018F85C865F6ECA00889A25C86CAC5E04D3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
Manifest number:          1172
Signing time:             Fri 17 May 2024 09:00:54 +0000
Manifest this update:     Fri 17 May 2024 09:00:54 +0000
Manifest next update:     Sat 18 May 2024 09:00:54 +0000
Files and hashes:         1: OpzyvclyZDBARldYsyWap8kubhw.crl (hash: 39n8I9O1ZFTqbrBZPAmU0HOnXhYYlQRkv3GdlOMPlig=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 09:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:85:c8:65:f6:ec:a0:08:89:a2:5c:86:ca:c5:e0:4d:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a9cf2bdc972643040465758b3259aa7c92e6e1c
        Validity
            Not Before: May 17 09:00:54 2024 GMT
            Not After : May 18 09:00:54 2024 GMT
        Subject: CN=77ac37044587ef82429e48c61364949e8f378691
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3f:c1:27:d1:f4:51:0c:b4:94:40:17:a9:9d:
                    7c:43:3b:2b:ee:dd:6b:29:1b:e7:ff:02:52:05:d3:
                    ae:dd:fc:fb:3a:be:85:aa:a5:ee:20:b0:44:62:2b:
                    82:b0:91:7e:18:25:fa:58:9e:69:e8:1a:8d:0b:78:
                    a6:68:20:b5:0b:ff:b6:5c:cf:42:c9:43:46:e4:5d:
                    a5:63:26:75:b3:3d:54:d9:d9:55:66:6e:72:ad:43:
                    ea:b3:a0:1d:25:cb:53:51:d8:43:97:c4:a1:2b:0d:
                    a0:53:24:73:c3:7b:3e:2f:b7:85:6d:d8:f3:02:5e:
                    db:86:fd:5a:9a:9f:9c:21:3e:18:fb:c2:8d:1f:df:
                    0a:2a:6b:9f:ef:d5:e9:87:85:0a:2a:15:39:13:e4:
                    85:6d:28:07:c2:e7:49:82:95:4f:28:f2:3d:f7:c0:
                    a7:5f:05:31:e0:be:1e:3b:ec:68:1b:db:d1:dc:8d:
                    dd:12:ee:4d:f1:69:b7:3a:31:72:bf:99:ac:da:84:
                    e8:7c:61:87:0c:94:01:33:8a:68:c6:b9:fc:69:bc:
                    3f:24:9b:34:e5:9c:2d:e1:9e:4a:1a:ec:20:92:dc:
                    9c:cb:07:05:0f:25:0d:ec:ad:03:09:74:12:24:5e:
                    1e:c6:af:02:79:ac:34:70:25:13:e0:9a:67:27:20:
                    9a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:AC:37:04:45:87:EF:82:42:9E:48:C6:13:64:94:9E:8F:37:86:91
            X509v3 Authority Key Identifier:
                keyid:3A:9C:F2:BD:C9:72:64:30:40:46:57:58:B3:25:9A:A7:C9:2E:6E:1C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpzyvclyZDBARldYsyWap8kubhw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/71c579-5080-41fe-8653-024f7c50f428/1/OpzyvclyZDBARldYsyWap8kubhw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:c4:c4:64:8c:6b:33:d2:f2:fe:d9:54:41:62:0f:d5:6c:41:
         c0:56:01:c4:1f:38:c7:55:36:c5:a3:cd:ee:61:e4:fd:78:a8:
         95:8d:2b:2f:81:3a:0f:34:2a:1c:fa:1e:cc:8c:3d:bc:2c:b6:
         f4:c0:94:f1:5d:31:c5:ef:ef:19:0a:42:e3:50:c9:68:c9:b7:
         1b:5e:3b:d4:6e:0c:a1:a9:a0:a5:8e:7b:2f:65:0c:02:7a:80:
         a8:a4:50:35:e6:dd:e2:f2:8b:09:d7:df:b6:30:02:34:2d:55:
         f3:b4:07:d4:b5:29:3d:d5:7b:d8:69:36:e8:8a:4c:6c:95:c8:
         f7:5a:29:18:1c:ea:76:87:bc:6a:37:a7:67:05:38:f9:b9:aa:
         91:c3:32:4d:a0:55:31:a4:0f:15:13:74:6e:35:b0:78:04:c4:
         fb:07:e0:ac:52:bd:72:b5:8e:16:ab:e9:fc:79:4b:50:e4:18:
         38:66:86:68:36:30:c0:f2:6f:20:91:0d:bd:59:00:38:57:0a:
         8f:45:c9:50:1b:4b:6b:b5:b6:54:96:65:02:a1:c1:95:fc:f1:
         38:33:e4:7b:bc:d4:f7:4d:71:a9:d7:5a:2b:61:3c:6d:64:6f:
         8c:4a:29:f1:07:0c:e8:4b:9f:81:86:53:27:1a:80:3c:88:a7:
         e0:76:2c:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+FyGX27KAIiaJchsrF4E09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOWNmMmJkYzk3MjY0MzA0MDQ2NTc1OGIzMjU5YWE3Yzky
ZTZlMWMwHhcNMjQwNTE3MDkwMDU0WhcNMjQwNTE4MDkwMDU0WjAzMTEwLwYDVQQD
Eyg3N2FjMzcwNDQ1ODdlZjgyNDI5ZTQ4YzYxMzY0OTQ5ZThmMzc4NjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD/BJ9H0UQy0lEAXqZ18Qzsr7t1r
KRvn/wJSBdOu3fz7Or6FqqXuILBEYiuCsJF+GCX6WJ5p6BqNC3imaCC1C/+2XM9C
yUNG5F2lYyZ1sz1U2dlVZm5yrUPqs6AdJctTUdhDl8ShKw2gUyRzw3s+L7eFbdjz
Al7bhv1amp+cIT4Y+8KNH98KKmuf79Xph4UKKhU5E+SFbSgHwudJgpVPKPI998Cn
XwUx4L4eO+xoG9vR3I3dEu5N8Wm3OjFyv5ms2oTofGGHDJQBM4poxrn8abw/JJs0
5Zwt4Z5KGuwgktycywcFDyUN7K0DCXQSJF4exq8Ceaw0cCUT4JpnJyCaSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHesNwRFh++CQp5IxhNklJ6PN4aRMB8GA1UdIwQY
MBaAFDqc8r3JcmQwQEZXWLMlmqfJLm4cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMt
MDI0ZjdjNTBmNDI4LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83MWM1NzktNTA4MC00MWZlLTg2NTMtMDI0ZjdjNTBmNDI4
LzEvT3B6eXZjbHlaREJBUmxkWXN5V2FwOGt1Ymh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq8TEZIxr
M9Ly/tlUQWIP1WxBwFYBxB84x1U2xaPN7mHk/XiolY0rL4E6DzQqHPoezIw9vCy2
9MCU8V0xxe/vGQpC41DJaMm3G1471G4MoamgpY57L2UMAnqAqKRQNebd4vKLCdff
tjACNC1V87QH1LUpPdV72Gk26IpMbJXI91opGBzqdoe8ajenZwU4+bmqkcMyTaBV
MaQPFRN0bjWweATE+wfgrFK9crWOFqvp/HlLUOQYOGaGaDYwwPJvIJENvVkAOFcK
j0XJUBtLa7W2VJZlAqHBlfzxODPke7zU901xqddaK2E8bWRvjEop8QcM6EufgYZT
JxqAPIin4HYswg==
-----END CERTIFICATE-----