Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
File:                     352lG6cnhKBORBIPne1HhWd5TBs.mft (raw, json)
Hash identifier:          Lu85oaJyO8VeRarraohvK0H4JFw/9xLY7FzkWS25yIg=
Subject key identifier:   5E:3A:30:47:DE:BE:D0:68:B9:F7:0D:A5:36:01:4D:E0:DB:13:DC:31
Authority key identifier: DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B
Certificate issuer:       /CN=df9da51ba72784a04e44120f9ded478567794c1b
Certificate serial:       018F33997CC18E2C1915FCD23DD9D8A03114
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
Manifest number:          0535
Signing time:             Wed 01 May 2024 10:00:47 +0000
Manifest this update:     Wed 01 May 2024 10:00:47 +0000
Manifest next update:     Thu 02 May 2024 10:00:47 +0000
Files and hashes:         1: 352lG6cnhKBORBIPne1HhWd5TBs.crl (hash: KnhDe0N/BXhL7j9W8MaSVnm620XY7U3gO69WeI10a8I=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 02 May 2024 10:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:33:99:7c:c1:8e:2c:19:15:fc:d2:3d:d9:d8:a0:31:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df9da51ba72784a04e44120f9ded478567794c1b
        Validity
            Not Before: May  1 10:00:47 2024 GMT
            Not After : May  2 10:00:47 2024 GMT
        Subject: CN=5e3a3047debed068b9f70da536014de0db13dc31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:17:5a:0e:c0:8c:8e:38:ad:53:35:9d:fc:fc:
                    85:87:0f:f3:bc:02:98:1c:01:9e:bb:29:1a:c6:27:
                    1b:ce:cf:e0:65:c0:f7:bf:4d:c0:78:f0:f7:c3:68:
                    80:06:dc:49:b2:32:fb:c8:fd:1c:ab:4e:0b:41:1f:
                    e5:1d:53:8f:f3:d7:95:4c:eb:94:cd:20:83:0b:27:
                    eb:03:71:e1:e0:22:61:3b:85:f9:46:bf:8c:70:40:
                    0f:a5:18:c4:9e:c1:a7:29:75:14:51:15:64:1d:55:
                    80:d6:14:ac:9f:18:c1:fd:3c:99:74:88:ff:a8:d4:
                    4c:2f:52:c3:73:19:6c:0b:60:ab:c1:7b:62:fe:36:
                    e5:23:a7:89:da:2b:76:9d:92:77:ae:ed:60:c8:d1:
                    e4:ab:0e:2a:fd:94:80:b0:ff:67:dc:4a:e0:1b:ac:
                    da:d3:a2:2a:ac:27:92:55:08:ea:40:3f:97:94:22:
                    ea:97:3a:a2:80:a0:18:e3:07:e0:6c:d8:ca:61:0f:
                    02:29:ce:79:57:08:b7:e0:19:1d:43:db:08:2f:f0:
                    4e:6b:bf:90:20:d0:65:b4:03:81:4e:5c:46:b8:cc:
                    83:11:41:d0:aa:de:8b:d8:67:88:1c:25:1a:4e:1c:
                    87:b8:5b:ae:15:2d:4e:9f:ca:4f:1a:f1:fb:07:97:
                    e9:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:3A:30:47:DE:BE:D0:68:B9:F7:0D:A5:36:01:4D:E0:DB:13:DC:31
            X509v3 Authority Key Identifier:
                keyid:DF:9D:A5:1B:A7:27:84:A0:4E:44:12:0F:9D:ED:47:85:67:79:4C:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/352lG6cnhKBORBIPne1HhWd5TBs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bf8eca-bcf9-4536-88bf-bc6975561078/1/352lG6cnhKBORBIPne1HhWd5TBs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:46:a3:57:f9:94:db:2a:ae:3e:cd:0d:7a:d0:21:f6:25:83:
         3c:09:6a:df:04:8e:11:e9:3f:d0:b7:9a:73:9e:0c:44:ff:ac:
         f4:c5:69:b6:f4:97:03:8f:97:8b:b1:34:5c:c6:1e:fc:ae:53:
         e2:88:7e:72:22:fb:d7:09:09:a5:4f:21:9a:ab:6a:ed:e0:a4:
         07:1d:42:5d:96:ce:17:a3:0d:69:6f:0f:45:cf:f3:92:1b:db:
         5e:5c:e1:98:a8:16:b3:f3:1f:f2:64:86:2b:dd:02:87:7f:46:
         13:08:2d:8b:6c:55:27:f8:32:68:a0:e4:c7:da:dd:32:29:e6:
         48:3c:94:ac:e0:ae:84:e7:5f:58:0c:b4:36:1b:0e:d8:71:63:
         3a:2a:2e:cc:13:03:aa:a3:7c:b8:1e:66:65:37:f7:1b:93:0e:
         3b:c9:2c:ec:c8:d0:ba:bd:51:93:1b:69:e1:f6:f9:08:e4:97:
         a0:cf:6e:68:b8:aa:71:dd:d4:2b:f2:d6:27:7a:be:08:15:75:
         64:3d:c9:73:96:97:1c:02:38:dc:e1:2c:04:8a:d5:2c:26:d2:
         e7:80:38:0a:7b:53:f4:67:78:3d:bd:f0:ec:ad:4d:1f:a4:b0:
         77:3d:3f:af:a2:cc:5f:bc:c4:2a:12:cf:14:db:67:bf:ac:32:
         b2:4f:80:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8zmXzBjiwZFfzSPdnYoDEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOWRhNTFiYTcyNzg0YTA0ZTQ0MTIwZjlkZWQ0Nzg1Njc3
OTRjMWIwHhcNMjQwNTAxMTAwMDQ3WhcNMjQwNTAyMTAwMDQ3WjAzMTEwLwYDVQQD
Eyg1ZTNhMzA0N2RlYmVkMDY4YjlmNzBkYTUzNjAxNGRlMGRiMTNkYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxdaDsCMjjitUzWd/PyFhw/zvAKY
HAGeuykaxicbzs/gZcD3v03AePD3w2iABtxJsjL7yP0cq04LQR/lHVOP89eVTOuU
zSCDCyfrA3Hh4CJhO4X5Rr+McEAPpRjEnsGnKXUUURVkHVWA1hSsnxjB/TyZdIj/
qNRML1LDcxlsC2CrwXti/jblI6eJ2it2nZJ3ru1gyNHkqw4q/ZSAsP9n3ErgG6za
06IqrCeSVQjqQD+XlCLqlzqigKAY4wfgbNjKYQ8CKc55Vwi34BkdQ9sIL/BOa7+Q
INBltAOBTlxGuMyDEUHQqt6L2GeIHCUaThyHuFuuFS1On8pPGvH7B5fp2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF46MEfevtBoufcNpTYBTeDbE9wxMB8GA1UdIwQY
MBaAFN+dpRunJ4SgTkQSD53tR4VneUwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYt
YmM2OTc1NTYxMDc4LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iZjhlY2EtYmNmOS00NTM2LTg4YmYtYmM2OTc1NTYxMDc4
LzEvMzUybEc2Y25oS0JPUkJJUG5lMUhoV2Q1VEJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHUajV/mU
2yquPs0NetAh9iWDPAlq3wSOEek/0Leac54MRP+s9MVptvSXA4+Xi7E0XMYe/K5T
4oh+ciL71wkJpU8hmqtq7eCkBx1CXZbOF6MNaW8PRc/zkhvbXlzhmKgWs/Mf8mSG
K90Ch39GEwgti2xVJ/gyaKDkx9rdMinmSDyUrOCuhOdfWAy0NhsO2HFjOiouzBMD
qqN8uB5mZTf3G5MOO8ks7MjQur1Rkxtp4fb5COSXoM9uaLiqcd3UK/LWJ3q+CBV1
ZD3Jc5aXHAI43OEsBIrVLCbS54A4CntT9Gd4Pb3w7K1NH6Swdz0/r6LMX7zEKhLP
FNtnv6wysk+ATw==
-----END CERTIFICATE-----