Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
File:                     3rwtwyLztJZucDtdjIi3FvDZsOk.mft (raw, json)
Hash identifier:          tD9APGLs3qWojiXcpQUTtf68R7i3Fncj5E6oc6OCzdE=
Subject key identifier:   84:1F:F3:C1:B3:2B:17:E8:5A:C3:29:1B:E9:5F:5F:CF:86:B8:C4:D8
Authority key identifier: DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9
Certificate issuer:       /CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
Certificate serial:       018F570360158C1FF7F12EEBFFCAC71ABE88
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
Manifest number:          0F1D
Signing time:             Wed 08 May 2024 07:03:09 +0000
Manifest this update:     Wed 08 May 2024 07:03:09 +0000
Manifest next update:     Thu 09 May 2024 07:03:09 +0000
Files and hashes:         1: 3rwtwyLztJZucDtdjIi3FvDZsOk.crl (hash: 5xBFqkWQuXcTWfvys7iYwte8TxHVLzFYrC+qoryuhA0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 07:03:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:57:03:60:15:8c:1f:f7:f1:2e:eb:ff:ca:c7:1a:be:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=debc2dc322f3b4966e703b5d8c88b716f0d9b0e9
        Validity
            Not Before: May  8 07:03:09 2024 GMT
            Not After : May  9 07:03:09 2024 GMT
        Subject: CN=841ff3c1b32b17e85ac3291be95f5fcf86b8c4d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:ea:55:83:a7:cd:57:89:a8:20:e3:23:7b:42:
                    d1:d9:85:a4:58:91:d3:fa:d2:ee:ba:d4:e7:a5:3a:
                    2d:85:ac:cf:31:92:f7:b0:3e:1f:ff:f8:92:fb:77:
                    47:1d:20:15:99:9b:d4:6f:f5:ac:4f:f8:db:22:fa:
                    49:61:a9:3f:e5:87:bc:26:aa:37:e8:06:02:be:cc:
                    f6:0c:c2:2c:97:ea:eb:a8:e1:0d:78:d2:8c:94:b8:
                    9a:ee:88:f3:b7:89:09:34:ce:83:3a:c2:6c:e9:b5:
                    3e:5b:81:0f:ef:f8:6f:94:8f:58:04:4b:7a:57:07:
                    8d:04:ad:0d:8a:51:7b:d5:74:46:0e:ad:cb:49:41:
                    9d:2e:fd:68:a4:43:26:46:15:05:1f:67:1c:b1:d6:
                    a0:8b:cb:90:a9:01:43:d1:2d:28:80:ba:78:2c:d1:
                    06:98:fa:6d:a3:42:64:95:d9:ee:8d:d9:ad:b1:f5:
                    1d:f0:44:7a:68:6b:ca:e2:4e:91:1b:89:87:39:11:
                    73:59:b6:0a:54:8b:7f:f5:62:d6:3e:ab:69:00:16:
                    15:ab:c3:aa:ff:bf:3a:0d:39:56:7d:a6:41:ff:f1:
                    32:94:5c:59:f1:ca:ab:2a:61:c6:65:8e:42:a6:ca:
                    5f:14:54:ab:11:6a:15:14:e2:4b:f9:b9:fe:52:5b:
                    3a:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:1F:F3:C1:B3:2B:17:E8:5A:C3:29:1B:E9:5F:5F:CF:86:B8:C4:D8
            X509v3 Authority Key Identifier:
                keyid:DE:BC:2D:C3:22:F3:B4:96:6E:70:3B:5D:8C:88:B7:16:F0:D9:B0:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3rwtwyLztJZucDtdjIi3FvDZsOk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/800dec-b66c-4e1a-a6cc-e88e1a668be4/1/3rwtwyLztJZucDtdjIi3FvDZsOk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         76:f0:e0:91:f2:ff:c8:4b:5e:ff:48:27:92:4d:e5:7b:7c:7d:
         0b:ec:43:07:fb:bb:fd:d8:81:78:91:6b:32:b3:47:76:df:f5:
         77:14:e7:30:f3:d8:de:ad:28:8f:ad:aa:3a:bb:05:cc:e6:0e:
         85:fc:02:ce:cd:e2:d0:45:e7:8f:d4:78:b4:92:3c:bc:88:f2:
         06:6b:d6:44:4a:85:3c:cc:a7:d0:3e:85:a5:8e:06:dc:bf:36:
         b2:33:53:3e:6a:3f:44:f3:74:32:87:b4:8c:3f:56:ea:f4:71:
         a5:96:f7:6d:94:e5:67:33:18:30:91:ed:98:54:38:76:06:4f:
         2c:55:d1:3c:d0:15:ca:2d:60:22:c5:ee:1e:d6:b2:4f:e2:9e:
         cd:a9:66:d1:97:b0:0a:10:d2:45:62:e7:ab:e7:7f:98:d7:00:
         b8:38:5f:2e:6d:aa:fa:b8:9b:c8:ec:be:8c:32:27:ee:a3:dc:
         87:56:b2:27:da:71:cf:24:dd:5b:35:ee:04:fe:b8:88:71:aa:
         0e:3f:df:93:3b:10:23:5f:5a:1d:2c:0c:06:18:f7:fe:bd:ee:
         42:78:e3:a2:57:4e:57:e3:29:ba:86:cc:8c:d8:b9:46:84:76:
         e0:75:65:eb:06:95:02:0f:d3:5e:2c:d7:1c:73:17:f3:e1:f6:
         5b:e4:58:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9XA2AVjB/38S7r/8rHGr6IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmMyZGMzMjJmM2I0OTY2ZTcwM2I1ZDhjODhiNzE2ZjBk
OWIwZTkwHhcNMjQwNTA4MDcwMzA5WhcNMjQwNTA5MDcwMzA5WjAzMTEwLwYDVQQD
Eyg4NDFmZjNjMWIzMmIxN2U4NWFjMzI5MWJlOTVmNWZjZjg2YjhjNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlupVg6fNV4moIOMje0LR2YWkWJHT
+tLuutTnpTothazPMZL3sD4f//iS+3dHHSAVmZvUb/WsT/jbIvpJYak/5Ye8Jqo3
6AYCvsz2DMIsl+rrqOENeNKMlLia7ojzt4kJNM6DOsJs6bU+W4EP7/hvlI9YBEt6
VweNBK0NilF71XRGDq3LSUGdLv1opEMmRhUFH2ccsdagi8uQqQFD0S0ogLp4LNEG
mPpto0JkldnujdmtsfUd8ER6aGvK4k6RG4mHORFzWbYKVIt/9WLWPqtpABYVq8Oq
/786DTlWfaZB//EylFxZ8cqrKmHGZY5CpspfFFSrEWoVFOJL+bn+Uls6GwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIQf88GzKxfoWsMpG+lfX8+GuMTYMB8GA1UdIwQY
MBaAFN68LcMi87SWbnA7XYyItxbw2bDpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2Mt
ZTg4ZTFhNjY4YmU0LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MDBkZWMtYjY2Yy00ZTFhLWE2Y2MtZTg4ZTFhNjY4YmU0
LzEvM3J3dHd5THp0Slp1Y0R0ZGpJaTNGdkRac09rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvDgkfL/
yEte/0gnkk3le3x9C+xDB/u7/diBeJFrMrNHdt/1dxTnMPPY3q0oj62qOrsFzOYO
hfwCzs3i0EXnj9R4tJI8vIjyBmvWREqFPMyn0D6FpY4G3L82sjNTPmo/RPN0Moe0
jD9W6vRxpZb3bZTlZzMYMJHtmFQ4dgZPLFXRPNAVyi1gIsXuHtayT+Kezalm0Zew
ChDSRWLnq+d/mNcAuDhfLm2q+ribyOy+jDIn7qPch1ayJ9pxzyTdWzXuBP64iHGq
Dj/fkzsQI19aHSwMBhj3/r3uQnjjoldOV+MpuobMjNi5RoR24HVl6waVAg/TXizX
HHMX8+H2W+RYkg==
-----END CERTIFICATE-----