Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
File:                     I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft (raw, json)
Hash identifier:          UqGtRC098pXMxpiaTNefr9tEYoBfOYbi6AgkZ/KsYrQ=
Subject key identifier:   FC:EB:24:4C:55:95:BB:6B:AD:FC:72:AC:6F:75:ED:F3:53:97:9D:B8
Authority key identifier: 23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F
Certificate issuer:       /CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
Certificate serial:       018F20EE6B670B88FC550537943C74AE1179
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
Manifest number:          113F
Signing time:             Sat 27 Apr 2024 19:00:47 +0000
Manifest this update:     Sat 27 Apr 2024 19:00:47 +0000
Manifest next update:     Sun 28 Apr 2024 19:00:47 +0000
Files and hashes:         1: I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl (hash: gW/S1TgSp7S5edW3Xpe05xo5gFv/vGfx7rTn3D6jCmE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 19:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:20:ee:6b:67:0b:88:fc:55:05:37:94:3c:74:ae:11:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23743fe317c324bf7943ea73a7d4b786cfdc1e9f
        Validity
            Not Before: Apr 27 19:00:47 2024 GMT
            Not After : Apr 28 19:00:47 2024 GMT
        Subject: CN=fceb244c5595bb6badfc72ac6f75edf353979db8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:86:40:74:72:5e:c1:46:6e:97:d3:14:55:43:
                    bd:39:dc:e2:0e:e8:9e:4c:ad:99:3b:ad:dc:95:f0:
                    d1:13:96:3d:d2:0e:51:83:20:64:ae:8d:2d:2d:38:
                    c9:5a:e8:d6:6e:ce:bd:cc:3a:08:58:89:ee:03:77:
                    f7:65:e0:2e:1e:61:12:39:d3:ea:eb:aa:a4:d0:ee:
                    62:02:7d:8e:f1:08:c4:c7:c6:5e:84:64:5a:5c:58:
                    c6:03:5b:0a:a7:24:7c:e5:15:fb:b4:cb:52:8d:69:
                    92:3f:02:76:f8:62:c4:4c:25:78:f8:d5:ce:bc:4d:
                    be:b1:70:d3:0d:5e:f5:95:8e:8f:73:de:3c:ae:53:
                    92:b3:35:0c:79:85:2f:7b:5e:09:7f:e6:b5:9e:bb:
                    9d:50:2e:41:46:f8:1f:80:7a:83:b8:bb:8f:11:de:
                    21:4f:a5:66:3b:15:ba:f5:a4:41:0d:d2:7c:11:75:
                    b5:ba:ca:77:f3:b5:f5:ee:d1:39:dc:47:dc:e9:13:
                    0b:d4:23:d3:27:a8:b7:c2:e7:ce:71:2d:50:28:2c:
                    a9:e4:47:07:72:9d:68:bc:45:76:27:d5:6b:da:94:
                    44:bd:39:28:d8:8f:e3:d6:eb:03:55:45:b6:f3:6e:
                    51:ca:f7:cd:ac:5a:88:00:02:f0:0b:a3:c8:13:6f:
                    45:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:EB:24:4C:55:95:BB:6B:AD:FC:72:AC:6F:75:ED:F3:53:97:9D:B8
            X509v3 Authority Key Identifier:
                keyid:23:74:3F:E3:17:C3:24:BF:79:43:EA:73:A7:D4:B7:86:CF:DC:1E:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/3ef846-f84d-455f-8ee8-f9613da09eeb/1/I3Q_4xfDJL95Q-pzp9S3hs_cHp8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:ed:d6:d0:f6:07:ca:61:9f:cc:b9:3d:e3:02:08:66:02:28:
         c2:aa:59:8b:87:27:dd:43:a0:93:87:68:7c:65:7e:e8:9f:a2:
         81:f8:aa:28:1c:2a:bf:04:92:b3:a5:ba:fa:37:17:aa:ac:eb:
         20:b8:23:e7:46:aa:d3:50:3a:b4:b5:d8:81:93:7b:58:d6:2d:
         3e:f8:b9:d8:14:a3:91:6a:51:ce:0d:67:f8:17:9c:94:c2:53:
         32:a8:39:b2:4a:72:05:d2:b5:39:51:7b:6d:50:e4:ab:70:2f:
         1a:34:61:94:eb:8c:d3:f3:47:ac:d4:91:ea:6e:69:74:3c:4e:
         11:a9:c5:cb:86:91:ff:84:f9:80:50:df:29:a7:4c:25:37:a5:
         db:23:1e:f5:3c:c4:9c:ad:41:05:dd:3f:bb:fd:df:cc:9b:13:
         74:8a:93:64:09:a5:81:18:86:6c:4f:36:8a:63:fb:60:9b:e7:
         14:c7:42:ee:1c:6b:07:07:c5:d1:0e:77:cd:b4:ff:5c:bb:4d:
         0d:67:19:51:49:03:e0:95:57:b3:f4:ed:74:4c:2f:b2:db:57:
         eb:46:63:37:07:ee:e0:64:f6:e7:cc:ec:03:05:11:00:dc:3d:
         12:72:22:0d:c2:b5:07:c4:53:60:c3:4c:bc:ec:e9:bf:4a:d7:
         a4:bf:c5:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8g7mtnC4j8VQU3lDx0rhF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzQzZmUzMTdjMzI0YmY3OTQzZWE3M2E3ZDRiNzg2Y2Zk
YzFlOWYwHhcNMjQwNDI3MTkwMDQ3WhcNMjQwNDI4MTkwMDQ3WjAzMTEwLwYDVQQD
EyhmY2ViMjQ0YzU1OTViYjZiYWRmYzcyYWM2Zjc1ZWRmMzUzOTc5ZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA84ZAdHJewUZul9MUVUO9OdziDuie
TK2ZO63clfDRE5Y90g5RgyBkro0tLTjJWujWbs69zDoIWInuA3f3ZeAuHmESOdPq
66qk0O5iAn2O8QjEx8ZehGRaXFjGA1sKpyR85RX7tMtSjWmSPwJ2+GLETCV4+NXO
vE2+sXDTDV71lY6Pc948rlOSszUMeYUve14Jf+a1nrudUC5BRvgfgHqDuLuPEd4h
T6VmOxW69aRBDdJ8EXW1usp387X17tE53Efc6RML1CPTJ6i3wufOcS1QKCyp5EcH
cp1ovEV2J9Vr2pREvTko2I/j1usDVUW2825RyvfNrFqIAALwC6PIE29FawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPzrJExVlbtrrfxyrG917fNTl524MB8GA1UdIwQY
MBaAFCN0P+MXwyS/eUPqc6fUt4bP3B6fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgt
Zjk2MTNkYTA5ZWViLzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zZWY4NDYtZjg0ZC00NTVmLThlZTgtZjk2MTNkYTA5ZWVi
LzEvSTNRXzR4ZkRKTDk1US1wenA5UzNoc19jSHA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX+3W0PYH
ymGfzLk94wIIZgIowqpZi4cn3UOgk4dofGV+6J+igfiqKBwqvwSSs6W6+jcXqqzr
ILgj50aq01A6tLXYgZN7WNYtPvi52BSjkWpRzg1n+BeclMJTMqg5skpyBdK1OVF7
bVDkq3AvGjRhlOuM0/NHrNSR6m5pdDxOEanFy4aR/4T5gFDfKadMJTel2yMe9TzE
nK1BBd0/u/3fzJsTdIqTZAmlgRiGbE82imP7YJvnFMdC7hxrBwfF0Q53zbT/XLtN
DWcZUUkD4JVXs/TtdEwvsttX60ZjNwfu4GT258zsAwURANw9EnIiDcK1B8RTYMNM
vOzpv0rXpL/FAw==
-----END CERTIFICATE-----