Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
File:                     OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft (raw, json)
Hash identifier:          MFYcN88D+dRJ9cO9Zj8tIcyPFaZAN3q6HzQj+riyxMo=
Subject key identifier:   96:5B:3F:4D:51:FC:CD:4A:E6:5F:48:F9:8A:5A:A1:9B:C0:DF:6E:9A
Authority key identifier: 38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6
Certificate issuer:       /CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
Certificate serial:       018F8824984C6A461C39D6242A16BEB466FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
Manifest number:          1174
Signing time:             Fri 17 May 2024 20:00:50 +0000
Manifest this update:     Fri 17 May 2024 20:00:50 +0000
Manifest next update:     Sat 18 May 2024 20:00:50 +0000
Files and hashes:         1: OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl (hash: 7YlQh4QVpiSwT48QXr7DOBlsElz2mMPHHmTG3fQhV+w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:98:4c:6a:46:1c:39:d6:24:2a:16:be:b4:66:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38f4c25e1df26317cef9e3ca72005f1f7bd1daf6
        Validity
            Not Before: May 17 20:00:50 2024 GMT
            Not After : May 18 20:00:50 2024 GMT
        Subject: CN=965b3f4d51fccd4ae65f48f98a5aa19bc0df6e9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:be:aa:bb:49:2b:0b:9e:17:b7:db:ec:ee:5b:
                    e9:f5:ac:0d:b5:2d:94:e2:04:ad:42:f2:a2:25:80:
                    b1:f4:81:68:8d:8b:de:18:7e:0e:10:66:76:1f:1c:
                    ba:e4:fd:b2:9a:0f:ec:cd:a0:0c:77:1e:46:dd:ad:
                    c3:44:d9:f7:c3:7e:69:27:5c:d4:96:e9:45:c9:ac:
                    73:1a:29:7f:64:49:5a:97:3f:82:15:d1:ac:9f:3b:
                    2f:ca:05:6c:09:92:02:69:af:56:14:d5:33:6e:16:
                    39:ca:4d:0d:40:b2:fe:3c:77:a8:2d:36:27:d2:9b:
                    92:43:00:fa:7f:5b:10:a9:20:bf:27:83:a1:b9:a7:
                    7a:36:17:f2:b3:9d:ed:a1:f8:86:88:c1:5a:48:6b:
                    35:27:04:20:94:ee:4f:b6:eb:c4:5e:aa:22:86:81:
                    c3:a4:77:9a:86:7c:9a:7e:1e:4c:46:a3:77:a5:5e:
                    71:cf:6b:43:be:84:3f:4c:9b:d9:08:ec:3b:42:b9:
                    b0:23:f1:92:62:6b:74:d7:55:1f:28:6f:91:0c:1f:
                    dc:35:64:9f:e5:72:08:cc:52:12:d0:21:24:bb:03:
                    c5:e4:df:35:88:ac:bc:4c:21:d7:c9:74:2c:6c:a7:
                    4f:79:f1:f4:75:6a:bc:f3:6c:9c:38:ad:04:3c:75:
                    ac:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:5B:3F:4D:51:FC:CD:4A:E6:5F:48:F9:8A:5A:A1:9B:C0:DF:6E:9A
            X509v3 Authority Key Identifier:
                keyid:38:F4:C2:5E:1D:F2:63:17:CE:F9:E3:CA:72:00:5F:1F:7B:D1:DA:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPTCXh3yYxfO-ePKcgBfH3vR2vY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/3428e7-15f9-46b4-b979-519f983c72b5/1/OPTCXh3yYxfO-ePKcgBfH3vR2vY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:4a:67:80:90:dd:bb:1d:31:cc:00:ac:da:99:12:71:bf:03:
         69:3e:27:eb:41:6e:81:ad:ef:7a:bc:d9:40:e5:8a:64:48:3f:
         7e:0d:2e:0e:d1:9f:47:15:9e:05:12:1a:f9:43:a7:69:f7:0f:
         9d:0d:80:c9:e5:50:56:eb:5b:8d:77:a2:bd:fd:24:87:fb:26:
         78:82:78:30:66:55:38:53:75:2d:3b:37:a4:04:59:a9:d2:f9:
         99:c4:b6:c0:f7:49:a6:cf:74:ac:8c:d1:0d:76:3b:61:5b:21:
         dd:4f:af:63:69:59:e6:dc:3d:a2:ad:13:05:3b:48:f7:62:7a:
         d3:e2:aa:1c:16:96:81:b4:e9:27:82:fb:01:02:ae:10:ee:83:
         49:1c:1d:72:68:2b:ec:39:a0:08:e7:1d:ce:79:98:28:8f:c8:
         f9:3d:a0:05:4b:0a:ce:71:0e:f6:99:c8:da:c7:47:51:bd:fd:
         16:58:bb:51:fb:79:cd:09:24:e9:59:81:47:6b:0b:60:2a:3a:
         ba:f4:c5:e8:e4:97:a0:bf:c9:f6:2c:ab:14:c4:d3:9e:4f:dd:
         2f:bf:b6:ce:d1:44:51:51:06:4b:7c:71:16:45:c1:de:33:93:
         41:a4:ea:49:8f:1f:01:76:48:87:d9:10:a3:fa:19:78:96:ca:
         02:ee:16:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJJhMakYcOdYkKha+tGb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjRjMjVlMWRmMjYzMTdjZWY5ZTNjYTcyMDA1ZjFmN2Jk
MWRhZjYwHhcNMjQwNTE3MjAwMDUwWhcNMjQwNTE4MjAwMDUwWjAzMTEwLwYDVQQD
Eyg5NjViM2Y0ZDUxZmNjZDRhZTY1ZjQ4Zjk4YTVhYTE5YmMwZGY2ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor6qu0krC54Xt9vs7lvp9awNtS2U
4gStQvKiJYCx9IFojYveGH4OEGZ2Hxy65P2ymg/szaAMdx5G3a3DRNn3w35pJ1zU
lulFyaxzGil/ZElalz+CFdGsnzsvygVsCZICaa9WFNUzbhY5yk0NQLL+PHeoLTYn
0puSQwD6f1sQqSC/J4Ohuad6Nhfys53tofiGiMFaSGs1JwQglO5PtuvEXqoihoHD
pHeahnyafh5MRqN3pV5xz2tDvoQ/TJvZCOw7QrmwI/GSYmt011UfKG+RDB/cNWSf
5XIIzFIS0CEkuwPF5N81iKy8TCHXyXQsbKdPefH0dWq882ycOK0EPHWstwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZbP01R/M1K5l9I+YpaoZvA326aMB8GA1UdIwQY
MBaAFDj0wl4d8mMXzvnjynIAXx970dr2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5Nzkt
NTE5Zjk4M2M3MmI1LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8zNDI4ZTctMTVmOS00NmI0LWI5NzktNTE5Zjk4M2M3MmI1
LzEvT1BUQ1hoM3lZeGZPLWVQS2NnQmZIM3ZSMnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApEpngJDd
ux0xzACs2pkScb8DaT4n60Fuga3verzZQOWKZEg/fg0uDtGfRxWeBRIa+UOnafcP
nQ2AyeVQVutbjXeivf0kh/smeIJ4MGZVOFN1LTs3pARZqdL5mcS2wPdJps90rIzR
DXY7YVsh3U+vY2lZ5tw9oq0TBTtI92J60+KqHBaWgbTpJ4L7AQKuEO6DSRwdcmgr
7DmgCOcdznmYKI/I+T2gBUsKznEO9pnI2sdHUb39Fli7Uft5zQkk6VmBR2sLYCo6
uvTF6OSXoL/J9iyrFMTTnk/dL7+2ztFEUVEGS3xxFkXB3jOTQaTqSY8fAXZIh9kQ
o/oZeJbKAu4WYA==
-----END CERTIFICATE-----