Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
File:                     Dj8xyerObwpezNuN8rAcc1FWhoY.mft (raw, json)
Hash identifier:          rTeMLQXhdRfu/FcGQ+jN4IxiNrfvigVQrbk2/N/KbJA=
Subject key identifier:   3A:80:6E:F9:F3:B8:70:22:A8:5C:DA:F2:8F:10:92:3D:38:F5:CB:32
Authority key identifier: 0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86
Certificate issuer:       /CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
Certificate serial:       018F4B6DFB31D4269D1D97A095C8854AC128
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
Manifest number:          1113
Signing time:             Mon 06 May 2024 01:04:09 +0000
Manifest this update:     Mon 06 May 2024 01:04:09 +0000
Manifest next update:     Tue 07 May 2024 01:04:09 +0000
Files and hashes:         1: Dj8xyerObwpezNuN8rAcc1FWhoY.crl (hash: 3vZzHicVwmaiJjYxX9IATINaCY07inrpBqS5HNWkMOY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 07 May 2024 01:04:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4b:6d:fb:31:d4:26:9d:1d:97:a0:95:c8:85:4a:c1:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
        Validity
            Not Before: May  6 01:04:09 2024 GMT
            Not After : May  7 01:04:09 2024 GMT
        Subject: CN=3a806ef9f3b87022a85cdaf28f10923d38f5cb32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:1a:1a:e4:dc:61:38:22:df:09:ce:fd:a3:16:
                    25:fb:9a:00:e7:fb:37:2b:18:9d:57:b6:79:05:ef:
                    52:77:97:1d:8e:73:22:69:ca:99:14:f5:fe:01:2b:
                    dd:53:c4:c6:13:79:e2:02:7d:d1:36:08:0b:1f:f3:
                    c9:c3:ba:04:f9:51:04:47:d1:0f:29:d8:35:d3:29:
                    ba:c3:56:95:c5:f4:c1:cc:98:12:a5:90:63:ac:b7:
                    fa:9a:6c:c8:59:31:09:bb:11:a6:bc:b0:9f:f5:3f:
                    d2:6f:9a:ac:d7:1e:31:c4:b2:6f:6a:35:f0:dd:c0:
                    61:57:7b:9e:7f:69:3c:18:cd:1e:8e:71:1e:f5:9d:
                    ad:fb:be:62:62:a6:d4:f6:94:c0:d3:44:4b:51:4f:
                    bf:79:2b:07:16:4c:bb:f7:48:1f:4b:75:d9:3b:4e:
                    54:fc:d4:03:95:ce:7f:72:17:8e:e8:2c:6b:8c:e0:
                    0a:90:df:48:6c:c7:6a:7d:60:62:f6:2e:a0:b1:db:
                    63:8e:bc:75:e5:6d:63:3d:74:34:25:e4:f8:a5:33:
                    c9:f0:5d:ca:66:6c:1d:bb:25:4d:3c:e9:4e:d1:4e:
                    d9:87:5b:45:00:ce:6b:fd:09:e4:12:37:7d:c9:2a:
                    52:d3:d2:f5:1e:3f:4a:e8:6f:5b:21:d2:75:7b:ab:
                    19:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:80:6E:F9:F3:B8:70:22:A8:5C:DA:F2:8F:10:92:3D:38:F5:CB:32
            X509v3 Authority Key Identifier:
                keyid:0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:8c:08:2a:ca:3b:67:e6:04:a3:73:06:1b:bd:aa:90:57:63:
         c1:db:ec:48:d6:46:bc:e0:7d:94:82:40:98:64:43:43:c2:9e:
         b8:53:31:c1:c6:20:32:2c:96:8f:7b:31:40:34:a1:2a:af:e9:
         2c:c1:39:53:6a:52:18:1c:e8:82:5a:42:c7:21:ac:70:f4:75:
         b9:7a:d3:c1:27:f3:6d:70:4a:51:64:63:20:94:b8:66:5c:ea:
         a9:53:98:f8:08:1c:0b:a9:8d:4f:2f:49:23:17:fd:e5:7a:7f:
         98:95:92:62:e0:7b:79:85:cd:1e:a2:7f:f7:30:f4:7b:27:bb:
         1c:d3:c5:32:af:30:ae:32:9c:46:9a:f9:df:28:e2:bf:e8:69:
         a8:2d:e3:05:ef:53:60:49:d1:71:39:1e:a6:90:51:a8:9f:e4:
         43:ca:93:78:7e:e2:04:02:f1:4e:5e:01:c9:45:e2:ab:f9:65:
         b9:56:6a:8d:58:c3:0c:15:71:6b:f5:fb:f9:2e:64:4c:33:ec:
         b1:57:04:f8:03:a9:03:4f:b8:f3:66:13:c4:ce:13:0b:79:53:
         cf:26:1f:0a:67:df:fd:da:09:ff:e7:21:76:e2:dd:3f:05:2a:
         a4:63:14:dc:d7:b9:a1:3d:8a:68:10:20:7a:58:46:f9:af:ad:
         3f:55:18:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Lbfsx1CadHZeglciFSsEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2YzMWM5ZWFjZTZmMGE1ZWNjZGI4ZGYyYjAxYzczNTE1
Njg2ODYwHhcNMjQwNTA2MDEwNDA5WhcNMjQwNTA3MDEwNDA5WjAzMTEwLwYDVQQD
EygzYTgwNmVmOWYzYjg3MDIyYTg1Y2RhZjI4ZjEwOTIzZDM4ZjVjYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRoa5NxhOCLfCc79oxYl+5oA5/s3
KxidV7Z5Be9Sd5cdjnMiacqZFPX+ASvdU8TGE3niAn3RNggLH/PJw7oE+VEER9EP
Kdg10ym6w1aVxfTBzJgSpZBjrLf6mmzIWTEJuxGmvLCf9T/Sb5qs1x4xxLJvajXw
3cBhV3uef2k8GM0ejnEe9Z2t+75iYqbU9pTA00RLUU+/eSsHFky790gfS3XZO05U
/NQDlc5/cheO6CxrjOAKkN9IbMdqfWBi9i6gsdtjjrx15W1jPXQ0JeT4pTPJ8F3K
ZmwduyVNPOlO0U7Zh1tFAM5r/QnkEjd9ySpS09L1Hj9K6G9bIdJ1e6sZZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqAbvnzuHAiqFza8o8Qkj049csyMB8GA1UdIwQY
MBaAFA4/Mcnqzm8KXszbjfKwHHNRVoaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYt
ZGQ1ZGRkMDVkYjBiLzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYtZGQ1ZGRkMDVkYjBi
LzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYwIKso7
Z+YEo3MGG72qkFdjwdvsSNZGvOB9lIJAmGRDQ8KeuFMxwcYgMiyWj3sxQDShKq/p
LME5U2pSGBzoglpCxyGscPR1uXrTwSfzbXBKUWRjIJS4ZlzqqVOY+AgcC6mNTy9J
Ixf95Xp/mJWSYuB7eYXNHqJ/9zD0eye7HNPFMq8wrjKcRpr53yjiv+hpqC3jBe9T
YEnRcTkeppBRqJ/kQ8qTeH7iBALxTl4ByUXiq/lluVZqjVjDDBVxa/X7+S5kTDPs
sVcE+AOpA0+482YTxM4TC3lTzyYfCmff/doJ/+chduLdPwUqpGMU3Ne5oT2KaBAg
elhG+a+tP1UY/w==
-----END CERTIFICATE-----