Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
File:                     4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json)
Hash identifier:          RpVItS9vY2InwdUhXyNE1bD3AvA+L9CDjsVbINqCgSY=
Subject key identifier:   17:AE:3A:26:47:80:70:B9:55:7E:39:7D:45:A8:0D:49:E6:2C:C8:A4
Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7
Certificate issuer:       /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
Certificate serial:       018F4AC65DB6FF52F9632FC889AE574678EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
Manifest number:          0C8A
Signing time:             Sun 05 May 2024 22:01:05 +0000
Manifest this update:     Sun 05 May 2024 22:01:05 +0000
Manifest next update:     Mon 06 May 2024 22:01:05 +0000
Files and hashes:         1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: VQ9ovjKNybset8XnUO4aTT+i2FoSCcYPYTH9wi7Opbg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 17:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:4a:c6:5d:b6:ff:52:f9:63:2f:c8:89:ae:57:46:78:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7
        Validity
            Not Before: May  5 22:01:05 2024 GMT
            Not After : May  6 22:01:05 2024 GMT
        Subject: CN=17ae3a26478070b9557e397d45a80d49e62cc8a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9d:2a:d4:10:0d:0a:b7:dc:66:24:c0:fe:ee:
                    33:33:a6:09:83:39:65:e3:00:43:b6:fb:d3:b3:8c:
                    9f:de:57:a4:01:f7:26:59:3f:41:5d:ed:4d:f3:21:
                    7a:d0:8d:9b:0b:cf:55:ce:7d:06:f8:bb:1a:0e:e4:
                    16:3f:d9:ef:a4:56:90:88:13:fa:b5:74:68:97:c8:
                    72:9f:51:68:df:6e:4a:f5:c4:93:25:58:ed:b1:60:
                    ed:d3:ac:7e:75:df:0c:b2:c0:ae:a6:1b:20:8e:2c:
                    41:29:b1:cc:de:e2:a8:3a:59:51:30:3a:31:f3:62:
                    b2:d3:08:2e:43:76:6d:32:cc:cc:75:54:6b:f4:e2:
                    83:71:67:e4:72:0b:76:b6:19:2f:ee:03:22:8c:a3:
                    03:f8:f5:d8:f1:2a:34:a6:fa:4c:e6:ad:13:a9:14:
                    f4:b2:a3:53:e3:e8:86:0d:82:09:ea:65:81:f8:1b:
                    cb:09:bd:aa:ea:59:66:b5:92:50:84:f6:d5:79:2a:
                    11:61:0c:11:30:f3:eb:70:64:9b:80:d2:64:c7:3c:
                    91:20:00:9f:b3:ed:aa:9e:11:6b:17:ba:3c:50:d2:
                    b7:d7:f7:0d:29:59:08:45:60:69:0c:10:e9:7b:f6:
                    6c:77:6b:42:e1:d2:93:6e:ad:f4:bd:23:57:04:fc:
                    88:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:AE:3A:26:47:80:70:B9:55:7E:39:7D:45:A8:0D:49:E6:2C:C8:A4
            X509v3 Authority Key Identifier:
                keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:e3:77:80:48:55:1f:31:d5:66:9b:fc:7f:b8:78:73:93:ec:
         06:32:a5:c8:3d:98:39:43:aa:b9:5c:05:f0:dd:d8:2e:0a:3a:
         41:de:10:f0:ab:38:13:44:d5:a4:ee:20:a9:1b:17:75:51:1b:
         9e:e4:3a:a9:c9:fb:85:d8:c3:f8:bb:f1:ab:79:b6:c8:ac:e9:
         ff:f7:9c:0a:e3:0d:a8:5b:bb:93:ba:a5:34:2e:eb:7f:5f:12:
         7e:0a:8f:7a:23:2a:6e:e2:be:3a:81:a0:fa:0d:f7:d1:43:8a:
         e7:c4:b7:75:bb:87:d6:1e:4f:d9:7f:23:1d:da:fa:44:7e:49:
         0b:08:fe:34:f4:2e:1d:73:d6:c6:86:a3:4e:03:fc:18:78:34:
         d7:97:dc:88:21:bb:44:5c:a7:5d:f1:ed:c5:ec:e2:00:48:27:
         fc:b6:22:56:6a:dc:fc:65:41:50:a3:7d:de:7f:d3:25:fe:87:
         0c:e7:9d:52:17:23:ea:80:ad:db:3b:bb:b5:5c:c4:28:18:96:
         d6:90:f1:74:ef:27:d9:e4:5b:1c:c1:d1:81:2e:4c:33:8c:3d:
         6b:de:4d:3c:96:50:73:0e:d0:ad:ec:3c:60:1a:1d:0a:5c:98:
         9b:8f:06:c9:da:8c:43:6e:bf:c9:fa:93:d3:4c:73:d3:6c:3d:
         7c:91:85:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9Kxl22/1L5Yy/Iia5XRnjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk
MjliYTcwHhcNMjQwNTA1MjIwMTA1WhcNMjQwNTA2MjIwMTA1WjAzMTEwLwYDVQQD
EygxN2FlM2EyNjQ3ODA3MGI5NTU3ZTM5N2Q0NWE4MGQ0OWU2MmNjOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt50q1BANCrfcZiTA/u4zM6YJgzll
4wBDtvvTs4yf3lekAfcmWT9BXe1N8yF60I2bC89Vzn0G+LsaDuQWP9nvpFaQiBP6
tXRol8hyn1Fo325K9cSTJVjtsWDt06x+dd8MssCuphsgjixBKbHM3uKoOllRMDox
82Ky0wguQ3ZtMszMdVRr9OKDcWfkcgt2thkv7gMijKMD+PXY8So0pvpM5q0TqRT0
sqNT4+iGDYIJ6mWB+BvLCb2q6llmtZJQhPbVeSoRYQwRMPPrcGSbgNJkxzyRIACf
s+2qnhFrF7o8UNK31/cNKVkIRWBpDBDpe/Zsd2tC4dKTbq30vSNXBPyIUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBeuOiZHgHC5VX45fUWoDUnmLMikMB8GA1UdIwQY
MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt
NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2
LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH+N3gEhV
HzHVZpv8f7h4c5PsBjKlyD2YOUOquVwF8N3YLgo6Qd4Q8Ks4E0TVpO4gqRsXdVEb
nuQ6qcn7hdjD+Lvxq3m2yKzp//ecCuMNqFu7k7qlNC7rf18SfgqPeiMqbuK+OoGg
+g330UOK58S3dbuH1h5P2X8jHdr6RH5JCwj+NPQuHXPWxoajTgP8GHg015fciCG7
RFynXfHtxeziAEgn/LYiVmrc/GVBUKN93n/TJf6HDOedUhcj6oCt2zu7tVzEKBiW
1pDxdO8n2eRbHMHRgS5MM4w9a95NPJZQcw7Qrew8YBodClyYm48GydqMQ26/yfqT
00xz02w9fJGF6A==
-----END CERTIFICATE-----