Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
File:                     2Hwy4kled0lvwgKzAxZLpAjl0SI.mft (raw, json)
Hash identifier:          x8AE5/gVyObrBfMz2zX38VnOVZA/1VIToOdzhYelt68=
Subject key identifier:   E4:5E:BB:DF:8B:E3:46:35:40:B0:61:25:A5:0C:FA:55:29:B9:49:65
Authority key identifier: D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22
Certificate issuer:       /CN=d87c32e2495e77496fc202b303164ba408e5d122
Certificate serial:       018F22DEA5D7B3E2A649097C0D477E96D2BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
Manifest number:          103F
Signing time:             Sun 28 Apr 2024 04:02:47 +0000
Manifest this update:     Sun 28 Apr 2024 04:02:47 +0000
Manifest next update:     Mon 29 Apr 2024 04:02:47 +0000
Files and hashes:         1: 2Hwy4kled0lvwgKzAxZLpAjl0SI.crl (hash: SJaffmO2URHmuunmUDLcV7h8urQJxSrINOUKXmBwyjU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 28 Apr 2024 20:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:22:de:a5:d7:b3:e2:a6:49:09:7c:0d:47:7e:96:d2:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d87c32e2495e77496fc202b303164ba408e5d122
        Validity
            Not Before: Apr 28 04:02:47 2024 GMT
            Not After : Apr 29 04:02:47 2024 GMT
        Subject: CN=e45ebbdf8be3463540b06125a50cfa5529b94965
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:8a:81:07:8e:88:21:09:87:72:d3:b4:fc:dd:
                    e5:38:82:67:fb:49:4f:bf:51:9d:71:b3:4e:73:2d:
                    61:49:43:51:ba:d2:af:81:03:79:50:5d:02:75:1d:
                    75:2e:5a:da:00:c7:0d:20:b4:e9:9a:f0:de:e4:51:
                    a8:5a:dd:ae:f6:d1:ab:e3:da:50:ae:9d:21:65:f9:
                    e8:13:60:c4:fa:6b:3a:6c:a6:ff:71:69:6a:2e:b5:
                    33:ef:6c:68:c5:71:3b:56:06:dd:ed:d0:b7:dc:7a:
                    ea:c6:17:13:76:07:55:fa:b3:21:59:b3:bb:e0:37:
                    cc:2a:47:fd:ef:79:5f:f5:a4:46:de:33:44:dc:83:
                    3a:d7:c2:cf:50:eb:73:2c:50:e5:5a:cd:c5:9f:85:
                    24:c9:20:df:3a:9f:35:98:2d:fb:cb:e0:20:1d:79:
                    33:b6:93:62:40:72:a7:04:06:42:bb:e8:09:78:44:
                    3a:e5:2c:fc:cb:5a:4b:79:ef:f4:0d:2f:eb:98:d3:
                    b6:59:d2:0f:13:f7:7b:8f:aa:c2:3f:f3:be:19:b5:
                    d3:84:7c:97:94:57:d6:d6:7c:bf:aa:aa:3e:e4:06:
                    4c:82:14:13:cd:9e:e2:70:59:25:2e:bc:78:7e:b4:
                    45:3d:f7:40:fb:a7:e9:15:ec:67:4a:35:4e:49:88:
                    8a:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:5E:BB:DF:8B:E3:46:35:40:B0:61:25:A5:0C:FA:55:29:B9:49:65
            X509v3 Authority Key Identifier:
                keyid:D8:7C:32:E2:49:5E:77:49:6F:C2:02:B3:03:16:4B:A4:08:E5:D1:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Hwy4kled0lvwgKzAxZLpAjl0SI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/1e191e-113c-4433-aef0-7243b984a615/1/2Hwy4kled0lvwgKzAxZLpAjl0SI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         77:25:45:cc:f3:ba:2b:8f:9f:9c:8b:a9:4b:51:f3:40:ca:f3:
         aa:48:f7:e8:d7:f7:1e:25:a5:e7:09:80:2d:9a:c1:96:f4:25:
         16:80:0d:f7:5b:01:63:aa:dd:87:c0:29:58:db:a2:54:39:f2:
         e3:42:a3:de:dd:7b:10:90:11:9b:2f:0c:47:36:8a:1e:dd:f2:
         c6:50:31:8f:cf:69:3d:7f:3d:8b:db:31:e2:5b:5f:d4:98:76:
         1d:12:28:4b:f2:88:c7:4a:b4:72:9e:17:4b:45:0f:c8:c6:be:
         c9:dd:8c:61:24:f0:fe:9a:80:5f:42:a5:d6:40:2c:62:76:97:
         d1:2c:cd:64:aa:98:fc:78:ff:bb:90:58:3c:16:c5:4c:0e:c4:
         7b:e1:e3:25:22:04:5e:54:ef:5c:d1:a4:eb:c4:d4:a2:a4:a3:
         d0:a3:e8:2e:f8:2b:25:e7:e4:78:ca:5a:42:2b:a0:a0:48:6c:
         4b:fd:51:b4:e8:4c:3e:35:4d:59:8c:01:7b:c5:f3:81:02:7e:
         22:83:9f:cc:72:8d:0a:da:2d:58:3a:80:bc:18:1b:97:35:1b:
         5d:18:1e:df:38:68:5b:0d:37:c4:6b:1a:12:f9:0c:23:6b:e1:
         a3:a8:36:5f:35:be:be:d4:31:4e:e2:15:c4:65:9e:1e:38:6d:
         55:4a:10:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8i3qXXs+KmSQl8DUd+ltK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4N2MzMmUyNDk1ZTc3NDk2ZmMyMDJiMzAzMTY0YmE0MDhl
NWQxMjIwHhcNMjQwNDI4MDQwMjQ3WhcNMjQwNDI5MDQwMjQ3WjAzMTEwLwYDVQQD
EyhlNDVlYmJkZjhiZTM0NjM1NDBiMDYxMjVhNTBjZmE1NTI5Yjk0OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/YqBB46IIQmHctO0/N3lOIJn+0lP
v1GdcbNOcy1hSUNRutKvgQN5UF0CdR11LlraAMcNILTpmvDe5FGoWt2u9tGr49pQ
rp0hZfnoE2DE+ms6bKb/cWlqLrUz72xoxXE7Vgbd7dC33HrqxhcTdgdV+rMhWbO7
4DfMKkf973lf9aRG3jNE3IM618LPUOtzLFDlWs3Fn4UkySDfOp81mC37y+AgHXkz
tpNiQHKnBAZCu+gJeEQ65Sz8y1pLee/0DS/rmNO2WdIPE/d7j6rCP/O+GbXThHyX
lFfW1ny/qqo+5AZMghQTzZ7icFklLrx4frRFPfdA+6fpFexnSjVOSYiKBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOReu9+L40Y1QLBhJaUM+lUpuUllMB8GA1UdIwQY
MBaAFNh8MuJJXndJb8ICswMWS6QI5dEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAt
NzI0M2I5ODRhNjE1LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xZTE5MWUtMTEzYy00NDMzLWFlZjAtNzI0M2I5ODRhNjE1
LzEvMkh3eTRrbGVkMGx2d2dLekF4WkxwQWpsMFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdyVFzPO6
K4+fnIupS1HzQMrzqkj36Nf3HiWl5wmALZrBlvQlFoAN91sBY6rdh8ApWNuiVDny
40Kj3t17EJARmy8MRzaKHt3yxlAxj89pPX89i9sx4ltf1Jh2HRIoS/KIx0q0cp4X
S0UPyMa+yd2MYSTw/pqAX0Kl1kAsYnaX0SzNZKqY/Hj/u5BYPBbFTA7Ee+HjJSIE
XlTvXNGk68TUoqSj0KPoLvgrJefkeMpaQiugoEhsS/1RtOhMPjVNWYwBe8XzgQJ+
IoOfzHKNCtotWDqAvBgblzUbXRge3zhoWw03xGsaEvkMI2vho6g2XzW+vtQxTuIV
xGWeHjhtVUoQew==
-----END CERTIFICATE-----