Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
File:                     1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft (raw, json)
Hash identifier:          fYNny+hRAflfqp3co0kesGi25AORXFNQO7kYv4ugzbc=
Subject key identifier:   99:D3:5A:B5:26:62:FE:38:0C:A5:1A:E2:E9:8F:0A:5D:A8:C2:38:FC
Authority key identifier: D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21
Certificate issuer:       /CN=d60ce3443860a7f70d43350776909a4810a48621
Certificate serial:       018F3061F7DE36C78422961770EC24E8D596
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
Manifest number:          0690
Signing time:             Tue 30 Apr 2024 19:01:17 +0000
Manifest this update:     Tue 30 Apr 2024 19:01:17 +0000
Manifest next update:     Wed 01 May 2024 19:01:17 +0000
Files and hashes:         1: 1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl (hash: NUdDF88zQAy2Z/pH4YYwCafTpw/uvlYCnffQoWSTEiI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 May 2024 13:40:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:30:61:f7:de:36:c7:84:22:96:17:70:ec:24:e8:d5:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d60ce3443860a7f70d43350776909a4810a48621
        Validity
            Not Before: Apr 30 19:01:17 2024 GMT
            Not After : May  1 19:01:17 2024 GMT
        Subject: CN=99d35ab52662fe380ca51ae2e98f0a5da8c238fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:53:c7:80:a3:c5:ee:9b:03:fc:1d:08:6d:86:
                    bf:77:c4:35:66:9b:09:ba:55:b3:2e:59:07:06:b9:
                    34:98:b2:b7:bc:62:0d:2a:48:0e:32:ab:22:cd:cc:
                    9f:f0:9a:41:58:5a:e1:25:11:3f:4e:11:94:bd:da:
                    86:6d:ed:80:40:3f:08:8c:fd:64:7b:d4:64:65:2a:
                    4c:13:27:9b:be:a3:c5:98:71:69:42:b4:ed:10:f2:
                    73:af:99:2d:8e:52:13:76:d2:14:6e:01:a4:42:de:
                    b5:22:3a:08:92:66:a1:86:6e:ff:49:bb:0b:be:af:
                    93:25:6f:a6:64:76:81:dc:92:de:ad:6d:60:e9:b6:
                    54:9b:04:5e:9a:22:89:0c:3e:5c:38:bc:c9:eb:9d:
                    2b:9e:83:33:69:f9:b3:f6:f0:5e:e4:eb:7d:10:b8:
                    f9:6e:99:a0:57:51:8a:9d:8d:5a:fc:55:0c:8f:43:
                    e1:44:f3:07:4f:13:5b:35:83:e3:a1:4c:13:8e:fc:
                    e5:06:2c:47:98:5c:74:06:b0:ed:f3:39:60:9b:74:
                    91:56:d6:77:4f:3a:63:46:e1:74:55:75:95:ac:35:
                    e9:df:56:2f:80:2d:e7:cb:8d:45:49:28:b4:74:61:
                    51:58:8f:3e:89:2e:07:62:ce:d5:fc:68:44:09:4d:
                    ab:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:D3:5A:B5:26:62:FE:38:0C:A5:1A:E2:E9:8F:0A:5D:A8:C2:38:FC
            X509v3 Authority Key Identifier:
                keyid:D6:0C:E3:44:38:60:A7:F7:0D:43:35:07:76:90:9A:48:10:A4:86:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gzjRDhgp_cNQzUHdpCaSBCkhiE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/0864c3-860b-41c0-9417-daffe52b9f0d/1/1gzjRDhgp_cNQzUHdpCaSBCkhiE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:a3:45:55:f1:3f:39:85:9c:77:58:06:7b:60:01:0e:13:d5:
         eb:8b:aa:a5:99:63:12:82:73:25:31:2c:02:5f:5b:f3:cf:71:
         72:e6:44:a4:7e:2c:2f:db:1d:5f:50:29:b3:b6:29:ac:06:0f:
         97:14:80:6b:29:81:b7:ab:fc:1c:06:05:2b:1f:cd:66:b1:0d:
         44:83:61:d8:18:d9:f7:0b:66:1b:a9:4f:a5:7c:c3:00:d9:47:
         76:a1:eb:a2:13:1a:d5:bd:80:c4:db:0c:7b:f9:8d:a4:5b:e9:
         1b:2c:af:fd:9e:d4:3d:c5:85:d2:c8:72:dc:a2:87:3a:8e:98:
         a7:78:53:3f:cc:ae:a7:30:87:6d:6f:e9:56:ba:d5:5e:12:d1:
         1a:6d:87:bd:51:c1:7d:e6:62:f1:36:75:1a:f2:dd:18:c6:3c:
         d8:4c:74:ef:72:64:34:c1:0d:1f:0f:52:0a:6e:80:95:74:ca:
         3d:70:53:e3:ee:f7:9b:fb:8c:32:4d:28:f2:43:51:05:28:2d:
         33:da:95:54:97:32:f6:67:a9:de:13:92:02:cf:6f:54:0d:30:
         8e:58:50:6a:d6:64:49:4d:ac:20:3f:8f:23:92:90:cf:28:d0:
         3e:2d:a9:43:78:5e:79:76:52:c6:36:7c:21:35:8b:d2:9d:86:
         ef:69:20:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8wYffeNseEIpYXcOwk6NWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MGNlMzQ0Mzg2MGE3ZjcwZDQzMzUwNzc2OTA5YTQ4MTBh
NDg2MjEwHhcNMjQwNDMwMTkwMTE3WhcNMjQwNTAxMTkwMTE3WjAzMTEwLwYDVQQD
Eyg5OWQzNWFiNTI2NjJmZTM4MGNhNTFhZTJlOThmMGE1ZGE4YzIzOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31PHgKPF7psD/B0IbYa/d8Q1ZpsJ
ulWzLlkHBrk0mLK3vGINKkgOMqsizcyf8JpBWFrhJRE/ThGUvdqGbe2AQD8IjP1k
e9RkZSpMEyebvqPFmHFpQrTtEPJzr5ktjlITdtIUbgGkQt61IjoIkmahhm7/SbsL
vq+TJW+mZHaB3JLerW1g6bZUmwRemiKJDD5cOLzJ650rnoMzafmz9vBe5Ot9ELj5
bpmgV1GKnY1a/FUMj0PhRPMHTxNbNYPjoUwTjvzlBixHmFx0BrDt8zlgm3SRVtZ3
TzpjRuF0VXWVrDXp31YvgC3ny41FSSi0dGFRWI8+iS4HYs7V/GhECU2rdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJnTWrUmYv44DKUa4umPCl2owjj8MB8GA1UdIwQY
MBaAFNYM40Q4YKf3DUM1B3aQmkgQpIYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTct
ZGFmZmU1MmI5ZjBkLzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8wODY0YzMtODYwYi00MWMwLTk0MTctZGFmZmU1MmI5ZjBk
LzEvMWd6alJEaGdwX2NOUXpVSGRwQ2FTQkNraGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC6NFVfE/
OYWcd1gGe2ABDhPV64uqpZljEoJzJTEsAl9b889xcuZEpH4sL9sdX1Aps7YprAYP
lxSAaymBt6v8HAYFKx/NZrENRINh2BjZ9wtmG6lPpXzDANlHdqHrohMa1b2AxNsM
e/mNpFvpGyyv/Z7UPcWF0shy3KKHOo6Yp3hTP8yupzCHbW/pVrrVXhLRGm2HvVHB
feZi8TZ1GvLdGMY82Ex073JkNMENHw9SCm6AlXTKPXBT4+73m/uMMk0o8kNRBSgt
M9qVVJcy9mep3hOSAs9vVA0wjlhQatZkSU2sID+PI5KQzyjQPi2pQ3heeXZSxjZ8
ITWL0p2G72kgaQ==
-----END CERTIFICATE-----