Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
File:                     PHQZW9u2a2A65joVGPBm-gsRUfU.mft (raw, json)
Hash identifier:          Nyhc60yedD7xOL4fZaqHrk/tsl1XqWXeamJk5MPQ7lE=
Subject key identifier:   38:91:AC:60:7E:97:DE:13:51:71:59:7C:FC:4B:64:53:CC:C5:CF:AE
Authority key identifier: 3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5
Certificate issuer:       /CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
Certificate serial:       018F8749DBC0099F2922F20CA8AECBA354B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
Manifest number:          04AA
Signing time:             Fri 17 May 2024 16:01:55 +0000
Manifest this update:     Fri 17 May 2024 16:01:55 +0000
Manifest next update:     Sat 18 May 2024 16:01:55 +0000
Files and hashes:         1: PHQZW9u2a2A65joVGPBm-gsRUfU.crl (hash: gJPYdRQ0hujVYX/VGrTOJo4Gjh+MtnVk+z6O05JScpk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:49:db:c0:09:9f:29:22:f2:0c:a8:ae:cb:a3:54:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c74195bdbb66b603ae63a1518f066fa0b1151f5
        Validity
            Not Before: May 17 16:01:55 2024 GMT
            Not After : May 18 16:01:55 2024 GMT
        Subject: CN=3891ac607e97de135171597cfc4b6453ccc5cfae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:fa:91:59:f3:26:0a:1c:ff:ff:06:5b:77:e6:
                    cc:e0:0d:3e:81:39:19:9e:f0:36:9e:23:76:bc:7f:
                    8c:eb:f5:84:b4:49:07:e2:20:ea:77:e6:23:d4:d5:
                    21:dc:9e:09:d3:4f:22:3d:0f:a1:c1:64:83:3a:06:
                    ac:af:2d:a1:3b:69:ea:bd:80:cf:d1:4f:8f:68:82:
                    8a:40:c8:6b:52:9a:2e:e7:87:da:86:7c:f1:3b:b8:
                    70:88:86:5a:19:71:00:55:1a:7d:ca:97:f5:c1:bf:
                    b4:29:d4:75:0e:d6:b4:b7:78:c4:b0:01:de:55:05:
                    a1:a9:fe:bd:03:5b:23:6e:6f:ca:37:66:a4:27:17:
                    62:21:5e:74:af:85:e2:01:46:b4:7e:ec:13:34:50:
                    18:0c:95:47:fd:02:6e:e1:fb:49:6b:11:46:ce:e8:
                    2f:f0:35:3b:d6:c7:fd:6b:1d:7f:d9:56:07:e2:c1:
                    e2:84:ec:30:d1:db:16:51:69:ae:9b:dc:51:5c:f0:
                    0d:b7:84:bd:28:14:0e:ee:a9:c8:28:ef:f4:78:85:
                    80:3d:78:0f:3f:e7:73:00:42:5c:0c:92:89:f0:6a:
                    be:00:cf:d6:9d:c8:05:a7:e1:13:73:c9:36:b1:77:
                    8c:11:36:01:94:e1:19:bc:d4:13:45:f0:63:65:9d:
                    5d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:91:AC:60:7E:97:DE:13:51:71:59:7C:FC:4B:64:53:CC:C5:CF:AE
            X509v3 Authority Key Identifier:
                keyid:3C:74:19:5B:DB:B6:6B:60:3A:E6:3A:15:18:F0:66:FA:0B:11:51:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PHQZW9u2a2A65joVGPBm-gsRUfU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7858a4-2e33-43c4-b33d-1e04b20d8567/1/PHQZW9u2a2A65joVGPBm-gsRUfU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:03:ca:bc:ed:67:9b:f5:54:1d:b0:66:6e:cc:fd:d9:28:3d:
         be:64:a4:76:60:5b:69:d1:17:f8:5d:04:49:69:d2:16:31:66:
         50:bc:c0:05:72:03:e9:a6:90:c1:ba:54:b8:43:8c:93:c1:8a:
         e3:e4:b4:8a:74:a9:67:c3:ca:b0:45:6d:e9:f3:e3:aa:61:9a:
         bb:3c:fc:9e:d1:da:a1:d3:dd:84:1c:b5:af:6f:f2:0c:85:97:
         cc:9d:59:1e:d2:01:27:ce:0f:30:2c:2a:ec:ca:7e:bc:5e:f6:
         ea:20:14:6f:f4:4e:df:ec:5d:d9:4a:de:c9:ba:43:46:19:a6:
         1d:d0:17:2e:8f:3f:27:a1:30:45:e6:a5:2f:26:90:06:27:58:
         7c:53:cf:2e:14:d9:57:5e:b0:45:1a:2c:63:5d:45:f1:06:ae:
         70:2e:3d:f6:52:c1:86:e2:20:5d:d8:0c:68:60:4f:63:17:c0:
         ae:23:e7:7a:df:58:74:8c:e4:1c:d4:3d:cf:67:b2:71:45:ac:
         fc:1b:d3:c6:0b:45:32:37:65:29:5c:9b:14:ca:91:dd:38:74:
         3c:89:75:60:1d:a6:aa:5e:8b:4c:ed:72:45:f0:d1:e1:78:9b:
         fb:2e:81:21:57:cd:5a:09:07:6e:f3:34:46:33:fc:76:3e:34:
         45:2d:db:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSdvACZ8pIvIMqK7Lo1S0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNzQxOTViZGJiNjZiNjAzYWU2M2ExNTE4ZjA2NmZhMGIx
MTUxZjUwHhcNMjQwNTE3MTYwMTU1WhcNMjQwNTE4MTYwMTU1WjAzMTEwLwYDVQQD
EygzODkxYWM2MDdlOTdkZTEzNTE3MTU5N2NmYzRiNjQ1M2NjYzVjZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofqRWfMmChz//wZbd+bM4A0+gTkZ
nvA2niN2vH+M6/WEtEkH4iDqd+Yj1NUh3J4J008iPQ+hwWSDOgasry2hO2nqvYDP
0U+PaIKKQMhrUpou54fahnzxO7hwiIZaGXEAVRp9ypf1wb+0KdR1Dta0t3jEsAHe
VQWhqf69A1sjbm/KN2akJxdiIV50r4XiAUa0fuwTNFAYDJVH/QJu4ftJaxFGzugv
8DU71sf9ax1/2VYH4sHihOww0dsWUWmum9xRXPANt4S9KBQO7qnIKO/0eIWAPXgP
P+dzAEJcDJKJ8Gq+AM/WncgFp+ETc8k2sXeMETYBlOEZvNQTRfBjZZ1ddwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiRrGB+l94TUXFZfPxLZFPMxc+uMB8GA1UdIwQY
MBaAFDx0GVvbtmtgOuY6FRjwZvoLEVH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2Qt
MWUwNGIyMGQ4NTY3LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ODU4YTQtMmUzMy00M2M0LWIzM2QtMWUwNGIyMGQ4NTY3
LzEvUEhRWlc5dTJhMkE2NWpvVkdQQm0tZ3NSVWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABAPKvO1n
m/VUHbBmbsz92Sg9vmSkdmBbadEX+F0ESWnSFjFmULzABXID6aaQwbpUuEOMk8GK
4+S0inSpZ8PKsEVt6fPjqmGauzz8ntHaodPdhBy1r2/yDIWXzJ1ZHtIBJ84PMCwq
7Mp+vF726iAUb/RO3+xd2UreybpDRhmmHdAXLo8/J6EwRealLyaQBidYfFPPLhTZ
V16wRRosY11F8QaucC499lLBhuIgXdgMaGBPYxfAriPnet9YdIzkHNQ9z2eycUWs
/BvTxgtFMjdlKVybFMqR3Th0PIl1YB2mql6LTO1yRfDR4Xib+y6BIVfNWgkHbvM0
RjP8dj40RS3bsQ==
-----END CERTIFICATE-----