Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
File:                     PQJjyVdcvQESY66Ig5p4iLdPoHY.mft (raw, json)
Hash identifier:          Zn+YSFjU6uxYCMsblJTIZKq0EnjZDBc5iR6++O+WLZM=
Subject key identifier:   3D:5E:76:34:BC:4C:F2:6A:DA:93:0C:1E:F9:EA:05:A2:4B:30:59:19
Authority key identifier: 3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76
Certificate issuer:       /CN=3d0263c9575cbd011263ae88839a7888b74fa076
Certificate serial:       018F874A7E87BD4E5B7CDD70F3D9E9F9B193
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
Manifest number:          0CA3
Signing time:             Fri 17 May 2024 16:02:37 +0000
Manifest this update:     Fri 17 May 2024 16:02:37 +0000
Manifest next update:     Sat 18 May 2024 16:02:37 +0000
Files and hashes:         1: PQJjyVdcvQESY66Ig5p4iLdPoHY.crl (hash: vQy15SiYlxdBzMuQrGb/by+XEqBN9CAl8oa+5/GoMOU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:7e:87:bd:4e:5b:7c:dd:70:f3:d9:e9:f9:b1:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d0263c9575cbd011263ae88839a7888b74fa076
        Validity
            Not Before: May 17 16:02:37 2024 GMT
            Not After : May 18 16:02:37 2024 GMT
        Subject: CN=3d5e7634bc4cf26ada930c1ef9ea05a24b305919
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:69:cd:a2:97:7a:ba:a9:de:55:90:dc:5a:b2:
                    02:18:87:e3:be:1c:00:dc:13:e9:fc:33:f7:bf:f0:
                    01:1f:40:18:45:4c:e2:9f:9b:31:2d:1c:02:ed:91:
                    1c:24:fb:e6:14:0b:80:d0:23:52:9e:de:06:7c:ba:
                    fb:ab:66:e2:54:d1:45:4a:30:cb:ed:14:c0:e6:b3:
                    9e:3b:b8:80:7d:06:58:ba:64:ec:c4:56:c9:7f:18:
                    d5:fe:52:57:ec:3e:53:48:67:9d:af:29:bf:9f:1a:
                    63:9a:f9:33:5e:0a:f1:0f:1e:5e:f9:6a:76:a6:32:
                    86:83:5d:29:e0:8c:84:30:9b:b0:46:ae:10:d5:1c:
                    72:c4:07:47:9a:35:57:60:84:22:65:44:9d:3c:c4:
                    71:ab:68:15:55:35:34:5d:0f:c5:bb:41:8d:99:60:
                    0e:d0:6e:28:70:9d:b5:0c:d3:3e:4f:1c:ad:e8:4b:
                    06:4b:fb:b6:f8:67:76:cd:84:f5:f9:6c:f2:b7:d4:
                    6b:10:d6:fe:aa:ab:d2:0c:d9:dc:7e:d8:14:4f:03:
                    9d:ff:ec:36:26:56:69:b4:c1:fb:f6:12:2d:20:94:
                    48:21:e1:9f:f7:c0:4e:a2:83:29:31:41:c7:b0:ea:
                    5f:12:36:e3:5c:cf:3d:1c:f4:40:d8:94:82:1d:7f:
                    df:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:5E:76:34:BC:4C:F2:6A:DA:93:0C:1E:F9:EA:05:A2:4B:30:59:19
            X509v3 Authority Key Identifier:
                keyid:3D:02:63:C9:57:5C:BD:01:12:63:AE:88:83:9A:78:88:B7:4F:A0:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQJjyVdcvQESY66Ig5p4iLdPoHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/37423a-0537-45f4-9915-12f4e6273877/1/PQJjyVdcvQESY66Ig5p4iLdPoHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:4a:a9:38:af:88:0c:b2:c9:93:56:7c:be:78:51:b9:d5:a5:
         51:39:84:79:bf:3f:12:e5:29:8d:dc:77:1f:48:1b:63:e0:a2:
         04:0f:ba:9b:75:27:b4:34:c3:41:51:12:c7:6d:88:c8:ea:4a:
         03:52:d9:bd:98:03:0b:a7:ae:ce:e7:bf:2e:7e:05:ea:14:c1:
         b6:e5:70:a2:4a:53:67:5c:26:b5:38:67:6a:df:e8:82:d3:e2:
         f1:f0:83:9d:1f:0a:58:d7:6a:b5:57:ac:b0:b0:bf:4b:ae:74:
         1d:68:87:2b:d0:0d:d4:77:ac:a0:8e:76:e7:bd:37:1b:85:62:
         f1:b9:98:79:be:13:78:09:1a:30:b8:6c:45:f3:25:f4:91:44:
         48:0f:27:4f:34:0a:58:fc:99:ac:6e:6c:e8:17:fd:d3:b0:d1:
         c4:34:49:ff:66:ce:61:20:bf:5e:f8:23:b5:9e:dc:ae:64:34:
         67:f5:14:13:11:ad:03:3d:ab:ee:c4:dd:d5:43:fb:c7:18:db:
         af:d1:8b:02:35:cd:8e:e6:2e:86:01:7e:74:7f:d4:a7:50:28:
         67:54:f0:73:21:ae:2c:cf:8b:94:97:a6:b3:d2:f7:2e:c2:b8:
         7a:b4:98:d6:ca:fc:34:6a:46:c6:d9:ca:a8:6d:7e:0e:43:2b:
         a4:bf:09:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSn6HvU5bfN1w89np+bGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMDI2M2M5NTc1Y2JkMDExMjYzYWU4ODgzOWE3ODg4Yjc0
ZmEwNzYwHhcNMjQwNTE3MTYwMjM3WhcNMjQwNTE4MTYwMjM3WjAzMTEwLwYDVQQD
EygzZDVlNzYzNGJjNGNmMjZhZGE5MzBjMWVmOWVhMDVhMjRiMzA1OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2nNopd6uqneVZDcWrICGIfjvhwA
3BPp/DP3v/ABH0AYRUzin5sxLRwC7ZEcJPvmFAuA0CNSnt4GfLr7q2biVNFFSjDL
7RTA5rOeO7iAfQZYumTsxFbJfxjV/lJX7D5TSGedrym/nxpjmvkzXgrxDx5e+Wp2
pjKGg10p4IyEMJuwRq4Q1RxyxAdHmjVXYIQiZUSdPMRxq2gVVTU0XQ/Fu0GNmWAO
0G4ocJ21DNM+Txyt6EsGS/u2+Gd2zYT1+Wzyt9RrENb+qqvSDNncftgUTwOd/+w2
JlZptMH79hItIJRIIeGf98BOooMpMUHHsOpfEjbjXM89HPRA2JSCHX/fDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD1edjS8TPJq2pMMHvnqBaJLMFkZMB8GA1UdIwQY
MBaAFD0CY8lXXL0BEmOuiIOaeIi3T6B2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUt
MTJmNGU2MjczODc3LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8zNzQyM2EtMDUzNy00NWY0LTk5MTUtMTJmNGU2MjczODc3
LzEvUFFKanlWZGN2UUVTWTY2SWc1cDRpTGRQb0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHEqpOK+I
DLLJk1Z8vnhRudWlUTmEeb8/EuUpjdx3H0gbY+CiBA+6m3UntDTDQVESx22IyOpK
A1LZvZgDC6euzue/Ln4F6hTBtuVwokpTZ1wmtThnat/ogtPi8fCDnR8KWNdqtVes
sLC/S650HWiHK9AN1HesoI525703G4Vi8bmYeb4TeAkaMLhsRfMl9JFESA8nTzQK
WPyZrG5s6Bf907DRxDRJ/2bOYSC/XvgjtZ7crmQ0Z/UUExGtAz2r7sTd1UP7xxjb
r9GLAjXNjuYuhgF+dH/Up1AoZ1TwcyGuLM+LlJems9L3LsK4erSY1sr8NGpGxtnK
qG1+DkMrpL8JPQ==
-----END CERTIFICATE-----