Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
File:                     BgPfkU3wTkf1a9li8vncPwQ0pdM.mft (raw, json)
Hash identifier:          GX/hLQRzWG3aKKp38RB6N7VLIrbR467CRUZ6wV7zsXo=
Subject key identifier:   AD:98:B6:D7:DD:C7:2E:A4:C5:D4:2A:3F:DB:59:9B:CD:EF:7D:2F:6E
Authority key identifier: 06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3
Certificate issuer:       /CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
Certificate serial:       018F47FCEFA5CF2AE2AA4B7DAC4930EDA11E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
Manifest number:          03A2
Signing time:             Sun 05 May 2024 09:01:49 +0000
Manifest this update:     Sun 05 May 2024 09:01:49 +0000
Manifest next update:     Mon 06 May 2024 09:01:49 +0000
Files and hashes:         1: BgPfkU3wTkf1a9li8vncPwQ0pdM.crl (hash: H5maeoEFMuNfex593+fiz2vYWQCjGtKId1wXsn8pMDE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:47:fc:ef:a5:cf:2a:e2:aa:4b:7d:ac:49:30:ed:a1:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0603df914df04e47f56bd962f2f9dc3f0434a5d3
        Validity
            Not Before: May  5 09:01:49 2024 GMT
            Not After : May  6 09:01:49 2024 GMT
        Subject: CN=ad98b6d7ddc72ea4c5d42a3fdb599bcdef7d2f6e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:18:b7:d7:38:6a:41:42:75:e3:19:dd:ce:c0:
                    36:c4:a5:fc:ab:78:90:83:29:3c:6f:4d:db:a6:48:
                    2a:60:46:37:bf:99:69:3f:ac:88:81:56:95:33:1c:
                    47:22:ee:57:b4:c0:8b:c1:70:c7:4d:c2:eb:39:7a:
                    c0:e0:65:c2:ab:36:e8:eb:2d:0d:f4:bd:77:b5:ef:
                    a7:6b:bb:bb:b7:cb:f1:c1:85:f0:b1:c4:d9:01:1a:
                    21:1b:02:5a:4d:b4:6d:11:6e:70:2f:80:48:34:79:
                    90:29:1b:5f:62:19:0e:34:5d:ab:54:3c:f2:8c:ef:
                    bd:cc:1b:3f:58:b9:e2:80:39:f2:30:ae:c2:92:32:
                    5c:40:8b:11:27:4f:95:a8:94:ad:87:c7:00:ec:04:
                    4a:bb:2d:01:bd:0b:bb:79:4b:34:3a:6a:17:a3:bc:
                    00:dd:29:33:c1:3a:27:bb:e4:de:76:a9:0d:93:b0:
                    74:63:7d:d4:d0:95:ff:68:70:35:7e:c6:a1:ad:51:
                    b0:6b:f7:c3:a3:14:72:2b:b5:e0:20:0c:64:dd:b3:
                    01:f2:94:6b:41:35:16:ea:28:80:43:9a:67:91:e2:
                    35:fc:22:0b:48:7d:28:8f:f8:c5:80:25:c1:24:cf:
                    ea:a5:9b:f8:8e:04:ee:e2:24:40:8c:06:83:ca:b3:
                    81:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:98:B6:D7:DD:C7:2E:A4:C5:D4:2A:3F:DB:59:9B:CD:EF:7D:2F:6E
            X509v3 Authority Key Identifier:
                keyid:06:03:DF:91:4D:F0:4E:47:F5:6B:D9:62:F2:F9:DC:3F:04:34:A5:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BgPfkU3wTkf1a9li8vncPwQ0pdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9b5e26-0148-4f9f-a46a-bc8425c60604/1/BgPfkU3wTkf1a9li8vncPwQ0pdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         38:43:1b:38:cf:85:d3:2b:fc:47:f2:3a:95:45:45:79:07:52:
         87:e8:65:e1:ed:00:ee:8c:a1:7e:0f:48:61:a0:ba:45:3c:77:
         b3:4a:86:51:91:b0:3e:55:1d:59:22:a0:87:93:2b:e1:be:20:
         67:55:88:0b:fb:3e:94:74:b4:26:2c:bc:56:1e:b6:2a:8d:ac:
         90:f7:10:56:c0:48:46:40:9e:90:90:04:bc:d2:6a:91:a4:a1:
         41:45:d2:71:88:37:9b:4b:58:7b:56:d0:aa:3f:ef:98:53:5d:
         18:4f:b4:8b:50:f3:02:3a:df:8d:23:47:59:ac:0a:f7:a8:1e:
         2f:57:c2:ab:59:c0:e9:8f:27:cc:89:a4:49:97:d2:91:96:4f:
         dd:5f:7a:1d:d2:b8:34:f5:78:a7:82:63:df:1d:e9:aa:e6:e6:
         8b:ba:5e:2f:bb:7e:8c:2b:72:b9:64:76:e6:f8:25:bf:34:55:
         0b:85:8b:b6:1c:b3:28:49:8b:54:65:52:92:f1:2a:cf:cb:dc:
         79:44:24:34:ba:66:02:69:05:c7:4f:81:b5:af:48:45:85:be:
         4f:52:5e:4c:7a:8a:cc:05:92:a7:67:31:18:2f:d5:90:97:60:
         7a:99:e6:a8:52:36:a1:5a:80:79:5a:8f:df:f6:3e:6c:63:35:
         96:bf:1c:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9H/O+lzyriqkt9rEkw7aEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDNkZjkxNGRmMDRlNDdmNTZiZDk2MmYyZjlkYzNmMDQz
NGE1ZDMwHhcNMjQwNTA1MDkwMTQ5WhcNMjQwNTA2MDkwMTQ5WjAzMTEwLwYDVQQD
EyhhZDk4YjZkN2RkYzcyZWE0YzVkNDJhM2ZkYjU5OWJjZGVmN2QyZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRi31zhqQUJ14xndzsA2xKX8q3iQ
gyk8b03bpkgqYEY3v5lpP6yIgVaVMxxHIu5XtMCLwXDHTcLrOXrA4GXCqzbo6y0N
9L13te+na7u7t8vxwYXwscTZARohGwJaTbRtEW5wL4BINHmQKRtfYhkONF2rVDzy
jO+9zBs/WLnigDnyMK7CkjJcQIsRJ0+VqJSth8cA7ARKuy0BvQu7eUs0OmoXo7wA
3SkzwTonu+TedqkNk7B0Y33U0JX/aHA1fsahrVGwa/fDoxRyK7XgIAxk3bMB8pRr
QTUW6iiAQ5pnkeI1/CILSH0oj/jFgCXBJM/qpZv4jgTu4iRAjAaDyrOB/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK2Yttfdxy6kxdQqP9tZm83vfS9uMB8GA1UdIwQY
MBaAFAYD35FN8E5H9WvZYvL53D8ENKXTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEt
YmM4NDI1YzYwNjA0LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85YjVlMjYtMDE0OC00ZjlmLWE0NmEtYmM4NDI1YzYwNjA0
LzEvQmdQZmtVM3dUa2YxYTlsaTh2bmNQd1EwcGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOEMbOM+F
0yv8R/I6lUVFeQdSh+hl4e0A7oyhfg9IYaC6RTx3s0qGUZGwPlUdWSKgh5Mr4b4g
Z1WIC/s+lHS0Jiy8Vh62Ko2skPcQVsBIRkCekJAEvNJqkaShQUXScYg3m0tYe1bQ
qj/vmFNdGE+0i1DzAjrfjSNHWawK96geL1fCq1nA6Y8nzImkSZfSkZZP3V96HdK4
NPV4p4Jj3x3pqubmi7peL7t+jCtyuWR25vglvzRVC4WLthyzKEmLVGVSkvEqz8vc
eUQkNLpmAmkFx0+Bta9IRYW+T1JeTHqKzAWSp2cxGC/VkJdgepnmqFI2oVqAeVqP
3/Y+bGM1lr8cAg==
-----END CERTIFICATE-----