Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
File:                     sNcTFlrGKE-0HV38gmV3_B2gtzA.mft (raw, json)
Hash identifier:          OgccUHTXKL/SNVg7tVMLwPbqVswrI3VjXvhttXPZOPY=
Subject key identifier:   24:33:CE:9A:D5:86:5E:41:BC:BF:60:50:66:6D:0A:04:52:D8:BD:73
Authority key identifier: B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30
Certificate issuer:       /CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
Certificate serial:       018F8748F1019223678872D096FC65753984
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
Manifest number:          0E8E
Signing time:             Fri 17 May 2024 16:00:55 +0000
Manifest this update:     Fri 17 May 2024 16:00:55 +0000
Manifest next update:     Sat 18 May 2024 16:00:55 +0000
Files and hashes:         1: sNcTFlrGKE-0HV38gmV3_B2gtzA.crl (hash: 2kWPsNMp9GvtVbYxP+1Ql3cz9mQyPT2fV7Q8uTWUN/E=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:f1:01:92:23:67:88:72:d0:96:fc:65:75:39:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d713165ac6284fb41d5dfc826577fc1da0b730
        Validity
            Not Before: May 17 16:00:55 2024 GMT
            Not After : May 18 16:00:55 2024 GMT
        Subject: CN=2433ce9ad5865e41bcbf6050666d0a0452d8bd73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d7:44:cd:27:da:83:0f:a6:5a:df:b2:ff:92:
                    a9:c1:92:ba:18:85:e6:72:1a:bf:12:56:e8:7d:b1:
                    a1:fe:d8:14:f1:57:6b:8b:19:ef:30:ee:c1:1c:59:
                    82:e2:35:08:53:f0:62:05:ee:b0:28:48:b8:c0:f8:
                    47:7f:c4:85:38:58:e1:15:87:96:5e:a9:03:0f:9e:
                    95:2b:97:df:f8:07:cb:c1:89:21:71:0d:df:8f:41:
                    bc:b8:71:d6:f0:b7:cf:8a:e8:2b:ba:1f:f3:8a:c3:
                    8c:7e:30:f5:5a:da:83:fd:eb:89:18:67:6f:8e:f4:
                    85:ee:31:5d:4e:80:3f:5d:cb:28:a9:75:a8:91:67:
                    40:12:e6:02:a6:14:f6:2d:6e:17:0a:ec:d2:e5:50:
                    46:61:00:14:ef:73:30:65:25:a1:b2:44:f7:a9:a4:
                    ec:c8:c3:de:4e:cb:c2:f8:a4:df:15:41:c8:ff:d8:
                    54:cb:a2:d6:f7:6a:df:d8:be:93:d6:8c:63:e8:20:
                    b9:6a:4b:67:ce:90:47:ce:01:6d:7c:de:4b:61:5e:
                    5c:93:df:3c:8e:b4:cf:92:d8:24:8d:f7:e9:2a:12:
                    b6:ec:37:b3:46:14:49:a6:71:82:08:88:31:44:ef:
                    f4:38:93:33:be:92:96:1a:5a:c2:d1:74:89:08:17:
                    11:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:33:CE:9A:D5:86:5E:41:BC:BF:60:50:66:6D:0A:04:52:D8:BD:73
            X509v3 Authority Key Identifier:
                keyid:B0:D7:13:16:5A:C6:28:4F:B4:1D:5D:FC:82:65:77:FC:1D:A0:B7:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sNcTFlrGKE-0HV38gmV3_B2gtzA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/284b3e-2d4f-412a-8862-539e1ac821d7/1/sNcTFlrGKE-0HV38gmV3_B2gtzA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3b:f9:ee:7f:08:29:5c:cf:08:6e:9b:c6:d7:c3:e9:22:ef:1e:
         7f:cd:30:ce:68:b1:ac:b6:0a:95:d7:86:76:25:95:b1:d0:d6:
         87:1a:2c:34:9a:21:f7:39:6e:36:06:7c:26:37:3d:c1:64:2b:
         ca:97:5c:dc:d4:e0:3c:c7:da:8d:55:df:81:5a:98:53:7d:3d:
         6a:8b:50:9c:5f:2c:84:be:a1:4d:87:a1:1b:9e:5e:53:86:a8:
         7f:2e:5c:9a:df:a4:1b:48:0b:f1:ad:c6:07:59:13:fa:1f:cd:
         cc:24:5e:96:3c:15:b9:98:94:06:e9:1b:ab:90:11:b9:ad:fb:
         bb:24:20:c4:1b:d6:41:88:98:35:ab:c2:7f:fb:7c:d0:ff:12:
         bd:af:05:02:12:f3:d5:fd:e4:e6:e4:1a:47:a2:52:66:33:0e:
         1c:d8:87:b4:1f:84:46:26:8a:e0:10:1f:64:db:c4:78:83:25:
         f1:bc:f0:00:f1:c8:73:c5:f3:1b:1e:78:22:3a:40:9b:70:55:
         43:04:6c:27:07:bb:86:90:7e:b9:de:f3:8d:4d:62:6e:9f:a0:
         3b:3e:94:de:44:80:71:34:bd:28:c0:09:fa:65:c0:6a:32:eb:
         89:b7:d9:97:7f:6f:9c:6c:9d:ad:c5:68:fa:bd:d3:7b:93:51:
         a4:d8:a7:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSPEBkiNniHLQlvxldTmEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZDcxMzE2NWFjNjI4NGZiNDFkNWRmYzgyNjU3N2ZjMWRh
MGI3MzAwHhcNMjQwNTE3MTYwMDU1WhcNMjQwNTE4MTYwMDU1WjAzMTEwLwYDVQQD
EygyNDMzY2U5YWQ1ODY1ZTQxYmNiZjYwNTA2NjZkMGEwNDUyZDhiZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9dEzSfagw+mWt+y/5KpwZK6GIXm
chq/ElbofbGh/tgU8VdrixnvMO7BHFmC4jUIU/BiBe6wKEi4wPhHf8SFOFjhFYeW
XqkDD56VK5ff+AfLwYkhcQ3fj0G8uHHW8LfPiugruh/zisOMfjD1WtqD/euJGGdv
jvSF7jFdToA/XcsoqXWokWdAEuYCphT2LW4XCuzS5VBGYQAU73MwZSWhskT3qaTs
yMPeTsvC+KTfFUHI/9hUy6LW92rf2L6T1oxj6CC5aktnzpBHzgFtfN5LYV5ck988
jrTPktgkjffpKhK27DezRhRJpnGCCIgxRO/0OJMzvpKWGlrC0XSJCBcRHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQzzprVhl5BvL9gUGZtCgRS2L1zMB8GA1UdIwQY
MBaAFLDXExZaxihPtB1d/IJld/wdoLcwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjIt
NTM5ZTFhYzgyMWQ3LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yODRiM2UtMmQ0Zi00MTJhLTg4NjItNTM5ZTFhYzgyMWQ3
LzEvc05jVEZsckdLRS0wSFYzOGdtVjNfQjJndHpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO/nufwgp
XM8IbpvG18PpIu8ef80wzmixrLYKldeGdiWVsdDWhxosNJoh9zluNgZ8Jjc9wWQr
ypdc3NTgPMfajVXfgVqYU309aotQnF8shL6hTYehG55eU4aofy5cmt+kG0gL8a3G
B1kT+h/NzCReljwVuZiUBukbq5ARua37uyQgxBvWQYiYNavCf/t80P8Sva8FAhLz
1f3k5uQaR6JSZjMOHNiHtB+ERiaK4BAfZNvEeIMl8bzwAPHIc8XzGx54IjpAm3BV
QwRsJwe7hpB+ud7zjU1ibp+gOz6U3kSAcTS9KMAJ+mXAajLribfZl39vnGydrcVo
+r3Te5NRpNinLA==
-----END CERTIFICATE-----