Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
File:                     A2loTGfKqZ_8AYS-rMrw6oipISk.mft (raw, json)
Hash identifier:          3BsjGdGmhBP0/z82kvXFNf55PMYnflHTs6/C4Psb8Zc=
Subject key identifier:   36:78:7C:7A:CC:37:F0:83:CF:4D:D7:6C:49:90:81:3B:4F:CD:34:CA
Authority key identifier: 03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29
Certificate issuer:       /CN=0369684c67caa99ffc0184beaccaf0ea88a92129
Certificate serial:       018F441FCA066F06BE4A83106C98650EDB85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
Manifest number:          042C
Signing time:             Sat 04 May 2024 15:01:25 +0000
Manifest this update:     Sat 04 May 2024 15:01:25 +0000
Manifest next update:     Sun 05 May 2024 15:01:25 +0000
Files and hashes:         1: A2loTGfKqZ_8AYS-rMrw6oipISk.crl (hash: rvqYFFD8csLDjsHu2Zaf/wUPgz+8b/2HEiBWPC4eDN0=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:44:1f:ca:06:6f:06:be:4a:83:10:6c:98:65:0e:db:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0369684c67caa99ffc0184beaccaf0ea88a92129
        Validity
            Not Before: May  4 15:01:25 2024 GMT
            Not After : May  5 15:01:25 2024 GMT
        Subject: CN=36787c7acc37f083cf4dd76c4990813b4fcd34ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:71:c9:17:80:32:58:89:e0:e1:ce:2a:f9:5e:
                    63:ff:39:3b:1d:9d:03:46:62:c5:62:9d:4a:8f:e7:
                    d5:33:fe:b3:2a:e5:75:7b:5c:0c:71:81:e7:78:92:
                    2f:8d:be:3f:95:d5:5d:a3:0e:fa:a6:5d:e3:69:95:
                    cd:97:42:35:30:f7:01:03:df:7c:b3:16:c1:aa:67:
                    bc:1a:11:7c:4f:59:d2:87:b3:03:c8:ca:b3:32:c7:
                    ad:2f:a6:aa:06:93:30:34:79:24:9c:1a:6a:53:13:
                    df:c1:a4:c5:d3:e3:3a:f7:86:07:74:4f:b2:30:f0:
                    c7:22:8a:75:fc:98:1b:12:87:3e:8d:7d:7a:92:cc:
                    9f:ae:c9:b5:c9:f6:7d:89:0d:ae:a2:2f:bb:01:61:
                    23:36:4a:e4:1a:d3:db:09:f6:95:a1:72:0d:ce:94:
                    29:3d:02:01:99:0a:7f:9f:bf:56:af:eb:5b:de:e6:
                    b7:6b:49:ca:a3:7c:38:99:48:7c:c3:38:e4:40:85:
                    fd:e9:0b:e4:83:d5:a1:14:27:e0:f5:64:ec:fa:a1:
                    ac:6c:37:ab:b9:1c:29:2a:4d:49:38:3f:fe:62:1b:
                    5a:d6:42:d1:1d:8b:e8:6f:c5:98:d9:ca:34:ae:5c:
                    c1:50:dd:96:e4:71:f9:63:ff:23:21:d4:55:50:4d:
                    8a:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:78:7C:7A:CC:37:F0:83:CF:4D:D7:6C:49:90:81:3B:4F:CD:34:CA
            X509v3 Authority Key Identifier:
                keyid:03:69:68:4C:67:CA:A9:9F:FC:01:84:BE:AC:CA:F0:EA:88:A9:21:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A2loTGfKqZ_8AYS-rMrw6oipISk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0b3621-80d3-4796-8735-157562499908/1/A2loTGfKqZ_8AYS-rMrw6oipISk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cf:09:3f:59:b1:55:28:9e:3d:8b:e7:e6:4b:97:04:d7:a4:b5:
         bd:8e:ed:9e:4b:f8:20:34:b2:c0:82:3c:84:67:fb:04:63:0c:
         37:76:7c:f3:ed:6b:6a:62:8b:4d:b9:4d:b7:23:a1:eb:cd:af:
         36:12:ca:37:ad:a6:1a:dd:66:1c:18:f2:88:ee:90:67:b8:b6:
         c8:27:68:83:2f:e2:a3:bd:60:d3:c8:96:9a:86:11:77:64:54:
         1d:4d:fb:15:e3:b6:55:56:0d:76:6b:ae:db:00:ea:58:fc:1d:
         73:2f:87:4e:a6:b3:42:68:e5:c0:2e:0a:0a:04:f6:4c:a7:cb:
         98:4e:c6:6f:af:25:a3:36:55:b3:e5:e9:25:7c:f9:74:f3:ae:
         6c:73:d2:b5:14:74:12:41:7a:60:b8:8e:c3:e5:a1:40:a1:e6:
         a6:6f:c2:39:60:52:ad:af:72:58:1e:9b:08:ca:c1:a1:9e:00:
         7e:1a:19:99:b5:67:86:1f:f5:68:fe:51:3b:48:fe:39:03:87:
         2b:30:63:d2:27:fa:d9:74:8d:d2:5d:f6:98:4e:b8:48:4a:3e:
         0d:5c:8a:66:b8:0f:b7:46:be:39:77:7d:60:d1:56:f1:e2:e5:
         67:f3:91:69:1a:ff:10:0d:96:38:c7:05:aa:d5:0d:f1:92:1d:
         03:71:47:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY9EH8oGbwa+SoMQbJhlDtuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNjk2ODRjNjdjYWE5OWZmYzAxODRiZWFjY2FmMGVhODhh
OTIxMjkwHhcNMjQwNTA0MTUwMTI1WhcNMjQwNTA1MTUwMTI1WjAzMTEwLwYDVQQD
EygzNjc4N2M3YWNjMzdmMDgzY2Y0ZGQ3NmM0OTkwODEzYjRmY2QzNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHHJF4AyWIng4c4q+V5j/zk7HZ0D
RmLFYp1Kj+fVM/6zKuV1e1wMcYHneJIvjb4/ldVdow76pl3jaZXNl0I1MPcBA998
sxbBqme8GhF8T1nSh7MDyMqzMsetL6aqBpMwNHkknBpqUxPfwaTF0+M694YHdE+y
MPDHIop1/JgbEoc+jX16ksyfrsm1yfZ9iQ2uoi+7AWEjNkrkGtPbCfaVoXINzpQp
PQIBmQp/n79Wr+tb3ua3a0nKo3w4mUh8wzjkQIX96Qvkg9WhFCfg9WTs+qGsbDer
uRwpKk1JOD/+Yhta1kLRHYvob8WY2co0rlzBUN2W5HH5Y/8jIdRVUE2KFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDZ4fHrMN/CDz03XbEmQgTtPzTTKMB8GA1UdIwQY
MBaAFANpaExnyqmf/AGEvqzK8OqIqSEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUt
MTU3NTYyNDk5OTA4LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wYjM2MjEtODBkMy00Nzk2LTg3MzUtMTU3NTYyNDk5OTA4
LzEvQTJsb1RHZktxWl84QVlTLXJNcnc2b2lwSVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzwk/WbFV
KJ49i+fmS5cE16S1vY7tnkv4IDSywII8hGf7BGMMN3Z88+1ramKLTblNtyOh682v
NhLKN62mGt1mHBjyiO6QZ7i2yCdogy/io71g08iWmoYRd2RUHU37FeO2VVYNdmuu
2wDqWPwdcy+HTqazQmjlwC4KCgT2TKfLmE7Gb68lozZVs+XpJXz5dPOubHPStRR0
EkF6YLiOw+WhQKHmpm/COWBSra9yWB6bCMrBoZ4AfhoZmbVnhh/1aP5RO0j+OQOH
KzBj0if62XSN0l32mE64SEo+DVyKZrgPt0a+OXd9YNFW8eLlZ/ORaRr/EA2WOMcF
qtUN8ZIdA3FH7Q==
-----END CERTIFICATE-----