Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
File:                     _D39VAG24EhxYrQuBDdnosKTGnc.mft (raw, json)
Hash identifier:          HQutxwPA2YAUnD4gOBC5ivcQMAFPLJAVQtMBFVFyrsM=
Subject key identifier:   9A:89:A1:EE:12:C0:D7:91:CC:61:0E:D7:19:D0:2E:5F:F7:47:3C:75
Authority key identifier: FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77
Certificate issuer:       /CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
Certificate serial:       018F9C8684846AA7A653B0BE9EB1C048E175
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
Manifest number:          0505
Signing time:             Tue 21 May 2024 19:00:12 +0000
Manifest this update:     Tue 21 May 2024 19:00:12 +0000
Manifest next update:     Wed 22 May 2024 19:00:12 +0000
Files and hashes:         1: _D39VAG24EhxYrQuBDdnosKTGnc.crl (hash: ugxPqiU00LhQithYWZQN6PoB+DwpsB6wRix84iny6WQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 22 May 2024 14:34:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:9c:86:84:84:6a:a7:a6:53:b0:be:9e:b1:c0:48:e1:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc3dfd5401b6e0487162b42e043767a2c2931a77
        Validity
            Not Before: May 21 19:00:12 2024 GMT
            Not After : May 22 19:00:12 2024 GMT
        Subject: CN=9a89a1ee12c0d791cc610ed719d02e5ff7473c75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:18:09:c1:eb:1c:76:4e:1c:03:36:3a:dc:9f:
                    c9:d7:d4:56:fd:94:cf:98:74:e7:c0:16:7d:32:8a:
                    29:05:3b:07:6c:17:e9:ff:34:09:32:2c:85:ee:7e:
                    11:eb:99:2b:6d:e1:41:8d:9c:e4:22:bf:cf:34:25:
                    07:b7:af:9c:3b:5d:8c:7e:03:18:97:b4:fd:25:f0:
                    1b:a8:29:34:21:83:34:72:7d:ee:78:50:df:fb:60:
                    62:fc:71:c4:da:72:b2:30:5e:b5:86:1c:1f:b4:c9:
                    6a:21:09:a3:bd:b9:dd:38:42:9e:48:c3:e7:a3:0b:
                    77:d9:01:32:24:87:5c:94:91:42:3f:19:c7:36:ef:
                    31:49:fc:0e:06:6d:66:da:22:1f:8a:70:39:9c:ed:
                    ea:97:65:0e:1f:b9:0b:88:09:90:75:a1:af:62:43:
                    43:86:79:34:ff:84:c1:e9:c6:b6:e7:f6:1d:ba:7e:
                    f0:df:f8:f5:72:ce:f4:39:97:75:3b:25:5f:e1:f7:
                    b9:fd:e5:40:55:aa:25:1a:cf:12:5f:d4:9d:60:e1:
                    96:cf:a7:1e:d4:dc:c1:99:7c:ad:93:d9:46:12:82:
                    83:c7:01:2e:ce:5d:69:66:3c:12:61:93:2e:b7:cb:
                    df:80:f2:64:0a:ef:bd:cb:23:f4:9a:09:37:0a:10:
                    29:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:89:A1:EE:12:C0:D7:91:CC:61:0E:D7:19:D0:2E:5F:F7:47:3C:75
            X509v3 Authority Key Identifier:
                keyid:FC:3D:FD:54:01:B6:E0:48:71:62:B4:2E:04:37:67:A2:C2:93:1A:77

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_D39VAG24EhxYrQuBDdnosKTGnc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/335e98-8b36-4017-928a-ddade3d341c7/1/_D39VAG24EhxYrQuBDdnosKTGnc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         65:dd:30:49:67:e9:99:26:6d:b1:0f:21:43:28:39:33:44:33:
         91:74:49:7b:46:66:02:42:3b:67:e1:54:bf:30:de:e9:da:9d:
         11:18:b3:ea:01:21:4b:44:d6:d1:fa:47:42:63:fe:9c:15:b7:
         f7:8f:09:2a:6d:82:da:9e:50:be:81:6c:9e:5f:96:29:bb:d6:
         57:1f:ff:a4:5b:aa:da:5b:22:36:8f:86:64:f4:99:7f:75:e2:
         bb:ca:fc:d8:b2:b5:45:25:16:59:e6:5e:ee:7e:e1:4a:53:08:
         b2:0e:5f:64:13:97:03:a6:66:db:fa:9e:32:25:30:37:5a:7e:
         03:5f:1a:03:ce:c1:b5:5c:b9:d7:5f:23:e6:85:65:67:a4:32:
         25:62:19:23:25:4f:23:9e:90:54:e7:5e:b7:9d:ae:eb:66:df:
         22:5d:f4:3f:32:c0:bc:2b:6a:b6:fa:65:e0:d2:76:a5:57:f2:
         83:d7:6c:df:56:38:ad:50:ec:4d:4a:01:ed:36:cf:7b:75:91:
         b5:5c:21:75:98:d8:a8:55:f4:fe:ea:58:f6:b3:f6:12:70:e6:
         fb:a0:a6:38:7b:4c:a0:22:1f:1e:cb:d0:73:6c:1a:26:87:0b:
         cb:7b:10:96:5e:6b:2f:c7:29:fe:aa:e3:46:fd:07:73:8d:fd:
         02:b3:c1:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+choSEaqemU7C+nrHASOF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2RmZDU0MDFiNmUwNDg3MTYyYjQyZTA0Mzc2N2EyYzI5
MzFhNzcwHhcNMjQwNTIxMTkwMDEyWhcNMjQwNTIyMTkwMDEyWjAzMTEwLwYDVQQD
Eyg5YTg5YTFlZTEyYzBkNzkxY2M2MTBlZDcxOWQwMmU1ZmY3NDczYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxgJwescdk4cAzY63J/J19RW/ZTP
mHTnwBZ9MoopBTsHbBfp/zQJMiyF7n4R65krbeFBjZzkIr/PNCUHt6+cO12MfgMY
l7T9JfAbqCk0IYM0cn3ueFDf+2Bi/HHE2nKyMF61hhwftMlqIQmjvbndOEKeSMPn
owt32QEyJIdclJFCPxnHNu8xSfwOBm1m2iIfinA5nO3ql2UOH7kLiAmQdaGvYkND
hnk0/4TB6ca25/Ydun7w3/j1cs70OZd1OyVf4fe5/eVAVaolGs8SX9SdYOGWz6ce
1NzBmXytk9lGEoKDxwEuzl1pZjwSYZMut8vfgPJkCu+9yyP0mgk3ChAp6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJqJoe4SwNeRzGEO1xnQLl/3Rzx1MB8GA1UdIwQY
MBaAFPw9/VQBtuBIcWK0LgQ3Z6LCkxp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEt
ZGRhZGUzZDM0MWM3LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMzVlOTgtOGIzNi00MDE3LTkyOGEtZGRhZGUzZDM0MWM3
LzEvX0QzOVZBRzI0RWh4WXJRdUJEZG5vc0tUR25jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZd0wSWfp
mSZtsQ8hQyg5M0QzkXRJe0ZmAkI7Z+FUvzDe6dqdERiz6gEhS0TW0fpHQmP+nBW3
948JKm2C2p5QvoFsnl+WKbvWVx//pFuq2lsiNo+GZPSZf3Xiu8r82LK1RSUWWeZe
7n7hSlMIsg5fZBOXA6Zm2/qeMiUwN1p+A18aA87BtVy5118j5oVlZ6QyJWIZIyVP
I56QVOdet52u62bfIl30PzLAvCtqtvpl4NJ2pVfyg9ds31Y4rVDsTUoB7TbPe3WR
tVwhdZjYqFX0/upY9rP2EnDm+6CmOHtMoCIfHsvQc2waJocLy3sQll5rL8cp/qrj
Rv0Hc439ArPBRQ==
-----END CERTIFICATE-----