Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
File:                     03h3GhBvaw0FSld4U1aSLK8C40M.mft (raw, json)
Hash identifier:          6om5EpY8QWhHcA9e2h9X0teEZvYoYhdeVtb0GS7FPsY=
Subject key identifier:   54:41:DA:8D:3A:C4:4B:FA:A6:57:C4:E2:23:DC:C5:66:7B:86:E5:4C
Authority key identifier: D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43
Certificate issuer:       /CN=d378771a106f6b0d054a57785356922caf02e343
Certificate serial:       018F2CF2BDF7561ECAF96999615456CF6AB6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
Manifest number:          04F3
Signing time:             Tue 30 Apr 2024 03:00:56 +0000
Manifest this update:     Tue 30 Apr 2024 03:00:56 +0000
Manifest next update:     Wed 01 May 2024 03:00:56 +0000
Files and hashes:         1: 03h3GhBvaw0FSld4U1aSLK8C40M.crl (hash: DFibQVKUiWUk8fz92hXL03OtMgTxfb+xQv3v7+4KJaM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 May 2024 03:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:2c:f2:bd:f7:56:1e:ca:f9:69:99:61:54:56:cf:6a:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d378771a106f6b0d054a57785356922caf02e343
        Validity
            Not Before: Apr 30 03:00:56 2024 GMT
            Not After : May  1 03:00:56 2024 GMT
        Subject: CN=5441da8d3ac44bfaa657c4e223dcc5667b86e54c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:b5:49:ca:c0:ae:63:1b:75:39:a3:48:28:7f:
                    e2:4d:4a:8d:1d:e0:6b:9c:d1:f5:3f:6e:ca:9a:f0:
                    df:9e:46:25:80:75:76:6a:d0:6b:68:2c:51:51:18:
                    ce:ea:e0:07:3e:1e:b4:4f:26:dc:9d:3a:f9:e1:a7:
                    1e:d3:34:95:c0:b9:af:46:45:c4:ee:40:94:71:78:
                    4b:b5:9a:8b:fe:d2:ba:ea:b9:e3:29:06:b5:ca:90:
                    c7:3f:35:87:fe:8c:43:ec:a7:b4:a7:83:34:56:c1:
                    10:41:cb:52:fe:94:24:5b:ed:a5:d3:16:dc:e0:5c:
                    26:17:7f:c3:79:92:b5:7d:27:66:7d:dd:ef:ed:ba:
                    f0:33:2e:f8:eb:43:0d:c6:cf:09:b9:41:b2:8c:e4:
                    f6:d0:04:75:a5:f1:36:28:c6:3d:4d:c6:4d:6b:5d:
                    e5:23:d4:c7:1d:7b:e7:a7:7d:0e:f4:3f:ae:ff:5a:
                    a8:b5:50:9c:b3:cb:6b:a7:25:24:a3:09:6c:e2:f2:
                    c8:62:70:45:32:1e:39:b4:98:09:25:af:ee:31:25:
                    59:d5:96:0b:3a:42:98:b8:26:b7:02:63:f4:03:4c:
                    7b:ad:69:9e:b2:db:6d:3e:47:4e:5c:1a:1c:65:ed:
                    05:da:e8:6f:ae:8a:3e:8f:0d:dd:85:05:ae:a8:25:
                    1a:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:41:DA:8D:3A:C4:4B:FA:A6:57:C4:E2:23:DC:C5:66:7B:86:E5:4C
            X509v3 Authority Key Identifier:
                keyid:D3:78:77:1A:10:6F:6B:0D:05:4A:57:78:53:56:92:2C:AF:02:E3:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03h3GhBvaw0FSld4U1aSLK8C40M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3a5423-6b92-40f4-878a-54717f72ca59/1/03h3GhBvaw0FSld4U1aSLK8C40M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         84:d0:76:48:44:a2:25:b7:0e:84:89:60:6d:8e:12:a7:f4:92:
         11:b0:07:d6:8e:3a:be:52:8c:cc:1b:df:2c:e4:d9:c8:ce:27:
         2d:e0:f9:e2:af:b7:a1:9b:e5:66:2c:89:5c:f8:de:86:89:86:
         ab:07:6b:29:f0:57:03:8e:6f:65:2b:63:ff:3d:ac:a5:2d:2b:
         fa:c2:48:ae:22:74:61:f0:f4:81:12:3c:77:81:dc:e7:b4:a8:
         6f:ed:58:ad:d9:0d:76:7d:77:96:eb:13:51:50:1c:c7:fe:64:
         05:25:96:9b:ae:03:d9:b1:7a:17:d1:c4:31:3e:cb:d1:60:96:
         1b:d5:85:06:01:b8:67:bb:68:1f:eb:9f:4f:ff:f7:97:69:2c:
         95:25:28:4a:2d:f7:f5:4b:31:2b:10:c6:1a:80:8e:d7:35:0a:
         fc:af:5b:c9:0d:7b:eb:26:a5:98:c3:b2:3d:27:b0:64:9e:cf:
         2b:e9:bf:8e:41:6f:c6:c3:27:b1:d5:c1:0c:ca:6a:54:63:ac:
         00:06:4c:dc:0d:c7:95:2e:75:54:5b:1a:bf:83:dc:4a:a1:b8:
         32:8c:6d:06:bb:df:30:d8:99:d2:a0:16:64:65:8d:a9:e7:5b:
         40:da:0b:34:61:e6:82:33:d4:9d:e0:d7:32:c8:b7:7a:89:c0:
         2c:82:e4:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY8s8r33Vh7K+WmZYVRWz2q2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzg3NzFhMTA2ZjZiMGQwNTRhNTc3ODUzNTY5MjJjYWYw
MmUzNDMwHhcNMjQwNDMwMDMwMDU2WhcNMjQwNTAxMDMwMDU2WjAzMTEwLwYDVQQD
Eyg1NDQxZGE4ZDNhYzQ0YmZhYTY1N2M0ZTIyM2RjYzU2NjdiODZlNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LVJysCuYxt1OaNIKH/iTUqNHeBr
nNH1P27KmvDfnkYlgHV2atBraCxRURjO6uAHPh60TybcnTr54ace0zSVwLmvRkXE
7kCUcXhLtZqL/tK66rnjKQa1ypDHPzWH/oxD7Ke0p4M0VsEQQctS/pQkW+2l0xbc
4FwmF3/DeZK1fSdmfd3v7brwMy7460MNxs8JuUGyjOT20AR1pfE2KMY9TcZNa13l
I9THHXvnp30O9D+u/1qotVCcs8trpyUkowls4vLIYnBFMh45tJgJJa/uMSVZ1ZYL
OkKYuCa3AmP0A0x7rWmestttPkdOXBocZe0F2uhvroo+jw3dhQWuqCUaTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFRB2o06xEv6plfE4iPcxWZ7huVMMB8GA1UdIwQY
MBaAFNN4dxoQb2sNBUpXeFNWkiyvAuNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEt
NTQ3MTdmNzJjYTU5LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8zYTU0MjMtNmI5Mi00MGY0LTg3OGEtNTQ3MTdmNzJjYTU5
LzEvMDNoM0doQnZhdzBGU2xkNFUxYVNMSzhDNDBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhNB2SESi
JbcOhIlgbY4Sp/SSEbAH1o46vlKMzBvfLOTZyM4nLeD54q+3oZvlZiyJXPjehomG
qwdrKfBXA45vZStj/z2spS0r+sJIriJ0YfD0gRI8d4Hc57Sob+1YrdkNdn13lusT
UVAcx/5kBSWWm64D2bF6F9HEMT7L0WCWG9WFBgG4Z7toH+ufT//3l2kslSUoSi33
9UsxKxDGGoCO1zUK/K9byQ176yalmMOyPSewZJ7PK+m/jkFvxsMnsdXBDMpqVGOs
AAZM3A3HlS51VFsav4PcSqG4MoxtBrvfMNiZ0qAWZGWNqedbQNoLNGHmgjPUneDX
Msi3eonALILkqg==
-----END CERTIFICATE-----