Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
File:                     31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft (raw, json)
Hash identifier:          oW8dk1fMmsSxOSEg9+qJHlHMAHd554CIVFseXfksBU4=
Subject key identifier:   2D:90:8E:03:5F:E2:69:50:81:5D:14:BA:5D:DC:CA:4A:0E:12:B7:31
Authority key identifier: DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E
Certificate issuer:       /CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
Certificate serial:       018F8DB89274F243D840C2CE903AF0B51EED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
Manifest number:          08E3
Signing time:             Sat 18 May 2024 22:00:34 +0000
Manifest this update:     Sat 18 May 2024 22:00:34 +0000
Manifest next update:     Sun 19 May 2024 22:00:34 +0000
Files and hashes:         1: 31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl (hash: k34PUBYHJCRQ/5pN6gv3L6zTdsI9/ryzXjHh+Yz8MXU=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 20:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:8d:b8:92:74:f2:43:d8:40:c2:ce:90:3a:f0:b5:1e:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=df52526f3d282765325c15a6e5765d7cd7f1f89e
        Validity
            Not Before: May 18 22:00:34 2024 GMT
            Not After : May 19 22:00:34 2024 GMT
        Subject: CN=2d908e035fe26950815d14ba5ddcca4a0e12b731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3e:2b:b5:ae:95:1e:2b:37:08:4c:71:d7:2c:
                    63:32:15:44:9e:82:ed:80:c2:50:52:85:80:82:7a:
                    fc:9b:2c:fd:c3:a0:6b:38:29:65:64:9d:3e:37:89:
                    cd:02:26:4d:5a:83:24:83:7c:e1:97:5f:ed:41:e4:
                    b5:ff:ac:77:2d:2d:09:19:9f:4d:25:ec:26:16:6a:
                    27:e8:e2:be:e2:6d:82:f6:3d:52:67:b0:f1:20:f5:
                    47:c6:43:3c:5b:68:d6:e2:4c:7b:7b:89:2d:9f:26:
                    d9:92:26:79:1b:76:ea:86:3f:50:c4:cb:51:23:b1:
                    35:b1:bb:4b:ce:50:40:da:b1:51:4b:2e:b6:3d:e6:
                    82:ec:4f:0f:47:3a:3f:a4:47:36:ae:9d:26:7b:ab:
                    a0:30:3f:8c:46:f3:9c:17:0f:07:2d:75:76:57:fe:
                    60:2c:65:64:4d:47:99:a0:1c:9b:96:49:52:3d:00:
                    37:b6:ad:7e:08:c2:d4:8f:50:ec:37:f1:4e:b9:8a:
                    64:49:8d:88:8c:a7:23:2a:04:cd:0f:0b:78:18:4a:
                    b0:74:f2:c6:85:81:26:4d:01:e0:ef:1b:9b:91:a1:
                    b4:e9:a8:f3:02:f7:11:15:56:28:95:dd:2d:13:82:
                    1c:04:9c:6d:35:48:f9:fa:48:b3:10:c7:45:13:e5:
                    f3:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:90:8E:03:5F:E2:69:50:81:5D:14:BA:5D:DC:CA:4A:0E:12:B7:31
            X509v3 Authority Key Identifier:
                keyid:DF:52:52:6F:3D:28:27:65:32:5C:15:A6:E5:76:5D:7C:D7:F1:F8:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31JSbz0oJ2UyXBWm5XZdfNfx-J4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0bf6db-cc7d-4697-9aec-623e6c9c4464/1/31JSbz0oJ2UyXBWm5XZdfNfx-J4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:ad:0f:bd:de:15:a5:63:86:85:20:c8:5b:75:46:43:0f:af:
         68:02:01:0b:bd:95:d9:5d:8f:e3:61:83:62:b4:0f:d4:79:b6:
         af:4e:c6:2a:7c:31:42:ba:a4:c6:a7:5d:f9:01:97:b5:4a:ac:
         af:a4:0b:08:bb:b2:e8:bc:bf:c3:03:3c:ae:0f:98:c3:fb:52:
         3b:f0:07:0b:7b:71:d4:23:6a:fe:87:25:29:79:5d:37:e0:81:
         a2:93:01:f0:02:f8:ab:5d:21:65:f1:e4:a5:b9:61:e6:97:66:
         c0:b5:0d:71:b0:fb:b4:48:c8:29:b0:e9:55:94:39:13:2e:6a:
         65:58:5c:0c:ab:bf:9c:8b:b4:fb:0a:bf:a9:9a:10:cc:be:03:
         6d:10:97:41:0d:2d:e8:72:0f:77:d1:74:9f:22:bb:4f:9d:72:
         f3:ba:d0:99:0c:84:c0:b1:7d:89:3b:c9:13:b5:0a:f6:e6:a0:
         79:d4:81:a4:1d:8e:69:2f:8f:7b:a8:91:54:fd:9d:68:2c:a0:
         ac:8d:4f:b3:53:70:d0:d7:13:7d:ae:e8:76:c1:04:f3:e9:23:
         19:f3:68:66:3e:5b:85:c3:05:fa:26:88:99:c9:2f:f2:c5:12:
         4f:05:71:74:2b:d3:aa:a8:35:90:41:46:d1:c9:db:89:c5:50:
         ba:53:23:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+NuJJ08kPYQMLOkDrwtR7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNTI1MjZmM2QyODI3NjUzMjVjMTVhNmU1NzY1ZDdjZDdm
MWY4OWUwHhcNMjQwNTE4MjIwMDM0WhcNMjQwNTE5MjIwMDM0WjAzMTEwLwYDVQQD
EygyZDkwOGUwMzVmZTI2OTUwODE1ZDE0YmE1ZGRjY2E0YTBlMTJiNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT4rta6VHis3CExx1yxjMhVEnoLt
gMJQUoWAgnr8myz9w6BrOCllZJ0+N4nNAiZNWoMkg3zhl1/tQeS1/6x3LS0JGZ9N
JewmFmon6OK+4m2C9j1SZ7DxIPVHxkM8W2jW4kx7e4ktnybZkiZ5G3bqhj9QxMtR
I7E1sbtLzlBA2rFRSy62PeaC7E8PRzo/pEc2rp0me6ugMD+MRvOcFw8HLXV2V/5g
LGVkTUeZoByblklSPQA3tq1+CMLUj1DsN/FOuYpkSY2IjKcjKgTNDwt4GEqwdPLG
hYEmTQHg7xubkaG06ajzAvcRFVYold0tE4IcBJxtNUj5+kizEMdFE+Xz0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2QjgNf4mlQgV0Uul3cykoOErcxMB8GA1UdIwQY
MBaAFN9SUm89KCdlMlwVpuV2XXzX8fieMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMt
NjIzZTZjOWM0NDY0LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wYmY2ZGItY2M3ZC00Njk3LTlhZWMtNjIzZTZjOWM0NDY0
LzEvMzFKU2J6MG9KMlV5WEJXbTVYWmRmTmZ4LUo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlq0Pvd4V
pWOGhSDIW3VGQw+vaAIBC72V2V2P42GDYrQP1Hm2r07GKnwxQrqkxqdd+QGXtUqs
r6QLCLuy6Ly/wwM8rg+Yw/tSO/AHC3tx1CNq/oclKXldN+CBopMB8AL4q10hZfHk
pblh5pdmwLUNcbD7tEjIKbDpVZQ5Ey5qZVhcDKu/nIu0+wq/qZoQzL4DbRCXQQ0t
6HIPd9F0nyK7T51y87rQmQyEwLF9iTvJE7UK9uagedSBpB2OaS+Pe6iRVP2daCyg
rI1Ps1Nw0NcTfa7odsEE8+kjGfNoZj5bhcMF+iaImckv8sUSTwVxdCvTqqg1kEFG
0cnbicVQulMjmw==
-----END CERTIFICATE-----