Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
File:                     O8RoMnEppQF7l23I7aydG56aFMw.mft (raw, json)
Hash identifier:          yATAD3aPQIkdx64unQcAyXg/InnzTCiCOhFQ5ChDyns=
Subject key identifier:   85:3D:F5:4A:73:8A:07:84:5D:D2:44:1C:31:0B:9C:B7:5C:16:EE:2E
Authority key identifier: 3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC
Certificate issuer:       /CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
Certificate serial:       019041F764CF44F72FB2005D667CAEF7F1D8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
Manifest number:          1164
Signing time:             Sat 22 Jun 2024 22:00:50 +0000
Manifest this update:     Sat 22 Jun 2024 22:00:50 +0000
Manifest next update:     Sun 23 Jun 2024 22:00:50 +0000
Files and hashes:         1: O8RoMnEppQF7l23I7aydG56aFMw.crl (hash: 1k981se3UThZCmiAxhb/W/+qxisZtafnoyAZhY07+Hg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 23 Jun 2024 21:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:41:f7:64:cf:44:f7:2f:b2:00:5d:66:7c:ae:f7:f1:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3bc468327129a5017b976dc8edac9d1b9e9a14cc
        Validity
            Not Before: Jun 22 22:00:50 2024 GMT
            Not After : Jun 23 22:00:50 2024 GMT
        Subject: CN=853df54a738a07845dd2441c310b9cb75c16ee2e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ee:25:76:41:38:6d:e7:34:cd:2c:44:ac:a9:
                    e2:ca:9a:77:bc:08:7b:0b:5c:33:9e:eb:b5:10:4d:
                    34:2b:e3:2c:ad:62:b9:c5:f7:e7:99:b9:c4:99:84:
                    9f:2c:db:51:10:1a:d6:e9:95:f1:e7:79:4f:78:c5:
                    cb:c0:29:74:15:b4:d9:f9:de:b5:60:8d:5c:60:88:
                    b9:1c:dd:f7:34:37:5f:d6:a4:ed:f4:e5:3a:6b:38:
                    d8:83:c9:a1:cd:9c:84:7a:29:ab:51:73:6c:ad:c0:
                    7a:ac:11:19:1f:3e:c1:2d:4b:0c:15:bf:8a:6a:66:
                    51:36:a9:70:7b:52:cd:5f:c3:7b:da:ec:1a:80:0a:
                    7c:e8:aa:fe:cc:4e:63:46:e5:13:40:d1:4e:22:5b:
                    0a:c2:b0:62:69:fb:8d:a8:d2:f7:ac:f4:8b:ae:6f:
                    2f:77:3a:bb:98:98:e6:1e:ce:c4:f8:d9:3b:87:95:
                    92:8f:4d:63:0f:76:1f:08:75:73:3b:1e:34:c1:cb:
                    ab:66:24:03:21:19:a1:1b:65:4e:a4:10:f1:84:3c:
                    fd:2c:31:79:14:7f:ed:2a:f5:5c:39:fa:19:1f:cb:
                    08:2f:64:07:51:ca:88:81:09:c8:fd:88:73:a9:58:
                    61:5d:5a:c0:a6:0b:7c:b9:a5:a6:4f:a9:22:89:be:
                    f5:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:3D:F5:4A:73:8A:07:84:5D:D2:44:1C:31:0B:9C:B7:5C:16:EE:2E
            X509v3 Authority Key Identifier:
                keyid:3B:C4:68:32:71:29:A5:01:7B:97:6D:C8:ED:AC:9D:1B:9E:9A:14:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8RoMnEppQF7l23I7aydG56aFMw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/8d4c03-5fc7-41ac-94f6-1f02c7e923b3/1/O8RoMnEppQF7l23I7aydG56aFMw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:fa:12:a3:0b:49:09:3e:b8:5d:9d:b2:77:ca:59:1c:49:d6:
         4b:ef:49:8b:cd:75:4e:d9:66:18:e9:92:cd:10:b2:09:3a:fd:
         fa:a8:55:44:26:03:cb:3d:fc:f9:88:e8:88:2b:c6:42:99:e1:
         34:87:2b:37:7d:aa:d0:f7:5e:73:a2:8f:ab:05:e1:47:3e:69:
         9a:65:72:3e:e0:c7:dc:75:f0:b5:bb:ba:43:43:2b:75:c4:ef:
         d4:c5:4b:9b:94:02:b6:15:46:b3:02:29:78:6c:2a:25:5d:7a:
         3a:00:00:24:7d:40:60:33:54:a8:5d:c9:e0:97:06:f5:d6:08:
         6e:b3:0f:1f:ef:ff:c6:7d:6a:0f:5e:a7:16:54:ce:b6:5d:83:
         cd:3b:da:61:46:4c:51:3d:06:9f:84:43:15:7e:c7:34:0e:e7:
         27:f9:ca:33:58:d6:8b:22:cb:fe:18:bc:68:34:06:0e:1e:09:
         aa:3f:51:ce:5d:dc:61:86:9d:a0:79:fa:b9:49:7f:ed:33:f7:
         4f:1f:20:de:34:0d:64:a9:1a:d2:27:f8:fa:f1:c5:8f:2c:09:
         ee:2d:73:66:c3:a5:ff:14:81:f5:a3:f9:8c:4f:e9:6a:fd:85:
         b7:a6:06:7e:f3:dd:30:4c:7c:85:30:44:2d:e1:7b:2b:fb:16:
         79:58:2b:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBB92TPRPcvsgBdZnyu9/HYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYzQ2ODMyNzEyOWE1MDE3Yjk3NmRjOGVkYWM5ZDFiOWU5
YTE0Y2MwHhcNMjQwNjIyMjIwMDUwWhcNMjQwNjIzMjIwMDUwWjAzMTEwLwYDVQQD
Eyg4NTNkZjU0YTczOGEwNzg0NWRkMjQ0MWMzMTBiOWNiNzVjMTZlZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+4ldkE4bec0zSxErKniypp3vAh7
C1wznuu1EE00K+MsrWK5xffnmbnEmYSfLNtREBrW6ZXx53lPeMXLwCl0FbTZ+d61
YI1cYIi5HN33NDdf1qTt9OU6azjYg8mhzZyEeimrUXNsrcB6rBEZHz7BLUsMFb+K
amZRNqlwe1LNX8N72uwagAp86Kr+zE5jRuUTQNFOIlsKwrBiafuNqNL3rPSLrm8v
dzq7mJjmHs7E+Nk7h5WSj01jD3YfCHVzOx40wcurZiQDIRmhG2VOpBDxhDz9LDF5
FH/tKvVcOfoZH8sIL2QHUcqIgQnI/YhzqVhhXVrApgt8uaWmT6kiib71XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIU99UpzigeEXdJEHDELnLdcFu4uMB8GA1UdIwQY
MBaAFDvEaDJxKaUBe5dtyO2snRuemhTMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYt
MWYwMmM3ZTkyM2IzLzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC84ZDRjMDMtNWZjNy00MWFjLTk0ZjYtMWYwMmM3ZTkyM2Iz
LzEvTzhSb01uRXBwUUY3bDIzSTdheWRHNTZhRk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYPoSowtJ
CT64XZ2yd8pZHEnWS+9Ji811TtlmGOmSzRCyCTr9+qhVRCYDyz38+YjoiCvGQpnh
NIcrN32q0Pdec6KPqwXhRz5pmmVyPuDH3HXwtbu6Q0MrdcTv1MVLm5QCthVGswIp
eGwqJV16OgAAJH1AYDNUqF3J4JcG9dYIbrMPH+//xn1qD16nFlTOtl2DzTvaYUZM
UT0Gn4RDFX7HNA7nJ/nKM1jWiyLL/hi8aDQGDh4Jqj9Rzl3cYYadoHn6uUl/7TP3
Tx8g3jQNZKka0if4+vHFjywJ7i1zZsOl/xSB9aP5jE/pav2Ft6YGfvPdMEx8hTBE
LeF7K/sWeVgrjw==
-----END CERTIFICATE-----