Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
File:                     OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft (raw, json)
Hash identifier:          vtvOV7lJc9fCSN7VbXCRxbWwFKh1pBxJQAFfLeKQYlY=
Subject key identifier:   49:24:6E:51:B1:BE:7D:56:20:20:33:14:3A:D3:04:21:16:8D:7F:DC
Authority key identifier: 3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F
Certificate issuer:       /CN=3b2aa720568171620e9bc9b97dadcc74b513394f
Certificate serial:       01901D469949B68B3D42A7746E46DCB95964
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
Manifest number:          01F8
Signing time:             Sat 15 Jun 2024 19:01:24 +0000
Manifest this update:     Sat 15 Jun 2024 19:01:24 +0000
Manifest next update:     Sun 16 Jun 2024 19:01:24 +0000
Files and hashes:         1: OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl (hash: kC6XZg2bglaE6bvF6IOur3WoS6rn/ughlcdmcceDQYI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1d:46:99:49:b6:8b:3d:42:a7:74:6e:46:dc:b9:59:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b2aa720568171620e9bc9b97dadcc74b513394f
        Validity
            Not Before: Jun 15 19:01:24 2024 GMT
            Not After : Jun 16 19:01:24 2024 GMT
        Subject: CN=49246e51b1be7d56202033143ad30421168d7fdc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:72:2c:5e:ae:7d:85:de:38:4e:02:b6:09:e5:
                    d3:c9:e6:94:e9:db:ec:1b:5d:6d:dc:8f:0b:98:79:
                    f8:19:ba:58:0c:f1:e9:a4:66:2f:ab:f1:dd:18:61:
                    18:21:88:56:8c:08:f2:9a:1f:ea:af:68:47:cf:05:
                    98:3c:6c:15:e4:d1:5a:ed:10:8f:2f:95:7f:6c:53:
                    c4:b7:cb:5a:90:d8:5f:40:76:a8:b0:2c:30:6a:1a:
                    08:80:64:3f:e3:fc:7b:9c:63:ae:56:65:d0:34:16:
                    23:29:57:df:1a:84:3c:30:7b:6f:99:20:0a:d3:61:
                    d4:8a:78:4d:1e:54:bf:e7:67:8f:0c:1c:75:37:85:
                    af:1f:a9:37:fb:72:60:e2:57:a6:3e:c6:16:47:21:
                    ae:4f:af:61:e2:40:c0:22:e6:0f:ab:b9:f9:e6:57:
                    46:4a:5a:1a:5d:1c:13:25:21:4e:2a:bd:36:c0:10:
                    8a:5d:45:cd:f2:5e:58:56:3f:8f:eb:d7:07:a5:f4:
                    8b:e3:70:af:98:a4:67:28:87:63:d8:3f:2e:11:f0:
                    57:d9:14:77:72:54:5e:38:70:a1:d7:e8:18:99:cc:
                    36:1a:b6:fe:01:cc:a9:4d:dd:70:ab:48:83:7d:a3:
                    a4:47:f5:bc:1d:8c:73:a9:23:82:53:b1:b2:e3:e4:
                    60:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:24:6E:51:B1:BE:7D:56:20:20:33:14:3A:D3:04:21:16:8D:7F:DC
            X509v3 Authority Key Identifier:
                keyid:3B:2A:A7:20:56:81:71:62:0E:9B:C9:B9:7D:AD:CC:74:B5:13:39:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OyqnIFaBcWIOm8m5fa3MdLUTOU8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/277589-8d9a-4b22-9a15-605de0eaaeb6/1/OyqnIFaBcWIOm8m5fa3MdLUTOU8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:2d:b9:73:9e:e2:f9:ad:12:db:5c:2f:b5:6f:d6:b3:8b:bf:
         6c:5b:ac:5a:e7:a3:84:86:ee:f1:0e:e6:57:70:56:ce:02:1a:
         4c:ca:a5:ac:60:d8:2a:b0:6a:24:32:79:e0:c7:59:44:6b:96:
         7b:63:9e:02:f3:ec:29:5f:0a:d4:5c:92:90:60:c5:04:a3:0c:
         f9:6c:da:58:15:5d:57:61:f2:fd:f3:4e:aa:a9:5f:11:61:0a:
         d0:f7:aa:c7:1f:f3:f9:6c:e1:8b:82:71:bc:fb:f1:4b:0f:1d:
         b1:80:16:41:04:2b:cf:c8:e5:5a:aa:3f:d1:cf:a3:ec:0a:92:
         88:26:91:43:77:ee:01:f3:7e:45:8d:b2:37:34:82:7f:3e:e4:
         ad:c0:1a:49:08:cd:38:42:36:2c:df:79:13:92:4a:62:5b:ab:
         84:1e:18:90:35:46:9f:14:d3:74:be:76:c1:6d:80:d0:5c:9e:
         cb:2d:51:06:b3:1f:01:35:92:84:bd:7f:d0:3f:a6:9e:1a:c6:
         b5:fc:f3:9d:17:57:c2:da:25:d3:87:68:7b:ed:4f:de:12:2f:
         f9:34:af:c0:3f:95:7a:69:df:bd:2f:05:96:51:0e:2e:cf:86:
         5f:0b:22:5c:bc:c6:cd:ac:06:4a:45:9e:d3:8a:37:28:b0:82:
         ba:53:a8:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAdRplJtos9Qqd0bkbcuVlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMmFhNzIwNTY4MTcxNjIwZTliYzliOTdkYWRjYzc0YjUx
MzM5NGYwHhcNMjQwNjE1MTkwMTI0WhcNMjQwNjE2MTkwMTI0WjAzMTEwLwYDVQQD
Eyg0OTI0NmU1MWIxYmU3ZDU2MjAyMDMzMTQzYWQzMDQyMTE2OGQ3ZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HIsXq59hd44TgK2CeXTyeaU6dvs
G11t3I8LmHn4GbpYDPHppGYvq/HdGGEYIYhWjAjymh/qr2hHzwWYPGwV5NFa7RCP
L5V/bFPEt8takNhfQHaosCwwahoIgGQ/4/x7nGOuVmXQNBYjKVffGoQ8MHtvmSAK
02HUinhNHlS/52ePDBx1N4WvH6k3+3Jg4lemPsYWRyGuT69h4kDAIuYPq7n55ldG
SloaXRwTJSFOKr02wBCKXUXN8l5YVj+P69cHpfSL43CvmKRnKIdj2D8uEfBX2RR3
clReOHCh1+gYmcw2Grb+AcypTd1wq0iDfaOkR/W8HYxzqSOCU7Gy4+RgkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkkblGxvn1WICAzFDrTBCEWjX/cMB8GA1UdIwQY
MBaAFDsqpyBWgXFiDpvJuX2tzHS1EzlPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUt
NjA1ZGUwZWFhZWI2LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yNzc1ODktOGQ5YS00YjIyLTlhMTUtNjA1ZGUwZWFhZWI2
LzEvT3lxbklGYUJjV0lPbThtNWZhM01kTFVUT1U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALC25c57i
+a0S21wvtW/Ws4u/bFusWuejhIbu8Q7mV3BWzgIaTMqlrGDYKrBqJDJ54MdZRGuW
e2OeAvPsKV8K1FySkGDFBKMM+WzaWBVdV2Hy/fNOqqlfEWEK0Peqxx/z+Wzhi4Jx
vPvxSw8dsYAWQQQrz8jlWqo/0c+j7AqSiCaRQ3fuAfN+RY2yNzSCfz7krcAaSQjN
OEI2LN95E5JKYlurhB4YkDVGnxTTdL52wW2A0Fyeyy1RBrMfATWShL1/0D+mnhrG
tfzznRdXwtol04doe+1P3hIv+TSvwD+VemnfvS8FllEOLs+GXwsiXLzGzawGSkWe
04o3KLCCulOoQA==
-----END CERTIFICATE-----