Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
File:                     OWpY9F0OyAFfoyauWP9YAzKJv50.mft (raw, json)
Hash identifier:          SBqJWXhbf7pwujoUuXqknmYczM4wDXz8D3ncJKbFO6c=
Subject key identifier:   59:F3:51:99:D7:41:D5:DE:71:67:68:E8:31:CA:EE:A0:FE:7A:31:07
Authority key identifier: 39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D
Certificate issuer:       /CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
Certificate serial:       019043411FC35DED694AD2E541B673CF814C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
Manifest number:          11D6
Signing time:             Sun 23 Jun 2024 04:00:59 +0000
Manifest this update:     Sun 23 Jun 2024 04:00:59 +0000
Manifest next update:     Mon 24 Jun 2024 04:00:59 +0000
Files and hashes:         1: OWpY9F0OyAFfoyauWP9YAzKJv50.crl (hash: +JDib0g+pWQqEc2ZnBTdh0qBZl5Fuwq0BZgdWOScG3s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 24 Jun 2024 04:00:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:43:41:1f:c3:5d:ed:69:4a:d2:e5:41:b6:73:cf:81:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396a58f45d0ec8015fa326ae58ff58033289bf9d
        Validity
            Not Before: Jun 23 04:00:59 2024 GMT
            Not After : Jun 24 04:00:59 2024 GMT
        Subject: CN=59f35199d741d5de716768e831caeea0fe7a3107
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ca:2e:60:18:94:f3:74:12:9c:7c:ac:6b:40:
                    a5:e2:35:fd:f5:d0:05:85:3b:56:dd:ce:42:6e:2b:
                    ee:0c:7e:d5:ab:a9:6f:86:a6:32:9c:02:d1:ca:7a:
                    a9:68:10:a5:2c:7b:52:64:21:f8:ab:eb:c9:09:4e:
                    60:a8:95:74:08:2a:af:96:73:2b:af:0d:cd:64:45:
                    5e:f7:68:85:d5:39:3f:a6:34:e0:35:04:26:6d:be:
                    11:b2:4a:88:da:94:7e:49:d1:ba:84:7c:e7:f0:47:
                    3f:23:30:78:98:ab:7a:ca:1b:51:66:80:b0:38:f2:
                    40:fa:f0:40:75:53:07:f0:ee:f4:58:19:d3:18:51:
                    0a:b4:c2:ca:c4:65:37:70:b3:b9:26:ae:1c:17:3b:
                    cc:56:6a:d7:f5:95:6f:d5:15:a7:54:75:6d:c1:6f:
                    50:81:7f:04:c2:4a:9f:55:af:11:aa:93:b1:e9:7e:
                    c2:4c:ca:81:09:60:b3:b3:b3:44:10:3d:7f:aa:84:
                    71:b1:89:d1:4f:ef:02:47:7f:64:66:68:f3:64:87:
                    2c:86:39:0c:54:8e:11:f0:07:e6:5e:ff:ad:eb:da:
                    72:9b:86:64:e3:8e:e4:b3:57:f4:4a:dd:d3:be:f0:
                    3f:1f:4a:de:c2:79:8b:02:ab:1a:a9:c9:60:d4:3d:
                    48:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:F3:51:99:D7:41:D5:DE:71:67:68:E8:31:CA:EE:A0:FE:7A:31:07
            X509v3 Authority Key Identifier:
                keyid:39:6A:58:F4:5D:0E:C8:01:5F:A3:26:AE:58:FF:58:03:32:89:BF:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWpY9F0OyAFfoyauWP9YAzKJv50.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/495c34-95f9-495e-b1c8-474f2cf6e62a/1/OWpY9F0OyAFfoyauWP9YAzKJv50.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         31:4e:50:7c:84:00:b1:20:ad:53:b6:66:e5:38:7a:c6:38:7d:
         de:c5:ca:f9:d6:3c:a1:6a:16:5c:b6:31:e0:e8:63:38:d7:eb:
         d0:b1:60:63:81:08:71:65:29:7f:72:40:90:96:d0:15:34:81:
         45:fd:05:4a:b4:aa:db:a9:4b:28:11:e9:80:5b:a0:4f:5d:51:
         44:7c:f4:d3:8a:de:b3:ea:5e:4e:94:14:37:e2:56:69:c1:cf:
         91:73:11:0a:8c:b4:12:26:63:0f:73:76:a2:5b:82:2e:bf:c0:
         c0:c9:2c:83:a5:2c:1d:5a:a3:8f:df:32:68:90:ac:fb:08:a7:
         64:83:22:b5:63:c0:a2:99:2d:0b:19:a7:db:b8:09:e3:c7:ea:
         ce:fc:31:fa:ea:50:29:bd:96:81:44:58:af:7c:71:45:d9:ef:
         34:5d:9d:60:a1:16:f8:db:e5:22:50:ac:a1:06:a6:58:00:d0:
         a5:aa:a7:c2:48:30:17:67:7c:1d:55:f0:66:98:7d:cb:cd:1e:
         91:be:e0:48:b5:0b:43:10:bf:c4:21:bd:d6:14:d8:eb:bf:56:
         12:de:8c:46:01:3d:0f:f2:14:11:75:2b:53:24:f9:a1:c3:c4:
         18:b7:d1:d2:bf:5a:10:79:4d:ec:c5:2a:ce:57:05:6b:e8:7c:
         c0:87:c6:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZBDQR/DXe1pStLlQbZzz4FMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NmE1OGY0NWQwZWM4MDE1ZmEzMjZhZTU4ZmY1ODAzMzI4
OWJmOWQwHhcNMjQwNjIzMDQwMDU5WhcNMjQwNjI0MDQwMDU5WjAzMTEwLwYDVQQD
Eyg1OWYzNTE5OWQ3NDFkNWRlNzE2NzY4ZTgzMWNhZWVhMGZlN2EzMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8ouYBiU83QSnHysa0Cl4jX99dAF
hTtW3c5CbivuDH7Vq6lvhqYynALRynqpaBClLHtSZCH4q+vJCU5gqJV0CCqvlnMr
rw3NZEVe92iF1Tk/pjTgNQQmbb4RskqI2pR+SdG6hHzn8Ec/IzB4mKt6yhtRZoCw
OPJA+vBAdVMH8O70WBnTGFEKtMLKxGU3cLO5Jq4cFzvMVmrX9ZVv1RWnVHVtwW9Q
gX8EwkqfVa8RqpOx6X7CTMqBCWCzs7NEED1/qoRxsYnRT+8CR39kZmjzZIcshjkM
VI4R8AfmXv+t69pym4Zk447ks1f0St3TvvA/H0rewnmLAqsaqclg1D1IkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFnzUZnXQdXecWdo6DHK7qD+ejEHMB8GA1UdIwQY
MBaAFDlqWPRdDsgBX6Mmrlj/WAMyib+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgt
NDc0ZjJjZjZlNjJhLzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80OTVjMzQtOTVmOS00OTVlLWIxYzgtNDc0ZjJjZjZlNjJh
LzEvT1dwWTlGME95QUZmb3lhdVdQOVlBektKdjUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMU5QfIQA
sSCtU7Zm5Th6xjh93sXK+dY8oWoWXLYx4OhjONfr0LFgY4EIcWUpf3JAkJbQFTSB
Rf0FSrSq26lLKBHpgFugT11RRHz004res+peTpQUN+JWacHPkXMRCoy0EiZjD3N2
oluCLr/AwMksg6UsHVqjj98yaJCs+winZIMitWPAopktCxmn27gJ48fqzvwx+upQ
Kb2WgURYr3xxRdnvNF2dYKEW+NvlIlCsoQamWADQpaqnwkgwF2d8HVXwZph9y80e
kb7gSLULQxC/xCG91hTY679WEt6MRgE9D/IUEXUrUyT5ocPEGLfR0r9aEHlN7MUq
zlcFa+h8wIfGJw==
-----END CERTIFICATE-----