Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
File:                     obfHtAmGdKBPsXeELOxO65v4nh4.mft (raw, json)
Hash identifier:          tK7HjPQUuViNQLrJ8uAbSqGtYxHrtEON09qskWB3cUw=
Subject key identifier:   10:BF:CB:A3:94:BC:22:8B:11:C9:4E:00:37:1F:29:66:73:04:B3:56
Authority key identifier: A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E
Certificate issuer:       /CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
Certificate serial:       019369DB0382A13DEE00431959A717468436
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
Manifest number:          1377
Signing time:             Tue 26 Nov 2024 19:03:01 +0000
Manifest this update:     Tue 26 Nov 2024 19:03:01 +0000
Manifest next update:     Wed 27 Nov 2024 19:03:01 +0000
Files and hashes:         1: obfHtAmGdKBPsXeELOxO65v4nh4.crl (hash: DBJRXON0bZQC5sJ3+e31fwqcuJkjMC1EaQoDHJmVirE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:db:03:82:a1:3d:ee:00:43:19:59:a7:17:46:84:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1b7c7b4098674a04fb177842cec4eeb9bf89e1e
        Validity
            Not Before: Nov 26 19:03:01 2024 GMT
            Not After : Nov 27 19:03:01 2024 GMT
        Subject: CN=10bfcba394bc228b11c94e00371f29667304b356
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:70:40:ba:8f:30:92:4f:83:f9:d9:cb:78:64:
                    79:57:33:85:00:86:a7:b1:87:0a:bf:fd:67:3a:0e:
                    bc:df:90:3f:43:8c:4d:01:7d:09:89:29:c5:4c:60:
                    e3:1b:76:53:26:68:c5:7a:7d:85:8f:bb:ce:ab:1f:
                    98:aa:f1:30:e4:74:50:d0:bb:ec:89:79:1c:26:fe:
                    14:d2:57:4d:f6:ee:be:71:50:33:63:19:47:6c:41:
                    35:5f:96:27:c2:40:9e:a9:24:25:4e:f7:b8:a0:2f:
                    11:7a:dd:eb:fe:f5:a3:5d:6f:6d:ce:26:e1:b2:b1:
                    48:5a:10:ed:d8:a4:00:92:1d:36:11:dd:b2:31:be:
                    74:b9:8c:e1:7d:8b:93:db:2a:5b:1a:67:71:7f:81:
                    89:e1:84:0d:79:36:c7:38:2e:0d:da:a3:c3:2e:d7:
                    cc:25:bd:a0:d7:dd:32:98:b8:69:bc:ae:e1:5d:66:
                    d1:ed:c7:9a:f3:eb:2a:74:86:f1:77:7c:2c:65:fe:
                    d3:f5:12:96:83:97:fb:3d:ad:4e:d5:3c:84:1c:d9:
                    64:59:e5:32:33:ef:89:2d:87:21:50:ca:23:d5:40:
                    de:a4:1b:4d:a4:57:ab:52:08:9e:f8:2a:a8:f4:3b:
                    97:c7:17:b6:59:60:6b:c9:2e:58:5a:9f:37:8b:b7:
                    65:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:BF:CB:A3:94:BC:22:8B:11:C9:4E:00:37:1F:29:66:73:04:B3:56
            X509v3 Authority Key Identifier:
                keyid:A1:B7:C7:B4:09:86:74:A0:4F:B1:77:84:2C:EC:4E:EB:9B:F8:9E:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obfHtAmGdKBPsXeELOxO65v4nh4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/85ae1b-b077-448e-a328-7c05a1ff549b/1/obfHtAmGdKBPsXeELOxO65v4nh4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:5a:51:71:d9:ac:56:e0:39:c6:04:5a:79:fa:49:20:dd:21:
         34:ea:02:86:ec:ff:ba:b7:4d:c0:14:01:fe:7e:24:94:b3:4b:
         59:08:e8:3d:be:f5:e8:b6:90:38:d3:ed:11:7a:4a:1f:c1:18:
         fa:ae:a9:03:c4:e0:c1:7d:37:2a:bd:83:e8:d1:0f:14:9f:7e:
         ba:a2:98:df:9c:a4:b4:67:fb:6d:36:af:08:07:3a:e3:1a:3d:
         29:0d:14:e0:e1:6d:17:64:ff:31:5b:ec:39:02:74:fb:72:9b:
         a1:79:1e:8c:4f:9b:0a:43:af:eb:6c:6b:8e:ca:ce:32:e0:75:
         46:3a:8e:a8:98:6c:2a:36:85:3d:f9:f0:16:b0:4b:fc:84:ce:
         91:e9:0e:64:d0:e1:27:7b:3c:f6:09:7e:4f:67:ae:66:df:d1:
         93:8a:98:d0:2b:89:ca:26:4f:b9:e0:89:78:25:58:79:cc:38:
         be:24:a0:4c:5b:82:80:38:ee:14:93:b7:92:ee:b1:a8:04:70:
         ce:ec:54:b7:33:19:46:bd:b0:b3:f8:b8:6f:b7:4b:50:af:b2:
         16:42:68:43:fe:95:8f:b2:7e:c1:8e:46:01:8c:fb:9c:99:02:
         e7:1a:54:67:e1:54:a5:f0:b9:23:6f:e0:61:d6:47:86:ba:05:
         7a:52:23:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNp2wOCoT3uAEMZWacXRoQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYjdjN2I0MDk4Njc0YTA0ZmIxNzc4NDJjZWM0ZWViOWJm
ODllMWUwHhcNMjQxMTI2MTkwMzAxWhcNMjQxMTI3MTkwMzAxWjAzMTEwLwYDVQQD
EygxMGJmY2JhMzk0YmMyMjhiMTFjOTRlMDAzNzFmMjk2NjczMDRiMzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3BAuo8wkk+D+dnLeGR5VzOFAIan
sYcKv/1nOg6835A/Q4xNAX0JiSnFTGDjG3ZTJmjFen2Fj7vOqx+YqvEw5HRQ0Lvs
iXkcJv4U0ldN9u6+cVAzYxlHbEE1X5YnwkCeqSQlTve4oC8Ret3r/vWjXW9tzibh
srFIWhDt2KQAkh02Ed2yMb50uYzhfYuT2ypbGmdxf4GJ4YQNeTbHOC4N2qPDLtfM
Jb2g190ymLhpvK7hXWbR7cea8+sqdIbxd3wsZf7T9RKWg5f7Pa1O1TyEHNlkWeUy
M++JLYchUMoj1UDepBtNpFerUgie+Cqo9DuXxxe2WWBryS5YWp83i7dlAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBC/y6OUvCKLEclOADcfKWZzBLNWMB8GA1UdIwQY
MBaAFKG3x7QJhnSgT7F3hCzsTuub+J4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgt
N2MwNWExZmY1NDliLzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84NWFlMWItYjA3Ny00NDhlLWEzMjgtN2MwNWExZmY1NDli
LzEvb2JmSHRBbUdkS0JQc1hlRUxPeE82NXY0bmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVFpRcdms
VuA5xgRaefpJIN0hNOoChuz/urdNwBQB/n4klLNLWQjoPb716LaQONPtEXpKH8EY
+q6pA8TgwX03Kr2D6NEPFJ9+uqKY35yktGf7bTavCAc64xo9KQ0U4OFtF2T/MVvs
OQJ0+3KboXkejE+bCkOv62xrjsrOMuB1RjqOqJhsKjaFPfnwFrBL/ITOkekOZNDh
J3s89gl+T2euZt/Rk4qY0CuJyiZPueCJeCVYecw4viSgTFuCgDjuFJO3ku6xqARw
zuxUtzMZRr2ws/i4b7dLUK+yFkJoQ/6Vj7J+wY5GAYz7nJkC5xpUZ+FUpfC5I2/g
YdZHhroFelIjug==
-----END CERTIFICATE-----