Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
File:                     OYk2YD7bhVi2GYI8B36euGlHWLI.mft (raw, json)
Hash identifier:          LDw2q6+RzCWEVJTbtobEyyWKkABfNyEAe2oiiSWBZdk=
Subject key identifier:   71:B3:54:E3:19:F3:8A:75:29:18:86:18:63:7A:05:01:0A:A6:EB:B2
Authority key identifier: 39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2
Certificate issuer:       /CN=398936603edb8558b619823c077e9eb8694758b2
Certificate serial:       019511A29C962314F9D1CD7FD9FFAD5BD05A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
Manifest number:          0353
Signing time:             Mon 17 Feb 2025 02:00:24 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:24 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:24 +0000
Files and hashes:         1: OYk2YD7bhVi2GYI8B36euGlHWLI.crl (hash: ucLACNQtVpO+1doDpegPFCeIHyLn22j8PzbtknVtMKg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:9c:96:23:14:f9:d1:cd:7f:d9:ff:ad:5b:d0:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=398936603edb8558b619823c077e9eb8694758b2
        Validity
            Not Before: Feb 17 02:00:24 2025 GMT
            Not After : Feb 18 02:00:24 2025 GMT
        Subject: CN=71b354e319f38a7529188618637a05010aa6ebb2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:1a:f4:2d:e7:33:d1:74:6e:94:ed:e0:74:42:
                    c2:65:0f:f7:92:98:b5:23:26:6c:44:98:a2:85:ec:
                    45:03:85:a3:f1:d1:e4:4b:5e:05:82:22:14:66:46:
                    27:68:95:4d:22:18:56:cd:94:fc:02:94:11:05:a7:
                    3d:50:f9:ad:98:17:70:85:46:9a:71:bd:cb:27:a6:
                    f0:e4:42:13:61:83:1d:7a:38:50:74:96:70:bc:c9:
                    7a:aa:ad:e8:18:9c:56:af:43:a6:b2:82:03:4f:2b:
                    9d:0e:f3:10:70:8d:88:58:2a:96:1d:f0:67:89:e6:
                    d7:8a:a7:76:67:ac:08:2e:94:c4:13:12:e4:f1:da:
                    04:69:83:4c:68:6a:66:a7:20:de:d8:50:46:d4:af:
                    d2:da:03:4f:0c:ac:56:b6:14:43:6a:e1:cb:07:5d:
                    a6:08:b8:dd:d1:be:a9:b8:1f:a9:e0:1b:c1:a0:be:
                    24:44:74:df:bd:a1:61:91:bd:40:b8:51:af:e1:e7:
                    6b:d0:99:6b:3d:0d:61:cd:69:c5:ee:78:65:c0:89:
                    23:b6:8c:55:55:15:fb:08:eb:37:c8:92:24:45:b8:
                    8b:b1:13:ad:b9:29:a1:cb:b6:c1:2c:ee:d6:61:f7:
                    53:e1:91:20:7c:df:32:9d:f4:42:38:c6:42:0e:96:
                    2f:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:B3:54:E3:19:F3:8A:75:29:18:86:18:63:7A:05:01:0A:A6:EB:B2
            X509v3 Authority Key Identifier:
                keyid:39:89:36:60:3E:DB:85:58:B6:19:82:3C:07:7E:9E:B8:69:47:58:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OYk2YD7bhVi2GYI8B36euGlHWLI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/dd70a4-1ce5-4048-a106-20b1e2e5be48/1/OYk2YD7bhVi2GYI8B36euGlHWLI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1a:04:2c:65:6c:56:39:2a:58:a6:d4:b3:51:3e:f9:49:2b:2f:
         21:71:79:3a:3e:ad:78:ef:8e:cc:01:2f:ea:bc:94:35:3f:2b:
         7d:d0:55:08:16:a9:37:af:4e:2f:2e:71:e6:0f:9d:4b:ad:f2:
         c2:95:cc:42:2b:1c:fd:8b:a1:3a:24:92:f4:21:6a:fe:d8:37:
         b5:2b:b8:45:58:17:2f:37:de:0d:49:3f:f8:cf:1f:d0:07:52:
         ce:ca:92:d6:40:94:5e:61:e5:28:ae:e2:d6:2c:69:d3:c6:f9:
         90:cd:60:fe:4a:9a:7c:93:1e:92:91:d1:b5:f3:ff:20:85:aa:
         55:25:e9:95:f0:43:85:9f:59:ba:c3:e9:94:9d:60:e7:64:fc:
         0f:e2:a7:ff:39:0a:3e:4e:5a:b1:80:5f:be:5b:42:e4:f7:5a:
         41:6a:8f:78:d7:10:2f:f7:8f:14:3b:8f:8b:d5:88:6f:6a:56:
         a8:2b:d6:00:c4:ca:1c:af:97:ab:1c:79:06:c5:92:44:72:da:
         a4:97:a7:b5:e1:34:97:25:b4:ee:e6:e2:4b:2d:8a:97:92:57:
         79:0a:cf:ab:dd:cf:14:d0:cc:14:4d:5b:1a:14:03:d1:0b:f9:
         f9:cf:32:4a:69:55:27:17:3e:5d:7e:a1:c6:0a:89:86:c5:11:
         24:e1:ef:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURopyWIxT50c1/2f+tW9BaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ODkzNjYwM2VkYjg1NThiNjE5ODIzYzA3N2U5ZWI4Njk0
NzU4YjIwHhcNMjUwMjE3MDIwMDI0WhcNMjUwMjE4MDIwMDI0WjAzMTEwLwYDVQQD
Eyg3MWIzNTRlMzE5ZjM4YTc1MjkxODg2MTg2MzdhMDUwMTBhYTZlYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBr0Lecz0XRulO3gdELCZQ/3kpi1
IyZsRJiihexFA4Wj8dHkS14FgiIUZkYnaJVNIhhWzZT8ApQRBac9UPmtmBdwhUaa
cb3LJ6bw5EITYYMdejhQdJZwvMl6qq3oGJxWr0OmsoIDTyudDvMQcI2IWCqWHfBn
iebXiqd2Z6wILpTEExLk8doEaYNMaGpmpyDe2FBG1K/S2gNPDKxWthRDauHLB12m
CLjd0b6puB+p4BvBoL4kRHTfvaFhkb1AuFGv4edr0JlrPQ1hzWnF7nhlwIkjtoxV
VRX7COs3yJIkRbiLsROtuSmhy7bBLO7WYfdT4ZEgfN8ynfRCOMZCDpYvFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGzVOMZ84p1KRiGGGN6BQEKpuuyMB8GA1UdIwQY
MBaAFDmJNmA+24VYthmCPAd+nrhpR1iyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYt
MjBiMWUyZTViZTQ4LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kZDcwYTQtMWNlNS00MDQ4LWExMDYtMjBiMWUyZTViZTQ4
LzEvT1lrMllEN2JoVmkyR1lJOEIzNmV1R2xIV0xJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGgQsZWxW
OSpYptSzUT75SSsvIXF5Oj6teO+OzAEv6ryUNT8rfdBVCBapN69OLy5x5g+dS63y
wpXMQisc/YuhOiSS9CFq/tg3tSu4RVgXLzfeDUk/+M8f0AdSzsqS1kCUXmHlKK7i
1ixp08b5kM1g/kqafJMekpHRtfP/IIWqVSXplfBDhZ9ZusPplJ1g52T8D+Kn/zkK
Pk5asYBfvltC5PdaQWqPeNcQL/ePFDuPi9WIb2pWqCvWAMTKHK+Xqxx5BsWSRHLa
pJenteE0lyW07ubiSy2Kl5JXeQrPq93PFNDMFE1bGhQD0Qv5+c8ySmlVJxc+XX6h
xgqJhsURJOHvLg==
-----END CERTIFICATE-----