Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.mft
File:                     CNOBziQjEGGBXzIEPGUiZq272GU.mft (raw, json)
Hash identifier:          eEUTdh58aU3chiE5H2oQyYjrC4lcSA4gmzwsNDVme3w=
Subject key identifier:   5F:07:71:7E:28:25:89:51:49:A9:F3:0E:0B:25:D1:38:15:8E:C8:47
Authority key identifier: 08:D3:81:CE:24:23:10:61:81:5F:32:04:3C:65:22:66:AD:BB:D8:65
Certificate issuer:       /CN=08d381ce24231061815f32043c652266adbbd865
Certificate serial:       0193572DEA6555316964D8E9200A9908DB8A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CNOBziQjEGGBXzIEPGUiZq272GU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.mft
Manifest number:          1136
Signing time:             Sat 23 Nov 2024 04:00:47 +0000
Manifest this update:     Sat 23 Nov 2024 04:00:47 +0000
Manifest next update:     Sun 24 Nov 2024 04:00:47 +0000
Files and hashes:         1: CNOBziQjEGGBXzIEPGUiZq272GU.crl (hash: +4wJ0Z52psYyLmSs7fAh+wlOsF4kZhTSUJGudGb6ynQ=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/CNOBziQjEGGBXzIEPGUiZq272GU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 04:00:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:2d:ea:65:55:31:69:64:d8:e9:20:0a:99:08:db:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08d381ce24231061815f32043c652266adbbd865
        Validity
            Not Before: Nov 23 04:00:47 2024 GMT
            Not After : Nov 24 04:00:47 2024 GMT
        Subject: CN=5f07717e2825895149a9f30e0b25d138158ec847
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:00:a9:52:b6:43:64:bb:82:31:23:16:52:cc:
                    c2:9c:bb:57:7c:72:8b:b8:90:69:6e:44:17:15:23:
                    60:f8:85:63:7e:2c:21:b3:1d:be:a2:2c:51:7f:05:
                    87:e7:a8:62:6b:3f:bb:c1:6d:de:8d:8b:33:f0:92:
                    18:fa:74:b6:03:53:65:9c:21:f7:8a:6b:28:3b:76:
                    fd:75:5a:b5:28:ce:89:c5:14:73:15:b4:e3:d7:50:
                    8b:d1:2c:3f:e8:66:2d:b7:46:56:2e:08:9d:0e:5b:
                    c1:fc:9d:a0:ee:13:a9:71:23:70:5c:23:cb:7b:1c:
                    d3:12:aa:3f:28:2e:b6:24:56:c3:70:41:15:ee:ac:
                    9a:6e:14:44:fc:2c:67:c0:a7:5b:68:49:7b:c2:ed:
                    39:25:84:d1:82:43:e5:e1:99:e7:ac:d2:b1:67:b4:
                    80:18:2f:5a:4d:e8:09:62:0b:85:ff:a2:dd:9d:98:
                    dd:08:86:68:e3:00:e1:d7:b6:b1:f1:fd:d0:c2:76:
                    d8:6a:74:ea:64:5e:91:94:18:81:ac:88:bb:7c:77:
                    c1:3a:64:09:eb:1f:1e:fc:c0:1a:f0:62:e2:4b:44:
                    02:cc:20:83:19:08:59:22:9e:e5:3d:f2:7c:d4:12:
                    99:19:e8:49:1f:c3:4d:fc:12:26:1f:64:44:94:83:
                    93:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:07:71:7E:28:25:89:51:49:A9:F3:0E:0B:25:D1:38:15:8E:C8:47
            X509v3 Authority Key Identifier:
                keyid:08:D3:81:CE:24:23:10:61:81:5F:32:04:3C:65:22:66:AD:BB:D8:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNOBziQjEGGBXzIEPGUiZq272GU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/5b7ef8-e71f-429e-aadf-6cb78e95ab44/1/CNOBziQjEGGBXzIEPGUiZq272GU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8f:1f:bb:84:e8:13:21:5b:e0:d7:fc:bc:fb:d9:ca:b1:9b:cc:
         4f:dc:76:44:c1:1a:7b:dc:ea:e6:39:09:78:ec:a8:1e:35:15:
         89:19:cf:af:77:5a:33:c4:a3:8f:0e:d7:80:36:13:99:2a:44:
         3d:53:b8:4d:c3:b8:a9:d5:8b:7c:83:7e:8a:c6:7a:83:fb:a7:
         04:20:b4:4a:f7:b6:aa:78:8e:0e:c0:a8:f4:75:fd:40:67:a4:
         6b:71:b1:9b:5d:0a:e3:1c:fa:9e:01:e9:ea:e8:c8:f7:3d:6a:
         e3:bd:42:a1:9b:03:36:fa:bc:9b:bb:87:bb:d2:e4:48:76:85:
         a2:94:5f:1d:64:5b:f2:f3:85:11:b0:1c:5c:3f:5a:90:5d:51:
         37:87:de:95:90:c0:e1:cc:3d:96:58:f3:42:04:a2:67:1f:5d:
         89:e7:5b:c5:8b:4b:58:b6:f0:f5:3a:00:7b:18:6f:f2:1b:19:
         25:d9:84:c8:47:5e:58:fa:36:15:ae:d2:73:f7:83:b0:58:ae:
         df:b9:86:ca:b3:ea:20:04:d3:3e:67:73:1b:b1:80:2c:d5:b4:
         84:a1:58:3d:25:30:55:26:b7:f3:7c:bd:84:b2:63:3a:38:a1:
         6a:18:47:41:51:a6:0d:40:35:20:81:b4:10:5e:6c:2e:d6:24:
         ca:f2:79:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXLeplVTFpZNjpIAqZCNuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDM4MWNlMjQyMzEwNjE4MTVmMzIwNDNjNjUyMjY2YWRi
YmQ4NjUwHhcNMjQxMTIzMDQwMDQ3WhcNMjQxMTI0MDQwMDQ3WjAzMTEwLwYDVQQD
Eyg1ZjA3NzE3ZTI4MjU4OTUxNDlhOWYzMGUwYjI1ZDEzODE1OGVjODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgCpUrZDZLuCMSMWUszCnLtXfHKL
uJBpbkQXFSNg+IVjfiwhsx2+oixRfwWH56hiaz+7wW3ejYsz8JIY+nS2A1NlnCH3
imsoO3b9dVq1KM6JxRRzFbTj11CL0Sw/6GYtt0ZWLgidDlvB/J2g7hOpcSNwXCPL
exzTEqo/KC62JFbDcEEV7qyabhRE/CxnwKdbaEl7wu05JYTRgkPl4ZnnrNKxZ7SA
GC9aTegJYguF/6LdnZjdCIZo4wDh17ax8f3QwnbYanTqZF6RlBiBrIi7fHfBOmQJ
6x8e/MAa8GLiS0QCzCCDGQhZIp7lPfJ81BKZGehJH8NN/BImH2RElIOT7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8HcX4oJYlRSanzDgsl0TgVjshHMB8GA1UdIwQY
MBaAFAjTgc4kIxBhgV8yBDxlImatu9hlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05PQnppUWpFR0dCWHpJRVBHVWlacTI3MkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS81YjdlZjgtZTcxZi00MjllLWFhZGYt
NmNiNzhlOTVhYjQ0LzEvQ05PQnppUWpFR0dCWHpJRVBHVWlacTI3MkdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS81YjdlZjgtZTcxZi00MjllLWFhZGYtNmNiNzhlOTVhYjQ0
LzEvQ05PQnppUWpFR0dCWHpJRVBHVWlacTI3MkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjx+7hOgT
IVvg1/y8+9nKsZvMT9x2RMEae9zq5jkJeOyoHjUViRnPr3daM8Sjjw7XgDYTmSpE
PVO4TcO4qdWLfIN+isZ6g/unBCC0Sve2qniODsCo9HX9QGeka3Gxm10K4xz6ngHp
6ujI9z1q471CoZsDNvq8m7uHu9LkSHaFopRfHWRb8vOFEbAcXD9akF1RN4felZDA
4cw9lljzQgSiZx9diedbxYtLWLbw9ToAexhv8hsZJdmEyEdeWPo2Fa7Sc/eDsFiu
37mGyrPqIATTPmdzG7GALNW0hKFYPSUwVSa383y9hLJjOjihahhHQVGmDUA1IIG0
EF5sLtYkyvJ5PQ==
-----END CERTIFICATE-----