Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          4M8inc6nYzHQ/jgMsmzJhkkbOTY45Xz/c0yRnlirKNY=
Subject key identifier:   74:8E:DD:51:38:A3:C8:59:F5:92:74:93:41:19:5B:91:E6:AD:1D:40
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       019358797BF32C384CF322EDAD0C281F9F49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          0BE0
Signing time:             Sat 23 Nov 2024 10:02:56 +0000
Manifest this update:     Sat 23 Nov 2024 10:02:56 +0000
Manifest next update:     Sun 24 Nov 2024 10:02:56 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: YQ1AEPGOqIR5U3oOZD6mf+Fp4IMi6HpWFRbByiiek/s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:58:79:7b:f3:2c:38:4c:f3:22:ed:ad:0c:28:1f:9f:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: Nov 23 10:02:56 2024 GMT
            Not After : Nov 24 10:02:56 2024 GMT
        Subject: CN=748edd5138a3c859f592749341195b91e6ad1d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8b:44:b4:65:fe:59:24:98:26:81:2c:05:55:
                    99:02:8b:d8:ba:04:15:54:a0:40:46:a1:35:f1:03:
                    74:71:dc:14:8b:3b:46:c0:70:3f:34:93:f0:60:c5:
                    be:90:41:95:c7:4e:d2:e5:fa:c0:83:87:16:a9:ee:
                    b7:b1:55:4e:cd:19:5b:95:b9:3c:a0:ae:88:0c:50:
                    fd:4c:c2:70:ed:76:29:75:db:70:71:e1:00:6a:c1:
                    81:af:11:11:30:1a:55:34:ef:01:c0:30:5b:6e:57:
                    bc:b7:18:e0:94:7a:3f:bc:78:f9:27:cb:0a:51:2d:
                    99:f6:89:19:52:c9:7c:56:17:1f:7e:2b:5a:bc:49:
                    ab:b9:f8:f1:f4:65:f7:c6:41:1f:78:9b:ed:67:46:
                    f3:e4:8c:45:4b:e1:cb:d6:52:40:3a:4b:c8:1f:19:
                    6a:61:27:41:cb:44:e7:38:4d:c4:6e:79:8d:27:d7:
                    f5:84:49:e5:4d:e8:21:c7:e6:bf:34:47:72:d4:5e:
                    c2:66:a9:4b:e2:98:b6:ce:01:a1:0c:ac:30:9d:b7:
                    aa:ba:68:8f:78:08:97:a0:85:fb:bb:37:28:94:55:
                    27:8d:ba:41:ee:c5:70:48:5d:51:70:51:a9:a6:5c:
                    d5:5e:1d:e7:1e:55:c3:6f:ff:fc:cd:a5:3d:aa:ca:
                    d4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:8E:DD:51:38:A3:C8:59:F5:92:74:93:41:19:5B:91:E6:AD:1D:40
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b7:51:d4:d6:f0:35:21:ff:4e:0a:d6:89:d3:1e:67:5a:88:ea:
         9f:cd:45:5b:22:9a:b2:61:9f:90:89:0a:fe:2c:37:02:c0:40:
         51:37:73:ea:12:79:b5:ed:9d:46:f3:d6:bd:f3:ec:1c:92:40:
         98:fa:d5:43:52:07:8d:6b:12:18:10:57:8f:40:82:95:0c:86:
         a7:b3:06:f1:cf:d6:74:d6:19:30:93:68:f0:cb:57:2e:60:41:
         de:84:ba:ec:b9:66:24:51:56:4e:9e:7b:55:5c:ec:ee:1c:e9:
         53:6d:ca:01:0d:56:31:04:cb:af:86:f8:34:15:98:7b:1b:07:
         8c:ca:71:5a:d0:7d:19:4e:d2:33:bd:d2:7c:ef:11:ab:75:8f:
         23:25:0a:30:d5:9a:89:35:c3:60:3a:7a:47:1c:1d:7d:1f:c2:
         d2:d1:54:68:2c:db:65:95:af:b0:ec:41:c8:32:08:b5:a1:9e:
         ce:61:0d:dd:d9:34:8d:30:98:6b:62:f9:6a:55:7d:51:2e:23:
         b3:6d:4e:03:01:fe:4e:41:af:67:b8:ab:47:30:26:19:0c:93:
         ef:b2:2c:13:4b:97:3d:e3:0f:78:b1:20:71:7d:a8:24:c8:0a:
         3b:dc:9d:a2:a0:b4:a9:e7:05:9c:6c:3a:40:ab:ed:e0:9f:12:
         b7:5d:6b:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNYeXvzLDhM8yLtrQwoH59JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjQxMTIzMTAwMjU2WhcNMjQxMTI0MTAwMjU2WjAzMTEwLwYDVQQD
Eyg3NDhlZGQ1MTM4YTNjODU5ZjU5Mjc0OTM0MTE5NWI5MWU2YWQxZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYtEtGX+WSSYJoEsBVWZAovYugQV
VKBARqE18QN0cdwUiztGwHA/NJPwYMW+kEGVx07S5frAg4cWqe63sVVOzRlblbk8
oK6IDFD9TMJw7XYpddtwceEAasGBrxERMBpVNO8BwDBbble8txjglHo/vHj5J8sK
US2Z9okZUsl8VhcffitavEmrufjx9GX3xkEfeJvtZ0bz5IxFS+HL1lJAOkvIHxlq
YSdBy0TnOE3EbnmNJ9f1hEnlTeghx+a/NEdy1F7CZqlL4pi2zgGhDKwwnbequmiP
eAiXoIX7uzcolFUnjbpB7sVwSF1RcFGpplzVXh3nHlXDb//8zaU9qsrUuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHSO3VE4o8hZ9ZJ0k0EZW5HmrR1AMB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt1HU1vA1
If9OCtaJ0x5nWojqn81FWyKasmGfkIkK/iw3AsBAUTdz6hJ5te2dRvPWvfPsHJJA
mPrVQ1IHjWsSGBBXj0CClQyGp7MG8c/WdNYZMJNo8MtXLmBB3oS67LlmJFFWTp57
VVzs7hzpU23KAQ1WMQTLr4b4NBWYexsHjMpxWtB9GU7SM73SfO8Rq3WPIyUKMNWa
iTXDYDp6RxwdfR/C0tFUaCzbZZWvsOxByDIItaGezmEN3dk0jTCYa2L5alV9US4j
s21OAwH+TkGvZ7irRzAmGQyT77IsE0uXPeMPeLEgcX2oJMgKO9ydoqC0qecFnGw6
QKvt4J8St11rRw==
-----END CERTIFICATE-----