Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
File:                     OstMHbOigqLFrhaULo1gYb50UWs.mft (raw, json)
Hash identifier:          3rX5G2lmiIwnVPBCVwj4jMrRACMuSp9PS1+Bvx9TJWw=
Subject key identifier:   9A:6A:39:76:CD:32:5D:9F:B8:FF:79:3A:92:F7:04:6A:61:71:8C:F8
Authority key identifier: 3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B
Certificate issuer:       /CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
Certificate serial:       018F874AB66E1E498374809936AEE7C0BCAB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
Manifest number:          09E6
Signing time:             Fri 17 May 2024 16:02:51 +0000
Manifest this update:     Fri 17 May 2024 16:02:51 +0000
Manifest next update:     Sat 18 May 2024 16:02:51 +0000
Files and hashes:         1: OstMHbOigqLFrhaULo1gYb50UWs.crl (hash: QAtMj7TW9nh0jXT+wBerIgFltZL9GRMSKpPLH2ulSeI=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:02:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:4a:b6:6e:1e:49:83:74:80:99:36:ae:e7:c0:bc:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3acb4c1db3a282a2c5ae16942e8d6061be74516b
        Validity
            Not Before: May 17 16:02:51 2024 GMT
            Not After : May 18 16:02:51 2024 GMT
        Subject: CN=9a6a3976cd325d9fb8ff793a92f7046a61718cf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:0c:ff:9b:63:de:27:12:d5:2c:1e:8c:c6:e1:
                    70:60:ff:94:00:a8:48:a2:2e:bf:1a:41:64:dc:02:
                    08:6c:1b:a5:40:74:4d:0b:f9:cf:c8:c3:b9:32:f9:
                    02:9f:96:bd:ea:8d:9e:97:01:e1:06:7d:e2:22:35:
                    f2:98:ae:ab:24:b8:c1:3e:2c:b3:5a:2e:b4:ed:68:
                    4c:d2:97:94:19:38:57:7e:55:33:ab:8b:41:d3:78:
                    79:ab:f7:a8:49:e1:8d:2a:ad:38:36:17:94:a4:8d:
                    d9:15:cf:92:fd:0c:8b:74:60:27:55:ba:b3:66:b0:
                    37:9e:6f:f3:b1:f3:ea:03:19:73:a6:93:c9:64:7a:
                    52:8f:f7:f4:45:91:d9:6f:7f:33:50:ad:42:f4:a4:
                    29:ae:de:c1:90:ae:a4:a9:a9:98:b8:ed:3f:15:3c:
                    c5:9f:d0:ab:5c:88:6e:e9:ce:29:2a:60:89:1a:46:
                    a0:94:b6:ac:ff:91:94:d9:3c:b5:09:29:8d:b7:53:
                    70:6e:f2:cd:e0:60:61:23:57:0d:e3:4c:7f:a3:b8:
                    8e:dc:0c:c7:2d:49:e5:8c:a8:33:fd:9d:47:2b:20:
                    67:1a:3e:ad:9d:da:57:c6:6a:a9:47:db:ad:10:fe:
                    68:67:99:aa:ba:e2:3a:4e:2b:27:e8:d4:e2:81:2f:
                    12:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:6A:39:76:CD:32:5D:9F:B8:FF:79:3A:92:F7:04:6A:61:71:8C:F8
            X509v3 Authority Key Identifier:
                keyid:3A:CB:4C:1D:B3:A2:82:A2:C5:AE:16:94:2E:8D:60:61:BE:74:51:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OstMHbOigqLFrhaULo1gYb50UWs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/5a82a7-8f61-4749-9118-cbf34ebca4b9/1/OstMHbOigqLFrhaULo1gYb50UWs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         30:ed:18:b6:45:07:25:7e:95:28:2d:bd:a9:11:80:07:a0:46:
         02:2a:b8:4c:22:61:ff:d3:67:51:df:25:1c:e7:43:77:a6:af:
         32:39:73:89:a6:a2:5c:cd:aa:10:ec:3b:ad:20:e3:50:6a:ae:
         15:91:30:3f:fe:a2:09:41:85:78:cc:85:5b:d2:fc:89:29:01:
         01:2d:e0:23:57:7c:16:36:de:31:44:5e:83:62:05:44:48:bb:
         62:82:b8:20:86:f1:bf:59:1b:da:af:a5:3c:2e:51:de:b6:35:
         95:f4:c4:2b:d6:83:29:f6:58:a9:27:5c:e8:93:7b:1c:df:09:
         6c:46:7a:fb:9a:2e:3f:fb:79:ee:3b:fc:5a:4a:fc:2d:dc:03:
         82:c7:fc:e0:0d:c2:8b:19:c4:d1:a4:1a:9c:4d:a3:f8:68:5b:
         04:59:db:ac:d9:8f:a9:9c:45:15:45:e9:87:87:b2:3d:29:22:
         e3:e8:a1:c1:c2:7e:2c:69:ac:ef:eb:29:50:88:86:e6:74:32:
         ee:a4:6e:0c:9c:51:6c:9c:81:69:44:b7:73:92:90:12:b3:de:
         30:34:d7:d4:18:dc:33:aa:b5:d5:c8:61:c9:ad:3d:c3:5f:e5:
         f5:b8:ef:d0:49:13:e1:0a:c7:3e:69:13:4e:29:4e:79:d1:1c:
         71:ae:21:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSrZuHkmDdICZNq7nwLyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhY2I0YzFkYjNhMjgyYTJjNWFlMTY5NDJlOGQ2MDYxYmU3
NDUxNmIwHhcNMjQwNTE3MTYwMjUxWhcNMjQwNTE4MTYwMjUxWjAzMTEwLwYDVQQD
Eyg5YTZhMzk3NmNkMzI1ZDlmYjhmZjc5M2E5MmY3MDQ2YTYxNzE4Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wz/m2PeJxLVLB6MxuFwYP+UAKhI
oi6/GkFk3AIIbBulQHRNC/nPyMO5MvkCn5a96o2elwHhBn3iIjXymK6rJLjBPiyz
Wi607WhM0peUGThXflUzq4tB03h5q/eoSeGNKq04NheUpI3ZFc+S/QyLdGAnVbqz
ZrA3nm/zsfPqAxlzppPJZHpSj/f0RZHZb38zUK1C9KQprt7BkK6kqamYuO0/FTzF
n9CrXIhu6c4pKmCJGkaglLas/5GU2Ty1CSmNt1NwbvLN4GBhI1cN40x/o7iO3AzH
LUnljKgz/Z1HKyBnGj6tndpXxmqpR9utEP5oZ5mquuI6Tisn6NTigS8S1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJpqOXbNMl2fuP95OpL3BGphcYz4MB8GA1UdIwQY
MBaAFDrLTB2zooKixa4WlC6NYGG+dFFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgt
Y2JmMzRlYmNhNGI5LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81YTgyYTctOGY2MS00NzQ5LTkxMTgtY2JmMzRlYmNhNGI5
LzEvT3N0TUhiT2lncUxGcmhhVUxvMWdZYjUwVVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMO0YtkUH
JX6VKC29qRGAB6BGAiq4TCJh/9NnUd8lHOdDd6avMjlziaaiXM2qEOw7rSDjUGqu
FZEwP/6iCUGFeMyFW9L8iSkBAS3gI1d8FjbeMUReg2IFREi7YoK4IIbxv1kb2q+l
PC5R3rY1lfTEK9aDKfZYqSdc6JN7HN8JbEZ6+5ouP/t57jv8Wkr8LdwDgsf84A3C
ixnE0aQanE2j+GhbBFnbrNmPqZxFFUXph4eyPSki4+ihwcJ+LGms7+spUIiG5nQy
7qRuDJxRbJyBaUS3c5KQErPeMDTX1BjcM6q11chhya09w1/l9bjv0EkT4QrHPmkT
TilOedEcca4h1w==
-----END CERTIFICATE-----