Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
File:                     0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft (raw, json)
Hash identifier:          0oeq4oemU7T069sqheAI5gjbKnEt2j+wZO5w2eoCOpc=
Subject key identifier:   24:9A:A2:1A:F5:0B:30:B2:EC:B1:3C:02:A2:08:12:31:02:93:E8:90
Authority key identifier: D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF
Certificate issuer:       /CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
Certificate serial:       0191FB5A272A9CF79AADCB626227128D447F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
Manifest number:          0113
Signing time:             Mon 16 Sep 2024 15:01:14 +0000
Manifest this update:     Mon 16 Sep 2024 15:01:14 +0000
Manifest next update:     Tue 17 Sep 2024 15:01:14 +0000
Files and hashes:         1: 0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl (hash: ZjpWl8JoTkb0vYa+83cs/obvLRJ0bWEhBl7Zb6RNL+A=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 14:20:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fb:5a:27:2a:9c:f7:9a:ad:cb:62:62:27:12:8d:44:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b0e8686f7dab1f64c80d4382c3c5949ff11dbf
        Validity
            Not Before: Sep 16 15:01:14 2024 GMT
            Not After : Sep 17 15:01:14 2024 GMT
        Subject: CN=249aa21af50b30b2ecb13c02a20812310293e890
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:76:cc:69:88:df:e0:33:16:7c:1f:f9:32:39:
                    aa:cc:c1:96:27:f0:9e:ce:94:cb:24:3f:64:3e:15:
                    c6:1f:65:b0:01:e6:85:8c:ef:1a:e3:3c:3d:71:05:
                    1b:d8:ac:c1:97:35:3a:8a:73:92:5a:55:8c:45:6b:
                    4c:ca:eb:5f:51:f4:54:36:1d:6b:7f:33:b8:41:40:
                    ec:ac:4f:07:8c:62:56:84:ba:9c:c4:6a:08:a3:82:
                    06:ae:0a:03:1d:d0:e3:be:11:23:11:b0:de:c6:31:
                    a2:fc:a9:48:a0:53:33:19:fe:7d:10:d1:e7:ab:08:
                    f3:85:01:e7:d8:cf:c1:fa:0d:68:98:c7:cd:90:80:
                    9e:30:81:32:6a:06:5a:0e:d6:57:00:61:fd:60:97:
                    81:06:0f:b5:18:d8:f3:48:39:d0:65:7a:14:9e:2d:
                    b0:33:2c:44:98:26:4b:8d:73:24:2b:cf:2f:95:34:
                    df:a2:2d:d9:d4:dc:51:ae:a6:ca:2c:27:ec:87:70:
                    53:eb:5e:e2:4b:ef:02:c3:d3:f1:c8:9b:20:00:c5:
                    07:a7:9c:b2:e9:a7:78:8f:9f:12:50:05:dd:12:fc:
                    b3:e7:47:fc:37:83:ef:1c:db:d9:6b:6b:1c:b3:1b:
                    14:d9:c8:98:7a:da:3e:c6:83:a9:95:a7:90:d5:6d:
                    10:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:9A:A2:1A:F5:0B:30:B2:EC:B1:3C:02:A2:08:12:31:02:93:E8:90
            X509v3 Authority Key Identifier:
                keyid:D1:B0:E8:68:6F:7D:AB:1F:64:C8:0D:43:82:C3:C5:94:9F:F1:1D:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bDoaG99qx9kyA1DgsPFlJ_xHb8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/456a2b-8755-4bfc-8b6c-dbbc254d1c6c/1/0bDoaG99qx9kyA1DgsPFlJ_xHb8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         85:bc:67:02:b5:74:24:b6:04:c6:6b:a8:83:05:d6:0d:e4:a6:
         03:79:63:28:d7:61:a8:d2:a9:cd:1f:aa:92:4f:92:69:90:cb:
         0b:df:61:92:45:81:ff:8e:e3:e6:54:53:2e:82:39:a4:70:31:
         33:6e:bb:52:11:21:b7:16:d9:95:54:06:1a:00:b5:a4:e6:f4:
         1c:e8:42:e1:c0:f5:bf:b7:17:90:c8:57:56:7c:a8:22:52:cd:
         32:e6:16:08:dc:09:7e:15:64:01:f6:70:c5:8e:01:e7:45:73:
         b3:c7:62:16:17:a3:d6:54:88:c4:ff:ac:ea:48:09:59:18:04:
         0d:0c:0c:b1:72:7b:b4:70:09:c5:0b:21:db:4a:45:d5:c9:66:
         ee:15:b8:32:76:2e:c0:1a:59:45:24:e6:f3:ac:54:d4:08:da:
         1c:1b:a3:fb:fb:ae:a1:4f:d3:21:fe:ba:ae:be:61:e6:a9:93:
         ee:e9:eb:8a:7b:a4:7a:87:9f:5b:cd:a6:22:c0:9f:a5:18:04:
         2b:d8:01:ae:3a:78:f4:e9:0b:5e:59:e6:19:10:b8:11:0b:b6:
         3e:c0:68:08:a7:ad:9e:2a:09:fc:d3:12:09:2e:5d:bd:86:d2:
         f0:95:48:96:7b:75:00:14:df:29:b0:29:ff:b5:6b:d4:95:93:
         48:ef:ee:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH7WicqnPearctiYicSjUR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxYjBlODY4NmY3ZGFiMWY2NGM4MGQ0MzgyYzNjNTk0OWZm
MTFkYmYwHhcNMjQwOTE2MTUwMTE0WhcNMjQwOTE3MTUwMTE0WjAzMTEwLwYDVQQD
EygyNDlhYTIxYWY1MGIzMGIyZWNiMTNjMDJhMjA4MTIzMTAyOTNlODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHbMaYjf4DMWfB/5MjmqzMGWJ/Ce
zpTLJD9kPhXGH2WwAeaFjO8a4zw9cQUb2KzBlzU6inOSWlWMRWtMyutfUfRUNh1r
fzO4QUDsrE8HjGJWhLqcxGoIo4IGrgoDHdDjvhEjEbDexjGi/KlIoFMzGf59ENHn
qwjzhQHn2M/B+g1omMfNkICeMIEyagZaDtZXAGH9YJeBBg+1GNjzSDnQZXoUni2w
MyxEmCZLjXMkK88vlTTfoi3Z1NxRrqbKLCfsh3BT617iS+8Cw9PxyJsgAMUHp5yy
6ad4j58SUAXdEvyz50f8N4PvHNvZa2scsxsU2ciYeto+xoOplaeQ1W0QBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCSaohr1CzCy7LE8AqIIEjECk+iQMB8GA1UdIwQY
MBaAFNGw6GhvfasfZMgNQ4LDxZSf8R2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMt
ZGJiYzI1NGQxYzZjLzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy80NTZhMmItODc1NS00YmZjLThiNmMtZGJiYzI1NGQxYzZj
LzEvMGJEb2FHOTlxeDlreUExRGdzUEZsSl94SGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhbxnArV0
JLYExmuogwXWDeSmA3ljKNdhqNKpzR+qkk+SaZDLC99hkkWB/47j5lRTLoI5pHAx
M267UhEhtxbZlVQGGgC1pOb0HOhC4cD1v7cXkMhXVnyoIlLNMuYWCNwJfhVkAfZw
xY4B50Vzs8diFhej1lSIxP+s6kgJWRgEDQwMsXJ7tHAJxQsh20pF1clm7hW4MnYu
wBpZRSTm86xU1AjaHBuj+/uuoU/TIf66rr5h5qmT7unrinukeoefW82mIsCfpRgE
K9gBrjp49OkLXlnmGRC4EQu2PsBoCKetnioJ/NMSCS5dvYbS8JVIlnt1ABTfKbAp
/7Vr1JWTSO/ujw==
-----END CERTIFICATE-----