Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
File:                     yO91rieylt0KS84TZH2LWJv06cM.mft (raw, json)
Hash identifier:          fSt2uqMCnuSwKFUwls29nK5h08S7b7bWEWv5DruIVlU=
Subject key identifier:   08:1C:86:B4:EF:D6:63:D0:E1:3C:98:72:1C:36:88:35:45:14:45:6E
Authority key identifier: C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3
Certificate issuer:       /CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
Certificate serial:       019365FC807FFC5B4AAE2B7441D43B4A735D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
Manifest number:          0EE6
Signing time:             Tue 26 Nov 2024 01:01:06 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:06 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:06 +0000
Files and hashes:         1: yO91rieylt0KS84TZH2LWJv06cM.crl (hash: USFJcdGz3RYFMyv05Ah4V+W8K8TojpB3KOmjz00Y++M=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:80:7f:fc:5b:4a:ae:2b:74:41:d4:3b:4a:73:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c8ef75ae27b296dd0a4bce13647d8b589bf4e9c3
        Validity
            Not Before: Nov 26 01:01:06 2024 GMT
            Not After : Nov 27 01:01:06 2024 GMT
        Subject: CN=081c86b4efd663d0e13c98721c3688354514456e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:92:b5:7e:1a:41:09:41:c1:b8:eb:cf:7a:4a:
                    e6:82:e2:56:c0:96:28:af:5c:0f:1a:f8:72:3d:9f:
                    57:c5:9e:aa:c9:06:8b:02:f9:49:0e:da:4d:34:e0:
                    8c:44:c0:8e:4a:73:b1:d4:c4:16:cb:dd:d0:b0:8e:
                    7a:4a:f8:61:29:aa:62:9d:78:56:34:4e:47:77:cd:
                    80:d1:24:99:32:5a:d9:4e:b3:83:31:ef:4c:d9:5a:
                    10:02:2a:ee:3e:50:ee:17:f1:10:28:f4:cd:e7:61:
                    76:7d:a7:20:5e:ec:af:df:46:40:b3:e6:7e:20:5d:
                    d1:a9:04:cb:85:ff:48:74:b5:10:d5:29:44:44:97:
                    01:3d:49:bc:c2:4b:c7:c5:2a:c1:2f:43:34:5e:15:
                    44:f1:e2:d4:02:7b:ef:e7:2a:a9:a7:f8:0b:a0:01:
                    56:a6:8e:56:82:8d:57:73:43:7f:f2:75:e5:84:b0:
                    66:e0:f5:9c:fc:d4:3b:3a:cc:92:a4:dc:66:ce:35:
                    03:04:6c:35:f0:81:b7:f3:a9:01:9d:90:5f:f9:47:
                    94:db:d6:85:d7:23:50:de:ed:be:10:63:62:fe:f2:
                    12:b3:91:77:3f:ad:8f:a2:14:0a:3a:3c:de:e3:bf:
                    ff:cf:97:e7:2f:5b:bd:33:f9:a4:a8:41:65:03:87:
                    bc:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:1C:86:B4:EF:D6:63:D0:E1:3C:98:72:1C:36:88:35:45:14:45:6E
            X509v3 Authority Key Identifier:
                keyid:C8:EF:75:AE:27:B2:96:DD:0A:4B:CE:13:64:7D:8B:58:9B:F4:E9:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yO91rieylt0KS84TZH2LWJv06cM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/8bef8b-9765-4131-9caf-77351d0850c9/1/yO91rieylt0KS84TZH2LWJv06cM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         75:50:0b:59:40:26:21:a0:39:8f:18:a4:db:c6:80:53:c0:9b:
         fb:0b:09:bf:80:e3:07:4e:ee:4e:c7:43:fa:47:16:df:81:c8:
         95:cc:d9:0a:0a:4d:51:10:90:83:77:8f:fb:68:4e:c2:5c:df:
         33:42:95:d4:8d:2b:e7:ab:cd:86:b3:63:ad:2e:3b:a7:70:48:
         88:df:24:a3:25:e9:ec:34:46:6b:8c:c0:93:c8:f9:0e:7d:96:
         9c:f2:e2:ba:17:f2:af:aa:73:4d:ff:9e:ac:c3:ac:22:a1:6e:
         cf:35:42:d2:ed:14:0c:54:18:b7:0c:9c:91:f6:e1:14:90:5f:
         60:3a:a2:96:d0:42:51:bd:f4:23:69:b1:1a:a1:fa:86:44:66:
         2e:a0:2f:3e:e3:3d:89:57:e8:b0:d4:4a:04:83:cf:5d:59:94:
         34:b5:28:16:45:ce:30:a4:d7:22:d8:ea:13:03:7f:13:3e:8d:
         f8:f3:6d:9b:ab:b0:c6:0f:54:40:76:0a:42:6e:be:e5:db:36:
         99:0a:0f:51:6e:17:ea:c5:07:84:c6:be:93:4c:ed:ec:72:78:
         94:04:5e:06:e6:c4:8e:fc:0c:f1:67:f6:67:b9:5a:b1:51:6a:
         09:54:9f:75:c4:6b:29:8b:ef:92:56:be:9e:f3:bb:56:32:f3:
         e1:51:d6:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/IB//FtKrit0QdQ7SnNdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZWY3NWFlMjdiMjk2ZGQwYTRiY2UxMzY0N2Q4YjU4OWJm
NGU5YzMwHhcNMjQxMTI2MDEwMTA2WhcNMjQxMTI3MDEwMTA2WjAzMTEwLwYDVQQD
EygwODFjODZiNGVmZDY2M2QwZTEzYzk4NzIxYzM2ODgzNTQ1MTQ0NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35K1fhpBCUHBuOvPekrmguJWwJYo
r1wPGvhyPZ9XxZ6qyQaLAvlJDtpNNOCMRMCOSnOx1MQWy93QsI56SvhhKapinXhW
NE5Hd82A0SSZMlrZTrODMe9M2VoQAiruPlDuF/EQKPTN52F2facgXuyv30ZAs+Z+
IF3RqQTLhf9IdLUQ1SlERJcBPUm8wkvHxSrBL0M0XhVE8eLUAnvv5yqpp/gLoAFW
po5Wgo1Xc0N/8nXlhLBm4PWc/NQ7OsySpNxmzjUDBGw18IG386kBnZBf+UeU29aF
1yNQ3u2+EGNi/vISs5F3P62PohQKOjze47//z5fnL1u9M/mkqEFlA4e8dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAgchrTv1mPQ4TyYchw2iDVFFEVuMB8GA1UdIwQY
MBaAFMjvda4nspbdCkvOE2R9i1ib9OnDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYt
NzczNTFkMDg1MGM5LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS84YmVmOGItOTc2NS00MTMxLTljYWYtNzczNTFkMDg1MGM5
LzEveU85MXJpZXlsdDBLUzg0VFpIMkxXSnYwNmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdVALWUAm
IaA5jxik28aAU8Cb+wsJv4DjB07uTsdD+kcW34HIlczZCgpNURCQg3eP+2hOwlzf
M0KV1I0r56vNhrNjrS47p3BIiN8koyXp7DRGa4zAk8j5Dn2WnPLiuhfyr6pzTf+e
rMOsIqFuzzVC0u0UDFQYtwyckfbhFJBfYDqiltBCUb30I2mxGqH6hkRmLqAvPuM9
iVfosNRKBIPPXVmUNLUoFkXOMKTXItjqEwN/Ez6N+PNtm6uwxg9UQHYKQm6+5ds2
mQoPUW4X6sUHhMa+k0zt7HJ4lAReBubEjvwM8Wf2Z7lasVFqCVSfdcRrKYvvkla+
nvO7VjLz4VHWVA==
-----END CERTIFICATE-----