Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
File:                     O5keroXFJmJwwx30GBqgerLge1Q.mft (raw, json)
Hash identifier:          ffAL6YV9GKn20W4L6CvIgjsnfqVNcuPMIWYx3h/NZ6I=
Subject key identifier:   0C:50:B9:A7:54:7A:DA:E9:C9:1C:61:F0:74:66:A9:4D:DB:62:26:66
Authority key identifier: 3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54
Certificate issuer:       /CN=3b991eae85c5266270c31df4181aa07ab2e07b54
Certificate serial:       019365FCAED9CC7FD7C173A2F6FF97F7EDA4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
Manifest number:          050A
Signing time:             Tue 26 Nov 2024 01:01:18 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:18 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:18 +0000
Files and hashes:         1: O5keroXFJmJwwx30GBqgerLge1Q.crl (hash: 00Qz1AwIRxzVEsV4Ky0eyGBvTs9q7rMR7yx604FbCTo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:ae:d9:cc:7f:d7:c1:73:a2:f6:ff:97:f7:ed:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b991eae85c5266270c31df4181aa07ab2e07b54
        Validity
            Not Before: Nov 26 01:01:18 2024 GMT
            Not After : Nov 27 01:01:18 2024 GMT
        Subject: CN=0c50b9a7547adae9c91c61f07466a94ddb622666
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:ef:48:a0:62:8e:b5:03:27:b6:d7:ba:26:75:
                    f9:01:e9:7d:4a:0b:9d:a1:74:be:0f:59:a4:02:25:
                    4b:f6:f7:14:26:01:53:de:a3:f2:29:7e:92:15:7b:
                    9e:15:c1:f1:36:7c:3f:45:bc:c5:af:91:29:c0:45:
                    da:ea:43:d4:a4:66:d4:c2:95:ab:e9:c7:e2:1d:98:
                    f5:d7:a0:89:24:91:36:da:8e:dd:56:15:fc:ce:d1:
                    57:23:3c:4f:38:95:1c:fc:87:91:e0:2a:1e:0f:f4:
                    5c:ef:46:cd:cf:8a:2d:28:2c:9d:63:4f:08:47:5f:
                    41:56:9d:52:1b:47:f0:e8:e6:e6:ea:42:79:71:00:
                    78:fa:03:c6:72:c4:fb:25:40:38:81:b3:94:d2:75:
                    8d:fb:02:02:b2:47:b8:40:67:12:46:24:a7:5d:03:
                    29:57:8b:47:22:89:f0:7b:d9:31:91:04:8e:4d:b0:
                    2c:02:df:b8:c2:be:0b:48:02:f0:62:6d:ae:08:63:
                    4b:0c:fd:2b:5d:d1:72:eb:e7:80:d2:e4:91:56:16:
                    eb:8a:db:ce:40:61:2a:5f:8e:ae:d4:9d:b4:f2:81:
                    e7:2e:d2:99:f4:3b:a6:3b:ae:f4:f4:73:8a:41:65:
                    0d:bb:e4:09:a0:ac:d8:20:95:79:09:ab:e4:f0:e6:
                    51:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:50:B9:A7:54:7A:DA:E9:C9:1C:61:F0:74:66:A9:4D:DB:62:26:66
            X509v3 Authority Key Identifier:
                keyid:3B:99:1E:AE:85:C5:26:62:70:C3:1D:F4:18:1A:A0:7A:B2:E0:7B:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5keroXFJmJwwx30GBqgerLge1Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/608ede-09ae-4811-b109-e797b2d82b39/1/O5keroXFJmJwwx30GBqgerLge1Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2c:a4:ca:d3:06:74:5d:e3:94:55:3a:2a:53:40:e4:6f:e5:e8:
         15:5b:2e:e7:15:0b:03:ed:d0:db:99:df:b9:ac:df:80:be:f3:
         73:d4:12:a8:2f:af:ad:a6:df:c7:2e:4c:3e:73:5b:0a:f9:32:
         64:7d:0e:69:50:51:a1:2c:ec:67:36:ca:11:64:ab:a5:fd:ae:
         b5:65:3d:90:34:7a:8f:90:b4:d8:f4:e7:3e:c7:ce:8e:19:30:
         23:b7:cb:1b:06:b9:c7:99:d4:b7:00:0a:ef:4c:36:6f:a3:35:
         23:58:31:0e:b5:0f:f5:ba:83:89:76:f3:93:41:d7:13:81:a3:
         9e:e3:e0:ff:d5:ad:29:70:4f:90:07:26:71:8e:31:97:b1:07:
         86:c0:02:e4:e9:8b:17:8e:cd:da:fc:83:48:92:be:c1:2d:9f:
         bf:42:15:b6:2c:fb:59:c7:13:91:6d:94:03:24:4e:86:fe:e8:
         71:24:04:71:94:be:bd:a4:e7:ee:82:e8:4a:e5:3a:a4:36:38:
         9f:f8:83:2a:ba:85:7f:d2:bb:99:e7:07:92:c9:e7:94:a8:ab:
         19:27:b2:2e:69:f8:ca:b4:9c:be:ab:47:e7:4a:94:13:49:24:
         eb:c2:42:b4:71:d5:2b:9d:b9:d0:2d:6e:a1:50:20:da:46:94:
         46:80:03:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/K7ZzH/XwXOi9v+X9+2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTkxZWFlODVjNTI2NjI3MGMzMWRmNDE4MWFhMDdhYjJl
MDdiNTQwHhcNMjQxMTI2MDEwMTE4WhcNMjQxMTI3MDEwMTE4WjAzMTEwLwYDVQQD
EygwYzUwYjlhNzU0N2FkYWU5YzkxYzYxZjA3NDY2YTk0ZGRiNjIyNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6e9IoGKOtQMntte6JnX5Ael9Sgud
oXS+D1mkAiVL9vcUJgFT3qPyKX6SFXueFcHxNnw/RbzFr5EpwEXa6kPUpGbUwpWr
6cfiHZj116CJJJE22o7dVhX8ztFXIzxPOJUc/IeR4CoeD/Rc70bNz4otKCydY08I
R19BVp1SG0fw6Obm6kJ5cQB4+gPGcsT7JUA4gbOU0nWN+wICske4QGcSRiSnXQMp
V4tHIonwe9kxkQSOTbAsAt+4wr4LSALwYm2uCGNLDP0rXdFy6+eA0uSRVhbritvO
QGEqX46u1J208oHnLtKZ9DumO6709HOKQWUNu+QJoKzYIJV5Cavk8OZRXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxQuadUetrpyRxh8HRmqU3bYiZmMB8GA1UdIwQY
MBaAFDuZHq6FxSZicMMd9BgaoHqy4HtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDkt
ZTc5N2IyZDgyYjM5LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MDhlZGUtMDlhZS00ODExLWIxMDktZTc5N2IyZDgyYjM5
LzEvTzVrZXJvWEZKbUp3d3gzMEdCcWdlckxnZTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALKTK0wZ0
XeOUVToqU0Dkb+XoFVsu5xULA+3Q25nfuazfgL7zc9QSqC+vrabfxy5MPnNbCvky
ZH0OaVBRoSzsZzbKEWSrpf2utWU9kDR6j5C02PTnPsfOjhkwI7fLGwa5x5nUtwAK
70w2b6M1I1gxDrUP9bqDiXbzk0HXE4GjnuPg/9WtKXBPkAcmcY4xl7EHhsAC5OmL
F47N2vyDSJK+wS2fv0IVtiz7WccTkW2UAyROhv7ocSQEcZS+vaTn7oLoSuU6pDY4
n/iDKrqFf9K7mecHksnnlKirGSeyLmn4yrScvqtH50qUE0kk68JCtHHVK5250C1u
oVAg2kaURoADgA==
-----END CERTIFICATE-----