Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
File:                     OFt-lPpg22hRcc8TabHO-24g8zQ.mft (raw, json)
Hash identifier:          XMsTlQL9TBO0aIciXBmHBilT81YhPBjKHtUk8q5nGPI=
Subject key identifier:   A9:3F:4F:3A:E7:5D:0A:0C:DF:F6:F3:9F:B1:B0:59:EE:8B:E8:7F:30
Authority key identifier: 38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34
Certificate issuer:       /CN=385b7e94fa60db685171cf1369b1cefb6e20f334
Certificate serial:       019510C7B31472467DC42406C7CFD3C7962D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
Manifest number:          03A9
Signing time:             Sun 16 Feb 2025 22:01:17 +0000
Manifest this update:     Sun 16 Feb 2025 22:01:17 +0000
Manifest next update:     Mon 17 Feb 2025 22:01:17 +0000
Files and hashes:         1: OFt-lPpg22hRcc8TabHO-24g8zQ.crl (hash: pFbgwlMcNDXFN0K3qnVN5abbA7n1iF1UMPx/uCsgoGQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:01:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:b3:14:72:46:7d:c4:24:06:c7:cf:d3:c7:96:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=385b7e94fa60db685171cf1369b1cefb6e20f334
        Validity
            Not Before: Feb 16 22:01:17 2025 GMT
            Not After : Feb 17 22:01:17 2025 GMT
        Subject: CN=a93f4f3ae75d0a0cdff6f39fb1b059ee8be87f30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8d:82:ac:dc:12:04:c4:58:11:4f:96:29:1f:
                    6c:ca:7e:a2:b8:d3:2a:f7:d2:68:88:8c:06:88:80:
                    ea:c1:5c:24:20:e1:cb:ba:3f:e5:e4:1f:fe:ce:be:
                    ce:c9:72:f9:f5:e0:ca:87:b4:59:57:9e:11:33:21:
                    c4:de:46:b5:8e:98:cc:5c:f8:a5:88:f4:1d:b4:2e:
                    ed:61:cd:04:21:90:70:9c:82:be:61:d3:92:ad:bc:
                    bd:3c:32:d2:71:37:51:37:87:6f:5a:d5:c4:e1:67:
                    33:3c:9f:ce:63:b8:fb:cc:21:9b:b1:79:a6:64:43:
                    d3:e9:f4:96:74:32:47:bb:ce:42:8c:07:e6:4c:09:
                    5c:e9:c0:04:ef:2e:09:b7:f5:01:2f:90:de:2c:f3:
                    93:68:e5:15:3e:a3:6d:c4:65:c5:22:30:b7:18:70:
                    e0:77:e3:67:a2:98:f3:a2:85:81:0a:ea:ed:29:d7:
                    63:f3:5d:8c:fb:22:db:85:19:59:96:b9:9d:fd:81:
                    3b:69:cb:75:b1:4f:1b:06:20:bd:ed:89:62:d1:34:
                    3c:d7:45:9c:64:0f:6a:07:b3:43:58:bf:9c:78:d6:
                    ce:13:51:6a:a0:05:52:9a:04:9a:84:2d:3d:7a:fe:
                    9e:32:22:3e:47:51:44:f9:13:db:05:8d:a3:01:32:
                    bc:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:3F:4F:3A:E7:5D:0A:0C:DF:F6:F3:9F:B1:B0:59:EE:8B:E8:7F:30
            X509v3 Authority Key Identifier:
                keyid:38:5B:7E:94:FA:60:DB:68:51:71:CF:13:69:B1:CE:FB:6E:20:F3:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFt-lPpg22hRcc8TabHO-24g8zQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/19a307-ecba-4158-a2d1-c3b46ac9f26d/1/OFt-lPpg22hRcc8TabHO-24g8zQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:15:45:0c:6d:05:e3:8a:70:a5:c9:6b:30:cc:7e:49:3a:78:
         2a:c3:19:02:86:27:f2:e2:f9:b9:5f:b1:44:fe:27:e8:63:07:
         a4:b9:62:36:d3:5d:e3:af:00:eb:4a:81:2b:de:28:d4:82:4f:
         8f:0c:1f:18:b4:3a:88:fb:d8:27:13:ab:99:67:cb:e0:5d:3b:
         d3:0a:7c:1c:3c:60:a3:e3:c6:93:df:0e:98:b5:5b:44:fa:bb:
         e2:38:de:08:0f:f3:97:2d:75:5e:1f:15:0e:73:65:e7:fa:56:
         13:70:7c:5b:f6:25:96:44:75:35:de:53:52:53:c8:71:5e:62:
         04:fb:a5:c5:fb:b4:73:17:bc:5e:93:cb:ab:ee:47:88:a1:f1:
         61:e2:cc:7f:65:a5:15:c8:77:84:da:cf:ff:5a:61:9c:74:3e:
         b7:a2:06:05:7a:53:cd:f5:e1:c4:d3:2f:f5:b3:29:a9:de:44:
         8d:d7:62:a0:14:e7:da:ae:67:3c:3c:78:60:a8:50:21:e7:5b:
         c9:31:07:1c:8f:4c:92:d5:81:fe:59:f0:c8:6e:e5:5a:f2:56:
         b5:32:8e:4b:51:13:10:23:e2:54:f3:c1:5d:2e:9c:c3:9a:6d:
         19:70:fd:83:ff:96:0c:1b:b2:0c:e8:3c:23:fa:3b:d9:65:c8:
         57:20:46:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQx7MUckZ9xCQGx8/Tx5YtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NWI3ZTk0ZmE2MGRiNjg1MTcxY2YxMzY5YjFjZWZiNmUy
MGYzMzQwHhcNMjUwMjE2MjIwMTE3WhcNMjUwMjE3MjIwMTE3WjAzMTEwLwYDVQQD
EyhhOTNmNGYzYWU3NWQwYTBjZGZmNmYzOWZiMWIwNTllZThiZTg3ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY2CrNwSBMRYEU+WKR9syn6iuNMq
99JoiIwGiIDqwVwkIOHLuj/l5B/+zr7OyXL59eDKh7RZV54RMyHE3ka1jpjMXPil
iPQdtC7tYc0EIZBwnIK+YdOSrby9PDLScTdRN4dvWtXE4WczPJ/OY7j7zCGbsXmm
ZEPT6fSWdDJHu85CjAfmTAlc6cAE7y4Jt/UBL5DeLPOTaOUVPqNtxGXFIjC3GHDg
d+NnopjzooWBCurtKddj812M+yLbhRlZlrmd/YE7act1sU8bBiC97Yli0TQ810Wc
ZA9qB7NDWL+ceNbOE1FqoAVSmgSahC09ev6eMiI+R1FE+RPbBY2jATK8wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKk/TzrnXQoM3/bzn7GwWe6L6H8wMB8GA1UdIwQY
MBaAFDhbfpT6YNtoUXHPE2mxzvtuIPM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEt
YzNiNDZhYzlmMjZkLzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8xOWEzMDctZWNiYS00MTU4LWEyZDEtYzNiNDZhYzlmMjZk
LzEvT0Z0LWxQcGcyMmhSY2M4VGFiSE8tMjRnOHpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbhVFDG0F
44pwpclrMMx+STp4KsMZAoYn8uL5uV+xRP4n6GMHpLliNtNd468A60qBK94o1IJP
jwwfGLQ6iPvYJxOrmWfL4F070wp8HDxgo+PGk98OmLVbRPq74jjeCA/zly11Xh8V
DnNl5/pWE3B8W/YllkR1Nd5TUlPIcV5iBPulxfu0cxe8XpPLq+5HiKHxYeLMf2Wl
Fch3hNrP/1phnHQ+t6IGBXpTzfXhxNMv9bMpqd5EjddioBTn2q5nPDx4YKhQIedb
yTEHHI9MktWB/lnwyG7lWvJWtTKOS1ETECPiVPPBXS6cw5ptGXD9g/+WDBuyDOg8
I/o72WXIVyBG/Q==
-----END CERTIFICATE-----