Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
File:                     OQlq7uS6fDS4EkCtSRrEba90wx0.mft (raw, json)
Hash identifier:          pbona+3xGK9fZ3VJM338IclCwmQh6AzE+6pJjoySHBs=
Subject key identifier:   B1:55:1B:07:B2:AC:C0:17:F8:A3:93:14:C6:24:13:B4:20:98:DE:F6
Authority key identifier: 39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D
Certificate issuer:       /CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
Certificate serial:       01936A7D812D7515D32159621783386E4444
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
Manifest number:          1379
Signing time:             Tue 26 Nov 2024 22:00:30 +0000
Manifest this update:     Tue 26 Nov 2024 22:00:30 +0000
Manifest next update:     Wed 27 Nov 2024 22:00:30 +0000
Files and hashes:         1: OQlq7uS6fDS4EkCtSRrEba90wx0.crl (hash: Z9O2xBDJ3cfViVehyhTqsjp5huA3bK8iPGr2MH2sBSE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:7d:81:2d:75:15:d3:21:59:62:17:83:38:6e:44:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39096aeee4ba7c34b81240ad491ac46daf74c31d
        Validity
            Not Before: Nov 26 22:00:30 2024 GMT
            Not After : Nov 27 22:00:30 2024 GMT
        Subject: CN=b1551b07b2acc017f8a39314c62413b42098def6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8a:2c:1c:21:e2:03:db:12:69:82:b7:96:83:
                    41:13:56:7f:fb:59:3e:49:d2:c0:b4:89:15:1e:4b:
                    19:86:8e:cc:c5:48:20:7a:13:36:54:cc:10:b0:73:
                    d4:47:18:6f:1b:0f:03:25:87:68:7d:a9:04:1f:d0:
                    60:cb:9d:d0:e7:9d:62:4b:cc:bc:7c:58:df:d0:c4:
                    ac:d5:f8:94:83:e5:d7:a7:9a:9a:c8:ba:6c:ec:5f:
                    4a:b7:86:7f:87:46:ba:40:90:57:5f:00:64:d5:e1:
                    76:ca:10:ac:77:ac:e4:b5:4e:9f:29:b5:a8:3f:d4:
                    71:3e:3b:e8:bf:a3:82:0a:08:53:cd:27:65:0d:f5:
                    3c:64:b9:a9:1e:cb:19:a7:68:d0:c5:ff:9a:21:c6:
                    15:26:a0:c9:58:99:0f:34:51:af:4a:aa:0d:62:56:
                    02:b3:82:34:93:0b:8c:94:a1:8b:dc:cd:95:31:47:
                    d9:ab:b7:51:51:ad:c2:1b:89:d1:f8:1c:07:00:28:
                    6c:77:8a:63:fa:94:e0:25:ac:65:28:c0:b4:d8:f0:
                    2b:f7:7c:f1:00:98:08:92:1d:40:62:ee:d7:0a:b2:
                    bf:56:f3:64:a4:18:60:3d:ea:85:de:83:31:a3:bf:
                    1c:71:d7:69:ea:aa:d8:38:9a:67:fe:f8:98:76:3b:
                    89:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:55:1B:07:B2:AC:C0:17:F8:A3:93:14:C6:24:13:B4:20:98:DE:F6
            X509v3 Authority Key Identifier:
                keyid:39:09:6A:EE:E4:BA:7C:34:B8:12:40:AD:49:1A:C4:6D:AF:74:C3:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OQlq7uS6fDS4EkCtSRrEba90wx0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bb1aa7-7455-4d2d-82da-105617638726/1/OQlq7uS6fDS4EkCtSRrEba90wx0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8c:c5:52:9f:53:a6:9e:92:12:81:19:14:3a:3d:41:25:5d:0d:
         3c:e0:e6:2a:6e:53:34:bd:3e:7c:4b:a6:47:c5:ae:51:2f:e7:
         52:a8:b4:1f:68:34:e6:a6:33:cf:fb:39:3a:90:71:d3:fa:c1:
         da:61:15:99:fd:ba:ac:d1:18:0c:ab:c7:5b:9f:87:56:4b:d1:
         4b:e0:9f:00:0b:be:aa:e2:7a:3d:09:1a:c0:64:96:a6:6f:98:
         92:ca:cf:20:5c:c1:3a:f1:12:fb:71:0e:bd:5f:37:8b:1e:57:
         b7:7f:98:b8:f8:66:6a:f5:48:ca:50:a4:05:e0:bd:ce:37:07:
         ae:83:3f:69:89:00:54:bb:ba:c5:94:a2:72:34:00:b6:30:c5:
         d6:da:e4:f4:3d:3e:be:b3:86:c1:a5:9d:f1:c7:c3:07:da:ac:
         a8:9b:1b:e8:4d:41:f0:0c:0e:3f:a5:26:44:ea:04:3e:b8:e2:
         e1:2a:4d:83:c5:ea:69:e8:63:2c:1b:69:4b:f6:1e:2f:b3:e9:
         c8:c6:3a:ce:fb:19:93:e2:29:00:7b:c6:51:cd:b2:16:eb:62:
         34:2d:96:2c:58:72:05:48:ff:f5:78:57:e7:fd:8d:24:2d:df:
         2d:c2:03:94:0c:0d:cd:cd:87:25:77:06:54:f0:f0:44:73:3a:
         3e:e7:e9:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqfYEtdRXTIVliF4M4bkREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MDk2YWVlZTRiYTdjMzRiODEyNDBhZDQ5MWFjNDZkYWY3
NGMzMWQwHhcNMjQxMTI2MjIwMDMwWhcNMjQxMTI3MjIwMDMwWjAzMTEwLwYDVQQD
EyhiMTU1MWIwN2IyYWNjMDE3ZjhhMzkzMTRjNjI0MTNiNDIwOThkZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYosHCHiA9sSaYK3loNBE1Z/+1k+
SdLAtIkVHksZho7MxUggehM2VMwQsHPURxhvGw8DJYdofakEH9Bgy53Q551iS8y8
fFjf0MSs1fiUg+XXp5qayLps7F9Kt4Z/h0a6QJBXXwBk1eF2yhCsd6zktU6fKbWo
P9RxPjvov6OCCghTzSdlDfU8ZLmpHssZp2jQxf+aIcYVJqDJWJkPNFGvSqoNYlYC
s4I0kwuMlKGL3M2VMUfZq7dRUa3CG4nR+BwHAChsd4pj+pTgJaxlKMC02PAr93zx
AJgIkh1AYu7XCrK/VvNkpBhgPeqF3oMxo78ccddp6qrYOJpn/viYdjuJ4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLFVGweyrMAX+KOTFMYkE7QgmN72MB8GA1UdIwQY
MBaAFDkJau7kunw0uBJArUkaxG2vdMMdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEt
MTA1NjE3NjM4NzI2LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYjFhYTctNzQ1NS00ZDJkLTgyZGEtMTA1NjE3NjM4NzI2
LzEvT1FscTd1UzZmRFM0RWtDdFNSckViYTkwd3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjMVSn1Om
npISgRkUOj1BJV0NPODmKm5TNL0+fEumR8WuUS/nUqi0H2g05qYzz/s5OpBx0/rB
2mEVmf26rNEYDKvHW5+HVkvRS+CfAAu+quJ6PQkawGSWpm+YksrPIFzBOvES+3EO
vV83ix5Xt3+YuPhmavVIylCkBeC9zjcHroM/aYkAVLu6xZSicjQAtjDF1trk9D0+
vrOGwaWd8cfDB9qsqJsb6E1B8AwOP6UmROoEPrji4SpNg8XqaehjLBtpS/YeL7Pp
yMY6zvsZk+IpAHvGUc2yFutiNC2WLFhyBUj/9XhX5/2NJC3fLcIDlAwNzc2HJXcG
VPDwRHM6PufpIg==
-----END CERTIFICATE-----