Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
File:                     OExBksVwSp65aPXPUzuaH3pmYa0.mft (raw, json)
Hash identifier:          mpxXSHh7I+CuVDmnmtxF3qL9kXK0/fqaWNZ+gK+a4vk=
Subject key identifier:   15:72:E8:DC:F9:17:81:6E:9A:12:10:73:D8:9F:CD:93:14:35:C2:AF
Authority key identifier: 38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD
Certificate issuer:       /CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
Certificate serial:       0194C5083EE0BEA6924D34B8B39C9BE1AC5D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
Manifest number:          08
Signing time:             Sun 02 Feb 2025 05:00:39 +0000
Manifest this update:     Sun 02 Feb 2025 05:00:39 +0000
Manifest next update:     Mon 03 Feb 2025 05:00:39 +0000
Files and hashes:         1: OExBksVwSp65aPXPUzuaH3pmYa0.crl (hash: OqD+PNneHk/PJm4k9kapiUdHSjCkoHM6SnStjbSR1Pg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c5:08:3e:e0:be:a6:92:4d:34:b8:b3:9c:9b:e1:ac:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=384c4192c5704a9eb968f5cf533b9a1f7a6661ad
        Validity
            Not Before: Feb  2 05:00:39 2025 GMT
            Not After : Feb  3 05:00:39 2025 GMT
        Subject: CN=1572e8dcf917816e9a121073d89fcd931435c2af
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:a8:74:cf:85:91:4b:56:fe:63:d5:de:33:61:
                    0c:7b:4e:cf:66:9a:c2:85:92:83:b8:6b:db:a7:7e:
                    e4:61:8e:cb:60:9f:be:07:88:51:a1:6a:ab:a5:f2:
                    b8:f1:99:3d:c1:16:05:11:73:46:f8:ef:30:62:2a:
                    14:66:ef:38:65:a9:61:54:54:ad:04:18:10:49:b8:
                    ff:6a:da:f1:b5:2d:ad:d0:39:fb:b2:ea:c8:71:82:
                    05:46:66:f8:97:81:e0:21:c1:cb:1b:79:85:1e:ee:
                    88:de:e3:5a:38:cf:1a:2d:87:f4:22:15:2d:ee:51:
                    83:e5:f2:94:f2:db:dc:b9:37:58:74:33:d5:4f:94:
                    64:cc:42:7b:92:10:82:1f:3a:36:ba:43:96:55:36:
                    19:ac:ee:65:e3:0d:f9:78:5a:33:cd:fb:d0:d0:07:
                    76:9e:84:2c:a8:43:3b:8a:ef:44:49:10:51:a4:dc:
                    17:4a:36:06:02:b4:1f:77:9f:03:e1:a5:6e:c4:15:
                    56:29:d8:9c:77:4c:a6:3a:6e:df:9d:96:50:d3:ce:
                    ce:bb:1d:78:52:48:ee:70:d6:9a:8d:11:94:b8:b2:
                    9c:2c:99:22:00:25:ed:00:3a:1f:20:2b:85:37:77:
                    ed:59:e0:10:e6:cb:22:db:a7:1c:a1:68:3b:91:61:
                    da:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:72:E8:DC:F9:17:81:6E:9A:12:10:73:D8:9F:CD:93:14:35:C2:AF
            X509v3 Authority Key Identifier:
                keyid:38:4C:41:92:C5:70:4A:9E:B9:68:F5:CF:53:3B:9A:1F:7A:66:61:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExBksVwSp65aPXPUzuaH3pmYa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/620577-dfd8-4f23-a650-83be418aa7f4/1/OExBksVwSp65aPXPUzuaH3pmYa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:97:74:ed:f8:e7:1a:7f:2a:ca:de:09:39:6e:7e:66:eb:24:
         f6:7e:3d:b6:23:48:c6:b7:85:a0:b7:e8:d4:57:4c:6c:83:17:
         03:33:51:20:86:0b:99:73:f7:15:e9:b0:a0:6a:2c:33:44:8a:
         33:7f:61:93:35:40:85:3c:d3:c4:d8:0c:7e:02:64:27:ad:fd:
         0e:e1:dc:c9:8c:0b:b7:ef:1f:f4:0f:0b:0f:75:f0:72:ec:3c:
         19:d5:54:46:88:05:6d:c9:14:90:e1:2d:8f:0b:97:9e:63:91:
         04:b2:d5:34:c8:f6:8b:04:ef:cc:a9:ac:fd:4c:a5:ef:14:93:
         97:aa:15:9d:22:05:28:6c:60:43:85:28:d4:38:fb:20:91:ba:
         40:6d:25:52:3a:84:24:34:2c:68:4c:d7:e9:7d:eb:34:42:d5:
         13:e3:b7:ee:3a:02:1f:88:03:0e:ee:97:00:97:a7:d9:a6:3f:
         13:33:f1:86:44:57:6e:57:a1:ed:a9:79:fd:8c:08:39:b8:6f:
         21:0a:e7:8b:b1:41:34:44:17:15:51:d9:3a:b2:94:b1:f0:71:
         57:7b:fb:c3:28:b4:ee:bb:22:55:0b:9a:f2:7e:14:ec:9d:6e:
         4a:fe:48:6e:cf:d7:ed:d2:7f:90:7a:a2:26:ba:a7:a8:6d:6e:
         f9:85:5a:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTFCD7gvqaSTTS4s5yb4axdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM0MTkyYzU3MDRhOWViOTY4ZjVjZjUzM2I5YTFmN2E2
NjYxYWQwHhcNMjUwMjAyMDUwMDM5WhcNMjUwMjAzMDUwMDM5WjAzMTEwLwYDVQQD
EygxNTcyZThkY2Y5MTc4MTZlOWExMjEwNzNkODlmY2Q5MzE0MzVjMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKh0z4WRS1b+Y9XeM2EMe07PZprC
hZKDuGvbp37kYY7LYJ++B4hRoWqrpfK48Zk9wRYFEXNG+O8wYioUZu84ZalhVFSt
BBgQSbj/atrxtS2t0Dn7surIcYIFRmb4l4HgIcHLG3mFHu6I3uNaOM8aLYf0IhUt
7lGD5fKU8tvcuTdYdDPVT5RkzEJ7khCCHzo2ukOWVTYZrO5l4w35eFozzfvQ0Ad2
noQsqEM7iu9ESRBRpNwXSjYGArQfd58D4aVuxBVWKdicd0ymOm7fnZZQ087Oux14
UkjucNaajRGUuLKcLJkiACXtADofICuFN3ftWeAQ5ssi26ccoWg7kWHalQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVy6Nz5F4FumhIQc9ifzZMUNcKvMB8GA1UdIwQY
MBaAFDhMQZLFcEqeuWj1z1M7mh96ZmGtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAt
ODNiZTQxOGFhN2Y0LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MjA1NzctZGZkOC00ZjIzLWE2NTAtODNiZTQxOGFhN2Y0
LzEvT0V4QmtzVndTcDY1YVBYUFV6dWFIM3BtWWEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapd07fjn
Gn8qyt4JOW5+Zusk9n49tiNIxreFoLfo1FdMbIMXAzNRIIYLmXP3FemwoGosM0SK
M39hkzVAhTzTxNgMfgJkJ639DuHcyYwLt+8f9A8LD3Xwcuw8GdVURogFbckUkOEt
jwuXnmORBLLVNMj2iwTvzKms/Uyl7xSTl6oVnSIFKGxgQ4Uo1Dj7IJG6QG0lUjqE
JDQsaEzX6X3rNELVE+O37joCH4gDDu6XAJen2aY/EzPxhkRXbleh7al5/YwIObhv
IQrni7FBNEQXFVHZOrKUsfBxV3v7wyi07rsiVQua8n4U7J1uSv5Ibs/X7dJ/kHqi
JrqnqG1u+YVaNg==
-----END CERTIFICATE-----