Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
File:                     oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft (raw, json)
Hash identifier:          6RtFTKjW4RgTumRrFm9f9XHks0tEOLFXblLGCT6BUIk=
Subject key identifier:   F5:2E:48:32:5A:D2:AA:22:35:67:2B:1E:E2:28:1C:A6:5D:87:14:65
Authority key identifier: A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E
Certificate issuer:       /CN=a323e041dd45965333e2b1474fc50be2f0fa950e
Certificate serial:       01936B2230FB3F305AE89A58D2D5950ED3B1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
Manifest number:          078C
Signing time:             Wed 27 Nov 2024 01:00:23 +0000
Manifest this update:     Wed 27 Nov 2024 01:00:23 +0000
Manifest next update:     Thu 28 Nov 2024 01:00:23 +0000
Files and hashes:         1: oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl (hash: 8HCGw/z39Bkp4NO8+rQk4PPHCvh9DBXVrvn7meHgb+c=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6b:22:30:fb:3f:30:5a:e8:9a:58:d2:d5:95:0e:d3:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a323e041dd45965333e2b1474fc50be2f0fa950e
        Validity
            Not Before: Nov 27 01:00:23 2024 GMT
            Not After : Nov 28 01:00:23 2024 GMT
        Subject: CN=f52e48325ad2aa2235672b1ee2281ca65d871465
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:35:e4:aa:45:a4:cf:5a:bd:d5:9f:93:6e:d4:
                    b5:14:4e:a2:6b:d2:c7:9a:c5:5a:41:6d:d3:2a:c8:
                    95:03:34:38:2d:f8:83:4d:71:84:8c:89:67:07:ce:
                    3d:df:e8:0b:39:12:24:19:91:8d:c5:76:e2:6f:7f:
                    81:60:65:3a:31:3e:1c:eb:39:7d:d2:d2:dc:f2:5f:
                    a2:77:9c:4f:f6:10:5c:7c:cc:91:5a:b9:36:3c:48:
                    77:81:af:cc:29:99:10:aa:33:bc:86:d7:78:a2:8a:
                    6c:23:f7:db:53:a7:56:f1:6d:d1:a4:db:75:ac:6f:
                    6b:02:e3:9f:df:cc:70:57:2a:c4:9c:bd:83:21:fe:
                    4a:cc:05:b6:17:f4:9b:44:41:b6:dd:f7:70:5b:fd:
                    1d:33:90:e9:98:d7:b9:28:1a:c0:0e:46:94:a3:2e:
                    24:cb:b6:41:67:66:82:a8:9f:ca:14:83:52:de:d8:
                    53:f2:19:9c:df:16:6f:79:be:96:87:93:63:38:33:
                    cb:9c:2d:a4:69:66:e5:2e:89:1e:be:65:57:be:6b:
                    55:f1:f6:a0:b8:be:c6:9a:df:da:2f:77:69:11:78:
                    a6:d3:d5:14:6f:66:dc:f0:2a:79:a3:09:b5:05:f1:
                    a3:3c:fc:d2:bc:ec:cb:e3:59:e5:47:c5:95:85:21:
                    3b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:2E:48:32:5A:D2:AA:22:35:67:2B:1E:E2:28:1C:A6:5D:87:14:65
            X509v3 Authority Key Identifier:
                keyid:A3:23:E0:41:DD:45:96:53:33:E2:B1:47:4F:C5:0B:E2:F0:FA:95:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyPgQd1FllMz4rFHT8UL4vD6lQ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/e8339e-fd6d-404d-a64c-cadc514ace72/1/oyPgQd1FllMz4rFHT8UL4vD6lQ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         b3:f6:33:4d:76:9e:ee:16:56:0b:87:bc:e5:16:74:6f:c0:45:
         ea:ba:40:50:f1:36:aa:be:fb:04:e6:1d:ac:b8:6b:93:7d:5c:
         17:04:c6:61:50:a7:aa:6e:d4:bc:21:15:16:fa:95:04:6e:33:
         49:6e:22:e8:1c:9e:97:5b:bb:89:df:27:5a:af:5f:29:64:ef:
         85:4a:34:b1:8d:f1:b4:92:fe:2d:cf:24:97:e5:f4:a9:d4:01:
         fb:b0:a4:d5:bf:c4:4d:85:c5:e5:9c:03:30:54:26:d2:46:66:
         3e:eb:a8:07:84:03:ba:0e:dd:b8:d5:97:f0:23:ca:14:8c:78:
         b0:aa:fe:d0:9c:2f:9c:ce:82:80:e4:21:f8:48:01:48:12:ff:
         d8:d2:40:3b:30:bf:5f:39:51:96:76:e6:4e:c1:50:39:84:de:
         85:6d:44:36:06:38:bb:0f:14:b1:4d:be:e8:62:19:a9:9c:f4:
         c8:3a:fa:f2:f6:e1:36:e0:39:25:33:8c:2e:3b:ca:c9:4a:a2:
         d7:91:a1:cc:72:b2:08:0b:96:dc:8b:61:c1:b5:5c:f5:fb:85:
         98:97:70:43:5f:c2:f2:b5:ba:96:5b:5e:45:be:a2:0a:66:48:
         3a:43:3c:17:e6:ec:88:f1:62:9c:f0:e3:59:6a:24:76:68:93:
         cc:9b:c3:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNrIjD7PzBa6JpY0tWVDtOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjNlMDQxZGQ0NTk2NTMzM2UyYjE0NzRmYzUwYmUyZjBm
YTk1MGUwHhcNMjQxMTI3MDEwMDIzWhcNMjQxMTI4MDEwMDIzWjAzMTEwLwYDVQQD
EyhmNTJlNDgzMjVhZDJhYTIyMzU2NzJiMWVlMjI4MWNhNjVkODcxNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjXkqkWkz1q91Z+TbtS1FE6ia9LH
msVaQW3TKsiVAzQ4LfiDTXGEjIlnB8493+gLORIkGZGNxXbib3+BYGU6MT4c6zl9
0tLc8l+id5xP9hBcfMyRWrk2PEh3ga/MKZkQqjO8htd4oopsI/fbU6dW8W3RpNt1
rG9rAuOf38xwVyrEnL2DIf5KzAW2F/SbREG23fdwW/0dM5DpmNe5KBrADkaUoy4k
y7ZBZ2aCqJ/KFINS3thT8hmc3xZveb6Wh5NjODPLnC2kaWblLokevmVXvmtV8fag
uL7Gmt/aL3dpEXim09UUb2bc8Cp5owm1BfGjPPzSvOzL41nlR8WVhSE7qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUuSDJa0qoiNWcrHuIoHKZdhxRlMB8GA1UdIwQY
MBaAFKMj4EHdRZZTM+KxR0/FC+Lw+pUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMt
Y2FkYzUxNGFjZTcyLzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9lODMzOWUtZmQ2ZC00MDRkLWE2NGMtY2FkYzUxNGFjZTcy
LzEvb3lQZ1FkMUZsbE16NHJGSFQ4VUw0dkQ2bFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs/YzTXae
7hZWC4e85RZ0b8BF6rpAUPE2qr77BOYdrLhrk31cFwTGYVCnqm7UvCEVFvqVBG4z
SW4i6Byel1u7id8nWq9fKWTvhUo0sY3xtJL+Lc8kl+X0qdQB+7Ck1b/ETYXF5ZwD
MFQm0kZmPuuoB4QDug7duNWX8CPKFIx4sKr+0JwvnM6CgOQh+EgBSBL/2NJAOzC/
XzlRlnbmTsFQOYTehW1ENgY4uw8UsU2+6GIZqZz0yDr68vbhNuA5JTOMLjvKyUqi
15GhzHKyCAuW3IthwbVc9fuFmJdwQ1/C8rW6llteRb6iCmZIOkM8F+bsiPFinPDj
WWokdmiTzJvDAw==
-----END CERTIFICATE-----