Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
File:                     0gXOrys2rZ_lGQaehrlONtLsS94.mft (raw, json)
Hash identifier:          OJRZ7a0z+nKP5YRg3lWfqjodq4E18i6J5anhIYDNAPI=
Subject key identifier:   53:93:F1:6F:EB:F2:82:57:EB:3C:C2:A6:80:51:58:1D:AD:AD:AF:41
Authority key identifier: D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE
Certificate issuer:       /CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
Certificate serial:       01936A466DB53CF93486DA77D7B53854342F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
Manifest number:          06AB
Signing time:             Tue 26 Nov 2024 21:00:20 +0000
Manifest this update:     Tue 26 Nov 2024 21:00:20 +0000
Manifest next update:     Wed 27 Nov 2024 21:00:20 +0000
Files and hashes:         1: 0gXOrys2rZ_lGQaehrlONtLsS94.crl (hash: BodqTEvEfv1RnhNE9GFnxbX3DCBdByeA1gYQrJRtVzc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 19:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:6a:46:6d:b5:3c:f9:34:86:da:77:d7:b5:38:54:34:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d205ceaf2b36ad9fe519069e86b94e36d2ec4bde
        Validity
            Not Before: Nov 26 21:00:20 2024 GMT
            Not After : Nov 27 21:00:20 2024 GMT
        Subject: CN=5393f16febf28257eb3cc2a68051581dadadaf41
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:2f:3c:00:1a:87:e4:de:1a:ef:74:10:30:45:
                    a7:f4:7d:f9:3c:bc:c9:4f:73:a4:a6:5d:03:4b:7f:
                    fa:5f:8d:da:3e:4b:2c:60:7f:8e:54:14:e5:79:80:
                    3b:2f:3d:cc:b6:c4:4f:07:9a:43:f2:1d:5b:5b:d0:
                    21:2d:dd:39:b6:a1:91:8b:f9:f6:cf:3e:fb:ae:2f:
                    60:68:de:75:00:00:cc:6c:39:52:b9:3d:c0:74:da:
                    d8:a5:8d:0c:9e:6d:cb:63:05:88:2f:cf:cd:d3:a7:
                    03:8b:1e:5f:10:37:a0:80:c5:7a:90:03:df:c8:5d:
                    50:89:eb:96:71:e8:16:8f:57:76:06:80:44:5f:dc:
                    96:43:0d:9a:7d:7a:6f:00:fa:b1:50:e3:fd:5f:10:
                    14:12:54:ba:52:86:96:40:da:af:e5:e3:8b:af:14:
                    4f:cc:f7:89:a8:ec:aa:b4:6e:45:d4:c0:39:ac:7c:
                    96:44:8d:ff:43:77:9f:8d:cf:99:a1:2a:62:95:09:
                    1c:aa:2a:55:cc:8a:4c:1b:82:03:48:ef:58:d3:6d:
                    b3:42:9c:e3:26:1f:2d:20:45:d1:f2:ad:c0:cf:bf:
                    9e:1c:c6:22:0a:43:0f:ab:53:26:a1:db:2d:9f:b7:
                    58:f6:56:59:5b:d2:15:6d:2b:29:e7:a1:6e:9c:4d:
                    15:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:93:F1:6F:EB:F2:82:57:EB:3C:C2:A6:80:51:58:1D:AD:AD:AF:41
            X509v3 Authority Key Identifier:
                keyid:D2:05:CE:AF:2B:36:AD:9F:E5:19:06:9E:86:B9:4E:36:D2:EC:4B:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0gXOrys2rZ_lGQaehrlONtLsS94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/7fa172-8e55-4711-8c75-18f8925c6665/1/0gXOrys2rZ_lGQaehrlONtLsS94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         cd:67:65:a7:f0:a8:62:fd:16:47:4a:7a:42:1c:23:03:55:d2:
         c1:52:f1:c2:2e:d9:dc:c1:5a:5f:41:16:87:34:c9:32:93:bc:
         6c:3a:b3:29:8a:59:58:65:a7:b1:80:2d:66:46:71:ca:33:02:
         de:b5:c3:90:4b:cd:bf:c4:36:e9:f2:4f:c4:0a:dd:fd:d0:3e:
         b2:62:c8:ba:a5:a5:ec:b7:6a:c3:e7:29:9a:1a:69:e7:b1:22:
         f8:20:fa:9f:33:00:dd:ab:e6:79:76:94:4a:f8:b3:0e:c3:b2:
         8d:8d:54:ab:e7:e5:5e:05:6e:d0:37:20:9f:7b:0c:ca:31:a0:
         21:03:29:0d:7a:5a:c4:68:a8:70:51:19:6a:57:06:14:aa:ee:
         b8:14:6f:e1:a6:94:ca:5a:bd:87:de:93:ab:3f:06:71:9e:65:
         a4:76:d1:26:0a:75:68:35:47:6a:02:50:06:63:61:e6:8a:da:
         ae:50:08:ac:81:f2:d6:0f:54:5e:ed:d9:95:de:f8:a6:ba:da:
         37:43:b8:4e:0e:67:79:a4:dc:fc:f8:ba:61:ef:c7:a0:99:b2:
         f2:e4:78:46:f5:1f:d5:c5:4d:e6:d8:92:fb:58:e8:3d:9c:e2:
         30:2e:10:c6:1a:f5:bf:37:85:f3:76:69:04:d3:ec:cd:6d:d4:
         6e:22:12:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNqRm21PPk0htp317U4VDQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMDVjZWFmMmIzNmFkOWZlNTE5MDY5ZTg2Yjk0ZTM2ZDJl
YzRiZGUwHhcNMjQxMTI2MjEwMDIwWhcNMjQxMTI3MjEwMDIwWjAzMTEwLwYDVQQD
Eyg1MzkzZjE2ZmViZjI4MjU3ZWIzY2MyYTY4MDUxNTgxZGFkYWRhZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S88ABqH5N4a73QQMEWn9H35PLzJ
T3Okpl0DS3/6X43aPkssYH+OVBTleYA7Lz3MtsRPB5pD8h1bW9AhLd05tqGRi/n2
zz77ri9gaN51AADMbDlSuT3AdNrYpY0Mnm3LYwWIL8/N06cDix5fEDeggMV6kAPf
yF1QieuWcegWj1d2BoBEX9yWQw2afXpvAPqxUOP9XxAUElS6UoaWQNqv5eOLrxRP
zPeJqOyqtG5F1MA5rHyWRI3/Q3efjc+ZoSpilQkcqipVzIpMG4IDSO9Y022zQpzj
Jh8tIEXR8q3Az7+eHMYiCkMPq1Mmodstn7dY9lZZW9IVbSsp56FunE0VBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFOT8W/r8oJX6zzCpoBRWB2tra9BMB8GA1UdIwQY
MBaAFNIFzq8rNq2f5RkGnoa5TjbS7EveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUt
MThmODkyNWM2NjY1LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ZmExNzItOGU1NS00NzExLThjNzUtMThmODkyNWM2NjY1
LzEvMGdYT3J5czJyWl9sR1FhZWhybE9OdExzUzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzWdlp/Co
Yv0WR0p6QhwjA1XSwVLxwi7Z3MFaX0EWhzTJMpO8bDqzKYpZWGWnsYAtZkZxyjMC
3rXDkEvNv8Q26fJPxArd/dA+smLIuqWl7Ldqw+cpmhpp57Ei+CD6nzMA3avmeXaU
SvizDsOyjY1Uq+flXgVu0Dcgn3sMyjGgIQMpDXpaxGiocFEZalcGFKruuBRv4aaU
ylq9h96Tqz8GcZ5lpHbRJgp1aDVHagJQBmNh5orarlAIrIHy1g9UXu3Zld74prra
N0O4Tg5neaTc/Pi6Ye/HoJmy8uR4RvUf1cVN5tiS+1joPZziMC4Qxhr1vzeF83Zp
BNPszW3UbiISQA==
-----END CERTIFICATE-----