Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
File:                     oUIVlcmI-yZTZeucofo_F_xXB28.mft (raw, json)
Hash identifier:          KDgOIOzWtxVK6iKEapOxtLadcmhnAr+muWWYzPKpwls=
Subject key identifier:   C6:BD:BB:6B:46:0F:4E:C9:95:7C:BA:F9:37:69:9B:7A:18:F5:C3:10
Authority key identifier: A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F
Certificate issuer:       /CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
Certificate serial:       0193576466DB7083970AA1B62172C7677CD1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
Manifest number:          136F
Signing time:             Sat 23 Nov 2024 05:00:17 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:17 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:17 +0000
Files and hashes:         1: oUIVlcmI-yZTZeucofo_F_xXB28.crl (hash: f8AKfGRdCCswsirgLWpUI5UqedPS/NOITWFQKgdwUAA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 05:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:66:db:70:83:97:0a:a1:b6:21:72:c7:67:7c:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1421595c988fb265365eb9ca1fa3f17fc57076f
        Validity
            Not Before: Nov 23 05:00:17 2024 GMT
            Not After : Nov 24 05:00:17 2024 GMT
        Subject: CN=c6bdbb6b460f4ec9957cbaf937699b7a18f5c310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cb:9c:4d:01:c6:fd:bd:34:e7:74:e5:a7:4d:
                    f6:c9:b7:16:f2:55:3b:f9:bc:ce:aa:59:27:88:e3:
                    1d:0f:9e:af:d5:db:ea:b0:45:10:e4:59:bd:bd:4e:
                    09:df:f3:0a:da:76:b8:1a:2f:18:76:68:37:c5:9b:
                    fc:d7:b4:33:b9:d5:d9:99:e0:f7:71:64:75:71:8c:
                    5f:8d:fe:52:7b:8c:28:86:de:b3:14:15:4d:37:a9:
                    61:f7:98:06:af:0c:32:c3:33:30:6a:cb:d0:4a:95:
                    e8:45:f6:d8:f8:dc:e4:c6:8d:0d:3a:d4:3d:e8:69:
                    f6:56:b1:46:56:d3:10:ae:0b:e9:68:44:7e:17:c8:
                    7d:3a:13:23:d1:e2:e4:01:d0:db:12:5f:18:c2:fd:
                    33:0c:cd:a6:fc:ed:52:a3:1d:fa:ad:3e:94:17:e6:
                    c3:f5:d4:e1:98:a3:0e:5a:35:d7:e0:a7:4a:56:d2:
                    42:8c:14:29:ff:a7:8c:98:56:2d:af:4e:33:40:68:
                    58:5c:70:3a:90:54:f8:40:e4:7b:68:ea:76:9f:59:
                    b6:4c:da:8d:b7:25:68:20:7c:c1:e6:f7:79:70:d8:
                    7e:54:3f:e7:46:58:73:64:4f:fb:89:87:3d:82:af:
                    d6:5a:51:01:fa:94:d3:cc:b0:52:d1:80:23:e5:cf:
                    4f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:BD:BB:6B:46:0F:4E:C9:95:7C:BA:F9:37:69:9B:7A:18:F5:C3:10
            X509v3 Authority Key Identifier:
                keyid:A1:42:15:95:C9:88:FB:26:53:65:EB:9C:A1:FA:3F:17:FC:57:07:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUIVlcmI-yZTZeucofo_F_xXB28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/d625c5-790c-4b51-9ef1-baef4ebf68da/1/oUIVlcmI-yZTZeucofo_F_xXB28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:24:15:53:46:2e:80:38:68:2c:25:7d:79:4a:92:d7:8f:26:
         60:a3:35:9c:c6:f2:a4:92:9b:ae:ae:dc:eb:e5:cc:5a:e3:a1:
         12:19:a7:e2:5d:a0:26:8b:7f:1a:24:87:aa:35:88:59:09:50:
         ce:70:e5:0e:4a:f6:00:d1:84:c1:a1:c3:89:51:b0:69:24:d4:
         94:68:cc:e0:c0:b6:0c:91:4c:52:97:18:d7:44:42:eb:8c:c7:
         52:91:29:27:e1:74:02:84:32:46:41:68:0c:25:c1:8e:da:a7:
         60:c3:72:89:b6:dc:82:42:be:3c:ec:3d:37:e1:62:82:8d:01:
         72:e6:17:da:0c:94:38:73:a9:58:00:de:9b:bb:4b:08:0e:d9:
         79:b3:f6:38:3a:51:1a:68:88:9b:a9:cd:91:ff:76:fe:71:d2:
         a1:b9:b3:ed:e2:1c:61:8e:c4:27:82:6b:7e:67:a9:24:0e:0d:
         6b:74:b1:66:97:51:19:de:3e:68:98:c3:f1:b1:e1:43:79:c3:
         8b:6f:c3:18:59:8e:09:07:00:2d:46:31:02:49:3f:25:d3:0a:
         0d:ba:8c:eb:a7:4f:92:ce:2d:f7:35:f3:a3:e8:98:61:34:33:
         83:b0:ee:61:35:48:aa:e5:f8:1c:3c:66:0f:b8:ab:4f:0f:7c:
         02:43:29:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZGbbcIOXCqG2IXLHZ3zRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDIxNTk1Yzk4OGZiMjY1MzY1ZWI5Y2ExZmEzZjE3ZmM1
NzA3NmYwHhcNMjQxMTIzMDUwMDE3WhcNMjQxMTI0MDUwMDE3WjAzMTEwLwYDVQQD
EyhjNmJkYmI2YjQ2MGY0ZWM5OTU3Y2JhZjkzNzY5OWI3YTE4ZjVjMzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMucTQHG/b0053Tlp032ybcW8lU7
+bzOqlkniOMdD56v1dvqsEUQ5Fm9vU4J3/MK2na4Gi8Ydmg3xZv817QzudXZmeD3
cWR1cYxfjf5Se4woht6zFBVNN6lh95gGrwwywzMwasvQSpXoRfbY+Nzkxo0NOtQ9
6Gn2VrFGVtMQrgvpaER+F8h9OhMj0eLkAdDbEl8Ywv0zDM2m/O1Sox36rT6UF+bD
9dThmKMOWjXX4KdKVtJCjBQp/6eMmFYtr04zQGhYXHA6kFT4QOR7aOp2n1m2TNqN
tyVoIHzB5vd5cNh+VD/nRlhzZE/7iYc9gq/WWlEB+pTTzLBS0YAj5c9PVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMa9u2tGD07JlXy6+Tdpm3oY9cMQMB8GA1UdIwQY
MBaAFKFCFZXJiPsmU2XrnKH6Pxf8VwdvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEt
YmFlZjRlYmY2OGRhLzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kNjI1YzUtNzkwYy00YjUxLTllZjEtYmFlZjRlYmY2OGRh
LzEvb1VJVmxjbUkteVpUWmV1Y29mb19GX3hYQjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQCQVU0Yu
gDhoLCV9eUqS148mYKM1nMbypJKbrq7c6+XMWuOhEhmn4l2gJot/GiSHqjWIWQlQ
znDlDkr2ANGEwaHDiVGwaSTUlGjM4MC2DJFMUpcY10RC64zHUpEpJ+F0AoQyRkFo
DCXBjtqnYMNyibbcgkK+POw9N+Figo0BcuYX2gyUOHOpWADem7tLCA7ZebP2ODpR
GmiIm6nNkf92/nHSobmz7eIcYY7EJ4JrfmepJA4Na3SxZpdRGd4+aJjD8bHhQ3nD
i2/DGFmOCQcALUYxAkk/JdMKDbqM66dPks4t9zXzo+iYYTQzg7DuYTVIquX4HDxm
D7irTw98AkMpbQ==
-----END CERTIFICATE-----