Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          CYfZOAjgOsOAM6EwY/rVLSQ8/07gzzIHoeHWoiWBIdU=
Subject key identifier:   78:05:51:B3:01:BC:35:7E:2C:72:47:CE:F0:9E:E4:22:5C:1E:8D:DD
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       019316CECDBA7A3CFBDE14D526D857DAFE6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          0290
Signing time:             Sun 10 Nov 2024 16:01:11 +0000
Manifest this update:     Sun 10 Nov 2024 16:01:11 +0000
Manifest next update:     Mon 11 Nov 2024 16:01:11 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: Of+y8RR6ls7vlvUQujsuu3fXLHtARO/id8y4zBcck64=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 11 Nov 2024 14:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:16:ce:cd:ba:7a:3c:fb:de:14:d5:26:d8:57:da:fe:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Nov 10 16:01:11 2024 GMT
            Not After : Nov 11 16:01:11 2024 GMT
        Subject: CN=780551b301bc357e2c7247cef09ee4225c1e8ddd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:37:2e:06:e3:91:79:ef:71:f4:84:64:36:a1:
                    80:37:0f:60:16:86:29:56:dc:90:29:ec:e3:13:61:
                    88:20:d4:70:f2:f4:d8:0d:9d:63:4f:cb:eb:65:0a:
                    21:e6:da:89:95:47:d3:23:03:ee:fa:92:56:8f:62:
                    0e:38:ed:28:6f:b3:32:44:ff:43:ee:97:e2:b9:53:
                    72:76:95:15:81:5a:0f:db:7b:7f:05:a8:2c:b6:67:
                    4b:44:4b:31:aa:1d:fb:5e:60:0f:3c:24:88:b7:af:
                    43:40:f5:42:7e:d2:37:e7:82:6b:67:3b:d1:88:75:
                    de:38:5c:49:2c:dd:b1:c3:e0:93:06:33:41:c8:33:
                    6d:bc:06:c8:0a:7b:31:15:28:a5:01:ad:27:80:b4:
                    fa:cd:fd:b3:fe:7c:d6:d0:0e:0a:e8:de:66:60:c8:
                    36:73:63:a4:eb:dd:ce:10:b6:9e:05:71:26:fa:9b:
                    f9:67:08:75:16:22:df:c8:c7:d6:7c:1c:f8:9a:be:
                    67:50:9d:ae:af:32:22:f6:38:7a:fa:7d:05:61:65:
                    e5:06:6d:ab:4d:91:2e:15:98:96:f9:c4:d9:43:3c:
                    1f:1c:e9:a5:c5:12:19:18:98:74:88:a0:ee:6d:82:
                    e8:4c:7a:34:9f:e9:de:8d:98:de:a5:13:fd:c6:04:
                    bc:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:05:51:B3:01:BC:35:7E:2C:72:47:CE:F0:9E:E4:22:5C:1E:8D:DD
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         c5:16:4e:db:8e:38:02:b2:cb:11:74:f5:63:0a:07:0c:69:b5:
         24:53:eb:ff:cf:95:78:8d:08:d3:31:8b:8b:9b:ad:b1:fc:cd:
         2c:c0:24:5f:df:7f:73:d5:6f:39:f2:e7:86:a9:04:d6:51:5f:
         09:a4:c7:f3:b5:ae:4a:69:15:c0:e9:e6:99:7a:ac:57:06:dd:
         cf:22:86:99:a0:59:f3:a1:91:64:0c:92:26:1d:de:26:0f:1f:
         80:1a:33:64:3d:f1:a3:a5:64:74:9c:0d:17:c6:32:b3:48:ab:
         c5:3a:bd:9c:1c:c2:2e:54:da:77:fb:2e:ac:dd:b9:1d:27:05:
         3c:06:b3:ba:83:d4:db:bb:49:4d:6b:98:8b:31:19:1b:cd:4f:
         83:0d:26:41:40:0e:9c:01:3e:83:2a:41:46:b7:99:06:58:e6:
         f0:a8:36:5b:d6:91:da:c5:4b:2d:72:c6:f4:5e:7d:d4:c5:da:
         93:42:41:2c:1c:87:34:df:a4:b0:c6:93:0d:50:72:7a:ac:c3:
         44:cf:78:23:11:35:5f:7f:82:f6:92:51:30:52:8b:59:1e:c8:
         df:e6:6c:79:8e:ae:40:9c:6d:b5:2a:f1:7b:18:bc:d9:0b:89:
         a0:1b:fd:ce:f0:7e:c7:56:c9:72:89:63:b4:01:df:4d:4d:21:
         95:72:37:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZMWzs26ejz73hTVJthX2v5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjQxMTEwMTYwMTExWhcNMjQxMTExMTYwMTExWjAzMTEwLwYDVQQD
Eyg3ODA1NTFiMzAxYmMzNTdlMmM3MjQ3Y2VmMDllZTQyMjVjMWU4ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjcuBuORee9x9IRkNqGANw9gFoYp
VtyQKezjE2GIINRw8vTYDZ1jT8vrZQoh5tqJlUfTIwPu+pJWj2IOOO0ob7MyRP9D
7pfiuVNydpUVgVoP23t/BagstmdLREsxqh37XmAPPCSIt69DQPVCftI354JrZzvR
iHXeOFxJLN2xw+CTBjNByDNtvAbICnsxFSilAa0ngLT6zf2z/nzW0A4K6N5mYMg2
c2Ok693OELaeBXEm+pv5Zwh1FiLfyMfWfBz4mr5nUJ2urzIi9jh6+n0FYWXlBm2r
TZEuFZiW+cTZQzwfHOmlxRIZGJh0iKDubYLoTHo0n+nejZjepRP9xgS8BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHgFUbMBvDV+LHJHzvCe5CJcHo3dMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxRZO2444
ArLLEXT1YwoHDGm1JFPr/8+VeI0I0zGLi5utsfzNLMAkX99/c9VvOfLnhqkE1lFf
CaTH87WuSmkVwOnmmXqsVwbdzyKGmaBZ86GRZAySJh3eJg8fgBozZD3xo6VkdJwN
F8Yys0irxTq9nBzCLlTad/surN25HScFPAazuoPU27tJTWuYizEZG81Pgw0mQUAO
nAE+gypBRreZBljm8Kg2W9aR2sVLLXLG9F591MXak0JBLByHNN+ksMaTDVByeqzD
RM94IxE1X3+C9pJRMFKLWR7I3+ZseY6uQJxttSrxexi82QuJoBv9zvB+x1bJcolj
tAHfTU0hlXI3Aw==
-----END CERTIFICATE-----