Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
File:                     OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft (raw, json)
Hash identifier:          4FgENyv4mZ8msT7ku2/5nWFF5uqA+EpizRfdh8o9qYQ=
Subject key identifier:   7A:DC:53:E0:09:55:BD:2D:50:13:38:97:A8:F7:D0:B7:10:AE:17:1D
Authority key identifier: 38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1
Certificate issuer:       /CN=38a19e640de1f452a7dc4abe786aa581342927b1
Certificate serial:       0193549A9CA0A9CA2BEEC99C74327FA7D7F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
Manifest number:          02B0
Signing time:             Fri 22 Nov 2024 16:00:38 +0000
Manifest this update:     Fri 22 Nov 2024 16:00:38 +0000
Manifest next update:     Sat 23 Nov 2024 16:00:38 +0000
Files and hashes:         1: OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl (hash: V4dDvNJ7/2fTrpp4PuMm9qh/jCmwwBuc0gVnHiPwt1w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:54:9a:9c:a0:a9:ca:2b:ee:c9:9c:74:32:7f:a7:d7:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a19e640de1f452a7dc4abe786aa581342927b1
        Validity
            Not Before: Nov 22 16:00:38 2024 GMT
            Not After : Nov 23 16:00:38 2024 GMT
        Subject: CN=7adc53e00955bd2d50133897a8f7d0b710ae171d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:51:ac:24:17:82:af:69:e7:35:a4:32:69:20:
                    b8:13:56:6f:2e:2e:0f:7b:ec:6e:45:2d:2a:d1:5f:
                    c7:d9:00:97:e9:a9:3d:05:ef:40:64:92:8f:dd:3d:
                    75:5f:2b:a8:b4:19:40:fc:74:c3:4d:84:e2:0c:26:
                    fe:d9:ab:a9:60:99:b1:e7:3b:a8:78:a5:90:84:65:
                    3a:95:97:5b:e0:81:e6:40:91:4e:32:61:31:57:db:
                    6f:12:ab:3d:a5:94:5b:5b:f1:74:d5:40:98:81:fa:
                    0b:28:49:02:67:ef:93:dd:d6:4e:fc:75:40:1b:7a:
                    9c:85:94:1c:39:4f:1b:aa:9d:f9:87:83:71:0a:2a:
                    c2:8e:c4:7e:0d:a5:e8:b5:f8:e9:5f:4a:38:cb:28:
                    93:0f:81:4d:bb:1a:77:cf:83:44:83:cf:1e:60:3c:
                    26:35:5f:84:a4:52:fa:c1:7e:dc:50:72:98:8e:8d:
                    7f:c4:d5:5a:d8:b3:00:dd:47:d0:3e:1f:44:7f:e4:
                    1c:fb:8d:ec:c9:63:7d:cf:c2:c9:eb:8b:71:bc:3f:
                    59:b8:b2:8a:bd:bc:15:3e:b2:b2:6e:08:d1:96:34:
                    b6:c2:64:db:61:c6:04:10:e0:7a:8c:63:31:65:ac:
                    c4:61:ca:3e:27:93:6d:67:6b:82:ef:e6:73:6f:18:
                    d0:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:DC:53:E0:09:55:BD:2D:50:13:38:97:A8:F7:D0:B7:10:AE:17:1D
            X509v3 Authority Key Identifier:
                keyid:38:A1:9E:64:0D:E1:F4:52:A7:DC:4A:BE:78:6A:A5:81:34:29:27:B1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/3fe413-bd51-4765-bd86-b7441032e59f/1/OKGeZA3h9FKn3Eq-eGqlgTQpJ7E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a3:ad:6a:e5:de:3c:dd:9a:80:33:ee:df:fe:c4:1a:b5:95:ee:
         fc:7d:f2:18:eb:a5:d9:b5:f6:d3:b6:51:11:9c:83:a5:7d:f1:
         f4:f3:24:b3:5d:f3:0b:00:8f:47:02:af:d5:0d:bf:be:2a:82:
         0b:56:d0:d5:91:00:7d:8f:fe:3d:08:41:68:bd:c4:75:db:e0:
         4d:a1:b8:2a:24:8c:00:34:04:99:41:e6:ff:a4:5a:af:3f:00:
         7b:91:82:a3:b8:b4:8b:10:30:66:e2:00:c4:01:53:65:1a:b4:
         1a:0f:a0:8e:e2:b8:11:75:46:5b:02:29:8b:f7:0f:92:ce:2c:
         64:05:7a:31:9d:43:cc:42:68:fe:fb:5c:37:42:8f:76:a8:f7:
         86:5b:c8:07:9c:66:33:1a:82:fd:5e:b0:69:61:e3:3f:25:5f:
         99:88:f4:d7:6a:43:a6:49:54:57:4f:58:31:6d:94:93:33:75:
         cd:13:87:1f:f1:38:63:ad:ae:7d:71:a3:fb:94:08:9e:7b:d5:
         0d:ce:08:fc:ff:ea:de:43:0e:94:a1:8b:7b:fc:b7:da:1c:bc:
         da:c3:6e:11:17:2b:a9:f9:6c:30:92:45:07:da:05:ec:a0:22:
         ff:35:32:ec:83:8f:de:c6:07:af:cb:9e:d9:37:f5:04:86:a2:
         7f:92:1a:40
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNUmpygqcor7smcdDJ/p9fyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTE5ZTY0MGRlMWY0NTJhN2RjNGFiZTc4NmFhNTgxMzQy
OTI3YjEwHhcNMjQxMTIyMTYwMDM4WhcNMjQxMTIzMTYwMDM4WjAzMTEwLwYDVQQD
Eyg3YWRjNTNlMDA5NTViZDJkNTAxMzM4OTdhOGY3ZDBiNzEwYWUxNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVGsJBeCr2nnNaQyaSC4E1ZvLi4P
e+xuRS0q0V/H2QCX6ak9Be9AZJKP3T11XyuotBlA/HTDTYTiDCb+2aupYJmx5zuo
eKWQhGU6lZdb4IHmQJFOMmExV9tvEqs9pZRbW/F01UCYgfoLKEkCZ++T3dZO/HVA
G3qchZQcOU8bqp35h4NxCirCjsR+DaXotfjpX0o4yyiTD4FNuxp3z4NEg88eYDwm
NV+EpFL6wX7cUHKYjo1/xNVa2LMA3UfQPh9Ef+Qc+43syWN9z8LJ64txvD9ZuLKK
vbwVPrKybgjRljS2wmTbYcYEEOB6jGMxZazEYco+J5NtZ2uC7+ZzbxjQ5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHrcU+AJVb0tUBM4l6j30LcQrhcdMB8GA1UdIwQY
MBaAFDihnmQN4fRSp9xKvnhqpYE0KSexMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYt
Yjc0NDEwMzJlNTlmLzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zZmU0MTMtYmQ1MS00NzY1LWJkODYtYjc0NDEwMzJlNTlm
LzEvT0tHZVpBM2g5RktuM0VxLWVHcWxnVFFwSjdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo61q5d48
3ZqAM+7f/sQatZXu/H3yGOul2bX207ZREZyDpX3x9PMks13zCwCPRwKv1Q2/viqC
C1bQ1ZEAfY/+PQhBaL3EddvgTaG4KiSMADQEmUHm/6Rarz8Ae5GCo7i0ixAwZuIA
xAFTZRq0Gg+gjuK4EXVGWwIpi/cPks4sZAV6MZ1DzEJo/vtcN0KPdqj3hlvIB5xm
MxqC/V6waWHjPyVfmYj012pDpklUV09YMW2UkzN1zROHH/E4Y62ufXGj+5QInnvV
Dc4I/P/q3kMOlKGLe/y32hy82sNuERcrqflsMJJFB9oF7KAi/zUy7IOP3sYHr8ue
2Tf1BIaif5IaQA==
-----END CERTIFICATE-----