Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
File:                     OJwDADZ1arjNrJIrGvI3vOE2fOA.mft (raw, json)
Hash identifier:          teowDHxEb3PMRRnQh3eStxAxeK+2muPT9fbi33gdP+8=
Subject key identifier:   F4:DE:88:ED:89:BC:C1:23:38:D4:C1:FA:7A:20:34:EC:36:B3:59:FB
Authority key identifier: 38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0
Certificate issuer:       /CN=389c030036756ab8cdac922b1af237bce1367ce0
Certificate serial:       019510C733C9E11C70EEDCCB880151DA6ECA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
Manifest number:          1453
Signing time:             Sun 16 Feb 2025 22:00:45 +0000
Manifest this update:     Sun 16 Feb 2025 22:00:45 +0000
Manifest next update:     Mon 17 Feb 2025 22:00:45 +0000
Files and hashes:         1: OJwDADZ1arjNrJIrGvI3vOE2fOA.crl (hash: b7k0s+R/0/+F25EgwLgkVsVGZorV4iKT8Xznp9RD4wg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 22:00:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:10:c7:33:c9:e1:1c:70:ee:dc:cb:88:01:51:da:6e:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=389c030036756ab8cdac922b1af237bce1367ce0
        Validity
            Not Before: Feb 16 22:00:45 2025 GMT
            Not After : Feb 17 22:00:45 2025 GMT
        Subject: CN=f4de88ed89bcc12338d4c1fa7a2034ec36b359fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:ff:be:80:31:6d:2c:ab:1d:cc:4e:8e:87:0c:
                    1c:2a:9d:cd:b0:71:a1:b7:90:e9:ea:06:1e:d4:e8:
                    51:90:1e:d1:7f:cb:ae:a2:ca:c3:82:89:e0:86:c4:
                    35:17:55:9b:24:d5:f0:9c:e7:4a:b5:6b:96:7d:ba:
                    6b:bb:79:8a:07:a0:49:18:64:f4:79:18:b7:55:91:
                    f4:dd:7e:9b:3e:22:40:4e:65:da:db:5d:55:90:48:
                    e7:e4:43:37:08:b5:a5:da:74:71:97:b7:aa:cb:b7:
                    9b:40:d7:46:d1:fe:bc:8f:2b:49:be:30:53:e5:0c:
                    f7:bf:f4:b2:16:e2:af:6e:1d:c6:e0:6f:82:5c:ef:
                    75:aa:fe:92:eb:12:87:75:92:7c:80:9f:33:d6:db:
                    71:e9:5b:98:4f:12:f3:18:56:50:38:ac:9b:de:7b:
                    8e:cb:25:b6:89:e3:6c:72:1d:73:fd:23:20:b3:bb:
                    03:74:03:e0:f8:bf:dc:65:f4:eb:93:4d:d4:89:36:
                    21:df:cc:33:07:77:14:75:73:df:00:a5:b2:81:3f:
                    16:4e:bf:b1:cf:4e:30:48:7c:e8:16:52:3f:79:7a:
                    dd:9c:e7:d0:e1:a2:ed:d2:ae:43:94:d7:7d:f0:de:
                    dc:8d:75:95:31:2d:99:b6:1b:2e:74:c1:7f:28:07:
                    35:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:DE:88:ED:89:BC:C1:23:38:D4:C1:FA:7A:20:34:EC:36:B3:59:FB
            X509v3 Authority Key Identifier:
                keyid:38:9C:03:00:36:75:6A:B8:CD:AC:92:2B:1A:F2:37:BC:E1:36:7C:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OJwDADZ1arjNrJIrGvI3vOE2fOA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/20fca0-04b2-43b0-bd2c-6717b9babb34/1/OJwDADZ1arjNrJIrGvI3vOE2fOA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         53:d6:fc:38:2a:80:c3:0f:0c:dc:5c:e1:44:c5:72:07:c1:cf:
         74:30:25:95:63:1c:9d:ad:d0:44:29:2e:44:b9:eb:10:ee:42:
         6a:00:89:5e:60:15:7d:b1:7e:86:04:0c:62:4e:fd:f6:b0:b5:
         2b:7a:aa:ab:ff:b7:b7:d3:08:2a:1b:ef:42:80:56:b9:c2:cc:
         b0:c5:1c:b4:32:0e:9c:9e:27:3e:0b:df:a5:0f:58:06:13:75:
         45:62:2d:c7:57:5d:64:34:81:5d:6d:6b:3e:a2:30:24:a1:ae:
         31:f0:4c:28:86:99:20:cc:45:cb:63:43:c9:ea:cc:60:64:b0:
         d6:d9:ae:3d:20:6c:2d:94:97:b2:63:57:d1:12:0d:d0:ea:60:
         44:46:cf:a0:18:56:5b:cc:3b:06:f1:cf:1d:fe:de:80:1d:af:
         0f:70:1a:e3:01:ef:f5:80:3b:a8:8e:62:4e:6d:17:78:fe:9b:
         1f:82:5a:40:b1:a8:17:b9:5f:e7:6b:5a:d2:39:11:7f:a4:a4:
         57:57:eb:cf:5a:0a:4f:98:38:e1:22:c4:9f:ca:dd:fe:bb:20:
         93:c6:90:91:08:7f:d4:05:3e:29:fa:fb:1e:76:c8:ee:76:8a:
         75:da:c7:1d:0f:59:7c:74:f9:86:d2:c6:14:12:b0:e9:d9:c5:
         93:4f:74:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUQxzPJ4Rxw7tzLiAFR2m7KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4OWMwMzAwMzY3NTZhYjhjZGFjOTIyYjFhZjIzN2JjZTEz
NjdjZTAwHhcNMjUwMjE2MjIwMDQ1WhcNMjUwMjE3MjIwMDQ1WjAzMTEwLwYDVQQD
EyhmNGRlODhlZDg5YmNjMTIzMzhkNGMxZmE3YTIwMzRlYzM2YjM1OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxv++gDFtLKsdzE6OhwwcKp3NsHGh
t5Dp6gYe1OhRkB7Rf8uuosrDgonghsQ1F1WbJNXwnOdKtWuWfbpru3mKB6BJGGT0
eRi3VZH03X6bPiJATmXa211VkEjn5EM3CLWl2nRxl7eqy7ebQNdG0f68jytJvjBT
5Qz3v/SyFuKvbh3G4G+CXO91qv6S6xKHdZJ8gJ8z1ttx6VuYTxLzGFZQOKyb3nuO
yyW2ieNsch1z/SMgs7sDdAPg+L/cZfTrk03UiTYh38wzB3cUdXPfAKWygT8WTr+x
z04wSHzoFlI/eXrdnOfQ4aLt0q5DlNd98N7cjXWVMS2ZthsudMF/KAc1XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTeiO2JvMEjONTB+nogNOw2s1n7MB8GA1UdIwQY
MBaAFDicAwA2dWq4zaySKxryN7zhNnzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMt
NjcxN2I5YmFiYjM0LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yMGZjYTAtMDRiMi00M2IwLWJkMmMtNjcxN2I5YmFiYjM0
LzEvT0p3REFEWjFhcmpOckpJckd2STN2T0UyZk9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU9b8OCqA
ww8M3FzhRMVyB8HPdDAllWMcna3QRCkuRLnrEO5CagCJXmAVfbF+hgQMYk799rC1
K3qqq/+3t9MIKhvvQoBWucLMsMUctDIOnJ4nPgvfpQ9YBhN1RWItx1ddZDSBXW1r
PqIwJKGuMfBMKIaZIMxFy2NDyerMYGSw1tmuPSBsLZSXsmNX0RIN0OpgREbPoBhW
W8w7BvHPHf7egB2vD3Aa4wHv9YA7qI5iTm0XeP6bH4JaQLGoF7lf52ta0jkRf6Sk
V1frz1oKT5g44SLEn8rd/rsgk8aQkQh/1AU+Kfr7HnbI7naKddrHHQ9ZfHT5htLG
FBKw6dnFk090+Q==
-----END CERTIFICATE-----