Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
File:                     OitQeZsxwLFFEkZQ1xG844PWcDk.mft (raw, json)
Hash identifier:          rueov0cv7+1JF/ptcKlAWXzQOf9M7l0kbxgc6Lnf4CQ=
Subject key identifier:   21:A1:E9:C6:CF:A1:E6:69:82:EF:B0:6D:46:D2:73:7C:E5:73:E3:5F
Authority key identifier: 3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39
Certificate issuer:       /CN=3a2b50799b31c0b145124650d711bce383d67039
Certificate serial:       01936933BF408BB734433C32B373DC6C1331
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
Manifest number:          07CC
Signing time:             Tue 26 Nov 2024 16:00:19 +0000
Manifest this update:     Tue 26 Nov 2024 16:00:19 +0000
Manifest next update:     Wed 27 Nov 2024 16:00:19 +0000
Files and hashes:         1: OitQeZsxwLFFEkZQ1xG844PWcDk.crl (hash: H+jf9+PQPKlUWvWD0Xo6VQK7pS7AmW2mGU4YzGzOE/o=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 27 Nov 2024 10:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:69:33:bf:40:8b:b7:34:43:3c:32:b3:73:dc:6c:13:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a2b50799b31c0b145124650d711bce383d67039
        Validity
            Not Before: Nov 26 16:00:19 2024 GMT
            Not After : Nov 27 16:00:19 2024 GMT
        Subject: CN=21a1e9c6cfa1e66982efb06d46d2737ce573e35f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:5e:e3:0a:68:9b:c4:a9:16:ac:e1:90:93:39:
                    23:d8:ef:fa:fe:99:fc:43:8b:97:82:d7:16:d2:f0:
                    2b:e0:76:0c:37:55:1b:0d:3f:cb:34:8c:cd:d3:4f:
                    00:d7:31:a4:4b:de:32:d2:ec:16:d2:96:c0:a3:92:
                    b8:7f:9b:dd:92:c8:1d:b7:67:dd:cd:4f:63:9d:80:
                    a0:62:32:e1:4b:72:20:86:74:fd:9a:38:26:aa:a1:
                    78:c8:9e:15:95:72:61:ff:cf:98:fd:5e:51:58:6b:
                    a3:5f:56:8d:dc:fd:e7:01:e3:8c:1f:bb:95:af:09:
                    d5:14:4f:0e:91:01:df:ac:a7:36:16:84:be:62:99:
                    25:00:1e:f8:97:d5:a4:a5:5e:f2:e5:73:96:20:cd:
                    ef:2b:15:a9:f2:1d:01:d8:71:e9:dc:42:fc:ee:01:
                    79:02:69:6d:3f:7c:47:a9:6e:fc:7c:72:f8:d3:fa:
                    7b:19:e5:ea:9c:0c:ad:83:ba:87:17:ce:10:08:74:
                    86:07:04:ca:ba:27:79:2f:d0:72:73:7a:79:73:00:
                    4c:bc:62:35:23:42:e1:0e:19:c8:55:8e:22:1b:68:
                    fe:c8:14:56:8a:db:2e:a7:f5:ba:e2:c3:80:5e:6c:
                    a3:c4:e9:6d:66:c7:51:a7:7c:b4:4e:03:a2:55:3e:
                    5a:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A1:E9:C6:CF:A1:E6:69:82:EF:B0:6D:46:D2:73:7C:E5:73:E3:5F
            X509v3 Authority Key Identifier:
                keyid:3A:2B:50:79:9B:31:C0:B1:45:12:46:50:D7:11:BC:E3:83:D6:70:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OitQeZsxwLFFEkZQ1xG844PWcDk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0152ab-d346-4e11-b0c3-332730fb1c8a/1/OitQeZsxwLFFEkZQ1xG844PWcDk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         09:a9:9f:13:e6:c1:f0:13:66:f5:cd:84:b7:2a:0e:c3:70:75:
         72:02:8b:c2:51:03:f0:06:f6:32:9c:65:a0:0f:f9:21:d1:88:
         d9:ce:c1:e7:41:8a:72:ed:1f:bf:a8:84:6c:b3:2d:9a:3a:bf:
         49:f4:84:ce:4b:b2:41:49:95:d7:cb:3e:67:db:81:cb:d1:6d:
         c8:d9:cb:59:c0:cc:89:d4:39:45:2e:f0:39:50:e7:24:c5:8f:
         5c:36:20:0f:d7:db:4b:42:ac:6c:b4:c8:70:da:50:70:19:60:
         4c:77:df:10:54:f1:5f:84:ff:64:54:2a:cb:a0:cc:4a:a3:98:
         20:ab:a8:5f:30:b9:eb:a1:e0:d6:08:1a:e4:34:b1:29:d9:c6:
         aa:0f:8a:c7:ce:ff:c2:ce:e4:db:3e:30:b8:65:b8:36:96:0d:
         8c:05:19:6a:b9:e0:86:55:08:1b:09:4b:36:b3:36:0c:2f:fb:
         91:07:bd:71:7d:40:73:27:32:93:cc:8d:8e:2f:f4:5c:93:a8:
         cd:08:32:48:2b:28:4a:f2:8a:56:d3:8a:30:d0:a5:52:45:6a:
         72:18:42:26:34:8d:a4:ab:f9:09:e9:fc:f5:1f:54:9e:11:52:
         dd:9e:ef:91:d9:a1:77:7b:54:a2:fb:f3:c1:0f:3d:f4:fe:f3:
         63:9b:e1:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNpM79Ai7c0Qzwys3PcbBMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMmI1MDc5OWIzMWMwYjE0NTEyNDY1MGQ3MTFiY2UzODNk
NjcwMzkwHhcNMjQxMTI2MTYwMDE5WhcNMjQxMTI3MTYwMDE5WjAzMTEwLwYDVQQD
EygyMWExZTljNmNmYTFlNjY5ODJlZmIwNmQ0NmQyNzM3Y2U1NzNlMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk17jCmibxKkWrOGQkzkj2O/6/pn8
Q4uXgtcW0vAr4HYMN1UbDT/LNIzN008A1zGkS94y0uwW0pbAo5K4f5vdksgdt2fd
zU9jnYCgYjLhS3IghnT9mjgmqqF4yJ4VlXJh/8+Y/V5RWGujX1aN3P3nAeOMH7uV
rwnVFE8OkQHfrKc2FoS+YpklAB74l9WkpV7y5XOWIM3vKxWp8h0B2HHp3EL87gF5
AmltP3xHqW78fHL40/p7GeXqnAytg7qHF84QCHSGBwTKuid5L9Byc3p5cwBMvGI1
I0LhDhnIVY4iG2j+yBRWitsup/W64sOAXmyjxOltZsdRp3y0TgOiVT5a+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGh6cbPoeZpgu+wbUbSc3zlc+NfMB8GA1UdIwQY
MBaAFDorUHmbMcCxRRJGUNcRvOOD1nA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMt
MzMyNzMwZmIxYzhhLzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMTUyYWItZDM0Ni00ZTExLWIwYzMtMzMyNzMwZmIxYzhh
LzEvT2l0UWVac3h3TEZGRWtaUTF4Rzg0NFBXY0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACamfE+bB
8BNm9c2EtyoOw3B1cgKLwlED8Ab2MpxloA/5IdGI2c7B50GKcu0fv6iEbLMtmjq/
SfSEzkuyQUmV18s+Z9uBy9FtyNnLWcDMidQ5RS7wOVDnJMWPXDYgD9fbS0KsbLTI
cNpQcBlgTHffEFTxX4T/ZFQqy6DMSqOYIKuoXzC566Hg1gga5DSxKdnGqg+Kx87/
ws7k2z4wuGW4NpYNjAUZarnghlUIGwlLNrM2DC/7kQe9cX1Acycyk8yNji/0XJOo
zQgySCsoSvKKVtOKMNClUkVqchhCJjSNpKv5Cen89R9UnhFS3Z7vkdmhd3tUovvz
wQ899P7zY5vhDA==
-----END CERTIFICATE-----