Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
File:                     oFZPeYAZBRh04Czu4_0hy86rSuk.mft (raw, json)
Hash identifier:          sAubcqmEN4hIhY+/5zYLJUp3ftU6FYMEFm+DHSZ3hPM=
Subject key identifier:   3B:01:D1:24:8E:A9:D6:63:94:18:59:85:DA:75:4E:2E:4D:EF:3C:8B
Authority key identifier: A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9
Certificate issuer:       /CN=a0564f798019051874e02ceee3fd21cbceab4ae9
Certificate serial:       019356F712E495F444156F8132D3295A2F77
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
Manifest number:          0877
Signing time:             Sat 23 Nov 2024 03:00:53 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:53 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:53 +0000
Files and hashes:         1: oFZPeYAZBRh04Czu4_0hy86rSuk.crl (hash: bt3qop2azk70NrEYHQDmmz4dCc6LdKyBfMpA9bZZe1s=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:12:e4:95:f4:44:15:6f:81:32:d3:29:5a:2f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0564f798019051874e02ceee3fd21cbceab4ae9
        Validity
            Not Before: Nov 23 03:00:53 2024 GMT
            Not After : Nov 24 03:00:53 2024 GMT
        Subject: CN=3b01d1248ea9d66394185985da754e2e4def3c8b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b8:4f:6a:7d:e7:6f:71:a4:c6:49:64:24:d7:
                    6f:b6:91:bc:67:de:ef:45:5a:57:cb:4c:d1:70:20:
                    0b:95:f5:fa:0d:e4:95:96:b8:39:24:3a:f1:85:cf:
                    ab:00:e0:24:a2:82:d8:41:2b:74:6a:b2:63:1d:70:
                    ac:d5:5a:23:69:fc:ba:5f:71:31:8f:1e:5c:7b:08:
                    7f:6a:80:d5:ff:99:a8:ee:63:bb:db:99:12:85:ae:
                    0c:be:29:9f:d7:e9:06:f6:60:c0:26:e0:f8:67:a3:
                    13:9b:4e:40:ee:2a:67:d2:5c:96:17:88:9f:6e:f7:
                    fb:e0:18:2b:78:72:b4:29:8f:81:6e:7a:ce:88:da:
                    2a:9b:f2:f7:b3:e5:03:bd:49:a3:82:74:ce:60:db:
                    b7:a6:8d:12:05:c7:7f:30:d0:24:76:fe:7b:c4:ef:
                    47:f9:5b:57:c4:f5:41:f3:88:d7:ba:d3:57:28:3c:
                    9a:aa:ea:7c:f2:ef:f6:3b:c6:26:b6:05:be:23:d5:
                    72:a0:ad:b4:38:8d:23:63:6c:07:31:39:a4:20:b4:
                    57:33:bd:d2:c2:2b:89:86:27:e7:67:8b:cd:e3:30:
                    90:4a:f4:fd:99:f7:9d:bd:cd:84:f2:f7:b9:09:2a:
                    38:b0:70:29:c0:88:95:2f:d6:a7:e4:61:53:4e:56:
                    cc:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:01:D1:24:8E:A9:D6:63:94:18:59:85:DA:75:4E:2E:4D:EF:3C:8B
            X509v3 Authority Key Identifier:
                keyid:A0:56:4F:79:80:19:05:18:74:E0:2C:EE:E3:FD:21:CB:CE:AB:4A:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oFZPeYAZBRh04Czu4_0hy86rSuk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f052ee-76b1-422f-8719-215eecb3df93/1/oFZPeYAZBRh04Czu4_0hy86rSuk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         2f:86:5b:f5:78:86:b1:47:1b:6c:3c:85:a6:a4:b4:d1:40:0a:
         2b:67:3b:82:28:8d:49:87:6a:d0:87:22:ca:69:fa:22:c7:40:
         59:3c:1c:59:c9:d1:93:9e:16:d1:18:47:90:5e:77:a4:27:94:
         7a:0d:5c:cc:1d:9b:1f:30:36:30:64:2d:40:db:3d:0a:cd:7d:
         b4:5a:f7:24:74:ab:56:bd:af:7c:b3:23:b2:e4:5c:21:83:1e:
         9c:39:9c:49:9e:a2:3c:99:09:16:67:66:5d:f1:1e:f0:52:72:
         9e:27:91:ba:98:6f:73:87:7f:07:85:d3:c0:d2:3e:fc:c9:26:
         0c:d1:7c:11:55:92:85:3c:9f:a7:2d:b0:5a:d2:32:87:8f:96:
         f0:ba:be:73:3a:01:ef:bb:03:05:1d:bc:4c:ea:ee:fa:94:ee:
         20:06:7d:25:3e:2c:f7:c0:9e:da:f8:f8:c5:95:8a:bb:c2:94:
         39:da:31:d6:c6:50:d4:05:c4:88:98:20:c4:a3:90:ee:ec:57:
         0e:19:7b:2c:ce:db:24:82:70:0e:13:74:81:80:39:43:c3:2e:
         e7:a7:b0:9b:dd:46:f9:16:00:b1:52:82:0f:62:a1:05:2a:b5:
         5e:15:23:56:8f:cb:83:c8:5b:b2:96:80:13:b4:4b:93:82:68:
         88:d5:c4:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9xLklfREFW+BMtMpWi93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNTY0Zjc5ODAxOTA1MTg3NGUwMmNlZWUzZmQyMWNiY2Vh
YjRhZTkwHhcNMjQxMTIzMDMwMDUzWhcNMjQxMTI0MDMwMDUzWjAzMTEwLwYDVQQD
EygzYjAxZDEyNDhlYTlkNjYzOTQxODU5ODVkYTc1NGUyZTRkZWYzYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7hPan3nb3GkxklkJNdvtpG8Z97v
RVpXy0zRcCALlfX6DeSVlrg5JDrxhc+rAOAkooLYQSt0arJjHXCs1Vojafy6X3Ex
jx5cewh/aoDV/5mo7mO725kSha4Mvimf1+kG9mDAJuD4Z6MTm05A7ipn0lyWF4if
bvf74BgreHK0KY+BbnrOiNoqm/L3s+UDvUmjgnTOYNu3po0SBcd/MNAkdv57xO9H
+VtXxPVB84jXutNXKDyaqup88u/2O8YmtgW+I9VyoK20OI0jY2wHMTmkILRXM73S
wiuJhifnZ4vN4zCQSvT9mfedvc2E8ve5CSo4sHApwIiVL9an5GFTTlbMUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsB0SSOqdZjlBhZhdp1Ti5N7zyLMB8GA1UdIwQY
MBaAFKBWT3mAGQUYdOAs7uP9IcvOq0rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTkt
MjE1ZWVjYjNkZjkzLzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mMDUyZWUtNzZiMS00MjJmLTg3MTktMjE1ZWVjYjNkZjkz
LzEvb0ZaUGVZQVpCUmgwNEN6dTRfMGh5ODZyU3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL4Zb9XiG
sUcbbDyFpqS00UAKK2c7giiNSYdq0Iciymn6IsdAWTwcWcnRk54W0RhHkF53pCeU
eg1czB2bHzA2MGQtQNs9Cs19tFr3JHSrVr2vfLMjsuRcIYMenDmcSZ6iPJkJFmdm
XfEe8FJynieRuphvc4d/B4XTwNI+/MkmDNF8EVWShTyfpy2wWtIyh4+W8Lq+czoB
77sDBR28TOru+pTuIAZ9JT4s98Ce2vj4xZWKu8KUOdox1sZQ1AXEiJggxKOQ7uxX
Dhl7LM7bJIJwDhN0gYA5Q8Mu56ewm91G+RYAsVKCD2KhBSq1XhUjVo/Lg8hbspaA
E7RLk4JoiNXEIw==
-----END CERTIFICATE-----