Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
File:                     Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft (raw, json)
Hash identifier:          15+P6ZAvN+1NFMMNCD9hFl+kTixFWpqMo7G2VvlMWPM=
Subject key identifier:   88:99:60:BC:53:66:55:90:F7:60:96:8B:E9:B8:71:10:95:EB:52:9A
Authority key identifier: 3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A
Certificate issuer:       /CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
Certificate serial:       018F87B6A7A3A5445C4FD0421D061623D1F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
Manifest number:          1175
Signing time:             Fri 17 May 2024 18:00:45 +0000
Manifest this update:     Fri 17 May 2024 18:00:45 +0000
Manifest next update:     Sat 18 May 2024 18:00:45 +0000
Files and hashes:         1: Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl (hash: ZFD9K7EI1OrYLx+gHG1PliUAhQYodBxEwYC7WrFDMCs=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:b6:a7:a3:a5:44:5c:4f:d0:42:1d:06:16:23:d1:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a787c1a7239398fef42fbf4e6b8ba67fb41647a
        Validity
            Not Before: May 17 18:00:45 2024 GMT
            Not After : May 18 18:00:45 2024 GMT
        Subject: CN=889960bc53665590f760968be9b8711095eb529a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:34:a9:aa:1a:df:be:f6:28:53:44:87:49:1b:
                    02:9f:a9:c1:2c:24:11:db:12:90:12:7d:57:6f:b2:
                    8d:e4:a1:19:a8:f2:52:10:43:19:e1:cc:73:46:e9:
                    eb:f2:1d:c0:7a:17:ce:07:14:c1:d5:c7:7b:3c:0c:
                    d9:24:2d:cb:c6:9d:d4:ce:03:4e:22:8b:4f:47:c3:
                    f4:62:cd:4e:be:89:e7:ae:09:9c:b7:dd:c3:4f:5b:
                    b1:f7:84:43:5a:ff:77:7b:4c:a0:29:a4:a7:17:29:
                    a2:ac:ac:0c:89:43:a2:42:f0:17:d9:30:da:1b:32:
                    b7:d9:69:a0:03:b1:a5:88:c4:d2:9e:43:7a:42:a2:
                    3e:da:21:bd:ba:6a:f9:6d:22:b0:1e:a0:4a:db:42:
                    dd:d7:73:5a:0f:27:70:55:4a:26:ef:34:40:21:47:
                    fa:69:53:56:c8:d8:c8:69:20:b2:73:3e:c7:68:d0:
                    6a:71:20:c1:1f:00:dc:ec:7b:8a:b6:1f:24:b3:60:
                    c1:a4:bd:63:3a:9b:34:24:c5:34:bd:49:9b:f1:fd:
                    c0:d3:27:e7:1f:30:b1:3c:22:d4:60:bc:b3:4c:7b:
                    52:47:69:97:e2:77:45:2b:81:4a:cc:89:46:5d:fe:
                    90:2d:56:1b:31:63:79:55:13:81:fc:01:05:54:25:
                    d5:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:99:60:BC:53:66:55:90:F7:60:96:8B:E9:B8:71:10:95:EB:52:9A
            X509v3 Authority Key Identifier:
                keyid:3A:78:7C:1A:72:39:39:8F:EF:42:FB:F4:E6:B8:BA:67:FB:41:64:7A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onh8GnI5OY_vQvv05ri6Z_tBZHo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d809b4-2025-41ed-a0c3-36d7921e93b3/1/Onh8GnI5OY_vQvv05ri6Z_tBZHo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:d9:e5:ee:ce:bb:0e:66:9d:c8:b0:45:b4:30:e6:63:53:dc:
         da:8b:ac:f7:94:01:c0:dc:98:70:b6:e2:1d:24:77:9d:dd:f3:
         0e:29:06:23:9e:ff:77:6c:0f:27:45:62:c9:13:a4:91:03:60:
         df:d4:6d:2e:5b:a5:a9:ab:00:46:d8:c3:98:3b:e9:3c:a7:d2:
         50:14:d4:2d:5e:c1:27:79:12:cc:0b:c1:25:c1:09:48:b9:39:
         28:31:2c:b8:83:59:72:7b:23:01:9f:c3:d9:51:95:52:9f:e1:
         dd:ea:66:f7:16:cd:71:34:71:01:81:95:3e:50:00:2e:9e:61:
         95:f4:38:ad:be:e6:72:d9:b8:0b:32:94:38:be:04:77:74:1f:
         00:c7:87:ce:c7:95:7c:29:7a:e3:5e:a5:47:8c:36:81:56:52:
         93:62:16:3d:93:f7:cc:25:03:a0:01:1c:98:cf:50:c5:9a:92:
         76:bc:ed:70:45:72:8f:b4:9f:c9:da:89:d1:36:6c:1e:5b:d6:
         06:b8:d6:4f:28:4a:7c:4e:c2:43:99:6c:23:56:b9:dc:b5:63:
         ed:5c:57:33:64:18:c4:3f:66:25:97:22:8f:19:f3:c2:85:ba:
         19:0e:68:09:7d:4e:dc:45:7b:5f:cf:e8:14:73:84:4c:77:90:
         29:dd:2e:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HtqejpURcT9BCHQYWI9H3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzg3YzFhNzIzOTM5OGZlZjQyZmJmNGU2YjhiYTY3ZmI0
MTY0N2EwHhcNMjQwNTE3MTgwMDQ1WhcNMjQwNTE4MTgwMDQ1WjAzMTEwLwYDVQQD
Eyg4ODk5NjBiYzUzNjY1NTkwZjc2MDk2OGJlOWI4NzExMDk1ZWI1MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTSpqhrfvvYoU0SHSRsCn6nBLCQR
2xKQEn1Xb7KN5KEZqPJSEEMZ4cxzRunr8h3AehfOBxTB1cd7PAzZJC3Lxp3UzgNO
IotPR8P0Ys1Ovonnrgmct93DT1ux94RDWv93e0ygKaSnFymirKwMiUOiQvAX2TDa
GzK32WmgA7GliMTSnkN6QqI+2iG9umr5bSKwHqBK20Ld13NaDydwVUom7zRAIUf6
aVNWyNjIaSCycz7HaNBqcSDBHwDc7HuKth8ks2DBpL1jOps0JMU0vUmb8f3A0yfn
HzCxPCLUYLyzTHtSR2mX4ndFK4FKzIlGXf6QLVYbMWN5VROB/AEFVCXV3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIiZYLxTZlWQ92CWi+m4cRCV61KaMB8GA1UdIwQY
MBaAFDp4fBpyOTmP70L79Oa4umf7QWR6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMt
MzZkNzkyMWU5M2IzLzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kODA5YjQtMjAyNS00MWVkLWEwYzMtMzZkNzkyMWU5M2Iz
LzEvT25oOEduSTVPWV92UXZ2MDVyaTZaX3RCWkhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9nl7s67
DmadyLBFtDDmY1Pc2ous95QBwNyYcLbiHSR3nd3zDikGI57/d2wPJ0ViyROkkQNg
39RtLlulqasARtjDmDvpPKfSUBTULV7BJ3kSzAvBJcEJSLk5KDEsuINZcnsjAZ/D
2VGVUp/h3epm9xbNcTRxAYGVPlAALp5hlfQ4rb7mctm4CzKUOL4Ed3QfAMeHzseV
fCl6416lR4w2gVZSk2IWPZP3zCUDoAEcmM9QxZqSdrztcEVyj7SfydqJ0TZsHlvW
BrjWTyhKfE7CQ5lsI1a53LVj7VxXM2QYxD9mJZcijxnzwoW6GQ5oCX1O3EV7X8/o
FHOETHeQKd0uuA==
-----END CERTIFICATE-----