Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
File:                     oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft (raw, json)
Hash identifier:          HehH8GPQxRWfvHLZakvpgLwuG0b+/gQ+6+BkVHeJKDA=
Subject key identifier:   67:78:97:FE:B1:9B:B5:53:5E:D6:BA:18:72:E9:BC:7D:C2:58:BD:A3
Authority key identifier: A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48
Certificate issuer:       /CN=a1a4582562c3135bb52bdb96145e1ad03786b148
Certificate serial:       018F874838B084FBD268425D7A991BD9C71C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
Manifest number:          0F1D
Signing time:             Fri 17 May 2024 16:00:08 +0000
Manifest this update:     Fri 17 May 2024 16:00:08 +0000
Manifest next update:     Sat 18 May 2024 16:00:08 +0000
Files and hashes:         1: oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl (hash: nrGXZl99M/5vCCF08/n5c0wjt5Hpil5JK+tUzI24DZM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:00:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:48:38:b0:84:fb:d2:68:42:5d:7a:99:1b:d9:c7:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1a4582562c3135bb52bdb96145e1ad03786b148
        Validity
            Not Before: May 17 16:00:08 2024 GMT
            Not After : May 18 16:00:08 2024 GMT
        Subject: CN=677897feb19bb5535ed6ba1872e9bc7dc258bda3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:7a:f4:e2:b2:dd:34:da:af:6f:d4:a3:6c:81:
                    11:53:f9:82:8d:36:93:fc:15:33:d8:16:3d:a8:b5:
                    77:6c:16:a4:d4:36:3c:f4:23:e8:f7:87:84:4e:fd:
                    69:bc:89:f4:12:b4:04:51:1a:63:a2:07:0e:d9:2a:
                    5f:67:bb:54:4d:14:d7:e6:bb:2f:f6:85:4d:ce:b3:
                    ac:92:4c:3e:41:30:77:25:f9:f8:4b:05:22:90:b7:
                    65:51:3e:44:15:45:e9:d5:b4:52:77:9d:24:2d:c8:
                    05:62:1c:4b:a1:ea:3a:82:0d:44:c9:91:24:ac:02:
                    c1:ca:8b:91:6d:d5:b2:35:5b:ef:a8:6a:f1:ee:d3:
                    52:d7:12:8d:1c:e6:31:97:86:e0:a4:7e:cf:6f:00:
                    b1:58:69:28:f5:67:46:18:19:d6:b7:45:06:21:b8:
                    10:77:6a:e2:70:02:c5:3b:07:97:b0:bc:3f:b3:97:
                    fe:7d:e3:36:11:b1:f1:af:eb:09:da:9b:8e:86:5c:
                    bf:13:2b:f4:cd:d7:2b:c3:36:a1:7d:f0:05:7a:60:
                    a8:49:ea:a4:8d:bc:49:0b:97:32:ea:37:96:44:75:
                    97:51:64:b8:7d:f5:8b:e8:3c:66:b7:12:b6:03:81:
                    9a:46:34:03:ef:ab:d3:8a:ef:4b:ca:44:ed:14:58:
                    50:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:78:97:FE:B1:9B:B5:53:5E:D6:BA:18:72:E9:BC:7D:C2:58:BD:A3
            X509v3 Authority Key Identifier:
                keyid:A1:A4:58:25:62:C3:13:5B:B5:2B:DB:96:14:5E:1A:D0:37:86:B1:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oaRYJWLDE1u1K9uWFF4a0DeGsUg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4d10c0-67bf-4135-97ab-bbf2ce07ecad/1/oaRYJWLDE1u1K9uWFF4a0DeGsUg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         96:9b:1e:94:0b:8e:91:64:b0:2a:9c:33:10:48:62:08:48:78:
         3d:a6:65:0a:42:e2:c6:70:79:73:78:d1:af:c0:e9:24:54:44:
         b5:21:82:39:c3:4a:85:e1:e9:e9:dd:83:8b:e8:b9:dd:98:52:
         b3:9d:0b:d4:e8:e0:17:a4:0e:4c:8f:3f:61:79:32:02:b1:25:
         de:84:02:9b:da:17:44:be:45:00:9f:13:16:17:07:23:8a:c0:
         de:34:0b:34:37:ce:13:13:15:f5:45:a5:3e:b4:8a:6d:40:c0:
         fa:85:87:9a:c9:90:37:0d:1e:8b:96:0e:8e:89:03:14:98:bd:
         08:01:3b:b3:1e:b3:bb:bb:5a:a5:87:95:c1:32:73:98:36:a2:
         34:92:e1:3b:88:11:e0:d4:57:01:8f:dc:e9:1c:6b:bc:6a:1a:
         2a:35:c2:44:07:83:21:76:6a:f2:f0:09:fd:6f:b2:d4:d0:6f:
         0f:dd:8c:c8:6e:db:e9:36:76:9a:2a:fa:f9:fe:f7:fc:78:09:
         77:8b:42:23:bf:f9:83:28:94:e2:3e:c5:40:90:82:13:8b:05:
         ee:38:2e:cb:d1:b1:1c:44:40:fb:3e:77:ad:13:32:62:f0:d7:
         50:83:74:86:fd:a8:07:42:41:10:70:52:52:e0:69:cc:31:8c:
         01:fd:d3:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+HSDiwhPvSaEJdepkb2cccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYTQ1ODI1NjJjMzEzNWJiNTJiZGI5NjE0NWUxYWQwMzc4
NmIxNDgwHhcNMjQwNTE3MTYwMDA4WhcNMjQwNTE4MTYwMDA4WjAzMTEwLwYDVQQD
Eyg2Nzc4OTdmZWIxOWJiNTUzNWVkNmJhMTg3MmU5YmM3ZGMyNThiZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3r04rLdNNqvb9SjbIERU/mCjTaT
/BUz2BY9qLV3bBak1DY89CPo94eETv1pvIn0ErQEURpjogcO2SpfZ7tUTRTX5rsv
9oVNzrOskkw+QTB3Jfn4SwUikLdlUT5EFUXp1bRSd50kLcgFYhxLoeo6gg1EyZEk
rALByouRbdWyNVvvqGrx7tNS1xKNHOYxl4bgpH7PbwCxWGko9WdGGBnWt0UGIbgQ
d2ricALFOweXsLw/s5f+feM2EbHxr+sJ2puOhly/Eyv0zdcrwzahffAFemCoSeqk
jbxJC5cy6jeWRHWXUWS4ffWL6DxmtxK2A4GaRjQD76vTiu9LykTtFFhQxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGd4l/6xm7VTXta6GHLpvH3CWL2jMB8GA1UdIwQY
MBaAFKGkWCViwxNbtSvblhReGtA3hrFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWIt
YmJmMmNlMDdlY2FkLzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS80ZDEwYzAtNjdiZi00MTM1LTk3YWItYmJmMmNlMDdlY2Fk
LzEvb2FSWUpXTERFMXUxSzl1V0ZGNGEwRGVHc1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlpselAuO
kWSwKpwzEEhiCEh4PaZlCkLixnB5c3jRr8DpJFREtSGCOcNKheHp6d2Di+i53ZhS
s50L1OjgF6QOTI8/YXkyArEl3oQCm9oXRL5FAJ8TFhcHI4rA3jQLNDfOExMV9UWl
PrSKbUDA+oWHmsmQNw0ei5YOjokDFJi9CAE7sx6zu7tapYeVwTJzmDaiNJLhO4gR
4NRXAY/c6RxrvGoaKjXCRAeDIXZq8vAJ/W+y1NBvD92MyG7b6TZ2mir6+f73/HgJ
d4tCI7/5gyiU4j7FQJCCE4sF7jguy9GxHERA+z53rRMyYvDXUIN0hv2oB0JBEHBS
UuBpzDGMAf3TgA==
-----END CERTIFICATE-----