Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
File:                     ofM7gYxgo6zGnzmgsuDuqrttk-A.mft (raw, json)
Hash identifier:          3KkdhwGHIqKnnVsgZnWXpelM7hBhsZvQXDw3NhIePxA=
Subject key identifier:   F7:0D:63:25:D5:DE:8B:9B:45:FE:E0:26:54:45:2E:34:7C:2A:F6:88
Authority key identifier: A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0
Certificate issuer:       /CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
Certificate serial:       018F86A3B848794099CF23FF0DEF189EE37E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
Manifest number:          0DBE
Signing time:             Fri 17 May 2024 13:00:27 +0000
Manifest this update:     Fri 17 May 2024 13:00:27 +0000
Manifest next update:     Sat 18 May 2024 13:00:27 +0000
Files and hashes:         1: ofM7gYxgo6zGnzmgsuDuqrttk-A.crl (hash: PP4XK3z368AC73JviTgiLYGEDY3vuHLljQcMoSaB82g=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:b8:48:79:40:99:cf:23:ff:0d:ef:18:9e:e3:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1f33b818c60a3acc69f39a0b2e0eeaabb6d93e0
        Validity
            Not Before: May 17 13:00:27 2024 GMT
            Not After : May 18 13:00:27 2024 GMT
        Subject: CN=f70d6325d5de8b9b45fee02654452e347c2af688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:cc:3b:b9:45:e3:f0:d0:e4:6b:18:38:4a:ad:
                    0c:66:46:6f:0a:f6:de:a3:37:2b:31:79:9f:0e:d0:
                    65:8c:cc:7e:1c:51:5f:23:32:03:05:70:40:29:b3:
                    7e:6f:c1:ae:8d:24:e2:6b:ee:07:80:31:a6:64:be:
                    9b:51:ab:ee:47:c9:20:e4:c8:a4:78:1b:6f:6c:2a:
                    22:88:aa:af:95:67:45:ef:b4:4f:61:94:bb:ed:de:
                    b9:e6:5c:77:96:dc:ca:57:a9:61:0b:ef:d8:d2:86:
                    23:7a:0a:cc:f0:27:82:68:2a:fc:b4:a7:0a:5f:55:
                    96:23:41:73:a0:06:6d:e7:c4:fd:9d:b6:8e:6f:fe:
                    d8:7e:23:e8:78:8a:85:d2:96:af:bd:e0:26:0f:1d:
                    9e:4c:3a:c1:14:75:94:ff:ed:22:c5:8d:89:64:0c:
                    3c:9d:ed:ea:f4:00:d3:95:d4:8d:5a:35:10:fa:6a:
                    3c:38:ae:d1:20:b9:76:62:79:6b:f9:27:b7:74:bd:
                    43:f6:00:0b:c5:73:fe:28:49:a0:25:97:c3:11:5b:
                    9a:14:ef:12:e6:28:45:ed:9d:0a:c2:71:d3:49:c5:
                    ae:72:b9:96:ac:84:02:cf:a5:0b:6f:94:a9:e2:6c:
                    cf:64:83:21:46:f0:cf:65:de:d8:63:f2:5f:26:41:
                    2f:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:0D:63:25:D5:DE:8B:9B:45:FE:E0:26:54:45:2E:34:7C:2A:F6:88
            X509v3 Authority Key Identifier:
                keyid:A1:F3:3B:81:8C:60:A3:AC:C6:9F:39:A0:B2:E0:EE:AA:BB:6D:93:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ofM7gYxgo6zGnzmgsuDuqrttk-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/72255a-109f-434a-a7dd-e152ddf5ab06/1/ofM7gYxgo6zGnzmgsuDuqrttk-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:e3:a1:3d:5a:aa:43:0a:7b:2f:d6:d7:f4:c1:4d:11:93:db:
         b1:d8:3e:1d:90:7c:8a:ed:27:a3:81:60:86:e9:b1:4a:0d:f5:
         39:08:05:ec:bb:6e:5a:53:93:44:2c:20:f8:75:98:2f:65:29:
         79:7b:e7:76:57:c5:0c:5c:6d:1e:89:3c:13:48:cf:c1:14:07:
         11:4b:28:71:54:17:c6:ee:74:e9:57:fa:3f:f0:b3:e9:89:af:
         18:7f:c8:77:ab:80:30:19:8e:39:6e:3a:c1:1c:c7:d2:8c:40:
         89:20:29:b0:6d:12:c2:01:c8:45:88:2d:db:2f:4a:81:99:4a:
         fd:18:d8:7f:18:4e:21:62:80:90:e8:4a:a0:1b:c5:ab:14:b3:
         df:64:01:58:1e:ce:cc:32:52:af:7b:b0:82:28:11:ce:28:c2:
         7a:ac:4e:9c:a4:3a:73:ed:e1:b8:3b:8b:dc:7a:95:00:21:df:
         21:4a:72:6b:87:66:45:f0:aa:dd:eb:c1:a2:aa:94:9c:57:b2:
         9e:8b:21:1d:4e:c3:95:f3:a9:ef:60:a3:9d:c7:80:4c:c7:09:
         72:b7:8f:41:c7:f6:4f:44:9f:67:65:be:b7:86:1a:b6:c1:4d:
         e1:2a:18:14:2e:25:b6:e5:3b:e5:fc:9b:18:97:d1:01:63:1b:
         d4:75:67:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go7hIeUCZzyP/De8YnuN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExZjMzYjgxOGM2MGEzYWNjNjlmMzlhMGIyZTBlZWFhYmI2
ZDkzZTAwHhcNMjQwNTE3MTMwMDI3WhcNMjQwNTE4MTMwMDI3WjAzMTEwLwYDVQQD
EyhmNzBkNjMyNWQ1ZGU4YjliNDVmZWUwMjY1NDQ1MmUzNDdjMmFmNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sw7uUXj8NDkaxg4Sq0MZkZvCvbe
ozcrMXmfDtBljMx+HFFfIzIDBXBAKbN+b8GujSTia+4HgDGmZL6bUavuR8kg5Mik
eBtvbCoiiKqvlWdF77RPYZS77d655lx3ltzKV6lhC+/Y0oYjegrM8CeCaCr8tKcK
X1WWI0FzoAZt58T9nbaOb/7YfiPoeIqF0pavveAmDx2eTDrBFHWU/+0ixY2JZAw8
ne3q9ADTldSNWjUQ+mo8OK7RILl2Ynlr+Se3dL1D9gALxXP+KEmgJZfDEVuaFO8S
5ihF7Z0KwnHTScWucrmWrIQCz6ULb5Sp4mzPZIMhRvDPZd7YY/JfJkEv2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPcNYyXV3oubRf7gJlRFLjR8KvaIMB8GA1UdIwQY
MBaAFKHzO4GMYKOsxp85oLLg7qq7bZPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQt
ZTE1MmRkZjVhYjA2LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83MjI1NWEtMTA5Zi00MzRhLWE3ZGQtZTE1MmRkZjVhYjA2
LzEvb2ZNN2dZeGdvNnpHbnptZ3N1RHVxcnR0ay1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJeOhPVqq
Qwp7L9bX9MFNEZPbsdg+HZB8iu0no4FghumxSg31OQgF7LtuWlOTRCwg+HWYL2Up
eXvndlfFDFxtHok8E0jPwRQHEUsocVQXxu506Vf6P/Cz6YmvGH/Id6uAMBmOOW46
wRzH0oxAiSApsG0SwgHIRYgt2y9KgZlK/RjYfxhOIWKAkOhKoBvFqxSz32QBWB7O
zDJSr3uwgigRzijCeqxOnKQ6c+3huDuL3HqVACHfIUpya4dmRfCq3evBoqqUnFey
noshHU7DlfOp72CjnceATMcJcrePQcf2T0SfZ2W+t4YatsFN4SoYFC4ltuU75fyb
GJfRAWMb1HVnBQ==
-----END CERTIFICATE-----