Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
File:                     oybRlH-kQ2NloBOsZ_TzKx_bqck.mft (raw, json)
Hash identifier:          JNxgLDj5PqVbIvjtyzksXz/bln472MsZGC/pCXD+PXA=
Subject key identifier:   CB:9E:75:EB:74:13:85:2E:ED:15:9D:BA:42:BC:96:65:19:FF:41:E3
Authority key identifier: A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9
Certificate issuer:       /CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
Certificate serial:       0193568A79749966628A24D98917D9E39B65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
Manifest number:          106A
Signing time:             Sat 23 Nov 2024 01:02:15 +0000
Manifest this update:     Sat 23 Nov 2024 01:02:15 +0000
Manifest next update:     Sun 24 Nov 2024 01:02:15 +0000
Files and hashes:         1: oybRlH-kQ2NloBOsZ_TzKx_bqck.crl (hash: LsmRaKfNP8/P32coXqk3fa/BFHakkXyGKgn/kwaqyGo=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 01:02:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:8a:79:74:99:66:62:8a:24:d9:89:17:d9:e3:9b:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a326d1947fa4436365a013ac67f4f32b1fdba9c9
        Validity
            Not Before: Nov 23 01:02:15 2024 GMT
            Not After : Nov 24 01:02:15 2024 GMT
        Subject: CN=cb9e75eb7413852eed159dba42bc966519ff41e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:18:94:c6:8e:00:68:56:cd:47:d9:c7:a1:42:
                    a8:48:c3:48:77:51:83:f5:41:8b:09:d9:87:8f:dd:
                    da:3b:b8:a7:0e:82:fd:dd:69:1f:5f:7a:5e:5b:3b:
                    41:3c:eb:21:a6:34:3f:d7:43:25:5d:02:1d:57:9a:
                    32:f8:6d:d3:08:51:63:79:96:31:e6:a8:ea:50:3c:
                    ab:b3:1f:68:12:65:90:ed:33:01:5b:34:42:5f:55:
                    c4:e7:5a:9e:f8:55:e0:42:6f:92:a0:3b:b2:86:42:
                    6d:c3:90:9b:62:9b:95:b9:50:6a:c7:d7:71:1b:33:
                    9d:3d:5e:09:d1:e0:a0:3a:a1:4d:f7:c3:be:45:cc:
                    9b:8c:d8:cb:47:0b:e2:7d:ff:4c:9e:37:28:13:65:
                    f3:42:2d:96:96:a1:85:7a:73:3d:05:cd:f0:c5:70:
                    83:4f:63:6c:21:03:4b:14:5b:85:00:5d:31:5a:36:
                    5e:5f:dc:be:f6:c3:71:c6:6b:c9:2e:2d:68:05:cd:
                    c2:a6:24:0f:cc:a5:8d:b7:e6:c2:92:0f:c1:4b:be:
                    67:76:1c:bf:a5:91:be:4a:ca:ca:d3:e4:84:71:60:
                    5e:57:b5:64:00:0f:dd:9e:eb:d7:31:b9:40:e5:9b:
                    87:fc:a8:d5:3a:2a:ce:06:d8:a1:54:57:3b:39:1e:
                    e9:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:9E:75:EB:74:13:85:2E:ED:15:9D:BA:42:BC:96:65:19:FF:41:E3
            X509v3 Authority Key Identifier:
                keyid:A3:26:D1:94:7F:A4:43:63:65:A0:13:AC:67:F4:F3:2B:1F:DB:A9:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oybRlH-kQ2NloBOsZ_TzKx_bqck.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/057f9b-a03c-4ba3-9b7f-57d3dfa56407/1/oybRlH-kQ2NloBOsZ_TzKx_bqck.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:fc:ad:cf:af:3c:e2:5b:58:31:70:2d:86:80:89:c4:ad:8f:
         0a:a9:64:57:c7:84:f1:78:6b:be:bb:88:1f:da:a8:2f:0e:77:
         0e:3f:38:01:1e:a3:d9:66:c6:31:c2:b7:d4:cf:86:94:f3:1c:
         63:24:9b:18:60:d8:de:9e:ac:48:6a:14:27:86:ee:0d:84:5c:
         8c:27:0b:d7:a8:ef:77:8a:c3:93:76:4c:22:96:d0:af:dd:2f:
         35:a1:ce:87:6a:a7:a5:dc:51:f1:35:c5:be:b1:08:09:99:af:
         5d:5c:3f:51:db:65:82:3e:84:24:69:c8:82:b8:1b:10:71:19:
         be:3b:bc:08:4a:97:fc:e5:1b:26:00:37:50:b6:6a:f7:51:d3:
         0c:83:bb:1d:c4:88:35:5f:8a:e9:d3:ef:31:f0:70:1e:8b:6a:
         1f:e3:7d:3d:86:c7:57:61:b9:51:3e:1b:bb:a1:d7:b7:fb:37:
         01:bd:91:a7:3b:e2:96:72:56:a2:57:97:5a:ed:45:9e:c6:07:
         41:d9:1d:99:96:ed:1e:e6:eb:fd:d4:1b:f3:08:66:53:d2:16:
         03:73:8f:b3:6c:80:e9:ef:a7:35:2a:c1:16:ab:fe:43:d9:36:
         c5:c8:25:05:de:51:23:fa:b6:7a:88:bb:99:5a:5a:46:43:7f:
         a4:b7:06:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNWinl0mWZiiiTZiRfZ45tlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjZkMTk0N2ZhNDQzNjM2NWEwMTNhYzY3ZjRmMzJiMWZk
YmE5YzkwHhcNMjQxMTIzMDEwMjE1WhcNMjQxMTI0MDEwMjE1WjAzMTEwLwYDVQQD
EyhjYjllNzVlYjc0MTM4NTJlZWQxNTlkYmE0MmJjOTY2NTE5ZmY0MWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRiUxo4AaFbNR9nHoUKoSMNId1GD
9UGLCdmHj93aO7inDoL93WkfX3peWztBPOshpjQ/10MlXQIdV5oy+G3TCFFjeZYx
5qjqUDyrsx9oEmWQ7TMBWzRCX1XE51qe+FXgQm+SoDuyhkJtw5CbYpuVuVBqx9dx
GzOdPV4J0eCgOqFN98O+RcybjNjLRwviff9MnjcoE2XzQi2WlqGFenM9Bc3wxXCD
T2NsIQNLFFuFAF0xWjZeX9y+9sNxxmvJLi1oBc3CpiQPzKWNt+bCkg/BS75ndhy/
pZG+SsrK0+SEcWBeV7VkAA/dnuvXMblA5ZuH/KjVOirOBtihVFc7OR7pHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMuedet0E4Uu7RWdukK8lmUZ/0HjMB8GA1UdIwQY
MBaAFKMm0ZR/pENjZaATrGf08ysf26nJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2Yt
NTdkM2RmYTU2NDA3LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wNTdmOWItYTAzYy00YmEzLTliN2YtNTdkM2RmYTU2NDA3
LzEvb3liUmxILWtRMk5sb0JPc1pfVHpLeF9icWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjvytz688
4ltYMXAthoCJxK2PCqlkV8eE8XhrvruIH9qoLw53Dj84AR6j2WbGMcK31M+GlPMc
YySbGGDY3p6sSGoUJ4buDYRcjCcL16jvd4rDk3ZMIpbQr90vNaHOh2qnpdxR8TXF
vrEICZmvXVw/Udtlgj6EJGnIgrgbEHEZvju8CEqX/OUbJgA3ULZq91HTDIO7HcSI
NV+K6dPvMfBwHotqH+N9PYbHV2G5UT4bu6HXt/s3Ab2RpzvilnJWoleXWu1FnsYH
QdkdmZbtHubr/dQb8whmU9IWA3OPs2yA6e+nNSrBFqv+Q9k2xcglBd5RI/q2eoi7
mVpaRkN/pLcGgQ==
-----END CERTIFICATE-----