Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
File:                     OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft (raw, json)
Hash identifier:          F2eauNmnPHIxTqnNhKKq0zi/HOHVlGl6zy5wIjLe2UQ=
Subject key identifier:   29:AB:08:82:E2:43:87:25:2C:58:92:9A:93:61:F8:2E:F9:21:6E:AA
Authority key identifier: 38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE
Certificate issuer:       /CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
Certificate serial:       018F885B59035595804A8EB4EBBD346BB6F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
Manifest number:          FA
Signing time:             Fri 17 May 2024 21:00:38 +0000
Manifest this update:     Fri 17 May 2024 21:00:38 +0000
Manifest next update:     Sat 18 May 2024 21:00:38 +0000
Files and hashes:         1: OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl (hash: tznugLNh+89h6kQ+/Rrh1IJIe2THzqC24F3udY6qAjY=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:5b:59:03:55:95:80:4a:8e:b4:eb:bd:34:6b:b6:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38a1d89a13b3ebb7bf59e4395f3f0d8a8a7d62ce
        Validity
            Not Before: May 17 21:00:38 2024 GMT
            Not After : May 18 21:00:38 2024 GMT
        Subject: CN=29ab0882e24387252c58929a9361f82ef9216eaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ed:06:71:2c:63:53:eb:59:83:54:64:c2:14:
                    1f:02:be:08:b3:b4:5b:39:3c:0b:84:12:83:4c:58:
                    d9:01:ea:45:ff:04:31:c7:08:9f:25:25:cc:97:4e:
                    b4:e5:b4:50:7a:13:8e:6f:00:c5:38:b8:a9:37:90:
                    2b:e3:13:d9:3b:84:3f:c9:b1:81:32:dc:6a:1b:63:
                    43:e6:0d:c0:85:aa:ef:8a:1c:4f:f8:05:f0:a7:5e:
                    1e:d1:76:cb:68:0e:bd:5e:8f:5e:87:e9:b7:b3:2a:
                    6e:9f:06:b5:d9:ac:d3:7b:d5:80:34:8c:33:7b:7a:
                    70:6e:12:5e:69:a3:65:3a:21:e7:6a:80:5b:ee:55:
                    55:0d:5d:e7:84:0d:b3:61:01:c8:8d:af:8d:34:eb:
                    d3:46:3a:57:a4:1a:8a:8a:64:b5:51:d3:83:75:86:
                    16:0c:28:1f:92:ef:26:d4:70:4e:9a:42:0c:61:c7:
                    a5:89:b5:f8:dd:41:3c:ef:d1:f1:f7:71:ae:39:31:
                    cb:9f:92:f2:11:06:69:9b:af:df:61:60:89:30:0e:
                    d0:16:fd:73:88:e1:3d:d7:54:71:de:4c:77:5a:67:
                    28:fd:05:80:30:3d:92:86:68:72:06:4b:96:dd:fd:
                    91:c8:e0:ab:51:f5:2c:f5:dc:83:bb:9e:60:94:8e:
                    fa:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:AB:08:82:E2:43:87:25:2C:58:92:9A:93:61:F8:2E:F9:21:6E:AA
            X509v3 Authority Key Identifier:
                keyid:38:A1:D8:9A:13:B3:EB:B7:BF:59:E4:39:5F:3F:0D:8A:8A:7D:62:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8fca7f-a9ed-48db-a7e2-3a6fe3ba5c4d/1/OKHYmhOz67e_WeQ5Xz8Niop9Ys4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:30:bd:01:6a:28:6c:da:b9:8c:aa:c8:61:b0:4f:55:e1:a7:
         65:de:8a:71:8a:52:c2:e5:fa:97:78:0b:20:af:de:93:f4:45:
         4d:a2:e5:28:7d:12:1b:81:5c:f8:5b:f0:1d:19:e0:aa:d9:da:
         28:7f:72:5b:fe:ff:fc:7e:6f:2b:d8:30:a0:24:c9:96:fc:e1:
         66:ed:b2:a8:c5:e9:0a:00:e2:48:2c:cb:75:23:91:0c:bd:75:
         a5:c8:5a:c0:cc:6e:73:4a:9d:c0:19:04:66:65:6f:82:99:82:
         47:ee:3b:67:32:10:39:a8:2d:e3:91:06:d5:60:44:76:58:4b:
         ff:3d:15:2a:08:d6:36:5f:66:df:e7:09:db:6b:f8:5f:0a:69:
         01:b8:c7:b6:25:69:26:bc:cf:c9:43:d5:f0:3a:94:95:bb:71:
         b6:eb:a7:9e:25:ff:4d:f1:20:49:ae:c6:90:93:87:0e:cf:0c:
         a1:af:4c:15:be:83:22:b1:94:d7:35:4d:c6:61:66:22:34:98:
         09:b3:6a:9b:49:dd:71:e0:9b:a1:ad:2f:a4:10:1e:15:f5:a6:
         5e:2a:ab:c8:c9:8f:b5:cd:1c:79:3a:22:22:6a:59:c2:9c:de:
         6f:ef:69:b1:63:36:77:df:8f:73:1c:47:ee:b9:b4:4d:3a:7b:
         94:e3:ef:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IW1kDVZWASo606700a7bwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTFkODlhMTNiM2ViYjdiZjU5ZTQzOTVmM2YwZDhhOGE3
ZDYyY2UwHhcNMjQwNTE3MjEwMDM4WhcNMjQwNTE4MjEwMDM4WjAzMTEwLwYDVQQD
EygyOWFiMDg4MmUyNDM4NzI1MmM1ODkyOWE5MzYxZjgyZWY5MjE2ZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+0GcSxjU+tZg1RkwhQfAr4Is7Rb
OTwLhBKDTFjZAepF/wQxxwifJSXMl0605bRQehOObwDFOLipN5Ar4xPZO4Q/ybGB
MtxqG2ND5g3AharvihxP+AXwp14e0XbLaA69Xo9eh+m3sypunwa12azTe9WANIwz
e3pwbhJeaaNlOiHnaoBb7lVVDV3nhA2zYQHIja+NNOvTRjpXpBqKimS1UdODdYYW
DCgfku8m1HBOmkIMYcelibX43UE879Hx93GuOTHLn5LyEQZpm6/fYWCJMA7QFv1z
iOE911Rx3kx3Wmco/QWAMD2ShmhyBkuW3f2RyOCrUfUs9dyDu55glI76MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmrCILiQ4clLFiSmpNh+C75IW6qMB8GA1UdIwQY
MBaAFDih2JoTs+u3v1nkOV8/DYqKfWLOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTIt
M2E2ZmUzYmE1YzRkLzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZmNhN2YtYTllZC00OGRiLWE3ZTItM2E2ZmUzYmE1YzRk
LzEvT0tIWW1oT3o2N2VfV2VRNVh6OE5pb3A5WXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXjC9AWoo
bNq5jKrIYbBPVeGnZd6KcYpSwuX6l3gLIK/ek/RFTaLlKH0SG4Fc+FvwHRngqtna
KH9yW/7//H5vK9gwoCTJlvzhZu2yqMXpCgDiSCzLdSORDL11pchawMxuc0qdwBkE
ZmVvgpmCR+47ZzIQOagt45EG1WBEdlhL/z0VKgjWNl9m3+cJ22v4XwppAbjHtiVp
JrzPyUPV8DqUlbtxtuunniX/TfEgSa7GkJOHDs8Moa9MFb6DIrGU1zVNxmFmIjSY
CbNqm0ndceCboa0vpBAeFfWmXiqryMmPtc0ceToiImpZwpzeb+9psWM2d9+PcxxH
7rm0TTp7lOPvmg==
-----END CERTIFICATE-----