Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
File:                     oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft (raw, json)
Hash identifier:          e52N2M0zifqx3aXN5tbbZdKid8kZrS0H8n2ITGHUX78=
Subject key identifier:   2F:38:CC:9D:20:66:D4:B3:5B:2E:F1:62:0B:DF:02:3C:DF:29:01:76
Authority key identifier: A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10
Certificate issuer:       /CN=a223d15344c02a551e63f831c604f80dbec4ba10
Certificate serial:       019365FCF31266AA01EF825CE092021990BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
Manifest number:          07CE
Signing time:             Tue 26 Nov 2024 01:01:36 +0000
Manifest this update:     Tue 26 Nov 2024 01:01:36 +0000
Manifest next update:     Wed 27 Nov 2024 01:01:36 +0000
Files and hashes:         1: oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl (hash: EggJ0Km/oHZSOc5vTvvRcV8uU/IVTyIZmkakl9yT4As=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 23:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:65:fc:f3:12:66:aa:01:ef:82:5c:e0:92:02:19:90:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a223d15344c02a551e63f831c604f80dbec4ba10
        Validity
            Not Before: Nov 26 01:01:36 2024 GMT
            Not After : Nov 27 01:01:36 2024 GMT
        Subject: CN=2f38cc9d2066d4b35b2ef1620bdf023cdf290176
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:5f:e3:2c:b0:0f:46:6b:82:e3:fc:9f:42:fd:
                    08:f1:b3:97:5e:7e:ee:27:4d:75:ff:1f:46:93:d1:
                    af:be:23:6b:c3:94:59:2f:af:f6:17:9c:29:73:df:
                    27:dc:59:67:f2:0e:7c:a3:0d:1f:f8:06:f1:72:b1:
                    e9:f5:1f:eb:b1:1b:1b:b5:53:f1:bd:a9:07:aa:7a:
                    8e:df:52:9d:7b:f3:52:4d:29:21:b3:e5:ff:71:10:
                    8f:2e:70:13:e7:4e:83:8a:d3:ee:8e:83:f2:8a:7b:
                    1f:d6:b0:a1:53:70:d9:17:cb:a3:fc:39:30:93:20:
                    92:6c:a4:7e:9d:2d:6d:99:7a:92:e4:4d:ab:d7:f0:
                    2a:c3:6a:17:aa:c9:e6:cb:2b:c2:79:28:51:4f:8b:
                    a9:73:bd:dc:ed:b4:0b:37:60:4d:a4:4b:04:d5:10:
                    6e:3b:a6:59:46:14:4c:cd:50:16:09:4b:96:92:6c:
                    bf:1e:74:f3:a1:08:86:54:d7:8d:87:d8:71:66:d0:
                    42:a8:39:18:dc:53:c6:41:d5:28:85:a7:07:7e:1b:
                    10:56:ab:9f:57:ee:06:cd:72:00:b2:38:82:96:cf:
                    ab:1d:81:5d:b1:1d:ca:18:cb:9a:18:79:05:2a:5d:
                    88:4a:a6:9c:32:9b:05:91:21:c4:a2:cb:02:49:9a:
                    94:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:38:CC:9D:20:66:D4:B3:5B:2E:F1:62:0B:DF:02:3C:DF:29:01:76
            X509v3 Authority Key Identifier:
                keyid:A2:23:D1:53:44:C0:2A:55:1E:63:F8:31:C6:04:F8:0D:BE:C4:BA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oiPRU0TAKlUeY_gxxgT4Db7EuhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8c2fae-bd49-4bf7-baa7-809a2d7ff348/1/oiPRU0TAKlUeY_gxxgT4Db7EuhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         58:62:3e:8f:23:45:78:49:82:30:87:ea:0b:a1:70:f9:86:d2:
         7e:db:23:5b:8f:f1:68:9d:17:3b:00:c7:59:26:88:30:43:69:
         bc:2e:4f:f6:f8:1d:76:04:8b:4c:b0:62:50:12:f8:88:6e:da:
         6e:86:02:96:96:9e:d3:3b:77:98:02:8d:76:31:64:12:83:bf:
         56:ad:30:f6:d4:9f:91:dd:15:f3:af:e3:3f:fd:2f:99:38:34:
         88:0c:85:4f:38:89:e9:9d:7d:a2:c3:5f:92:c2:9c:a5:ab:20:
         95:36:b1:00:e7:a2:e3:56:73:e7:b7:50:41:39:d4:42:8c:73:
         09:6d:99:fb:92:c4:c3:2d:38:ba:24:29:2c:a1:bb:34:0f:d1:
         aa:4b:bf:c3:5f:9c:b6:13:3b:84:c3:a7:c5:67:cf:cf:5c:ed:
         e8:d6:25:7c:08:ad:b5:f4:bb:50:d2:d3:e4:50:df:c6:73:be:
         30:41:3e:c6:4b:09:b7:43:d8:b2:c9:96:8a:14:3b:e9:72:99:
         6a:c3:da:48:f3:d6:12:ee:c1:e2:b1:7b:64:99:a2:86:6c:b8:
         27:b8:71:92:a3:bc:ea:d2:90:96:91:7e:6b:26:0d:c0:2c:e4:
         6c:d4:1e:62:ab:1c:45:6c:73:0a:36:f6:af:3e:ed:ce:7d:f0:
         57:a6:10:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNl/PMSZqoB74Jc4JICGZC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMjNkMTUzNDRjMDJhNTUxZTYzZjgzMWM2MDRmODBkYmVj
NGJhMTAwHhcNMjQxMTI2MDEwMTM2WhcNMjQxMTI3MDEwMTM2WjAzMTEwLwYDVQQD
EygyZjM4Y2M5ZDIwNjZkNGIzNWIyZWYxNjIwYmRmMDIzY2RmMjkwMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1/jLLAPRmuC4/yfQv0I8bOXXn7u
J011/x9Gk9GvviNrw5RZL6/2F5wpc98n3Fln8g58ow0f+AbxcrHp9R/rsRsbtVPx
vakHqnqO31Kde/NSTSkhs+X/cRCPLnAT506DitPujoPyinsf1rChU3DZF8uj/Dkw
kyCSbKR+nS1tmXqS5E2r1/Aqw2oXqsnmyyvCeShRT4upc73c7bQLN2BNpEsE1RBu
O6ZZRhRMzVAWCUuWkmy/HnTzoQiGVNeNh9hxZtBCqDkY3FPGQdUohacHfhsQVquf
V+4GzXIAsjiCls+rHYFdsR3KGMuaGHkFKl2ISqacMpsFkSHEossCSZqU/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC84zJ0gZtSzWy7xYgvfAjzfKQF2MB8GA1UdIwQY
MBaAFKIj0VNEwCpVHmP4McYE+A2+xLoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTct
ODA5YTJkN2ZmMzQ4LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84YzJmYWUtYmQ0OS00YmY3LWJhYTctODA5YTJkN2ZmMzQ4
LzEvb2lQUlUwVEFLbFVlWV9neHhnVDREYjdFdWhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGI+jyNF
eEmCMIfqC6Fw+YbSftsjW4/xaJ0XOwDHWSaIMENpvC5P9vgddgSLTLBiUBL4iG7a
boYClpae0zt3mAKNdjFkEoO/Vq0w9tSfkd0V86/jP/0vmTg0iAyFTziJ6Z19osNf
ksKcpasglTaxAOei41Zz57dQQTnUQoxzCW2Z+5LEwy04uiQpLKG7NA/Rqku/w1+c
thM7hMOnxWfPz1zt6NYlfAittfS7UNLT5FDfxnO+MEE+xksJt0PYssmWihQ76XKZ
asPaSPPWEu7B4rF7ZJmihmy4J7hxkqO86tKQlpF+ayYNwCzkbNQeYqscRWxzCjb2
rz7tzn3wV6YQfw==
-----END CERTIFICATE-----