Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
File:                     owjczEdYTD-oJh23kmouQBcrP3k.mft (raw, json)
Hash identifier:          n4nznOngAzey0Tl6iB8tAwCTXrsP8eiuvfHRTY8XV+s=
Subject key identifier:   F0:C2:9B:FF:21:6E:F7:83:93:5B:2B:54:52:99:26:88:F3:FC:B2:6B
Authority key identifier: A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79
Certificate issuer:       /CN=a308dccc47584c3fa8261db7926a2e40172b3f79
Certificate serial:       019357D25891E6206D9D9940244EEFF321C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
Manifest number:          43
Signing time:             Sat 23 Nov 2024 07:00:22 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:22 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:22 +0000
Files and hashes:         1: owjczEdYTD-oJh23kmouQBcrP3k.crl (hash: 6v1hmyaDiIvGXFWc54TmUPAdlpiD/Zz0o53S8+WcscE=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:58:91:e6:20:6d:9d:99:40:24:4e:ef:f3:21:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a308dccc47584c3fa8261db7926a2e40172b3f79
        Validity
            Not Before: Nov 23 07:00:22 2024 GMT
            Not After : Nov 24 07:00:22 2024 GMT
        Subject: CN=f0c29bff216ef783935b2b5452992688f3fcb26b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:2a:08:79:4e:90:b5:d0:7e:fd:f3:87:cf:96:
                    30:42:bc:a8:cc:41:e3:9f:df:7b:91:e2:e2:6c:d7:
                    1d:dd:89:0f:ed:b5:5f:8b:4f:57:59:74:d1:c7:1a:
                    48:96:a9:46:e5:bd:32:eb:15:23:57:d1:6d:a5:74:
                    dd:24:ae:e5:a7:f8:23:d9:f0:91:bf:55:fe:45:8a:
                    0c:9f:70:6a:46:3f:fc:9f:08:6c:3d:a8:60:6f:d0:
                    af:0f:2b:79:9e:0e:fd:76:b1:df:54:f1:39:99:69:
                    93:61:60:f3:61:41:85:38:f8:bc:0b:58:b4:f2:08:
                    dc:e2:97:e7:02:ad:a0:85:dc:a4:22:9c:f4:7a:5a:
                    b6:25:df:f1:60:cc:85:99:ab:1a:34:f3:92:9f:51:
                    82:2e:10:ce:5c:76:a2:5b:33:0a:7f:1c:02:28:1a:
                    fd:a9:60:35:f2:ce:de:b9:91:3f:29:e6:3f:c7:00:
                    2c:af:cf:37:4e:9b:1e:4a:c4:63:e3:18:9b:e2:f1:
                    9d:af:20:8c:a1:a0:0e:c6:bb:6b:6e:1d:10:58:2d:
                    5f:5d:0b:d0:e6:3d:ad:3d:a5:04:a2:7a:4e:5b:9e:
                    4b:f5:0d:3e:44:ce:ca:9a:af:0f:b3:36:4d:a2:de:
                    fe:72:c9:e0:40:9f:2a:07:f5:27:64:78:51:b6:bb:
                    9b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:C2:9B:FF:21:6E:F7:83:93:5B:2B:54:52:99:26:88:F3:FC:B2:6B
            X509v3 Authority Key Identifier:
                keyid:A3:08:DC:CC:47:58:4C:3F:A8:26:1D:B7:92:6A:2E:40:17:2B:3F:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owjczEdYTD-oJh23kmouQBcrP3k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/a20258-6dff-4295-9dc1-0afeb14524be/1/owjczEdYTD-oJh23kmouQBcrP3k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6e:b8:64:6a:47:c3:4f:c7:d2:79:2a:30:10:bc:36:9f:61:92:
         72:a5:3b:f8:5d:64:b7:42:2d:ab:cc:d8:8d:34:a8:b6:98:18:
         e9:c1:7a:7c:d1:9e:32:5f:2a:08:f6:17:f7:d0:0f:70:43:79:
         5f:cc:7c:19:ba:40:18:78:5a:b5:d6:58:d7:e4:e8:37:8e:ab:
         b4:ae:d0:81:dd:9a:50:87:44:d8:da:43:69:78:d9:31:7a:1f:
         89:dd:e7:e4:66:1d:22:d6:61:4e:5c:ee:93:2b:66:44:99:1d:
         0a:05:05:2b:85:b5:73:0e:6d:e4:ca:1f:db:c2:bd:b4:32:ea:
         f5:56:65:eb:4d:25:08:e4:85:ef:92:a8:d7:d1:f5:af:cc:ac:
         93:87:2b:75:6c:68:3b:07:7a:fe:bf:d8:03:11:c9:fa:81:05:
         44:ac:6e:80:b5:fe:39:fa:d3:ac:7c:dc:20:ef:8f:36:4c:96:
         43:79:46:70:d8:dd:75:8e:23:41:7b:64:e4:57:6a:d4:45:e6:
         b2:92:ab:84:37:84:a4:66:28:74:4c:3e:94:de:ce:6e:17:61:
         75:9a:ca:fb:67:86:e7:c1:33:25:49:be:84:b9:d0:fb:aa:a1:
         b2:87:b8:5c:12:44:0b:28:80:0a:16:19:5d:b9:25:22:68:a1:
         11:9f:91:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0liR5iBtnZlAJE7v8yHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDhkY2NjNDc1ODRjM2ZhODI2MWRiNzkyNmEyZTQwMTcy
YjNmNzkwHhcNMjQxMTIzMDcwMDIyWhcNMjQxMTI0MDcwMDIyWjAzMTEwLwYDVQQD
EyhmMGMyOWJmZjIxNmVmNzgzOTM1YjJiNTQ1Mjk5MjY4OGYzZmNiMjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCoIeU6QtdB+/fOHz5YwQryozEHj
n997keLibNcd3YkP7bVfi09XWXTRxxpIlqlG5b0y6xUjV9FtpXTdJK7lp/gj2fCR
v1X+RYoMn3BqRj/8nwhsPahgb9CvDyt5ng79drHfVPE5mWmTYWDzYUGFOPi8C1i0
8gjc4pfnAq2ghdykIpz0elq2Jd/xYMyFmasaNPOSn1GCLhDOXHaiWzMKfxwCKBr9
qWA18s7euZE/KeY/xwAsr883TpseSsRj4xib4vGdryCMoaAOxrtrbh0QWC1fXQvQ
5j2tPaUEonpOW55L9Q0+RM7Kmq8PszZNot7+csngQJ8qB/UnZHhRtrubEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDCm/8hbveDk1srVFKZJojz/LJrMB8GA1UdIwQY
MBaAFKMI3MxHWEw/qCYdt5JqLkAXKz95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEt
MGFmZWIxNDUyNGJlLzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9hMjAyNTgtNmRmZi00Mjk1LTlkYzEtMGFmZWIxNDUyNGJl
LzEvb3dqY3pFZFlURC1vSmgyM2ttb3VRQmNyUDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbrhkakfD
T8fSeSowELw2n2GScqU7+F1kt0Itq8zYjTSotpgY6cF6fNGeMl8qCPYX99APcEN5
X8x8GbpAGHhatdZY1+ToN46rtK7Qgd2aUIdE2NpDaXjZMXofid3n5GYdItZhTlzu
kytmRJkdCgUFK4W1cw5t5Mof28K9tDLq9VZl600lCOSF75Ko19H1r8ysk4crdWxo
Owd6/r/YAxHJ+oEFRKxugLX+OfrTrHzcIO+PNkyWQ3lGcNjddY4jQXtk5Fdq1EXm
spKrhDeEpGYodEw+lN7ObhdhdZrK+2eG58EzJUm+hLnQ+6qhsoe4XBJECyiAChYZ
XbklImihEZ+RZg==
-----END CERTIFICATE-----