Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          cFycVwUBUEnD3fv1iEe97wilYfAFiHIFrwpUZHcO4HA=
Subject key identifier:   F2:06:7D:BF:37:B5:1F:AD:AA:D8:F9:E2:83:56:AF:71:16:0F:D4:4C
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       0191FA10622358E8C6006A1587B9ABBB2CE4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          EF
Signing time:             Mon 16 Sep 2024 09:01:03 +0000
Manifest this update:     Mon 16 Sep 2024 09:01:03 +0000
Manifest next update:     Tue 17 Sep 2024 09:01:03 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: 7+YUhK2KtNw+w8S07j9P1+wTrSfv01f66w6RRQXrcUk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 17 Sep 2024 09:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:fa:10:62:23:58:e8:c6:00:6a:15:87:b9:ab:bb:2c:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Sep 16 09:01:03 2024 GMT
            Not After : Sep 17 09:01:03 2024 GMT
        Subject: CN=f2067dbf37b51fadaad8f9e28356af71160fd44c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:a6:23:e7:bf:6f:b1:31:e1:8a:eb:98:d1:e5:
                    5c:74:c3:a1:e5:cb:a7:d2:45:6f:06:f2:c3:5e:09:
                    c5:49:e1:52:bb:b5:05:74:57:2d:12:49:ff:35:e6:
                    c7:5f:be:2c:6b:ec:8b:0b:59:9a:8d:6f:11:13:19:
                    e4:99:8f:76:60:54:2b:22:56:9d:28:65:1e:db:30:
                    44:08:fd:18:2a:d0:9c:1d:9a:7e:e0:cf:8d:49:4d:
                    e5:42:ac:a6:41:0e:21:45:fb:4d:f0:65:44:1a:fb:
                    05:33:08:c2:0f:ee:dd:4b:2d:2d:54:68:8d:05:6a:
                    06:09:5e:ad:f9:fc:50:2b:7f:a5:0a:c0:23:11:0d:
                    57:f6:93:df:49:44:83:cf:1f:c5:83:66:9b:62:0f:
                    24:f9:19:67:e1:fc:d2:b3:61:35:35:ce:91:2e:0c:
                    76:00:6f:1e:09:77:5c:e8:02:b4:8d:d9:32:21:41:
                    31:67:a5:50:e6:93:e4:72:d3:68:51:86:08:6f:37:
                    40:33:03:c8:98:93:07:f3:62:49:02:33:3b:fb:b2:
                    cd:01:ef:c2:71:59:38:bd:3e:58:bb:35:7c:24:24:
                    b0:ea:c1:65:c4:5d:48:e2:14:37:c6:9b:5b:4b:11:
                    50:9a:ac:9d:2c:dd:64:e0:f2:65:5a:2d:f6:04:20:
                    9e:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:06:7D:BF:37:B5:1F:AD:AA:D8:F9:E2:83:56:AF:71:16:0F:D4:4C
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1d:03:dd:72:b3:7b:e1:48:be:fd:c6:16:b0:85:3c:9c:f4:05:
         d9:53:45:96:ae:5a:5f:9c:6e:df:fb:96:f1:cd:05:5f:ea:12:
         b7:89:a0:3d:9d:a3:af:35:97:88:7c:86:60:2b:46:63:09:98:
         ff:f9:48:d5:a1:f9:08:d7:de:50:f9:f2:bc:a9:be:c4:24:f3:
         bc:10:09:26:4b:4a:ea:60:1f:98:9a:1c:e6:2b:21:8c:f9:93:
         46:77:47:1f:e5:6d:f0:8f:3b:a3:fc:3b:57:d9:09:03:ef:bf:
         ae:0a:8f:e2:6c:84:57:ad:79:39:4c:c7:ea:d6:d7:11:54:c8:
         2d:19:aa:f9:6d:36:65:e8:24:d1:a0:e5:d0:bd:7f:8d:f6:8e:
         7f:c0:bb:11:da:47:db:da:19:f2:d0:3d:d3:ce:15:ba:b5:10:
         8d:45:52:98:e9:51:4d:5f:3c:83:3e:2b:07:88:15:7a:2c:ed:
         ba:58:fe:c3:cd:2e:0e:d8:a0:6f:19:0f:d1:6e:4d:17:44:03:
         80:65:f4:cd:2b:37:16:93:6c:4a:58:ac:74:c2:1c:80:21:af:
         ac:7e:4b:cd:12:0d:77:a9:d5:f0:12:7c:a1:49:c5:46:a0:43:
         32:9e:f2:6a:3c:34:5f:a9:d7:8b:22:89:e3:d0:9e:fa:90:81:
         e6:3f:7c:8f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZH6EGIjWOjGAGoVh7mruyzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjQwOTE2MDkwMTAzWhcNMjQwOTE3MDkwMTAzWjAzMTEwLwYDVQQD
EyhmMjA2N2RiZjM3YjUxZmFkYWFkOGY5ZTI4MzU2YWY3MTE2MGZkNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaYj579vsTHhiuuY0eVcdMOh5cun
0kVvBvLDXgnFSeFSu7UFdFctEkn/NebHX74sa+yLC1majW8RExnkmY92YFQrIlad
KGUe2zBECP0YKtCcHZp+4M+NSU3lQqymQQ4hRftN8GVEGvsFMwjCD+7dSy0tVGiN
BWoGCV6t+fxQK3+lCsAjEQ1X9pPfSUSDzx/Fg2abYg8k+Rln4fzSs2E1Nc6RLgx2
AG8eCXdc6AK0jdkyIUExZ6VQ5pPkctNoUYYIbzdAMwPImJMH82JJAjM7+7LNAe/C
cVk4vT5YuzV8JCSw6sFlxF1I4hQ3xptbSxFQmqydLN1k4PJlWi32BCCeQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIGfb83tR+tqtj54oNWr3EWD9RMMB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHQPdcrN7
4Ui+/cYWsIU8nPQF2VNFlq5aX5xu3/uW8c0FX+oSt4mgPZ2jrzWXiHyGYCtGYwmY
//lI1aH5CNfeUPnyvKm+xCTzvBAJJktK6mAfmJoc5ishjPmTRndHH+Vt8I87o/w7
V9kJA++/rgqP4myEV615OUzH6tbXEVTILRmq+W02Zegk0aDl0L1/jfaOf8C7EdpH
29oZ8tA9084VurUQjUVSmOlRTV88gz4rB4gVeiztulj+w80uDtigbxkP0W5NF0QD
gGX0zSs3FpNsSlisdMIcgCGvrH5LzRINd6nV8BJ8oUnFRqBDMp7yajw0X6nXiyKJ
49Ce+pCB5j98jw==
-----END CERTIFICATE-----