Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
File:                     ONY8X84e8J5L8s_JS7JQn9X_UJw.mft (raw, json)
Hash identifier:          brwnY/lPVXiT0/hkLxCPnHU49cFxO06+E8kzP/d8Af8=
Subject key identifier:   49:30:35:82:DA:D8:4A:43:7E:31:0A:64:1E:50:9E:18:68:B3:52:3D
Authority key identifier: 38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C
Certificate issuer:       /CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
Certificate serial:       019511D98076B09D828DCD87B49D9327EA51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
Manifest number:          0289
Signing time:             Mon 17 Feb 2025 03:00:21 +0000
Manifest this update:     Mon 17 Feb 2025 03:00:21 +0000
Manifest next update:     Tue 18 Feb 2025 03:00:21 +0000
Files and hashes:         1: ONY8X84e8J5L8s_JS7JQn9X_UJw.crl (hash: w15/HBqD+K+dotavsKj/fXspQ3F1/IzRaAr0WIOOibM=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:d9:80:76:b0:9d:82:8d:cd:87:b4:9d:93:27:ea:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38d63c5fce1ef09e4bf2cfc94bb2509fd5ff509c
        Validity
            Not Before: Feb 17 03:00:21 2025 GMT
            Not After : Feb 18 03:00:21 2025 GMT
        Subject: CN=49303582dad84a437e310a641e509e1868b3523d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:ec:f7:19:34:d3:50:19:a6:95:d9:14:8c:d1:
                    36:24:f7:04:1b:b3:6c:f3:d4:d2:51:21:07:96:7b:
                    47:21:4e:df:59:3e:61:5e:51:44:26:be:be:b4:86:
                    7e:f9:24:53:f9:66:6a:7a:39:68:f0:5f:e4:c3:cb:
                    a3:f8:c3:f8:32:24:2b:b7:3d:ea:cc:1f:9a:0a:aa:
                    76:38:f3:b4:2c:ab:d8:fc:c9:84:e1:9a:7a:64:89:
                    88:69:ba:1c:de:a6:57:a1:18:88:ce:47:c4:35:0c:
                    93:1e:3e:71:8c:63:d5:5d:52:89:06:aa:53:05:9d:
                    69:33:b4:1e:65:54:78:db:97:98:69:e0:ba:de:ab:
                    15:f9:d3:12:99:cd:13:1e:9e:a8:7c:dd:ec:93:33:
                    10:20:2c:d2:1e:f4:df:b9:df:25:66:f2:f0:12:39:
                    c7:d1:36:2e:04:4d:70:10:ac:9a:a7:9e:e5:aa:dd:
                    bc:74:54:05:de:a0:6a:f2:eb:c4:c0:8b:ef:4e:b8:
                    17:d5:82:9f:b4:bd:31:75:eb:9a:77:8b:48:fa:32:
                    67:a1:73:7e:37:58:4f:d1:b5:44:8e:57:e0:13:29:
                    72:88:04:b4:d7:57:84:60:db:03:2a:6b:70:f8:c4:
                    b5:c2:31:c3:6b:60:38:7e:40:b0:71:f5:a7:f9:5b:
                    38:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:30:35:82:DA:D8:4A:43:7E:31:0A:64:1E:50:9E:18:68:B3:52:3D
            X509v3 Authority Key Identifier:
                keyid:38:D6:3C:5F:CE:1E:F0:9E:4B:F2:CF:C9:4B:B2:50:9F:D5:FF:50:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ONY8X84e8J5L8s_JS7JQn9X_UJw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/ee3d73-9729-4da4-8bc7-67c442d6a850/1/ONY8X84e8J5L8s_JS7JQn9X_UJw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:9b:a5:74:d0:d6:c6:df:d0:2d:2d:11:f4:60:66:6f:14:e4:
         37:49:85:ed:22:ce:40:c2:1f:01:19:66:38:03:4b:36:10:12:
         f0:e9:43:38:00:95:4e:92:ba:73:22:e7:fd:1d:61:81:d6:19:
         82:28:8e:f3:ab:0e:23:c2:f3:6a:33:29:97:56:d8:4e:12:06:
         99:9a:94:98:d3:d0:89:77:48:53:7e:11:05:13:15:91:49:dd:
         34:d2:24:bd:05:47:0c:17:e4:7d:a0:a5:30:32:6c:43:13:06:
         64:6f:24:fa:6c:46:b4:75:22:eb:49:dd:7d:11:15:46:92:60:
         99:7a:04:b4:c8:4e:47:a4:0b:2d:c4:ac:ba:4a:da:92:97:b2:
         19:17:da:16:e0:9b:72:f9:ee:43:56:35:e1:6b:bf:69:c3:dd:
         42:16:2a:2d:28:a3:c1:f2:d9:93:f6:3b:68:cf:2f:67:41:02:
         39:24:50:ef:1d:4e:9c:04:12:64:d9:08:3c:04:9f:24:04:d2:
         b9:36:9e:72:e0:bd:0f:a9:b6:c7:6f:63:95:79:26:33:18:a0:
         76:b7:71:86:34:0f:43:2e:d7:30:46:b8:52:50:c7:09:b2:17:
         ad:07:11:6e:92:8e:93:df:b4:13:96:6f:07:e4:e2:dc:5f:c6:
         78:b1:c6:63
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZUR2YB2sJ2Cjc2HtJ2TJ+pRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZDYzYzVmY2UxZWYwOWU0YmYyY2ZjOTRiYjI1MDlmZDVm
ZjUwOWMwHhcNMjUwMjE3MDMwMDIxWhcNMjUwMjE4MDMwMDIxWjAzMTEwLwYDVQQD
Eyg0OTMwMzU4MmRhZDg0YTQzN2UzMTBhNjQxZTUwOWUxODY4YjM1MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+z3GTTTUBmmldkUjNE2JPcEG7Ns
89TSUSEHlntHIU7fWT5hXlFEJr6+tIZ++SRT+WZqejlo8F/kw8uj+MP4MiQrtz3q
zB+aCqp2OPO0LKvY/MmE4Zp6ZImIaboc3qZXoRiIzkfENQyTHj5xjGPVXVKJBqpT
BZ1pM7QeZVR425eYaeC63qsV+dMSmc0THp6ofN3skzMQICzSHvTfud8lZvLwEjnH
0TYuBE1wEKyap57lqt28dFQF3qBq8uvEwIvvTrgX1YKftL0xdeuad4tI+jJnoXN+
N1hP0bVEjlfgEylyiAS011eEYNsDKmtw+MS1wjHDa2A4fkCwcfWn+Vs4bwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkwNYLa2EpDfjEKZB5Qnhhos1I9MB8GA1UdIwQY
MBaAFDjWPF/OHvCeS/LPyUuyUJ/V/1CcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzct
NjdjNDQyZDZhODUwLzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9lZTNkNzMtOTcyOS00ZGE0LThiYzctNjdjNDQyZDZhODUw
LzEvT05ZOFg4NGU4SjVMOHNfSlM3SlFuOVhfVUp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJZuldNDW
xt/QLS0R9GBmbxTkN0mF7SLOQMIfARlmOANLNhAS8OlDOACVTpK6cyLn/R1hgdYZ
giiO86sOI8LzajMpl1bYThIGmZqUmNPQiXdIU34RBRMVkUndNNIkvQVHDBfkfaCl
MDJsQxMGZG8k+mxGtHUi60ndfREVRpJgmXoEtMhOR6QLLcSsukrakpeyGRfaFuCb
cvnuQ1Y14Wu/acPdQhYqLSijwfLZk/Y7aM8vZ0ECOSRQ7x1OnAQSZNkIPASfJATS
uTaecuC9D6m2x29jlXkmMxigdrdxhjQPQy7XMEa4UlDHCbIXrQcRbpKOk9+0E5Zv
B+Ti3F/GeLHGYw==
-----END CERTIFICATE-----