Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
File:                     oUYsqczoyP_R-dfefH6QXG6JPPw.mft (raw, json)
Hash identifier:          zIi5F8VklHNnbFR/qJPzodVXQRfCdtM7vaKr6Ub7j3g=
Subject key identifier:   A5:24:F9:24:3C:5A:93:7F:63:DE:31:40:B1:81:55:D7:74:58:51:96
Authority key identifier: A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC
Certificate issuer:       /CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
Certificate serial:       0194C387B9253F0ED0BB50C9312067424B87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
Manifest number:          142A
Signing time:             Sat 01 Feb 2025 22:00:39 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:39 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:39 +0000
Files and hashes:         1: oUYsqczoyP_R-dfefH6QXG6JPPw.crl (hash: hRBZdmJ6TuyNPYNY7Iu7tMLjQRFdam0/yy1diADKy+8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:b9:25:3f:0e:d0:bb:50:c9:31:20:67:42:4b:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1462ca9cce8c8ffd1f9d7de7c7e905c6e893cfc
        Validity
            Not Before: Feb  1 22:00:39 2025 GMT
            Not After : Feb  2 22:00:39 2025 GMT
        Subject: CN=a524f9243c5a937f63de3140b18155d774585196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:00:7f:e8:b0:39:fd:2a:a9:4f:a9:c2:84:a2:
                    fa:ce:be:9e:86:b7:cb:99:b6:28:cf:4f:9b:67:79:
                    db:cc:e4:fa:db:1a:80:45:b0:35:17:cc:a5:d9:8a:
                    00:72:14:07:e5:43:98:18:ea:3b:d0:4f:80:7a:51:
                    31:28:01:da:da:82:b5:90:1c:78:90:5f:89:5c:2c:
                    69:15:2f:95:2f:5b:f7:f9:62:f2:fb:cb:3d:ad:27:
                    9b:87:7b:02:5d:9d:33:fb:38:6e:2b:49:6f:73:fe:
                    e8:0b:72:08:e9:63:5c:0d:48:e7:f3:d0:60:67:fe:
                    b0:56:47:6d:a9:82:e5:56:f8:3d:d8:fb:5c:b4:2b:
                    cc:1f:27:9f:d6:af:5e:a4:7e:73:e7:0b:1c:3c:1f:
                    31:fc:b6:4d:00:bb:9d:89:fd:79:56:ca:f6:d3:93:
                    80:13:a5:6d:31:58:09:ee:28:9e:79:88:33:e2:9f:
                    97:eb:b3:bb:ac:52:1f:ba:26:b9:56:d2:25:95:a4:
                    86:f7:03:9c:5e:99:f2:b2:a5:97:67:f2:44:95:c6:
                    5f:b4:0e:d5:3f:51:22:db:d1:91:32:0f:c2:db:f0:
                    d4:a6:86:e8:32:fe:0b:da:94:60:53:15:18:e3:eb:
                    9a:94:a0:f7:35:a9:76:6e:b4:28:c4:d1:99:10:50:
                    af:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:24:F9:24:3C:5A:93:7F:63:DE:31:40:B1:81:55:D7:74:58:51:96
            X509v3 Authority Key Identifier:
                keyid:A1:46:2C:A9:CC:E8:C8:FF:D1:F9:D7:DE:7C:7E:90:5C:6E:89:3C:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oUYsqczoyP_R-dfefH6QXG6JPPw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/7971ed-5842-4e5b-b828-272cc92cc60b/1/oUYsqczoyP_R-dfefH6QXG6JPPw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         34:4a:c5:a1:77:eb:83:16:e0:cf:5a:32:07:65:d7:60:8c:4b:
         c5:54:f9:2e:26:d3:96:87:74:c8:51:c7:15:73:f0:e4:67:0d:
         1e:d8:80:cc:ab:56:82:2c:ea:c4:b3:ae:c0:93:8a:e3:04:5e:
         35:8a:c5:90:27:c8:ee:44:99:84:ff:56:78:0a:10:27:b0:18:
         4e:8a:8a:cf:e3:1b:75:01:1d:0a:b0:d6:64:32:30:82:53:96:
         a0:e4:5b:2f:02:18:7a:a9:30:09:89:e6:09:ce:94:f6:29:bf:
         ec:c7:11:d9:4c:65:e4:5b:c2:21:39:27:03:3e:96:12:89:4c:
         f3:91:15:fa:ea:aa:d9:28:eb:58:3a:47:49:cd:d9:a7:b1:15:
         f9:c4:73:33:c5:5c:d8:8e:26:34:c0:43:58:68:8e:9a:2c:0c:
         82:33:20:46:22:39:58:5e:68:59:dc:37:d7:44:d7:20:00:cb:
         9c:03:11:f3:b7:33:64:0c:97:87:ec:98:8e:ad:b3:25:1f:7e:
         d1:14:ff:e9:f1:0f:af:88:6a:ec:7f:eb:b7:51:f3:8f:3b:00:
         f1:c3:34:ef:f7:f8:5d:80:89:ec:66:b3:99:fb:cc:10:6b:a8:
         f6:dd:4a:a3:d8:f4:17:5e:fc:de:fc:fe:ac:04:02:ad:b2:7e:
         e6:c1:e3:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh7klPw7Qu1DJMSBnQkuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNDYyY2E5Y2NlOGM4ZmZkMWY5ZDdkZTdjN2U5MDVjNmU4
OTNjZmMwHhcNMjUwMjAxMjIwMDM5WhcNMjUwMjAyMjIwMDM5WjAzMTEwLwYDVQQD
EyhhNTI0ZjkyNDNjNWE5MzdmNjNkZTMxNDBiMTgxNTVkNzc0NTg1MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugB/6LA5/SqpT6nChKL6zr6ehrfL
mbYoz0+bZ3nbzOT62xqARbA1F8yl2YoAchQH5UOYGOo70E+AelExKAHa2oK1kBx4
kF+JXCxpFS+VL1v3+WLy+8s9rSebh3sCXZ0z+zhuK0lvc/7oC3II6WNcDUjn89Bg
Z/6wVkdtqYLlVvg92PtctCvMHyef1q9epH5z5wscPB8x/LZNALudif15Vsr205OA
E6VtMVgJ7iieeYgz4p+X67O7rFIfuia5VtIllaSG9wOcXpnysqWXZ/JElcZftA7V
P1Ei29GRMg/C2/DUpoboMv4L2pRgUxUY4+ualKD3Nal2brQoxNGZEFCvsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKUk+SQ8WpN/Y94xQLGBVdd0WFGWMB8GA1UdIwQY
MBaAFKFGLKnM6Mj/0fnX3nx+kFxuiTz8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4Mjgt
MjcyY2M5MmNjNjBiLzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83OTcxZWQtNTg0Mi00ZTViLWI4MjgtMjcyY2M5MmNjNjBi
LzEvb1VZc3Fjem95UF9SLWRmZWZINlFYRzZKUFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANErFoXfr
gxbgz1oyB2XXYIxLxVT5LibTlod0yFHHFXPw5GcNHtiAzKtWgizqxLOuwJOK4wRe
NYrFkCfI7kSZhP9WeAoQJ7AYToqKz+MbdQEdCrDWZDIwglOWoORbLwIYeqkwCYnm
Cc6U9im/7McR2Uxl5FvCITknAz6WEolM85EV+uqq2SjrWDpHSc3Zp7EV+cRzM8Vc
2I4mNMBDWGiOmiwMgjMgRiI5WF5oWdw310TXIADLnAMR87czZAyXh+yYjq2zJR9+
0RT/6fEPr4hq7H/rt1HzjzsA8cM07/f4XYCJ7GazmfvMEGuo9t1Ko9j0F1783vz+
rAQCrbJ+5sHj9Q==
-----END CERTIFICATE-----