Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
File:                     OCrZBtcZpmqFoxPRBSlAAstlf3s.mft (raw, json)
Hash identifier:          DOdAL2tBg7hKxbhlqeqklte2Q2yR2zwE5F3olXq+xsU=
Subject key identifier:   86:2A:1F:AD:6F:67:85:63:71:E9:09:CF:76:81:FE:78:DB:4B:1D:0E
Authority key identifier: 38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B
Certificate issuer:       /CN=382ad906d719a66a85a313d105294002cb657f7b
Certificate serial:       0194C4D167A272044D573A5F6D60942AF17B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
Manifest number:          0F
Signing time:             Sun 02 Feb 2025 04:00:45 +0000
Manifest this update:     Sun 02 Feb 2025 04:00:45 +0000
Manifest next update:     Mon 03 Feb 2025 04:00:45 +0000
Files and hashes:         1: OCrZBtcZpmqFoxPRBSlAAstlf3s.crl (hash: IHW3BlHMLgR1SuZ2SjvnH/UJ0oslpbiSKIm+e3VYWvg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 03 Feb 2025 00:00:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c4:d1:67:a2:72:04:4d:57:3a:5f:6d:60:94:2a:f1:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=382ad906d719a66a85a313d105294002cb657f7b
        Validity
            Not Before: Feb  2 04:00:45 2025 GMT
            Not After : Feb  3 04:00:45 2025 GMT
        Subject: CN=862a1fad6f67856371e909cf7681fe78db4b1d0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b4:4a:87:34:87:d3:0c:20:8a:41:58:4c:6a:
                    59:f4:b4:21:89:dc:fb:8a:b2:7e:b3:41:66:1c:32:
                    02:f4:f3:bb:aa:f7:e9:da:6a:a1:eb:d2:be:78:fe:
                    d9:82:76:17:a5:f8:18:a1:0d:d3:b1:6f:f2:c4:74:
                    c0:35:09:46:08:06:14:e1:bf:ea:0a:46:66:cb:01:
                    b1:d0:be:c3:73:d8:d6:b3:dd:27:5f:96:08:12:39:
                    62:22:2d:52:be:d9:e3:05:c5:b5:69:7c:c0:a0:84:
                    c0:34:58:41:04:b6:89:ee:f7:77:62:3e:ed:62:6a:
                    73:29:dc:3d:b1:25:bf:71:30:bf:17:ab:f6:6e:a5:
                    07:64:e1:c4:dd:fa:90:0f:bf:dd:d7:62:f0:69:80:
                    50:1a:2e:5e:da:86:59:2a:3c:46:b4:ed:54:fe:bf:
                    86:c0:ba:bb:aa:34:82:79:8f:1f:06:9a:56:07:2e:
                    d3:7e:b4:65:c4:13:a0:de:d9:21:55:90:9d:c5:7c:
                    c5:d2:c6:e1:9b:61:37:7d:10:8e:c4:82:7b:b7:56:
                    82:42:59:f1:50:48:2e:7b:c1:fa:91:15:b9:d9:c8:
                    a3:d3:52:8a:cf:3d:9f:44:d0:17:fd:fd:59:da:e9:
                    a5:1a:ef:09:cf:3e:11:4a:2f:46:00:47:b1:a6:eb:
                    6e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:2A:1F:AD:6F:67:85:63:71:E9:09:CF:76:81:FE:78:DB:4B:1D:0E
            X509v3 Authority Key Identifier:
                keyid:38:2A:D9:06:D7:19:A6:6A:85:A3:13:D1:05:29:40:02:CB:65:7F:7B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCrZBtcZpmqFoxPRBSlAAstlf3s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/914d91-ee71-4224-b300-6ce52bee666a/1/OCrZBtcZpmqFoxPRBSlAAstlf3s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a9:a3:02:07:99:43:f1:42:b3:40:73:1d:17:55:2d:3f:45:a5:
         60:64:c3:8a:aa:c2:1f:80:f0:d6:3f:89:5b:b0:3f:a7:7a:ba:
         69:b4:68:f6:ab:65:b5:3d:52:e9:75:d6:a4:38:03:d8:db:4f:
         62:74:ec:df:35:51:a1:8f:2c:09:ea:c1:0f:57:32:f6:a9:54:
         ec:ff:e0:cf:ed:a2:35:cc:3a:94:8b:84:05:74:09:84:93:4b:
         77:f0:6e:4a:3f:32:c8:22:ff:5c:a5:60:27:f2:82:3c:53:4e:
         2e:54:50:20:4d:e5:bf:5e:ed:df:a3:6f:03:c1:83:fc:57:ca:
         b4:30:06:ed:e4:3a:2e:f4:8d:48:21:4f:b1:da:20:4b:a0:40:
         10:42:5a:27:ee:32:0c:f2:2b:19:2f:1d:77:e6:13:c4:19:36:
         55:f0:ca:0c:9b:a4:13:81:89:98:e6:27:ff:fa:d2:b1:9e:32:
         13:d0:a5:73:7d:59:cf:8d:40:79:5b:4f:a2:46:b0:b3:41:ac:
         71:be:75:5e:69:74:ac:3c:c0:2e:61:0f:a6:a2:bc:e9:cb:ba:
         42:45:bd:32:cd:82:41:32:4b:1b:76:8c:80:12:39:09:11:77:
         b9:2c:c7:8d:88:01:d8:2e:66:3f:38:f7:78:81:8c:78:e9:c6:
         ff:89:13:b9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTE0WeicgRNVzpfbWCUKvF7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmFkOTA2ZDcxOWE2NmE4NWEzMTNkMTA1Mjk0MDAyY2I2
NTdmN2IwHhcNMjUwMjAyMDQwMDQ1WhcNMjUwMjAzMDQwMDQ1WjAzMTEwLwYDVQQD
Eyg4NjJhMWZhZDZmNjc4NTYzNzFlOTA5Y2Y3NjgxZmU3OGRiNGIxZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7RKhzSH0wwgikFYTGpZ9LQhidz7
irJ+s0FmHDIC9PO7qvfp2mqh69K+eP7ZgnYXpfgYoQ3TsW/yxHTANQlGCAYU4b/q
CkZmywGx0L7Dc9jWs90nX5YIEjliIi1SvtnjBcW1aXzAoITANFhBBLaJ7vd3Yj7t
YmpzKdw9sSW/cTC/F6v2bqUHZOHE3fqQD7/d12LwaYBQGi5e2oZZKjxGtO1U/r+G
wLq7qjSCeY8fBppWBy7TfrRlxBOg3tkhVZCdxXzF0sbhm2E3fRCOxIJ7t1aCQlnx
UEgue8H6kRW52cij01KKzz2fRNAX/f1Z2umlGu8Jzz4RSi9GAEexputuxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIYqH61vZ4VjcekJz3aB/njbSx0OMB8GA1UdIwQY
MBaAFDgq2QbXGaZqhaMT0QUpQALLZX97MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAt
NmNlNTJiZWU2NjZhLzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MTRkOTEtZWU3MS00MjI0LWIzMDAtNmNlNTJiZWU2NjZh
LzEvT0NyWkJ0Y1pwbXFGb3hQUkJTbEFBc3RsZjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqaMCB5lD
8UKzQHMdF1UtP0WlYGTDiqrCH4Dw1j+JW7A/p3q6abRo9qtltT1S6XXWpDgD2NtP
YnTs3zVRoY8sCerBD1cy9qlU7P/gz+2iNcw6lIuEBXQJhJNLd/BuSj8yyCL/XKVg
J/KCPFNOLlRQIE3lv17t36NvA8GD/FfKtDAG7eQ6LvSNSCFPsdogS6BAEEJaJ+4y
DPIrGS8dd+YTxBk2VfDKDJukE4GJmOYn//rSsZ4yE9Clc31Zz41AeVtPokaws0Gs
cb51Xml0rDzALmEPpqK86cu6QkW9Ms2CQTJLG3aMgBI5CRF3uSzHjYgB2C5mPzj3
eIGMeOnG/4kTuQ==
-----END CERTIFICATE-----