Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
File:                     oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft (raw, json)
Hash identifier:          iLsrwJoyzc9SMB+1Z/xsq2VoI7oxTp8j1j1+XYEnjs8=
Subject key identifier:   09:B0:52:EE:89:FA:61:6E:60:83:02:81:5B:BC:25:3B:E3:B5:A6:D0
Authority key identifier: A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7
Certificate issuer:       /CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
Certificate serial:       0194C387D735C79FF7BAF1AFF204B43CE5FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
Manifest number:          142B
Signing time:             Sat 01 Feb 2025 22:00:46 +0000
Manifest this update:     Sat 01 Feb 2025 22:00:46 +0000
Manifest next update:     Sun 02 Feb 2025 22:00:46 +0000
Files and hashes:         1: oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl (hash: 9Y7dquaneNfVlz/8SG9Ruei57hcfX4ovOpWz9b31iFU=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 02 Feb 2025 22:00:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:c3:87:d7:35:c7:9f:f7:ba:f1:af:f2:04:b4:3c:e5:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0a67e06b5904635eb4d1c91c341289f59afeaa7
        Validity
            Not Before: Feb  1 22:00:46 2025 GMT
            Not After : Feb  2 22:00:46 2025 GMT
        Subject: CN=09b052ee89fa616e608302815bbc253be3b5a6d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d3:e7:22:9d:da:09:94:50:bf:bd:c5:84:65:
                    b3:3e:85:b2:d4:19:0d:60:60:dd:79:2b:50:da:c5:
                    37:f4:31:c6:83:ab:33:80:d8:eb:95:97:e3:54:4f:
                    51:17:76:5e:c6:4e:51:21:da:fc:54:ac:93:a4:98:
                    f8:fa:48:de:9d:8b:2e:fb:58:02:de:ea:51:32:83:
                    c9:0c:af:09:9a:54:70:0f:80:5e:80:4b:9f:4b:4b:
                    3f:84:94:f9:bf:c8:45:74:0d:3c:25:7c:90:41:c6:
                    7a:1c:3b:51:81:53:0b:0a:a2:22:b4:19:76:72:51:
                    a8:d9:75:11:d6:62:c5:db:e7:b4:18:b1:3a:25:c2:
                    60:ec:ba:02:50:aa:0b:ee:90:a5:40:1c:24:38:ab:
                    b3:fa:9b:5d:6d:e9:ae:e6:c6:92:0c:44:e8:4b:37:
                    69:e3:d1:50:9f:17:c9:6b:91:61:cd:9b:67:57:65:
                    ae:a1:17:db:95:a1:bf:71:00:e4:31:c0:ac:ac:d2:
                    0c:7d:fb:83:06:bc:2b:99:0c:06:6c:3a:be:35:e3:
                    a1:10:eb:c5:d8:f8:41:6a:39:4c:b0:52:8d:85:f7:
                    18:8b:f1:bc:66:fa:13:dc:d0:eb:26:fe:1f:58:a7:
                    53:81:cb:13:5f:db:b2:02:da:1d:39:76:75:b4:9b:
                    73:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B0:52:EE:89:FA:61:6E:60:83:02:81:5B:BC:25:3B:E3:B5:A6:D0
            X509v3 Authority Key Identifier:
                keyid:A0:A6:7E:06:B5:90:46:35:EB:4D:1C:91:C3:41:28:9F:59:AF:EA:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/05e1ac-e703-4f57-a91a-b0feb4f9319a/1/oKZ-BrWQRjXrTRyRw0Eon1mv6qc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:4e:52:4a:8f:95:ee:f3:96:67:1d:1a:01:c0:6e:92:22:ef:
         64:f3:99:1a:18:5a:e7:c2:78:3f:6b:4a:c4:cc:c2:8d:6c:3e:
         35:bf:2b:dc:d7:48:60:bb:d1:92:1c:3e:a2:f7:d8:f0:8b:4a:
         ab:75:a4:5e:a6:33:fb:12:23:dd:56:bb:4b:63:a1:fa:e4:2f:
         ee:fb:35:56:ce:a1:cd:ce:02:4f:46:0a:00:7d:10:ae:e7:55:
         80:0f:9e:29:50:e7:a8:6f:ee:1a:ba:bb:7f:52:b9:8e:6d:b4:
         19:4f:32:ad:f5:5c:d9:d1:cb:b9:08:32:b7:0a:0d:cc:8f:94:
         45:b7:97:77:ef:3d:2c:8f:38:61:b2:df:55:1f:a7:d9:84:35:
         8b:01:5a:ea:8d:e9:cd:81:fc:77:fb:61:a9:2d:e8:f8:04:fc:
         50:11:9d:73:e3:b1:ec:2a:d2:a4:36:f3:d7:06:e6:79:d9:4f:
         61:b4:02:ac:2b:37:01:df:bb:a3:99:e2:ff:7b:e6:ec:93:a9:
         c7:12:82:65:e2:5f:9d:a8:27:4d:27:97:76:6e:d0:d9:2e:ed:
         7c:19:42:ef:11:02:b7:bb:fb:e1:f8:16:83:02:f3:40:cd:44:
         e2:03:52:c7:52:64:f5:f9:4d:5d:c6:d9:16:9c:d2:93:b9:61:
         95:6b:03:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZTDh9c1x5/3uvGv8gS0POX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY3ZTA2YjU5MDQ2MzVlYjRkMWM5MWMzNDEyODlmNTlh
ZmVhYTcwHhcNMjUwMjAxMjIwMDQ2WhcNMjUwMjAyMjIwMDQ2WjAzMTEwLwYDVQQD
EygwOWIwNTJlZTg5ZmE2MTZlNjA4MzAyODE1YmJjMjUzYmUzYjVhNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdPnIp3aCZRQv73FhGWzPoWy1BkN
YGDdeStQ2sU39DHGg6szgNjrlZfjVE9RF3Zexk5RIdr8VKyTpJj4+kjenYsu+1gC
3upRMoPJDK8JmlRwD4BegEufS0s/hJT5v8hFdA08JXyQQcZ6HDtRgVMLCqIitBl2
clGo2XUR1mLF2+e0GLE6JcJg7LoCUKoL7pClQBwkOKuz+ptdbemu5saSDEToSzdp
49FQnxfJa5FhzZtnV2WuoRfblaG/cQDkMcCsrNIMffuDBrwrmQwGbDq+NeOhEOvF
2PhBajlMsFKNhfcYi/G8ZvoT3NDrJv4fWKdTgcsTX9uyAtodOXZ1tJtzYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmwUu6J+mFuYIMCgVu8JTvjtabQMB8GA1UdIwQY
MBaAFKCmfga1kEY1600ckcNBKJ9Zr+qnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEt
YjBmZWI0ZjkzMTlhLzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8wNWUxYWMtZTcwMy00ZjU3LWE5MWEtYjBmZWI0ZjkzMTlh
LzEvb0taLUJyV1FSalhyVFJ5UncwRW9uMW12NnFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeU5SSo+V
7vOWZx0aAcBukiLvZPOZGhha58J4P2tKxMzCjWw+Nb8r3NdIYLvRkhw+ovfY8ItK
q3WkXqYz+xIj3Va7S2Oh+uQv7vs1Vs6hzc4CT0YKAH0QrudVgA+eKVDnqG/uGrq7
f1K5jm20GU8yrfVc2dHLuQgytwoNzI+URbeXd+89LI84YbLfVR+n2YQ1iwFa6o3p
zYH8d/thqS3o+AT8UBGdc+Ox7CrSpDbz1wbmedlPYbQCrCs3Ad+7o5ni/3vm7JOp
xxKCZeJfnagnTSeXdm7Q2S7tfBlC7xECt7v74fgWgwLzQM1E4gNSx1Jk9flNXcbZ
FpzSk7lhlWsDLg==
-----END CERTIFICATE-----