Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          NssZYVwH8Udhl2dFgm/JUxOLUNaC8kq46Cfu+rK0UA4=
Subject key identifier:   CB:4E:8D:8A:75:05:DF:89:C1:48:30:69:B7:2E:41:34:51:F6:CD:72
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       018F8891EA7C0AC03940394C83BD7C1506F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0588
Signing time:             Fri 17 May 2024 22:00:15 +0000
Manifest this update:     Fri 17 May 2024 22:00:15 +0000
Manifest next update:     Sat 18 May 2024 22:00:15 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: wsmGJdotAPpPoCfcZDtD1a65aGLCfTFMkFrvmfNCssg=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:91:ea:7c:0a:c0:39:40:39:4c:83:bd:7c:15:06:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: May 17 22:00:15 2024 GMT
            Not After : May 18 22:00:15 2024 GMT
        Subject: CN=cb4e8d8a7505df89c1483069b72e413451f6cd72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:78:6b:4e:5f:0f:8c:52:b8:ae:69:ae:93:a2:
                    7e:17:cc:5c:c2:44:d4:5a:da:d9:24:58:41:0a:be:
                    a1:b1:27:7d:b0:53:f0:74:9a:ba:a6:c9:ff:fd:d1:
                    cf:fb:89:36:7f:86:ce:f1:d0:b2:f7:38:78:07:10:
                    b7:d1:9d:58:16:60:1a:91:71:d6:93:23:85:26:3b:
                    87:7e:b9:7c:3a:22:db:a9:ba:60:cd:59:65:bd:9a:
                    f4:d7:ac:cf:be:0e:94:e3:49:d1:6a:3b:a3:f0:89:
                    06:e3:af:cf:a6:0f:b3:32:0c:5d:4b:06:cd:70:7e:
                    0f:b6:6b:70:47:4b:11:34:dd:22:3d:86:a3:ba:cf:
                    63:d5:4c:47:c0:32:83:6e:43:bc:59:f7:ce:e4:dc:
                    20:be:6a:44:6a:28:65:fe:d9:f7:75:f8:a5:7f:f4:
                    d5:2e:4f:26:62:42:d5:76:f6:b7:43:01:ec:c5:49:
                    76:3d:0e:95:91:a5:34:bb:f2:f0:5f:55:e7:f7:12:
                    89:04:68:5e:ad:a4:9d:1d:e8:cb:32:a8:72:46:1d:
                    71:89:3f:12:79:68:77:83:3e:b9:5b:7f:0a:72:88:
                    5d:07:b3:7b:ae:ce:c0:fe:6b:b5:6c:5b:63:40:a3:
                    4f:73:4b:77:a0:4c:b9:ab:3b:65:c1:f5:a7:11:7f:
                    1c:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:4E:8D:8A:75:05:DF:89:C1:48:30:69:B7:2E:41:34:51:F6:CD:72
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         43:f8:d8:b7:0a:0e:89:1f:b6:81:9c:48:60:70:5e:06:79:88:
         51:58:68:5c:dd:f4:b4:8f:1e:ce:a6:2f:c8:9d:05:4b:6e:5b:
         34:f7:84:08:e1:d8:64:cc:05:75:e6:77:46:61:17:f3:3e:33:
         8d:1b:43:1c:a1:80:69:7d:24:28:2f:17:c6:da:55:cf:56:f0:
         b7:43:37:d4:28:fc:c8:d4:ff:a4:4f:51:dc:3b:a7:c4:bc:1e:
         96:30:2c:18:b0:97:47:f4:28:34:99:cd:b9:65:d0:db:10:e0:
         87:57:76:79:19:c8:ef:d8:8b:85:32:7e:36:5b:a6:bf:ee:89:
         95:80:4d:c2:bd:dc:54:a4:b0:0e:13:de:62:75:2d:36:0c:91:
         53:4e:fd:5e:20:9c:65:c2:ff:9d:26:1f:00:7c:62:30:29:c6:
         dd:98:28:65:2b:0e:55:18:2d:01:55:bd:86:be:cf:91:1a:55:
         df:d4:95:78:24:32:00:e8:a5:86:e3:6c:bd:38:94:04:4d:de:
         2e:a6:1d:62:db:a5:b4:71:5e:be:77:54:52:f2:d1:4e:38:bc:
         7b:86:43:1c:1a:28:63:b9:f8:1c:8b:25:86:50:ae:24:79:cd:
         40:6e:2f:92:26:59:83:7e:99:e0:4b:e1:a0:8a:cf:45:85:13:
         c2:d4:11:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Ikep8CsA5QDlMg718FQb0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjQwNTE3MjIwMDE1WhcNMjQwNTE4MjIwMDE1WjAzMTEwLwYDVQQD
EyhjYjRlOGQ4YTc1MDVkZjg5YzE0ODMwNjliNzJlNDEzNDUxZjZjZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXhrTl8PjFK4rmmuk6J+F8xcwkTU
WtrZJFhBCr6hsSd9sFPwdJq6psn//dHP+4k2f4bO8dCy9zh4BxC30Z1YFmAakXHW
kyOFJjuHfrl8OiLbqbpgzVllvZr016zPvg6U40nRajuj8IkG46/Ppg+zMgxdSwbN
cH4PtmtwR0sRNN0iPYajus9j1UxHwDKDbkO8WffO5NwgvmpEaihl/tn3dfilf/TV
Lk8mYkLVdva3QwHsxUl2PQ6VkaU0u/LwX1Xn9xKJBGheraSdHejLMqhyRh1xiT8S
eWh3gz65W38KcohdB7N7rs7A/mu1bFtjQKNPc0t3oEy5qztlwfWnEX8cIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtOjYp1Bd+JwUgwabcuQTRR9s1yMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/jYtwoO
iR+2gZxIYHBeBnmIUVhoXN30tI8ezqYvyJ0FS25bNPeECOHYZMwFdeZ3RmEX8z4z
jRtDHKGAaX0kKC8XxtpVz1bwt0M31Cj8yNT/pE9R3DunxLweljAsGLCXR/QoNJnN
uWXQ2xDgh1d2eRnI79iLhTJ+Nlumv+6JlYBNwr3cVKSwDhPeYnUtNgyRU079XiCc
ZcL/nSYfAHxiMCnG3ZgoZSsOVRgtAVW9hr7PkRpV39SVeCQyAOilhuNsvTiUBE3e
LqYdYtultHFevndUUvLRTji8e4ZDHBooY7n4HIslhlCuJHnNQG4vkiZZg36Z4Evh
oIrPRYUTwtQRRw==
-----END CERTIFICATE-----