Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
File:                     ODH5qlDO_oJdpfkNpnswMlSp24U.mft (raw, json)
Hash identifier:          NGgm6xsMH6DRm1FCqibS31+o4PzRekM3K2+d4Kf+jXM=
Subject key identifier:   6C:98:DE:B3:0F:24:85:71:DE:B8:AA:A7:BE:2A:8E:2B:51:87:DC:90
Authority key identifier: 38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85
Certificate issuer:       /CN=3831f9aa50cefe825da5f90da67b303254a9db85
Certificate serial:       0193617AB498BD64496926CC7EF88610ECB5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
Manifest number:          0786
Signing time:             Mon 25 Nov 2024 04:00:51 +0000
Manifest this update:     Mon 25 Nov 2024 04:00:51 +0000
Manifest next update:     Tue 26 Nov 2024 04:00:51 +0000
Files and hashes:         1: ODH5qlDO_oJdpfkNpnswMlSp24U.crl (hash: +I5PDHSjO10HZMwfqAljg/K5SPKYoTAq8rS6GAQhG8w=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:61:7a:b4:98:bd:64:49:69:26:cc:7e:f8:86:10:ec:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3831f9aa50cefe825da5f90da67b303254a9db85
        Validity
            Not Before: Nov 25 04:00:51 2024 GMT
            Not After : Nov 26 04:00:51 2024 GMT
        Subject: CN=6c98deb30f248571deb8aaa7be2a8e2b5187dc90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:d1:13:07:a1:3b:7c:69:ca:0b:b6:cf:1c:bf:
                    b0:51:2b:5a:f1:3c:c8:b9:8a:f1:54:cd:16:72:a3:
                    f7:26:1c:b0:40:64:54:69:51:8b:c0:e1:73:d5:e6:
                    10:6e:b1:b0:f8:88:65:ea:4f:4d:53:41:d0:bd:71:
                    24:70:a6:45:a2:20:52:7d:c8:c2:e3:3b:14:ee:8a:
                    90:e7:54:ca:3b:3c:3c:54:d4:6b:b3:84:7c:11:11:
                    82:57:46:31:ae:84:9f:96:85:5d:6e:6a:ff:01:99:
                    64:32:43:b1:35:7b:93:9f:f7:ea:9e:e3:53:e4:0b:
                    43:72:7f:1b:ce:07:f4:4b:1e:66:e4:40:dd:18:cc:
                    61:2a:c5:84:b7:03:02:82:bb:d5:3f:1c:93:4c:f4:
                    75:1d:88:d2:2a:14:de:62:b5:96:9d:33:71:c1:d0:
                    95:47:d4:a8:8e:e6:9b:30:d3:e8:c8:c3:91:72:4b:
                    09:d2:a1:fb:c0:c0:71:08:34:a8:33:21:04:ba:10:
                    4f:27:d7:6e:02:be:2b:d3:f2:30:48:43:df:5b:bf:
                    8a:3e:1e:2a:ef:62:5e:53:17:4a:8f:46:d7:e0:50:
                    cf:0f:ad:87:cf:1f:a6:a2:b9:80:9e:85:73:9c:c8:
                    ef:36:c9:78:ba:23:de:a2:c2:ca:9b:e5:6e:6c:fc:
                    c6:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:98:DE:B3:0F:24:85:71:DE:B8:AA:A7:BE:2A:8E:2B:51:87:DC:90
            X509v3 Authority Key Identifier:
                keyid:38:31:F9:AA:50:CE:FE:82:5D:A5:F9:0D:A6:7B:30:32:54:A9:DB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ODH5qlDO_oJdpfkNpnswMlSp24U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/825011-3e5b-4404-a7b0-66f9c92d4fa1/1/ODH5qlDO_oJdpfkNpnswMlSp24U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6d:d4:97:e4:4e:71:86:8b:be:75:7f:ef:54:d6:3a:e2:52:20:
         45:e0:36:83:52:a1:b4:b9:d5:1c:33:9c:25:e0:ca:d6:bf:34:
         93:43:05:00:8b:53:d2:4e:59:2e:59:53:0a:1f:29:1d:f4:3d:
         87:4d:a9:8a:31:b8:6d:cd:ef:a6:e3:2a:87:16:57:87:c4:dd:
         99:35:35:93:b7:11:9a:86:ae:22:cc:15:ed:5e:67:c9:02:c0:
         48:ff:0a:62:22:b8:58:06:aa:99:31:df:74:76:73:80:fe:b1:
         a9:69:44:92:a5:53:71:91:59:d1:ca:34:ce:04:4a:85:70:58:
         30:5e:fd:27:77:cd:cd:54:1f:e9:ca:1a:66:b6:90:28:5d:f3:
         0d:b1:1d:37:62:2d:af:4a:f1:b8:0b:ef:be:70:ea:b8:eb:32:
         cc:c2:97:99:61:36:97:ca:90:e0:7f:58:7e:bb:d4:17:f7:a0:
         e6:d6:36:4a:7d:f6:61:95:3f:0f:1e:b8:47:5f:13:cf:e6:78:
         dc:1e:e5:53:33:e8:41:4d:1b:76:22:fa:c9:0b:4e:15:7a:9a:
         c7:6b:60:6c:ec:1d:1d:5b:a7:8a:8a:64:e8:1a:8b:05:f3:9d:
         81:a8:2e:69:d4:e8:94:34:b4:34:ba:64:3c:46:31:66:83:36:
         8f:08:31:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNherSYvWRJaSbMfviGEOy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MzFmOWFhNTBjZWZlODI1ZGE1ZjkwZGE2N2IzMDMyNTRh
OWRiODUwHhcNMjQxMTI1MDQwMDUxWhcNMjQxMTI2MDQwMDUxWjAzMTEwLwYDVQQD
Eyg2Yzk4ZGViMzBmMjQ4NTcxZGViOGFhYTdiZTJhOGUyYjUxODdkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdETB6E7fGnKC7bPHL+wUSta8TzI
uYrxVM0WcqP3JhywQGRUaVGLwOFz1eYQbrGw+Ihl6k9NU0HQvXEkcKZFoiBSfcjC
4zsU7oqQ51TKOzw8VNRrs4R8ERGCV0YxroSfloVdbmr/AZlkMkOxNXuTn/fqnuNT
5AtDcn8bzgf0Sx5m5EDdGMxhKsWEtwMCgrvVPxyTTPR1HYjSKhTeYrWWnTNxwdCV
R9SojuabMNPoyMORcksJ0qH7wMBxCDSoMyEEuhBPJ9duAr4r0/IwSEPfW7+KPh4q
72JeUxdKj0bX4FDPD62Hzx+mormAnoVznMjvNsl4uiPeosLKm+VubPzGkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGyY3rMPJIVx3riqp74qjitRh9yQMB8GA1UdIwQY
MBaAFDgx+apQzv6CXaX5DaZ7MDJUqduFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAt
NjZmOWM5MmQ0ZmExLzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84MjUwMTEtM2U1Yi00NDA0LWE3YjAtNjZmOWM5MmQ0ZmEx
LzEvT0RINXFsRE9fb0pkcGZrTnBuc3dNbFNwMjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbdSX5E5x
hou+dX/vVNY64lIgReA2g1KhtLnVHDOcJeDK1r80k0MFAItT0k5ZLllTCh8pHfQ9
h02pijG4bc3vpuMqhxZXh8TdmTU1k7cRmoauIswV7V5nyQLASP8KYiK4WAaqmTHf
dHZzgP6xqWlEkqVTcZFZ0co0zgRKhXBYMF79J3fNzVQf6coaZraQKF3zDbEdN2It
r0rxuAvvvnDquOsyzMKXmWE2l8qQ4H9YfrvUF/eg5tY2Sn32YZU/Dx64R18Tz+Z4
3B7lUzPoQU0bdiL6yQtOFXqax2tgbOwdHVuniopk6BqLBfOdgaguadTolDS0NLpk
PEYxZoM2jwgxtw==
-----END CERTIFICATE-----