Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
File:                     OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft (raw, json)
Hash identifier:          1H5b9iKx2YpUlHH5tgcuE9L61yfk7yVprgP5MwHhcC4=
Subject key identifier:   C9:D8:CF:EE:A5:86:83:FF:D0:13:70:B0:05:C5:54:83:6F:85:95:C6
Authority key identifier: 3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48
Certificate issuer:       /CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
Certificate serial:       0193579BA179C53C4F7E4FC8BC7A4CB3BB87
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
Manifest number:          02ED
Signing time:             Sat 23 Nov 2024 06:00:37 +0000
Manifest this update:     Sat 23 Nov 2024 06:00:37 +0000
Manifest next update:     Sun 24 Nov 2024 06:00:37 +0000
Files and hashes:         1: OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl (hash: HITSmXT7wM1m4/hv1Xbhht5jEwpjI6DdB/dIYrp2CW8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:9b:a1:79:c5:3c:4f:7e:4f:c8:bc:7a:4c:b3:bb:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a74e07c2defca14bf2d6c7a15d5a9330d093748
        Validity
            Not Before: Nov 23 06:00:37 2024 GMT
            Not After : Nov 24 06:00:37 2024 GMT
        Subject: CN=c9d8cfeea58683ffd01370b005c554836f8595c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:58:4a:49:2b:8f:ae:2e:19:14:bb:f4:32:67:
                    74:15:58:03:95:72:83:19:a2:ba:2e:90:b6:df:d9:
                    db:c9:33:41:f1:f7:ab:8c:bb:2d:37:b6:99:13:cc:
                    20:d6:83:bb:ed:10:3b:e6:db:c9:1a:4d:3b:17:eb:
                    cc:c5:d7:a9:21:48:61:19:9f:d5:31:a0:ed:89:36:
                    df:ad:1b:5a:b3:77:05:1d:7a:e9:c4:f0:a6:5a:22:
                    c9:07:20:b0:e9:00:64:14:65:16:13:8d:1e:d1:61:
                    b9:27:08:63:a0:ec:9d:14:77:71:b3:15:fe:c0:70:
                    90:8c:0b:6d:d4:ca:a1:59:81:b6:fe:77:bc:ea:ba:
                    2f:29:2a:34:a2:d6:f5:2f:f6:1d:f0:28:9a:71:45:
                    13:6f:20:d7:c4:94:84:3c:2b:7b:da:09:76:30:b3:
                    1f:fe:c7:25:f4:d1:e5:8e:f3:56:f8:04:79:85:ac:
                    05:9d:51:54:33:39:43:a5:7c:2a:ae:6d:46:36:87:
                    bf:fb:54:8f:ab:a0:e3:6d:88:1f:f2:c8:e1:32:5d:
                    a2:e2:8f:a2:21:79:9d:04:4a:f7:b5:a1:e5:65:a4:
                    d7:0e:7a:3c:91:3f:76:40:e3:88:74:dc:87:71:8b:
                    63:33:72:c2:7a:39:86:ed:91:39:58:28:22:92:05:
                    dd:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:D8:CF:EE:A5:86:83:FF:D0:13:70:B0:05:C5:54:83:6F:85:95:C6
            X509v3 Authority Key Identifier:
                keyid:3A:74:E0:7C:2D:EF:CA:14:BF:2D:6C:7A:15:D5:A9:33:0D:09:37:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OnTgfC3vyhS_LWx6FdWpMw0JN0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/df/6587d8-5898-45a4-a5e3-d642e4b081bd/1/OnTgfC3vyhS_LWx6FdWpMw0JN0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:9a:1a:29:05:2b:7b:22:f8:4b:e3:d8:e9:14:67:0c:e4:5b:
         45:8b:4f:dc:e4:fb:16:0d:a9:17:bc:57:fc:b6:64:5f:fb:22:
         0b:07:29:d5:fb:a9:08:e0:d1:2e:b9:e7:85:e9:d6:cc:68:d0:
         2f:95:26:a0:8e:23:b8:50:e5:88:0a:06:ee:07:e5:b4:5f:80:
         73:15:3b:80:b9:72:62:1d:d0:c9:dd:c6:ca:4f:a5:c8:04:12:
         92:27:a2:9a:0c:7f:5b:92:f3:91:52:c0:01:e6:c6:65:be:10:
         1f:97:fa:15:b4:3b:52:26:be:47:7e:e5:2a:52:03:69:b8:ea:
         83:ab:98:88:82:dc:cc:7b:6c:88:98:33:c6:99:50:c7:c7:e8:
         64:8f:76:74:bd:56:83:3f:5d:47:6f:db:97:4e:b5:7e:61:54:
         f3:bf:9c:36:64:ed:24:a3:38:ce:4e:fc:9f:c2:23:8c:22:a2:
         e2:9f:2c:b3:59:28:18:12:0e:85:9c:ee:ed:5a:2f:6d:8d:6f:
         7d:35:dc:8e:f2:ff:77:72:f6:50:6d:2f:5b:74:80:4d:5b:be:
         38:16:7a:20:47:7b:83:4e:0d:7c:fb:d0:04:f1:48:40:5c:11:
         0e:ab:5b:b5:c0:c6:f1:37:af:31:92:3e:89:cd:a6:15:70:9a:
         71:09:67:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXm6F5xTxPfk/IvHpMs7uHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzRlMDdjMmRlZmNhMTRiZjJkNmM3YTE1ZDVhOTMzMGQw
OTM3NDgwHhcNMjQxMTIzMDYwMDM3WhcNMjQxMTI0MDYwMDM3WjAzMTEwLwYDVQQD
EyhjOWQ4Y2ZlZWE1ODY4M2ZmZDAxMzcwYjAwNWM1NTQ4MzZmODU5NWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1hKSSuPri4ZFLv0Mmd0FVgDlXKD
GaK6LpC239nbyTNB8ferjLstN7aZE8wg1oO77RA75tvJGk07F+vMxdepIUhhGZ/V
MaDtiTbfrRtas3cFHXrpxPCmWiLJByCw6QBkFGUWE40e0WG5JwhjoOydFHdxsxX+
wHCQjAtt1MqhWYG2/ne86rovKSo0otb1L/Yd8CiacUUTbyDXxJSEPCt72gl2MLMf
/scl9NHljvNW+AR5hawFnVFUMzlDpXwqrm1GNoe/+1SPq6DjbYgf8sjhMl2i4o+i
IXmdBEr3taHlZaTXDno8kT92QOOIdNyHcYtjM3LCejmG7ZE5WCgikgXd5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnYz+6lhoP/0BNwsAXFVINvhZXGMB8GA1UdIwQY
MBaAFDp04Hwt78oUvy1sehXVqTMNCTdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMt
ZDY0MmU0YjA4MWJkLzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi82NTg3ZDgtNTg5OC00NWE0LWE1ZTMtZDY0MmU0YjA4MWJk
LzEvT25UZ2ZDM3Z5aFNfTFd4NkZkV3BNdzBKTjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEJoaKQUr
eyL4S+PY6RRnDORbRYtP3OT7Fg2pF7xX/LZkX/siCwcp1fupCODRLrnnhenWzGjQ
L5UmoI4juFDliAoG7gfltF+AcxU7gLlyYh3Qyd3Gyk+lyAQSkieimgx/W5LzkVLA
AebGZb4QH5f6FbQ7Uia+R37lKlIDabjqg6uYiILczHtsiJgzxplQx8foZI92dL1W
gz9dR2/bl061fmFU87+cNmTtJKM4zk78n8IjjCKi4p8ss1koGBIOhZzu7VovbY1v
fTXcjvL/d3L2UG0vW3SATVu+OBZ6IEd7g04NfPvQBPFIQFwRDqtbtcDG8TevMZI+
ic2mFXCacQlnMQ==
-----END CERTIFICATE-----