Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
File:                     OWN43jPRC4yw-AhitkkaTenP_N8.mft (raw, json)
Hash identifier:          4/Cwe2LC7ma+Ft1bXtogpZRCBfwf230oW7WaCtZTTU8=
Subject key identifier:   8B:46:94:15:E9:3B:3A:6B:1E:8A:D3:16:88:19:80:3D:DA:B1:D7:FF
Authority key identifier: 39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF
Certificate issuer:       /CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
Certificate serial:       019511A28E0BE523BC543E74B213D7C5F982
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
Manifest number:          03DB
Signing time:             Mon 17 Feb 2025 02:00:20 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:20 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:20 +0000
Files and hashes:         1: OWN43jPRC4yw-AhitkkaTenP_N8.crl (hash: EKbQKxY/25JfRrYAlEdXmEJ6QXG3Bg1opmbKSSX+Qrg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:8e:0b:e5:23:bc:54:3e:74:b2:13:d7:c5:f9:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
        Validity
            Not Before: Feb 17 02:00:20 2025 GMT
            Not After : Feb 18 02:00:20 2025 GMT
        Subject: CN=8b469415e93b3a6b1e8ad3168819803ddab1d7ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:53:04:1a:63:fe:5e:7e:bc:51:7a:e9:7a:80:
                    21:3c:9b:04:5f:72:ed:6b:65:be:b5:d5:92:9e:74:
                    bd:a0:ac:3c:de:49:af:61:9f:d5:fe:39:8b:2d:d6:
                    a3:65:fd:d2:c6:f4:a1:fb:4a:89:3b:fc:9c:5a:01:
                    a2:92:f9:9b:eb:9e:f8:21:8f:b0:45:2e:2b:08:6f:
                    9e:d2:c6:43:3f:01:72:1c:a9:14:a4:da:87:ef:12:
                    e1:66:82:bd:35:f0:e1:04:a2:14:53:24:04:31:a0:
                    38:21:09:d3:6c:fa:7d:1c:57:bb:11:75:0d:b7:d0:
                    b5:47:2f:ad:3c:e6:fe:b8:82:4b:44:a5:95:db:8b:
                    c9:3e:ec:d1:39:fe:de:06:c4:9b:2d:db:b5:17:c0:
                    08:f3:74:c4:6c:45:26:ee:db:88:02:6c:0d:96:18:
                    fa:9a:67:b6:df:1e:0e:bb:77:0b:47:5e:0a:23:5d:
                    ca:e0:5e:1a:64:e9:3e:3e:f9:5b:35:5e:46:7f:27:
                    f4:8b:d5:df:96:92:16:6a:cf:bd:4d:0b:3d:59:06:
                    ac:ea:bb:1a:e2:0e:22:42:b7:56:b5:9d:e7:54:d0:
                    97:20:cb:aa:04:44:54:28:f4:1a:75:2a:7d:86:7a:
                    39:af:99:c2:4c:87:0d:bb:7b:64:10:4b:48:31:8a:
                    9a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:46:94:15:E9:3B:3A:6B:1E:8A:D3:16:88:19:80:3D:DA:B1:D7:FF
            X509v3 Authority Key Identifier:
                keyid:39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         d7:c7:0d:ca:78:ad:6c:65:ca:35:91:95:7d:3a:4c:f4:0c:b6:
         50:8c:46:9c:4e:98:0b:9f:bc:cc:47:c1:1f:b6:54:a0:89:40:
         73:a7:9e:78:9c:45:59:d7:15:e5:c4:0c:c5:8e:5d:e8:fa:13:
         76:c0:ab:d4:f9:37:53:35:ff:ca:53:ee:0d:ab:95:2a:94:a4:
         13:66:fa:54:04:2f:a0:8d:8a:e5:e5:74:82:62:e8:c4:2e:63:
         0b:1d:db:d9:80:cc:a9:17:a4:99:7c:5c:52:2d:ea:35:a1:4b:
         46:85:83:b0:08:8b:49:e9:1c:25:af:a1:41:23:da:75:60:3b:
         38:7f:47:71:0e:d7:52:a6:9e:d6:f1:06:e5:27:d5:32:66:a4:
         17:68:3b:ec:e9:d4:ba:4e:c5:e6:cd:e5:97:89:49:86:3c:a8:
         2b:c2:66:ef:e4:74:c1:c6:8c:9c:a8:98:6c:91:6e:85:a9:30:
         95:2c:5e:5b:fa:64:f5:a3:72:48:ab:ba:40:00:e3:ae:4a:eb:
         4c:68:8e:ac:54:df:0e:84:5e:8a:ce:89:45:0a:b5:85:6c:f3:
         3a:e1:a9:53:30:ac:ee:45:fe:2f:6f:ce:a4:38:9f:d3:a6:14:
         c2:9d:7c:13:0d:3f:95:4a:58:a0:f1:6d:d4:61:3b:b7:b5:ae:
         46:26:3f:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoo4L5SO8VD50shPXxfmCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NjM3OGRlMzNkMTBiOGNiMGY4MDg2MmI2NDkxYTRkZTlj
ZmZjZGYwHhcNMjUwMjE3MDIwMDIwWhcNMjUwMjE4MDIwMDIwWjAzMTEwLwYDVQQD
Eyg4YjQ2OTQxNWU5M2IzYTZiMWU4YWQzMTY4ODE5ODAzZGRhYjFkN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlMEGmP+Xn68UXrpeoAhPJsEX3Lt
a2W+tdWSnnS9oKw83kmvYZ/V/jmLLdajZf3SxvSh+0qJO/ycWgGikvmb6574IY+w
RS4rCG+e0sZDPwFyHKkUpNqH7xLhZoK9NfDhBKIUUyQEMaA4IQnTbPp9HFe7EXUN
t9C1Ry+tPOb+uIJLRKWV24vJPuzROf7eBsSbLdu1F8AI83TEbEUm7tuIAmwNlhj6
mme23x4Ou3cLR14KI13K4F4aZOk+PvlbNV5Gfyf0i9XflpIWas+9TQs9WQas6rsa
4g4iQrdWtZ3nVNCXIMuqBERUKPQadSp9hno5r5nCTIcNu3tkEEtIMYqaGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItGlBXpOzprHorTFogZgD3asdf/MB8GA1UdIwQY
MBaAFDljeN4z0QuMsPgIYrZJGk3pz/zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTct
YmJlMDczYmY2YTY0LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTctYmJlMDczYmY2YTY0
LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA18cNynit
bGXKNZGVfTpM9Ay2UIxGnE6YC5+8zEfBH7ZUoIlAc6eeeJxFWdcV5cQMxY5d6PoT
dsCr1Pk3UzX/ylPuDauVKpSkE2b6VAQvoI2K5eV0gmLoxC5jCx3b2YDMqRekmXxc
Ui3qNaFLRoWDsAiLSekcJa+hQSPadWA7OH9HcQ7XUqae1vEG5SfVMmakF2g77OnU
uk7F5s3ll4lJhjyoK8Jm7+R0wcaMnKiYbJFuhakwlSxeW/pk9aNySKu6QADjrkrr
TGiOrFTfDoReis6JRQq1hWzzOuGpUzCs7kX+L2/OpDif06YUwp18Ew0/lUpYoPFt
1GE7t7WuRiY/Yg==
-----END CERTIFICATE-----