Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
File:                     OWN43jPRC4yw-AhitkkaTenP_N8.mft (raw, json)
Hash identifier:          DKhhHy9cKqVhC8/4SxasrUawnyn+/x4uHdr9zUQ2a/8=
Subject key identifier:   9C:C8:B0:63:A5:C7:7E:8A:25:02:63:42:CA:BE:5D:2F:09:50:45:4A
Authority key identifier: 39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF
Certificate issuer:       /CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
Certificate serial:       018F8824362C31B8C5BC5C5B1D35649CE955
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
Manifest number:          FD
Signing time:             Fri 17 May 2024 20:00:25 +0000
Manifest this update:     Fri 17 May 2024 20:00:25 +0000
Manifest next update:     Sat 18 May 2024 20:00:25 +0000
Files and hashes:         1: OWN43jPRC4yw-AhitkkaTenP_N8.crl (hash: QgRIPT+LmsJLEatHWAmLMlVPRb1NHMPzC0ZK3g15exA=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 16:46:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:88:24:36:2c:31:b8:c5:bc:5c:5b:1d:35:64:9c:e9:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=396378de33d10b8cb0f80862b6491a4de9cffcdf
        Validity
            Not Before: May 17 20:00:25 2024 GMT
            Not After : May 18 20:00:25 2024 GMT
        Subject: CN=9cc8b063a5c77e8a25026342cabe5d2f0950454a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:0c:27:ed:65:20:6b:7d:bd:a2:4f:ff:c2:03:
                    91:d4:2b:2c:97:dc:a6:65:ed:ef:ff:c8:f7:8d:70:
                    85:02:4e:57:58:f6:55:a2:64:bf:a3:5f:7d:20:60:
                    1f:e2:e3:08:97:7a:85:bd:a4:63:90:21:c4:71:88:
                    67:4b:9e:71:dc:94:aa:31:9f:aa:56:b6:d0:cf:e6:
                    90:a3:b2:88:e1:44:4d:49:9c:ff:38:99:9e:f6:de:
                    28:72:48:b3:37:4e:38:2d:e2:27:c6:e0:c5:3e:e6:
                    4d:fe:5c:ba:5f:c2:60:28:fe:25:f6:14:d2:02:30:
                    ea:06:55:9e:14:41:2d:5f:8b:18:1c:8a:fc:8c:43:
                    af:ab:ff:dc:bc:3f:19:43:41:cd:fe:64:16:25:18:
                    8c:6c:7a:48:b8:9b:4e:a0:dc:4f:d0:63:93:b5:4d:
                    bb:a6:a8:e6:75:82:b1:74:2b:2d:b5:99:e0:42:5e:
                    60:52:48:9f:db:d6:3e:ef:d3:92:9c:bb:71:69:85:
                    09:4e:ec:d8:8f:c5:e3:e2:2d:ad:f6:20:28:16:ee:
                    46:1b:68:96:2e:10:bc:36:82:79:80:53:12:d1:b3:
                    ad:e7:fd:8d:f0:01:dc:f7:69:fc:43:e7:e4:ea:a2:
                    d1:6e:a8:1d:5c:8b:87:7f:72:ec:cd:d9:a0:61:13:
                    33:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:C8:B0:63:A5:C7:7E:8A:25:02:63:42:CA:BE:5D:2F:09:50:45:4A
            X509v3 Authority Key Identifier:
                keyid:39:63:78:DE:33:D1:0B:8C:B0:F8:08:62:B6:49:1A:4D:E9:CF:FC:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OWN43jPRC4yw-AhitkkaTenP_N8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/f756cf-0628-4f72-a117-bbe073bf6a64/1/OWN43jPRC4yw-AhitkkaTenP_N8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:e1:6d:f2:a5:4a:fd:83:23:68:0f:28:b8:9d:f6:66:91:35:
         47:5c:e5:99:7d:75:7c:81:86:a4:59:61:32:18:26:24:1b:a9:
         39:4f:c1:b6:ca:e0:0d:8f:29:bc:c5:ee:80:8c:cd:d2:10:a2:
         c5:2a:74:e2:98:b0:7d:db:a1:13:d8:c6:f1:cc:a2:27:f2:11:
         5f:7c:7c:5f:73:0a:cf:2e:50:c6:25:c1:9f:02:1a:85:5b:27:
         85:26:50:6b:9e:ff:86:22:81:ac:7a:65:fb:8c:42:86:eb:7d:
         7d:1a:d0:38:60:3f:1c:76:9c:54:28:a9:63:e3:03:76:3b:a7:
         c9:6a:51:05:9f:f8:d0:ba:36:a7:48:a3:7a:00:46:a0:f3:ea:
         07:cd:c8:6d:7b:0a:f6:09:f8:1e:1d:84:ae:4d:47:b1:a1:9a:
         0c:ba:f8:06:3c:53:b9:6f:9b:fb:f4:23:95:05:4e:d7:52:9d:
         a2:90:ef:89:8f:a7:d3:ac:5e:16:41:8c:68:58:fa:ab:61:31:
         6c:e4:a7:31:e0:b0:0a:03:8a:49:0f:22:51:7b:ac:03:c6:0b:
         08:47:8b:80:90:e1:70:84:82:57:d7:b3:7e:81:80:a2:54:03:
         b0:02:c0:f4:5f:51:22:9a:57:26:b3:1e:14:f1:eb:72:b8:8f:
         01:21:b1:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+IJDYsMbjFvFxbHTVknOlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NjM3OGRlMzNkMTBiOGNiMGY4MDg2MmI2NDkxYTRkZTlj
ZmZjZGYwHhcNMjQwNTE3MjAwMDI1WhcNMjQwNTE4MjAwMDI1WjAzMTEwLwYDVQQD
Eyg5Y2M4YjA2M2E1Yzc3ZThhMjUwMjYzNDJjYWJlNWQyZjA5NTA0NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAwn7WUga329ok//wgOR1Cssl9ym
Ze3v/8j3jXCFAk5XWPZVomS/o199IGAf4uMIl3qFvaRjkCHEcYhnS55x3JSqMZ+q
VrbQz+aQo7KI4URNSZz/OJme9t4ockizN044LeInxuDFPuZN/ly6X8JgKP4l9hTS
AjDqBlWeFEEtX4sYHIr8jEOvq//cvD8ZQ0HN/mQWJRiMbHpIuJtOoNxP0GOTtU27
pqjmdYKxdCsttZngQl5gUkif29Y+79OSnLtxaYUJTuzYj8Xj4i2t9iAoFu5GG2iW
LhC8NoJ5gFMS0bOt5/2N8AHc92n8Q+fk6qLRbqgdXIuHf3LszdmgYRMzNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJzIsGOlx36KJQJjQsq+XS8JUEVKMB8GA1UdIwQY
MBaAFDljeN4z0QuMsPgIYrZJGk3pz/zfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTct
YmJlMDczYmY2YTY0LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9mNzU2Y2YtMDYyOC00ZjcyLWExMTctYmJlMDczYmY2YTY0
LzEvT1dONDNqUFJDNHl3LUFoaXRra2FUZW5QX044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfuFt8qVK
/YMjaA8ouJ32ZpE1R1zlmX11fIGGpFlhMhgmJBupOU/BtsrgDY8pvMXugIzN0hCi
xSp04piwfduhE9jG8cyiJ/IRX3x8X3MKzy5QxiXBnwIahVsnhSZQa57/hiKBrHpl
+4xChut9fRrQOGA/HHacVCipY+MDdjunyWpRBZ/40Lo2p0ijegBGoPPqB83IbXsK
9gn4Hh2Erk1HsaGaDLr4BjxTuW+b+/QjlQVO11KdopDviY+n06xeFkGMaFj6q2Ex
bOSnMeCwCgOKSQ8iUXusA8YLCEeLgJDhcISCV9ezfoGAolQDsALA9F9RIppXJrMe
FPHrcriPASGxwA==
-----END CERTIFICATE-----