Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
File:                     obtQVKF8yU__wrwpWhW_74qQQwo.mft (raw, json)
Hash identifier:          3hisQtktzC+SkXB5ZjFYc5Ykxday28Oo7rrjuoFFKCs=
Subject key identifier:   8E:4D:66:84:72:F6:F9:A6:AC:B6:C4:C9:C9:CC:DF:13:49:BD:E3:F6
Authority key identifier: A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A
Certificate issuer:       /CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
Certificate serial:       01935764DC2938B4BFB9AAC815F74B6979FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
Manifest number:          0386
Signing time:             Sat 23 Nov 2024 05:00:47 +0000
Manifest this update:     Sat 23 Nov 2024 05:00:47 +0000
Manifest next update:     Sun 24 Nov 2024 05:00:47 +0000
Files and hashes:         1: obtQVKF8yU__wrwpWhW_74qQQwo.crl (hash: YxFJ6I4btajl+DS6TyZ/Vap8PF7SWK95eDmd6PwPD70=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 21:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:64:dc:29:38:b4:bf:b9:aa:c8:15:f7:4b:69:79:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a1bb5054a17cc94fffc2bc295a15bfef8a90430a
        Validity
            Not Before: Nov 23 05:00:47 2024 GMT
            Not After : Nov 24 05:00:47 2024 GMT
        Subject: CN=8e4d668472f6f9a6acb6c4c9c9ccdf1349bde3f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:6b:8e:c7:78:43:84:90:65:8c:2a:9c:3a:02:
                    c9:a3:59:c2:27:19:29:3d:d6:63:6d:04:3d:fb:43:
                    61:21:57:a4:10:24:75:07:fd:b8:28:a8:d7:b0:74:
                    04:b2:9a:76:b2:d8:55:83:88:c7:1e:74:0a:cd:aa:
                    ae:0a:95:32:06:4f:ed:1d:1f:3b:63:bf:c7:3d:eb:
                    45:4c:cd:64:1a:2f:98:85:5c:b2:73:c9:87:1d:79:
                    a5:09:56:a3:b8:ec:2c:af:88:f9:68:26:22:18:70:
                    42:b7:93:82:e2:d0:28:c1:52:e3:d8:d1:99:77:2f:
                    90:31:e0:98:4a:b8:cf:d6:73:b9:ca:d6:1a:f9:f6:
                    2e:6b:4e:a1:5f:fb:19:40:f7:51:e8:f7:b4:0a:9e:
                    82:b9:cb:ca:da:28:4a:38:78:6c:b3:11:c5:5c:ff:
                    24:56:84:66:f7:76:00:29:3b:0e:6d:9e:d9:19:2f:
                    fb:59:bc:a7:d1:ed:4a:62:71:50:f4:17:26:91:31:
                    c5:ee:e7:1d:24:31:f9:0b:86:12:1e:47:55:eb:06:
                    57:91:12:29:b8:a0:fa:11:f7:a4:b7:e5:7a:dd:b3:
                    7c:84:fa:b7:88:e9:94:28:65:41:fe:57:3c:97:a4:
                    30:b6:ec:25:f7:77:f0:a1:44:27:de:92:65:be:66:
                    f2:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:4D:66:84:72:F6:F9:A6:AC:B6:C4:C9:C9:CC:DF:13:49:BD:E3:F6
            X509v3 Authority Key Identifier:
                keyid:A1:BB:50:54:A1:7C:C9:4F:FF:C2:BC:29:5A:15:BF:EF:8A:90:43:0A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obtQVKF8yU__wrwpWhW_74qQQwo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a30c10-1c2d-478c-9cf8-72255d249c5d/1/obtQVKF8yU__wrwpWhW_74qQQwo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         87:c3:ff:b5:f2:50:a2:4a:26:89:95:e1:22:86:c2:f7:b7:d1:
         f3:58:c6:91:47:b7:88:1a:f2:3f:be:8d:d1:d4:be:64:92:6f:
         58:a3:e3:ca:16:f1:99:01:28:4f:91:7a:65:ad:c4:bb:01:47:
         22:f5:ed:58:a2:f8:15:53:82:e1:da:d4:62:ce:ac:1d:bb:57:
         67:d7:b6:fb:48:3e:59:53:ab:6f:b4:5b:a4:ab:36:a7:1a:20:
         dc:1a:b5:10:d4:6c:10:bd:98:12:21:3e:f6:7b:31:26:8a:29:
         9b:22:09:eb:9b:58:77:d5:04:b1:66:d0:7f:98:8d:e5:61:fa:
         7f:12:0d:2f:2c:17:bb:f1:87:b2:ab:0a:7a:e4:df:12:db:21:
         5b:8c:e8:e6:37:cf:40:cc:1b:0d:96:d6:c9:11:a8:29:c0:c9:
         7f:3a:71:0a:4d:bd:2e:dc:0a:cb:12:9b:3a:b1:25:d9:67:67:
         23:05:e3:aa:60:dc:5b:65:6d:42:db:6f:52:49:1b:6d:40:f5:
         7d:53:ae:de:02:1f:fb:64:77:69:ad:d9:f9:97:75:ba:09:68:
         2a:cb:bd:82:df:17:69:f6:bc:f1:db:10:c2:79:c0:8b:03:8f:
         f7:7c:32:db:87:44:9e:71:ff:31:23:65:07:ea:43:c3:28:75:
         f4:e2:5f:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNXZNwpOLS/uarIFfdLaXn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExYmI1MDU0YTE3Y2M5NGZmZmMyYmMyOTVhMTViZmVmOGE5
MDQzMGEwHhcNMjQxMTIzMDUwMDQ3WhcNMjQxMTI0MDUwMDQ3WjAzMTEwLwYDVQQD
Eyg4ZTRkNjY4NDcyZjZmOWE2YWNiNmM0YzljOWNjZGYxMzQ5YmRlM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGuOx3hDhJBljCqcOgLJo1nCJxkp
PdZjbQQ9+0NhIVekECR1B/24KKjXsHQEspp2sthVg4jHHnQKzaquCpUyBk/tHR87
Y7/HPetFTM1kGi+YhVyyc8mHHXmlCVajuOwsr4j5aCYiGHBCt5OC4tAowVLj2NGZ
dy+QMeCYSrjP1nO5ytYa+fYua06hX/sZQPdR6Pe0Cp6CucvK2ihKOHhssxHFXP8k
VoRm93YAKTsObZ7ZGS/7Wbyn0e1KYnFQ9BcmkTHF7ucdJDH5C4YSHkdV6wZXkRIp
uKD6Efekt+V63bN8hPq3iOmUKGVB/lc8l6Qwtuwl93fwoUQn3pJlvmbytwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI5NZoRy9vmmrLbEycnM3xNJveP2MB8GA1UdIwQY
MBaAFKG7UFShfMlP/8K8KVoVv++KkEMKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgt
NzIyNTVkMjQ5YzVkLzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hMzBjMTAtMWMyZC00NzhjLTljZjgtNzIyNTVkMjQ5YzVk
LzEvb2J0UVZLRjh5VV9fd3J3cFdoV183NHFRUXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh8P/tfJQ
okomiZXhIobC97fR81jGkUe3iBryP76N0dS+ZJJvWKPjyhbxmQEoT5F6Za3EuwFH
IvXtWKL4FVOC4drUYs6sHbtXZ9e2+0g+WVOrb7RbpKs2pxog3Bq1ENRsEL2YEiE+
9nsxJoopmyIJ65tYd9UEsWbQf5iN5WH6fxINLywXu/GHsqsKeuTfEtshW4zo5jfP
QMwbDZbWyRGoKcDJfzpxCk29LtwKyxKbOrEl2WdnIwXjqmDcW2VtQttvUkkbbUD1
fVOu3gIf+2R3aa3Z+Zd1ugloKsu9gt8Xafa88dsQwnnAiwOP93wy24dEnnH/MSNl
B+pDwyh19OJf2g==
-----END CERTIFICATE-----