Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
File:                     oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft (raw, json)
Hash identifier:          VqgLtSimBQuM4AD9Tt1wsurcIUECJyPym7DqJ1pkcJ4=
Subject key identifier:   30:9F:70:FC:85:83:74:E4:F4:39:DB:33:24:0C:73:B0:10:FD:40:85
Authority key identifier: A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB
Certificate issuer:       /CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
Certificate serial:       019234371E3C4DACED2BE9844252E15FB842
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
Manifest number:          01FA
Signing time:             Fri 27 Sep 2024 16:01:20 +0000
Manifest this update:     Fri 27 Sep 2024 16:01:20 +0000
Manifest next update:     Sat 28 Sep 2024 16:01:20 +0000
Files and hashes:         1: oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl (hash: bKcpKCWADa872jWRlcKK8v2H21gDNLEO0V1zvW6cNV8=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 28 Sep 2024 13:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:92:34:37:1e:3c:4d:ac:ed:2b:e9:84:42:52:e1:5f:b8:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a118aafdbbca8d4e0063c31195fa6c194c3943cb
        Validity
            Not Before: Sep 27 16:01:20 2024 GMT
            Not After : Sep 28 16:01:20 2024 GMT
        Subject: CN=309f70fc858374e4f439db33240c73b010fd4085
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:41:b4:8a:be:b1:fd:49:e4:20:7c:ac:7e:fe:
                    04:af:e8:a0:4b:fe:d9:8e:90:0c:07:30:2a:d9:ce:
                    86:48:3a:29:79:dc:f0:fc:45:c8:b5:f1:14:f6:68:
                    8c:f1:b1:93:1f:57:cb:30:cf:f7:dd:83:d4:c0:4f:
                    db:89:fd:6b:63:44:7d:aa:9d:b4:74:ea:65:8e:69:
                    cd:a2:4b:84:d3:20:75:0c:b3:39:a5:c2:f0:3f:0f:
                    62:99:81:b8:fb:3d:27:3a:d9:d1:7b:3b:92:9f:30:
                    86:b5:6e:a0:a0:e6:a7:e0:52:1a:05:2f:d3:7c:e7:
                    b3:c6:9f:d1:0f:d0:d8:89:16:a6:fb:ed:f7:4b:b5:
                    0d:e2:ec:ff:f9:78:76:a4:03:67:fb:ab:43:5e:8d:
                    09:d6:3a:95:fd:cc:cb:b2:d1:9a:01:80:63:b6:c7:
                    3d:de:61:d9:28:d2:18:6c:d1:4d:3c:72:3f:86:c4:
                    30:fb:51:97:77:d7:5b:99:a4:96:59:6b:f8:69:ee:
                    6c:3f:4c:36:0b:7f:81:52:16:f2:13:2e:8c:a3:70:
                    43:e5:7e:56:2c:26:5a:dd:e7:40:2d:de:bf:33:91:
                    1f:9d:82:17:f6:b2:47:33:a9:9b:e6:08:c8:38:47:
                    79:85:9e:af:f3:8f:8b:4a:7f:75:cc:00:89:f0:cb:
                    c6:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:9F:70:FC:85:83:74:E4:F4:39:DB:33:24:0C:73:B0:10:FD:40:85
            X509v3 Authority Key Identifier:
                keyid:A1:18:AA:FD:BB:CA:8D:4E:00:63:C3:11:95:FA:6C:19:4C:39:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/465c51-78e4-4178-8585-72f21e646e8e/1/oRiq_bvKjU4AY8MRlfpsGUw5Q8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         74:a6:d4:39:dc:61:d4:74:27:39:03:15:f5:67:d8:0c:f2:2a:
         28:e8:44:57:86:e0:f6:ed:13:7d:f6:59:0d:5e:79:da:cc:4e:
         47:0a:58:57:e8:c9:e3:84:70:6d:64:6f:8d:97:f5:7d:e6:53:
         f5:49:cc:d3:a0:a4:ed:7b:aa:41:ce:8c:95:30:eb:a2:57:ac:
         cc:a3:e4:fb:cb:72:67:b4:ba:cb:aa:d4:7a:9c:da:25:88:f2:
         72:f1:ad:ef:0a:39:70:01:e9:69:0c:11:2c:46:52:c1:48:53:
         97:63:83:d5:a5:8a:8c:32:76:96:f6:8e:90:4a:59:6e:30:cb:
         55:e6:7a:68:7b:34:2e:98:31:d0:0d:79:32:cd:a6:35:4e:65:
         fb:c5:f9:ee:35:a1:23:db:16:43:ab:5c:d5:a7:da:34:f3:2d:
         1c:10:73:a3:16:e7:68:f9:07:93:d2:99:01:48:c8:23:ac:ec:
         7a:92:68:42:7b:cb:71:fa:e7:17:c1:cd:ef:e0:db:fd:f7:25:
         c5:7b:72:8e:42:53:da:fa:ae:5a:b2:67:ca:63:f1:20:63:c1:
         44:32:cf:d3:3f:11:c1:0b:fb:e8:9d:b4:5a:fa:49:8a:70:68:
         b7:a2:a1:b3:a6:49:13:15:7d:38:ff:2e:be:1e:5c:d9:38:60:
         7b:06:1a:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZI0Nx48TaztK+mEQlLhX7hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMThhYWZkYmJjYThkNGUwMDYzYzMxMTk1ZmE2YzE5NGMz
OTQzY2IwHhcNMjQwOTI3MTYwMTIwWhcNMjQwOTI4MTYwMTIwWjAzMTEwLwYDVQQD
EygzMDlmNzBmYzg1ODM3NGU0ZjQzOWRiMzMyNDBjNzNiMDEwZmQ0MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkG0ir6x/UnkIHysfv4Er+igS/7Z
jpAMBzAq2c6GSDopedzw/EXItfEU9miM8bGTH1fLMM/33YPUwE/bif1rY0R9qp20
dOpljmnNokuE0yB1DLM5pcLwPw9imYG4+z0nOtnRezuSnzCGtW6goOan4FIaBS/T
fOezxp/RD9DYiRam++33S7UN4uz/+Xh2pANn+6tDXo0J1jqV/czLstGaAYBjtsc9
3mHZKNIYbNFNPHI/hsQw+1GXd9dbmaSWWWv4ae5sP0w2C3+BUhbyEy6Mo3BD5X5W
LCZa3edALd6/M5EfnYIX9rJHM6mb5gjIOEd5hZ6v84+LSn91zACJ8MvGgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCfcPyFg3Tk9DnbMyQMc7AQ/UCFMB8GA1UdIwQY
MBaAFKEYqv27yo1OAGPDEZX6bBlMOUPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUt
NzJmMjFlNjQ2ZThlLzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80NjVjNTEtNzhlNC00MTc4LTg1ODUtNzJmMjFlNjQ2ZThl
LzEvb1JpcV9idktqVTRBWThNUmxmcHNHVXc1UThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdKbUOdxh
1HQnOQMV9WfYDPIqKOhEV4bg9u0TffZZDV552sxORwpYV+jJ44RwbWRvjZf1feZT
9UnM06Ck7XuqQc6MlTDroleszKPk+8tyZ7S6y6rUepzaJYjycvGt7wo5cAHpaQwR
LEZSwUhTl2OD1aWKjDJ2lvaOkEpZbjDLVeZ6aHs0Lpgx0A15Ms2mNU5l+8X57jWh
I9sWQ6tc1afaNPMtHBBzoxbnaPkHk9KZAUjII6zsepJoQnvLcfrnF8HN7+Db/fcl
xXtyjkJT2vquWrJnymPxIGPBRDLP0z8RwQv76J20WvpJinBot6Khs6ZJExV9OP8u
vh5c2ThgewYaeg==
-----END CERTIFICATE-----