Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
File:                     OPJMluat5giBDDDZoTB8xpr5_00.mft (raw, json)
Hash identifier:          kpOLRiRKOJlfcNQTc7JA6VXsMNtcmuHBFCvWijjUj28=
Subject key identifier:   04:6E:6D:73:27:BA:06:CA:EA:C4:AE:81:D8:4A:2A:31:D4:91:F3:9A
Authority key identifier: 38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D
Certificate issuer:       /CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
Certificate serial:       019357D2490C0C945BCA8929D322A611C1F7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
Manifest number:          0A27
Signing time:             Sat 23 Nov 2024 07:00:19 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:19 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:19 +0000
Files and hashes:         1: OPJMluat5giBDDDZoTB8xpr5_00.crl (hash: Fs92kneakRUt043KiYfc0NqiEz1u0r9UUQKqZjUWqMk=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:49:0c:0c:94:5b:ca:89:29:d3:22:a6:11:c1:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38f24c96e6ade608810c30d9a1307cc69af9ff4d
        Validity
            Not Before: Nov 23 07:00:19 2024 GMT
            Not After : Nov 24 07:00:19 2024 GMT
        Subject: CN=046e6d7327ba06caeac4ae81d84a2a31d491f39a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:fd:ca:d3:8d:5f:23:d6:04:64:5a:ee:2d:ae:
                    a1:ef:b8:ed:da:53:52:08:56:1f:3b:50:3a:1e:40:
                    34:b9:92:26:75:c4:ed:be:dc:fd:cb:15:c8:59:fd:
                    ad:09:aa:d6:7e:21:3a:b0:e3:28:fb:68:97:94:e0:
                    af:06:ad:69:84:c1:28:4c:56:37:94:61:7e:40:1a:
                    0f:e5:37:d6:bc:42:47:66:6e:d7:66:ec:e8:55:5a:
                    3a:b8:32:30:a1:d4:b6:1d:6c:b6:fd:b5:c7:1b:09:
                    77:4b:93:54:b5:44:83:9d:56:22:5d:83:05:31:44:
                    00:88:ef:6a:3e:9d:ec:cb:1a:d3:9b:ff:d9:dc:84:
                    0e:5f:3c:a1:2d:9c:b7:ea:da:04:37:b3:ff:96:41:
                    b6:6e:87:6a:6f:25:18:73:3d:c0:45:dd:27:04:1e:
                    dc:eb:98:00:b7:ca:02:18:6c:49:e0:c5:15:ed:76:
                    a7:50:9b:66:9a:37:4d:ea:64:10:d0:e1:b3:65:11:
                    53:30:5d:1c:0f:13:88:89:a2:d1:be:61:87:f8:c4:
                    28:94:86:aa:d5:15:99:2d:e1:56:91:5e:f1:fa:e9:
                    24:c0:8d:97:a5:01:94:a8:fa:ee:d9:d9:24:64:71:
                    df:34:e0:0a:1f:fc:31:7a:44:fb:df:42:50:44:c2:
                    cd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:6E:6D:73:27:BA:06:CA:EA:C4:AE:81:D8:4A:2A:31:D4:91:F3:9A
            X509v3 Authority Key Identifier:
                keyid:38:F2:4C:96:E6:AD:E6:08:81:0C:30:D9:A1:30:7C:C6:9A:F9:FF:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPJMluat5giBDDDZoTB8xpr5_00.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8af1cd-5021-463b-99a3-04e4a84a74ac/1/OPJMluat5giBDDDZoTB8xpr5_00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a4:d0:3a:eb:62:5b:af:c9:52:b1:b6:3b:c6:46:e5:64:80:f9:
         64:9f:4b:ac:22:b4:2b:83:94:19:12:66:c9:ad:49:55:98:53:
         f6:77:56:79:72:65:b5:88:5c:bd:dd:01:20:d4:9d:7e:bf:ab:
         41:56:7b:f1:80:eb:40:18:ad:99:97:68:42:45:0b:78:cc:53:
         22:fd:5f:6d:de:59:9f:86:69:bb:96:78:bf:ec:89:4d:21:bf:
         ca:4a:73:7d:42:e2:5e:77:f5:4e:e3:f7:33:b1:c1:93:4f:c0:
         6b:9e:4e:aa:f4:f8:b1:cd:d4:25:45:c3:3e:f3:08:97:66:2d:
         ee:76:4e:3f:f6:94:cc:64:73:f2:8f:36:ad:d3:47:c1:e8:62:
         64:cc:40:9e:1c:5a:72:de:29:47:98:21:1a:41:ee:96:d2:4c:
         ce:3a:5a:6d:cc:3d:40:51:de:d5:3b:b5:95:f4:96:7f:59:5a:
         99:c1:72:5a:f7:0c:17:f2:67:11:86:eb:9d:f6:a4:1f:98:ea:
         3e:ac:da:12:3c:10:d7:b2:3a:85:29:85:ac:e2:1a:ce:7f:75:
         b3:ad:56:9c:3b:f7:69:4e:57:03:b7:d8:fc:a4:17:c7:54:fd:
         f9:54:1a:6c:45:3c:42:c5:4a:25:0f:45:3e:b6:82:c4:a4:89:
         9e:7a:dc:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0kkMDJRbyokp0yKmEcH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjI0Yzk2ZTZhZGU2MDg4MTBjMzBkOWExMzA3Y2M2OWFm
OWZmNGQwHhcNMjQxMTIzMDcwMDE5WhcNMjQxMTI0MDcwMDE5WjAzMTEwLwYDVQQD
EygwNDZlNmQ3MzI3YmEwNmNhZWFjNGFlODFkODRhMmEzMWQ0OTFmMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8f3K041fI9YEZFruLa6h77jt2lNS
CFYfO1A6HkA0uZImdcTtvtz9yxXIWf2tCarWfiE6sOMo+2iXlOCvBq1phMEoTFY3
lGF+QBoP5TfWvEJHZm7XZuzoVVo6uDIwodS2HWy2/bXHGwl3S5NUtUSDnVYiXYMF
MUQAiO9qPp3syxrTm//Z3IQOXzyhLZy36toEN7P/lkG2bodqbyUYcz3ARd0nBB7c
65gAt8oCGGxJ4MUV7XanUJtmmjdN6mQQ0OGzZRFTMF0cDxOIiaLRvmGH+MQolIaq
1RWZLeFWkV7x+ukkwI2XpQGUqPru2dkkZHHfNOAKH/wxekT730JQRMLNmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFARubXMnugbK6sSugdhKKjHUkfOaMB8GA1UdIwQY
MBaAFDjyTJbmreYIgQww2aEwfMaa+f9NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMt
MDRlNGE4NGE3NGFjLzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84YWYxY2QtNTAyMS00NjNiLTk5YTMtMDRlNGE4NGE3NGFj
LzEvT1BKTWx1YXQ1Z2lCREREWm9UQjh4cHI1XzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApNA662Jb
r8lSsbY7xkblZID5ZJ9LrCK0K4OUGRJmya1JVZhT9ndWeXJltYhcvd0BINSdfr+r
QVZ78YDrQBitmZdoQkULeMxTIv1fbd5Zn4Zpu5Z4v+yJTSG/ykpzfULiXnf1TuP3
M7HBk0/Aa55OqvT4sc3UJUXDPvMIl2Yt7nZOP/aUzGRz8o82rdNHwehiZMxAnhxa
ct4pR5ghGkHultJMzjpabcw9QFHe1Tu1lfSWf1lamcFyWvcMF/JnEYbrnfakH5jq
PqzaEjwQ17I6hSmFrOIazn91s61WnDv3aU5XA7fY/KQXx1T9+VQabEU8QsVKJQ9F
PraCxKSJnnrcsA==
-----END CERTIFICATE-----