Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
File:                     owVfB71HqGR4w79HOSVzrNU9Y24.mft (raw, json)
Hash identifier:          4ODhxmbtEA+Lvdfq8IJ1OxS2GZ1hl7S3Pt2BHYOS3sk=
Subject key identifier:   5F:42:FE:8D:6E:B6:76:99:37:C6:A5:33:B3:55:C3:57:9D:FB:77:31
Authority key identifier: A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E
Certificate issuer:       /CN=a3055f07bd47a86478c3bf47392573acd53d636e
Certificate serial:       019356F7015465F7B260857DAB3F2C169852
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
Manifest number:          136D
Signing time:             Sat 23 Nov 2024 03:00:48 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:48 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:48 +0000
Files and hashes:         1: owVfB71HqGR4w79HOSVzrNU9Y24.crl (hash: b16pdWTRUyai3g42/GkUqesZBewbMSmO3RaW3jnwzm4=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:01:54:65:f7:b2:60:85:7d:ab:3f:2c:16:98:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3055f07bd47a86478c3bf47392573acd53d636e
        Validity
            Not Before: Nov 23 03:00:48 2024 GMT
            Not After : Nov 24 03:00:48 2024 GMT
        Subject: CN=5f42fe8d6eb6769937c6a533b355c3579dfb7731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:bd:e8:05:8f:98:39:67:61:b2:3e:ca:b4:51:
                    f7:22:21:40:2c:35:0e:0e:05:83:8a:09:0a:e5:85:
                    bc:f9:cb:9c:55:70:45:81:d3:9f:64:1c:af:ed:f6:
                    88:2a:a3:0b:a5:c6:65:84:71:6e:dc:fb:9a:e1:37:
                    ff:19:3c:c0:c4:0c:d5:a9:7e:64:7e:c8:76:4c:a4:
                    75:9d:04:68:d0:c8:61:e2:2e:cf:04:3f:f7:ea:f1:
                    96:3d:c3:39:0e:ba:ab:da:23:27:ce:0d:89:ca:f6:
                    ca:72:4c:2c:6d:d3:73:6b:9f:ce:d2:f5:3f:7a:b9:
                    ca:24:79:00:fc:19:92:25:c1:96:3a:25:6d:8d:87:
                    c3:80:fd:27:36:32:dc:b2:f1:74:0f:37:7e:d9:16:
                    94:b4:fa:f5:cd:ee:ec:a8:b7:c4:c0:5c:41:dc:92:
                    ed:73:aa:a1:51:17:19:93:ae:b9:78:48:65:5a:e8:
                    50:a3:2c:de:15:2d:32:98:8f:12:d4:80:25:9e:76:
                    78:a3:7b:c9:60:ed:be:58:1b:e5:ee:8e:00:92:b8:
                    2e:4c:2f:f0:e1:38:80:b5:3c:10:8d:9f:b6:1d:5d:
                    8c:10:5a:81:fa:af:7e:00:58:9d:56:49:d9:0b:60:
                    cc:b5:c3:1e:2b:27:e7:ce:e7:24:44:d5:78:bc:33:
                    42:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:42:FE:8D:6E:B6:76:99:37:C6:A5:33:B3:55:C3:57:9D:FB:77:31
            X509v3 Authority Key Identifier:
                keyid:A3:05:5F:07:BD:47:A8:64:78:C3:BF:47:39:25:73:AC:D5:3D:63:6E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/owVfB71HqGR4w79HOSVzrNU9Y24.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d9d0bf-6d51-408f-b7ae-a3aad1178cd4/1/owVfB71HqGR4w79HOSVzrNU9Y24.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         50:f7:ef:0a:75:da:12:95:bd:87:16:4c:b9:8b:4f:b7:da:fe:
         2c:0f:e9:92:59:71:b7:4b:fd:cf:d3:cc:ee:99:22:6f:60:8d:
         ab:00:88:89:d1:1f:e3:ad:15:61:30:7c:28:67:ca:a3:a3:f4:
         f1:33:7c:33:f0:38:0c:f6:ce:fc:a7:5d:76:5a:b4:97:45:54:
         8b:57:40:d1:62:7b:59:b6:65:3f:25:c2:1a:4a:f7:5d:ee:b0:
         b8:5a:8f:07:93:ab:b7:f3:6f:fe:7b:1a:f4:4d:8d:50:8b:f3:
         5b:d5:54:e5:39:55:c9:54:c6:a0:38:22:aa:33:c4:15:62:4c:
         19:b9:59:95:f5:92:6b:83:0a:a5:56:95:eb:82:23:50:45:94:
         21:dd:f9:59:e1:1e:7d:7c:cc:b7:09:f5:e4:6b:1f:67:eb:e2:
         35:82:c0:5a:82:2a:6c:25:a1:1c:93:e7:dd:b8:2c:8d:d3:45:
         fe:b3:e9:17:6b:45:7b:83:6a:a6:dd:4f:2d:68:95:6d:ae:22:
         a0:44:71:04:94:f3:d2:24:32:a9:0c:d7:64:a5:6b:e0:12:11:
         04:61:d8:09:df:de:ba:f3:f5:26:93:5e:ee:3a:f7:36:54:00:
         ea:af:c5:aa:92:d8:2d:7e:c5:85:a2:85:6f:cd:5c:e1:1d:0f:
         cd:c4:3c:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9wFUZfeyYIV9qz8sFphSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMDU1ZjA3YmQ0N2E4NjQ3OGMzYmY0NzM5MjU3M2FjZDUz
ZDYzNmUwHhcNMjQxMTIzMDMwMDQ4WhcNMjQxMTI0MDMwMDQ4WjAzMTEwLwYDVQQD
Eyg1ZjQyZmU4ZDZlYjY3Njk5MzdjNmE1MzNiMzU1YzM1NzlkZmI3NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb3oBY+YOWdhsj7KtFH3IiFALDUO
DgWDigkK5YW8+cucVXBFgdOfZByv7faIKqMLpcZlhHFu3Pua4Tf/GTzAxAzVqX5k
fsh2TKR1nQRo0Mhh4i7PBD/36vGWPcM5Drqr2iMnzg2JyvbKckwsbdNza5/O0vU/
ernKJHkA/BmSJcGWOiVtjYfDgP0nNjLcsvF0Dzd+2RaUtPr1ze7sqLfEwFxB3JLt
c6qhURcZk665eEhlWuhQoyzeFS0ymI8S1IAlnnZ4o3vJYO2+WBvl7o4AkrguTC/w
4TiAtTwQjZ+2HV2MEFqB+q9+AFidVknZC2DMtcMeKyfnzuckRNV4vDNCXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF9C/o1utnaZN8alM7NVw1ed+3cxMB8GA1UdIwQY
MBaAFKMFXwe9R6hkeMO/Rzklc6zVPWNuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUt
YTNhYWQxMTc4Y2Q0LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kOWQwYmYtNmQ1MS00MDhmLWI3YWUtYTNhYWQxMTc4Y2Q0
LzEvb3dWZkI3MUhxR1I0dzc5SE9TVnpyTlU5WTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUPfvCnXa
EpW9hxZMuYtPt9r+LA/pkllxt0v9z9PM7pkib2CNqwCIidEf460VYTB8KGfKo6P0
8TN8M/A4DPbO/Kdddlq0l0VUi1dA0WJ7WbZlPyXCGkr3Xe6wuFqPB5Ort/Nv/nsa
9E2NUIvzW9VU5TlVyVTGoDgiqjPEFWJMGblZlfWSa4MKpVaV64IjUEWUId35WeEe
fXzMtwn15GsfZ+viNYLAWoIqbCWhHJPn3bgsjdNF/rPpF2tFe4Nqpt1PLWiVba4i
oERxBJTz0iQyqQzXZKVr4BIRBGHYCd/euvP1JpNe7jr3NlQA6q/FqpLYLX7FhaKF
b81c4R0PzcQ8yQ==
-----END CERTIFICATE-----