Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
File:                     XWU9B97R6Nf08uoEvTaELFsS8V4.mft (raw, json)
Hash identifier:          FLG04AArD8TqIrSx2GbTnjc1zPvhq2mMiwI0ZO694fQ=
Subject key identifier:   D1:B1:B3:99:B9:99:3C:F9:AB:BD:12:FE:DA:75:D2:F3:1B:3B:49:81
Authority key identifier: 5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E
Certificate issuer:       /CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
Certificate serial:       018F87ED10BF37F3393CDCE9C1A5B13C354D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
Manifest number:          09A0
Signing time:             Fri 17 May 2024 19:00:11 +0000
Manifest this update:     Fri 17 May 2024 19:00:11 +0000
Manifest next update:     Sat 18 May 2024 19:00:11 +0000
Files and hashes:         1: XWU9B97R6Nf08uoEvTaELFsS8V4.crl (hash: sfYenmsI4VUTTztLYZGuf6cVedINaOfyLjmB4tDlIhM=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 17:00:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:87:ed:10:bf:37:f3:39:3c:dc:e9:c1:a5:b1:3c:35:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5d653d07ded1e8d7f4f2ea04bd36842c5b12f15e
        Validity
            Not Before: May 17 19:00:11 2024 GMT
            Not After : May 18 19:00:11 2024 GMT
        Subject: CN=d1b1b399b9993cf9abbd12feda75d2f31b3b4981
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:86:c6:63:da:53:be:8e:db:70:cc:3c:8b:
                    ab:1a:00:ac:7b:3f:52:e8:c1:2e:98:fe:1c:07:2a:
                    f2:b7:90:d3:09:98:3c:00:c9:74:35:d2:37:f5:a9:
                    43:f1:5a:f2:9d:e6:94:bb:2c:6b:cc:f2:1b:22:e6:
                    f4:e2:15:f8:d1:16:5b:d5:79:8e:e2:ac:3e:cb:a2:
                    d5:23:6e:29:4e:24:a8:4a:fb:3b:47:36:5b:d4:b1:
                    aa:80:27:cd:8d:70:8c:95:ff:9c:a9:04:69:01:eb:
                    3c:0d:94:75:46:e8:c3:35:d2:87:ba:11:93:35:0d:
                    fa:3a:e4:7c:24:3a:f7:f4:cb:9f:57:6b:9a:01:23:
                    30:60:ac:47:d1:d1:c4:ba:7e:17:b4:42:a7:64:c1:
                    35:ae:94:65:49:b7:4d:45:76:6a:55:57:18:90:b9:
                    05:71:2c:0a:bd:fc:c8:d1:44:5f:bd:e6:cc:ed:7c:
                    33:89:a8:ee:83:39:5c:ac:00:68:05:1c:b3:be:e1:
                    92:c8:59:b3:ed:31:0c:0a:63:c1:b0:f3:57:1d:a3:
                    bd:9b:e7:cf:0b:f9:52:16:f5:6a:e0:2b:48:1e:d0:
                    ec:9a:53:b4:ad:cc:dc:56:af:dc:ca:92:d5:de:2c:
                    77:43:04:d5:a3:94:a6:90:8b:af:f6:41:18:4e:cc:
                    9e:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:B1:B3:99:B9:99:3C:F9:AB:BD:12:FE:DA:75:D2:F3:1B:3B:49:81
            X509v3 Authority Key Identifier:
                keyid:5D:65:3D:07:DE:D1:E8:D7:F4:F2:EA:04:BD:36:84:2C:5B:12:F1:5E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XWU9B97R6Nf08uoEvTaELFsS8V4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a0475f-ca97-4b16-96db-2145ca75e383/1/XWU9B97R6Nf08uoEvTaELFsS8V4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:59:b9:11:10:0b:23:38:40:c9:9d:d4:a3:60:11:51:ea:8a:
         ce:e5:10:8d:4d:89:74:ef:89:f1:11:bf:1a:5a:13:f2:aa:53:
         a3:dc:73:36:5d:60:48:53:9d:55:01:c8:f3:ab:62:6d:d6:5e:
         b4:bd:ca:81:68:14:31:5e:fb:fb:a2:97:00:58:ab:03:a7:0f:
         dd:24:32:4d:e6:1d:76:b9:f3:a8:47:8c:51:63:4e:80:a7:37:
         b1:63:1b:db:3e:c7:96:77:c1:b5:29:74:a4:19:b3:c3:6e:c7:
         cf:b4:6b:4b:85:a0:3e:e2:c8:0d:f2:52:5a:aa:6a:6d:f5:49:
         f2:27:6f:ff:11:d5:cc:10:d0:a6:ea:d8:23:1f:a1:ff:64:e5:
         1c:b3:2f:27:fb:5c:5d:44:98:39:ae:5b:96:5e:d5:76:16:4e:
         43:62:81:71:9a:29:bb:7e:e0:63:58:3a:37:eb:47:dd:4b:03:
         85:e9:72:03:04:09:74:e5:5e:4d:61:4d:f4:90:c1:2f:20:00:
         2a:a0:17:90:b0:95:64:16:ba:52:37:87:fb:9b:07:77:3e:a2:
         55:c5:32:0d:f8:f1:10:91:91:f5:6a:a0:79:ed:47:66:b0:4a:
         04:7d:33:09:ff:52:fd:4a:06:55:d3:d7:9e:7b:6a:6b:fe:72:
         84:e5:32:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+H7RC/N/M5PNzpwaWxPDVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNjUzZDA3ZGVkMWU4ZDdmNGYyZWEwNGJkMzY4NDJjNWIx
MmYxNWUwHhcNMjQwNTE3MTkwMDExWhcNMjQwNTE4MTkwMDExWjAzMTEwLwYDVQQD
EyhkMWIxYjM5OWI5OTkzY2Y5YWJiZDEyZmVkYTc1ZDJmMzFiM2I0OTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVaGxmPaU76O23DMPIurGgCsez9S
6MEumP4cByryt5DTCZg8AMl0NdI39alD8VryneaUuyxrzPIbIub04hX40RZb1XmO
4qw+y6LVI24pTiSoSvs7RzZb1LGqgCfNjXCMlf+cqQRpAes8DZR1RujDNdKHuhGT
NQ36OuR8JDr39MufV2uaASMwYKxH0dHEun4XtEKnZME1rpRlSbdNRXZqVVcYkLkF
cSwKvfzI0URfvebM7XwziajugzlcrABoBRyzvuGSyFmz7TEMCmPBsPNXHaO9m+fP
C/lSFvVq4CtIHtDsmlO0rczcVq/cypLV3ix3QwTVo5SmkIuv9kEYTsyeBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNGxs5m5mTz5q70S/tp10vMbO0mBMB8GA1UdIwQY
MBaAFF1lPQfe0ejX9PLqBL02hCxbEvFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGIt
MjE0NWNhNzVlMzgzLzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDQ3NWYtY2E5Ny00YjE2LTk2ZGItMjE0NWNhNzVlMzgz
LzEvWFdVOUI5N1I2TmYwOHVvRXZUYUVMRnNTOFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPFm5ERAL
IzhAyZ3Uo2ARUeqKzuUQjU2JdO+J8RG/GloT8qpTo9xzNl1gSFOdVQHI86tibdZe
tL3KgWgUMV77+6KXAFirA6cP3SQyTeYddrnzqEeMUWNOgKc3sWMb2z7HlnfBtSl0
pBmzw27Hz7RrS4WgPuLIDfJSWqpqbfVJ8idv/xHVzBDQpurYIx+h/2TlHLMvJ/tc
XUSYOa5bll7VdhZOQ2KBcZopu37gY1g6N+tH3UsDhelyAwQJdOVeTWFN9JDBLyAA
KqAXkLCVZBa6UjeH+5sHdz6iVcUyDfjxEJGR9Wqgee1HZrBKBH0zCf9S/UoGVdPX
nntqa/5yhOUykQ==
-----END CERTIFICATE-----