Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
File:                     5UmH5s-8zliuDJbnZmqyGrPi4JA.mft (raw, json)
Hash identifier:          cFS9LNdguL+dkpsqMhCn7tm1tPCeN9rvgeqYsokoDaQ=
Subject key identifier:   46:F1:0D:05:0E:5B:7C:C5:A4:B2:75:A6:7F:84:8F:34:0A:F8:27:13
Authority key identifier: E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90
Certificate issuer:       /CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
Certificate serial:       019511A2AB3EB7D46F699A38D2A53F2A9D4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
Manifest number:          FA
Signing time:             Mon 17 Feb 2025 02:00:28 +0000
Manifest this update:     Mon 17 Feb 2025 02:00:28 +0000
Manifest next update:     Tue 18 Feb 2025 02:00:28 +0000
Files and hashes:         1: 5UmH5s-8zliuDJbnZmqyGrPi4JA.crl (hash: GhL1s0J9azp6q15c2cYDhF4A+Pedv6h8HPHz9E8K/UQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 23:00:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:95:11:a2:ab:3e:b7:d4:6f:69:9a:38:d2:a5:3f:2a:9d:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e54987e6cfbcce58ae0c96e7666ab21ab3e2e090
        Validity
            Not Before: Feb 17 02:00:28 2025 GMT
            Not After : Feb 18 02:00:28 2025 GMT
        Subject: CN=46f10d050e5b7cc5a4b275a67f848f340af82713
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:54:35:0e:9e:ac:45:d5:9d:47:32:c6:b6:53:
                    38:f7:66:ad:1a:96:aa:6e:3e:2b:e3:0f:6c:b8:50:
                    fc:6d:66:11:a2:65:06:95:e7:b1:17:e0:5e:15:15:
                    32:49:50:41:f4:57:81:17:2c:95:2e:c5:b5:16:6a:
                    be:23:47:49:6c:48:79:71:3f:4d:7f:11:93:de:45:
                    5e:9e:2d:57:45:5f:15:6b:58:3e:92:f5:a2:7a:55:
                    f0:44:1b:3c:f5:58:f0:f5:33:97:05:72:ba:8e:d0:
                    6b:73:a2:ba:98:66:ce:bc:b1:82:bb:cd:2e:60:ac:
                    19:3e:13:c7:f1:74:bf:c9:32:2c:3e:fb:2d:7d:33:
                    db:ff:3b:55:37:21:76:26:36:fe:9e:53:c2:4a:ac:
                    67:4c:1f:2b:31:52:65:36:a2:37:41:81:24:d8:db:
                    c3:b0:4f:59:8b:28:31:55:15:bb:23:2d:51:2f:47:
                    f2:ab:64:36:a0:3f:0d:0d:72:8d:50:2a:ab:9e:3c:
                    f2:63:b0:50:34:a9:f1:39:fc:16:a3:ac:d3:bb:22:
                    ef:25:22:79:9b:fe:dd:ef:5d:de:03:d2:8e:67:ff:
                    82:45:68:b5:6a:5c:7f:e3:c5:c7:f2:59:46:a9:3a:
                    05:81:87:57:e6:d5:04:84:68:66:80:88:ba:60:1d:
                    d4:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:F1:0D:05:0E:5B:7C:C5:A4:B2:75:A6:7F:84:8F:34:0A:F8:27:13
            X509v3 Authority Key Identifier:
                keyid:E5:49:87:E6:CF:BC:CE:58:AE:0C:96:E7:66:6A:B2:1A:B3:E2:E0:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UmH5s-8zliuDJbnZmqyGrPi4JA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/8ae730-ae5e-4be9-978b-00b520875376/1/5UmH5s-8zliuDJbnZmqyGrPi4JA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         8e:4f:11:70:a3:6d:a6:94:4f:7d:15:63:61:bf:b0:17:d5:dc:
         3a:32:4f:d1:1d:c0:fa:b0:9d:b5:71:9c:c3:31:53:93:a7:53:
         85:61:5b:47:28:02:b8:41:66:7d:3e:1c:0c:32:b4:b4:f2:75:
         0e:fb:ab:03:02:36:f6:1a:f4:cf:d0:2c:a0:7a:2d:41:13:1a:
         65:15:cb:64:76:ff:56:ce:c3:c4:9f:48:70:cd:a1:4a:5e:3b:
         2d:b4:fc:06:2d:12:0f:b9:46:a8:68:10:ca:2d:ed:f3:89:2b:
         67:14:88:53:33:2a:90:bf:15:87:95:a7:8c:ea:6d:70:76:71:
         dc:42:5f:a2:a6:e7:0e:19:0f:6f:03:2a:14:45:47:50:35:c7:
         d9:13:80:33:52:3b:95:0c:53:18:f6:98:80:af:d3:82:b6:27:
         89:8a:ce:e3:a1:3f:0f:ba:3e:3d:44:88:90:d2:f8:5f:4d:31:
         65:54:1b:71:65:77:74:bd:fc:be:59:78:cf:1a:93:26:7f:ec:
         41:c2:fb:f7:73:28:7b:62:62:32:6b:7a:e4:ce:48:e7:42:28:
         b6:8a:1d:8e:c3:a9:20:6e:b0:0e:07:4a:ef:25:9a:cf:fd:0b:
         3e:9d:a1:49:41:f3:05:14:48:01:87:0f:3a:63:fd:49:74:bb:
         30:50:19:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZURoqs+t9RvaZo40qU/Kp1KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDk4N2U2Y2ZiY2NlNThhZTBjOTZlNzY2NmFiMjFhYjNl
MmUwOTAwHhcNMjUwMjE3MDIwMDI4WhcNMjUwMjE4MDIwMDI4WjAzMTEwLwYDVQQD
Eyg0NmYxMGQwNTBlNWI3Y2M1YTRiMjc1YTY3Zjg0OGYzNDBhZjgyNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VQ1Dp6sRdWdRzLGtlM492atGpaq
bj4r4w9suFD8bWYRomUGleexF+BeFRUySVBB9FeBFyyVLsW1Fmq+I0dJbEh5cT9N
fxGT3kVeni1XRV8Va1g+kvWielXwRBs89Vjw9TOXBXK6jtBrc6K6mGbOvLGCu80u
YKwZPhPH8XS/yTIsPvstfTPb/ztVNyF2Jjb+nlPCSqxnTB8rMVJlNqI3QYEk2NvD
sE9ZiygxVRW7Iy1RL0fyq2Q2oD8NDXKNUCqrnjzyY7BQNKnxOfwWo6zTuyLvJSJ5
m/7d713eA9KOZ/+CRWi1alx/48XH8llGqToFgYdX5tUEhGhmgIi6YB3UqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbxDQUOW3zFpLJ1pn+EjzQK+CcTMB8GA1UdIwQY
MBaAFOVJh+bPvM5YrgyW52Zqshqz4uCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGIt
MDBiNTIwODc1Mzc2LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84YWU3MzAtYWU1ZS00YmU5LTk3OGItMDBiNTIwODc1Mzc2
LzEvNVVtSDVzLTh6bGl1REpiblptcXlHclBpNEpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjk8RcKNt
ppRPfRVjYb+wF9XcOjJP0R3A+rCdtXGcwzFTk6dThWFbRygCuEFmfT4cDDK0tPJ1
DvurAwI29hr0z9AsoHotQRMaZRXLZHb/Vs7DxJ9IcM2hSl47LbT8Bi0SD7lGqGgQ
yi3t84krZxSIUzMqkL8Vh5WnjOptcHZx3EJfoqbnDhkPbwMqFEVHUDXH2ROAM1I7
lQxTGPaYgK/TgrYniYrO46E/D7o+PUSIkNL4X00xZVQbcWV3dL38vll4zxqTJn/s
QcL793Moe2JiMmt65M5I50IotoodjsOpIG6wDgdK7yWaz/0LPp2hSUHzBRRIAYcP
OmP9SXS7MFAZ9w==
-----END CERTIFICATE-----