Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          ubizWSbbd91p2OMOSN62qTX+936HHrBd1jp0CQx5hbA=
Subject key identifier:   96:40:C8:A0:9E:FE:26:8C:A3:9F:35:24:A8:89:2E:7C:FF:1D:DB:5B
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       019357D2944D9F54CB64F1632F42099CAE98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0731
Signing time:             Sat 23 Nov 2024 07:00:38 +0000
Manifest this update:     Sat 23 Nov 2024 07:00:38 +0000
Manifest next update:     Sun 24 Nov 2024 07:00:38 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: z7sMB1vQrb4obpmXa3tYitMvQ+/ECUkkYZtBpMchcUc=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 06:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:57:d2:94:4d:9f:54:cb:64:f1:63:2f:42:09:9c:ae:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: Nov 23 07:00:38 2024 GMT
            Not After : Nov 24 07:00:38 2024 GMT
        Subject: CN=9640c8a09efe268ca39f3524a8892e7cff1ddb5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:94:ce:12:f5:7d:d7:83:42:f2:ac:55:3b:d2:
                    2f:23:02:40:7e:b7:57:9e:d4:25:9c:21:f3:e9:d7:
                    0b:b3:ab:d5:52:d0:37:dd:20:72:fc:06:64:e7:2f:
                    f3:ae:89:72:33:97:42:cd:53:bf:91:bf:cf:89:fe:
                    a8:78:30:60:f0:23:72:66:87:5d:37:d6:ad:88:4b:
                    4d:da:28:92:32:e1:07:2f:4e:98:c0:96:c8:90:2e:
                    7f:a1:cc:da:a5:9f:63:cb:01:2a:b9:0c:dc:a8:95:
                    ae:8a:b7:db:f1:81:c9:73:73:0f:07:a0:49:85:ca:
                    4a:cf:66:6f:b6:22:af:af:b4:83:f5:2e:62:98:ae:
                    a8:73:f9:1e:65:c8:8a:ff:31:57:91:03:b5:19:13:
                    41:23:62:9d:66:1b:bc:19:67:45:eb:e1:1b:b6:26:
                    2f:d2:65:10:b1:25:ad:b8:d6:54:23:ec:a5:3e:3b:
                    de:8f:13:36:fa:e4:53:a4:cd:99:56:20:c5:ef:5a:
                    86:0b:bd:39:54:98:37:32:8f:06:15:1e:88:42:6d:
                    56:32:7b:05:94:20:91:95:5d:26:77:80:37:ef:c0:
                    9e:c9:e4:b0:6b:ea:fe:29:eb:30:55:cf:b2:b3:59:
                    e9:62:32:2f:33:25:86:de:f7:72:6a:30:ff:ee:6f:
                    ef:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:40:C8:A0:9E:FE:26:8C:A3:9F:35:24:A8:89:2E:7C:FF:1D:DB:5B
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:00:91:6a:fa:4b:1d:63:d2:8f:fb:a4:3c:4d:5b:28:69:e7:
         4a:98:74:62:19:a5:e5:a1:7f:84:bd:3d:d7:7d:83:ce:80:83:
         44:ea:55:05:cc:9e:0f:33:39:a7:be:6d:8a:5b:32:cf:28:3c:
         eb:8a:19:50:c6:c8:df:18:77:58:d2:11:e7:77:67:ff:10:1f:
         50:19:e0:b8:00:d0:cf:21:f2:2c:1a:c8:ff:38:8c:c3:c2:26:
         48:72:f8:4f:70:67:58:ff:1d:9b:ef:55:16:cf:3e:fa:0c:de:
         d2:6b:94:ad:41:d3:36:61:71:a2:59:78:6c:a4:5f:2f:98:f0:
         d7:f9:69:75:b5:44:74:ad:76:93:86:78:c5:cd:87:5a:d8:93:
         a9:77:77:8e:f2:de:8f:88:38:2c:d4:bd:3a:67:68:2e:c8:82:
         29:1c:53:a2:70:1e:91:fe:21:a5:a5:bc:89:50:cd:f4:4d:9a:
         01:da:90:ec:ba:f1:86:b2:8d:de:61:f9:3c:f0:75:be:a2:e2:
         4f:1d:35:1f:61:51:c8:69:9c:18:f0:5e:3f:1a:77:ef:57:f7:
         72:e1:ca:3d:8a:1c:3b:47:e8:9c:c8:f6:38:19:d1:1d:80:6e:
         09:5e:4c:74:02:c7:91:08:4e:33:6d:53:9c:2f:4a:e6:77:a6:
         f4:ef:32:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNX0pRNn1TLZPFjL0IJnK6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjQxMTIzMDcwMDM4WhcNMjQxMTI0MDcwMDM4WjAzMTEwLwYDVQQD
Eyg5NjQwYzhhMDllZmUyNjhjYTM5ZjM1MjRhODg5MmU3Y2ZmMWRkYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZTOEvV914NC8qxVO9IvIwJAfrdX
ntQlnCHz6dcLs6vVUtA33SBy/AZk5y/zrolyM5dCzVO/kb/Pif6oeDBg8CNyZodd
N9atiEtN2iiSMuEHL06YwJbIkC5/oczapZ9jywEquQzcqJWuirfb8YHJc3MPB6BJ
hcpKz2ZvtiKvr7SD9S5imK6oc/keZciK/zFXkQO1GRNBI2KdZhu8GWdF6+EbtiYv
0mUQsSWtuNZUI+ylPjvejxM2+uRTpM2ZViDF71qGC705VJg3Mo8GFR6IQm1WMnsF
lCCRlV0md4A378CeyeSwa+r+KeswVc+ys1npYjIvMyWG3vdyajD/7m/v6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJZAyKCe/iaMo581JKiJLnz/HdtbMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVACRavpL
HWPSj/ukPE1bKGnnSph0Yhml5aF/hL09132DzoCDROpVBcyeDzM5p75tilsyzyg8
64oZUMbI3xh3WNIR53dn/xAfUBnguADQzyHyLBrI/ziMw8ImSHL4T3BnWP8dm+9V
Fs8++gze0muUrUHTNmFxoll4bKRfL5jw1/lpdbVEdK12k4Z4xc2HWtiTqXd3jvLe
j4g4LNS9OmdoLsiCKRxTonAekf4hpaW8iVDN9E2aAdqQ7LrxhrKN3mH5PPB1vqLi
Tx01H2FRyGmcGPBePxp371f3cuHKPYocO0fonMj2OBnRHYBuCV5MdALHkQhOM21T
nC9K5nem9O8yPw==
-----END CERTIFICATE-----