Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
File:                     a5HhwatXAlaAjt-5y3VZxV3PrWE.mft (raw, json)
Hash identifier:          3m9TW6DohaxN8RMTT/IXq7W0qX3APiodSeRjhOmvFVE=
Subject key identifier:   15:F7:53:C2:E3:62:4C:35:14:BF:91:33:E1:9A:D3:4D:3E:E1:E0:E9
Authority key identifier: 6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61
Certificate issuer:       /CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
Certificate serial:       018F86A368BC2E7349042B1B1F80C9EA7D30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
Manifest number:          0537
Signing time:             Fri 17 May 2024 13:00:07 +0000
Manifest this update:     Fri 17 May 2024 13:00:07 +0000
Manifest next update:     Sat 18 May 2024 13:00:07 +0000
Files and hashes:         1: a5HhwatXAlaAjt-5y3VZxV3PrWE.crl (hash: gJKQ+I/8E1dL4ZCpDmcd+2h0uOkRM6dE1BD61Hlaruw=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 13:00:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:86:a3:68:bc:2e:73:49:04:2b:1b:1f:80:c9:ea:7d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6b91e1c1ab570256808edfb9cb7559c55dcfad61
        Validity
            Not Before: May 17 13:00:07 2024 GMT
            Not After : May 18 13:00:07 2024 GMT
        Subject: CN=15f753c2e3624c3514bf9133e19ad34d3ee1e0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:e7:28:d3:39:62:85:8f:51:6c:c9:e0:da:69:
                    4e:81:c5:e4:b4:2f:17:0e:d7:f4:c2:88:d7:19:7e:
                    b2:41:8e:c2:2d:e5:69:7c:34:0c:17:30:10:72:03:
                    0a:94:0e:49:7c:8d:88:8e:00:e9:49:a5:35:40:85:
                    3e:40:68:3c:50:f4:e4:96:74:75:84:0c:6f:77:63:
                    77:3a:18:e6:a2:dc:71:c0:05:9e:4f:d9:ec:aa:8e:
                    2a:23:b0:4f:76:66:9f:4c:13:8f:46:60:d2:90:7f:
                    71:38:d0:46:10:a4:19:2a:52:cc:ba:b1:11:87:17:
                    f7:1a:b9:11:65:be:c0:4c:1d:9d:11:f1:c4:27:eb:
                    fc:d3:9a:c8:d5:00:ad:d8:4c:21:e4:c5:22:86:11:
                    8b:45:22:cc:a8:6a:40:f4:0a:29:34:69:36:1a:b5:
                    05:69:78:9e:44:3e:1d:8f:2e:f8:30:a7:fc:9e:8a:
                    c6:c1:4e:f6:0a:da:1a:fc:04:ad:66:10:8d:01:c4:
                    e5:7c:b8:fa:08:fc:b1:1e:3b:40:0c:aa:c9:1f:ed:
                    b8:2b:8e:25:38:a1:e6:ad:62:f2:a1:c0:fa:a4:30:
                    2a:fc:84:80:ec:e6:f1:8e:27:c6:df:07:cd:51:2f:
                    76:7e:17:49:c2:49:5a:8a:1e:8b:f0:ed:58:24:89:
                    dc:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:F7:53:C2:E3:62:4C:35:14:BF:91:33:E1:9A:D3:4D:3E:E1:E0:E9
            X509v3 Authority Key Identifier:
                keyid:6B:91:E1:C1:AB:57:02:56:80:8E:DF:B9:CB:75:59:C5:5D:CF:AD:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5HhwatXAlaAjt-5y3VZxV3PrWE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/a5d3c1-bd5e-4356-971c-098a02929089/1/a5HhwatXAlaAjt-5y3VZxV3PrWE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6f:d6:7b:bf:41:53:d1:ba:1a:c4:07:03:1c:a3:55:0a:95:97:
         8d:8c:88:78:22:92:d2:2a:92:c1:ff:e6:58:a5:7a:02:23:ab:
         3f:64:51:6a:ed:d9:86:bb:fb:06:7e:90:9d:46:08:5e:50:10:
         93:b0:5e:76:ee:0c:fc:f9:5e:bf:21:44:72:c4:60:c4:72:e6:
         0c:f6:b6:0c:d3:1b:13:26:6d:58:94:a2:f2:33:68:82:45:6e:
         df:13:29:12:f3:cf:d8:d6:d4:09:b8:f3:f3:cd:a6:21:c5:8f:
         aa:5d:ae:ce:ee:92:67:ca:96:66:51:e2:3a:8e:2b:37:60:e8:
         ef:e5:57:df:76:eb:65:e1:39:9b:d7:00:6e:ff:b1:27:51:95:
         87:c5:64:a6:73:19:74:59:cb:45:76:31:5f:fe:de:82:17:6d:
         be:82:28:9f:f5:d9:51:ba:dc:ff:c7:15:65:0d:b3:33:12:57:
         c5:cf:2e:cf:ce:f0:e3:b1:0c:3b:8a:8e:e1:a4:33:c6:28:57:
         d4:76:85:a9:1c:f5:1a:33:56:92:ab:7d:4d:6f:33:21:bb:28:
         81:15:df:74:49:ac:ab:66:0b:93:72:d2:a1:2a:3a:32:13:a1:
         36:42:62:52:3f:e3:b1:6e:c7:d4:49:fb:22:14:ce:df:bf:59:
         d3:f3:fb:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY+Go2i8LnNJBCsbH4DJ6n0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiOTFlMWMxYWI1NzAyNTY4MDhlZGZiOWNiNzU1OWM1NWRj
ZmFkNjEwHhcNMjQwNTE3MTMwMDA3WhcNMjQwNTE4MTMwMDA3WjAzMTEwLwYDVQQD
EygxNWY3NTNjMmUzNjI0YzM1MTRiZjkxMzNlMTlhZDM0ZDNlZTFlMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeco0zlihY9RbMng2mlOgcXktC8X
Dtf0wojXGX6yQY7CLeVpfDQMFzAQcgMKlA5JfI2IjgDpSaU1QIU+QGg8UPTklnR1
hAxvd2N3OhjmotxxwAWeT9nsqo4qI7BPdmafTBOPRmDSkH9xONBGEKQZKlLMurER
hxf3GrkRZb7ATB2dEfHEJ+v805rI1QCt2Ewh5MUihhGLRSLMqGpA9AopNGk2GrUF
aXieRD4djy74MKf8norGwU72Ctoa/AStZhCNAcTlfLj6CPyxHjtADKrJH+24K44l
OKHmrWLyocD6pDAq/ISA7ObxjifG3wfNUS92fhdJwklaih6L8O1YJIncswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBX3U8LjYkw1FL+RM+Ga000+4eDpMB8GA1UdIwQY
MBaAFGuR4cGrVwJWgI7fuct1WcVdz61hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMt
MDk4YTAyOTI5MDg5LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9hNWQzYzEtYmQ1ZS00MzU2LTk3MWMtMDk4YTAyOTI5MDg5
LzEvYTVIaHdhdFhBbGFBanQtNXkzVlp4VjNQcldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb9Z7v0FT
0boaxAcDHKNVCpWXjYyIeCKS0iqSwf/mWKV6AiOrP2RRau3Zhrv7Bn6QnUYIXlAQ
k7Bedu4M/PlevyFEcsRgxHLmDPa2DNMbEyZtWJSi8jNogkVu3xMpEvPP2NbUCbjz
882mIcWPql2uzu6SZ8qWZlHiOo4rN2Do7+VX33brZeE5m9cAbv+xJ1GVh8VkpnMZ
dFnLRXYxX/7eghdtvoIon/XZUbrc/8cVZQ2zMxJXxc8uz87w47EMO4qO4aQzxihX
1HaFqRz1GjNWkqt9TW8zIbsogRXfdEmsq2YLk3LSoSo6MhOhNkJiUj/jsW7H1En7
IhTO379Z0/P7uA==
-----END CERTIFICATE-----