Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
File:                     5LDTY6ChegaEUahRRc5PpGTX-hs.mft (raw, json)
Hash identifier:          Y3mBAn33pCRA8F+90mo8oxXy2d1WX7Zdq6uW6sGZuXc=
Subject key identifier:   9B:0C:49:8D:D2:7F:A3:34:39:99:0B:46:D4:B9:AC:44:EA:59:B7:DF
Authority key identifier: E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B
Certificate issuer:       /CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
Certificate serial:       018F3DE86C3000E05F3DE305FB299F2DD2C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
Manifest number:          0A83
Signing time:             Fri 03 May 2024 10:03:13 +0000
Manifest this update:     Fri 03 May 2024 10:03:13 +0000
Manifest next update:     Sat 04 May 2024 10:03:13 +0000
Files and hashes:         1: 5LDTY6ChegaEUahRRc5PpGTX-hs.crl (hash: Lb3lF3fnMFRKV1DAPDVeE3eAe9g630Rlrp/L6tTseic=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 04 May 2024 10:03:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:3d:e8:6c:30:00:e0:5f:3d:e3:05:fb:29:9f:2d:d2:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4b0d363a0a17a068451a85145ce4fa464d7fa1b
        Validity
            Not Before: May  3 10:03:13 2024 GMT
            Not After : May  4 10:03:13 2024 GMT
        Subject: CN=9b0c498dd27fa33439990b46d4b9ac44ea59b7df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:2c:8a:6f:11:59:ce:bf:77:c4:a4:a4:41:b1:
                    a3:9c:2c:9a:80:f6:90:17:4c:85:da:59:79:19:71:
                    de:7c:46:83:c7:67:47:44:2b:80:71:40:c6:75:70:
                    aa:0e:1e:a5:ac:cc:07:2d:a5:02:b3:81:42:6c:25:
                    07:74:51:b1:76:ec:20:39:ed:1f:c9:68:70:47:10:
                    0d:7f:48:bf:5c:7f:1c:1b:1c:e3:d2:59:8c:58:55:
                    3a:5f:bd:d2:c1:4c:d4:1f:7a:f0:23:a6:7f:51:be:
                    66:72:a7:7f:bd:f8:1f:dc:7e:7a:b0:02:9f:6d:3f:
                    31:28:f8:63:57:5d:25:22:49:b5:70:1b:04:76:70:
                    62:7d:58:fe:ad:8e:1e:fa:60:fa:aa:6b:6a:f2:58:
                    04:e8:6b:61:4e:fe:71:bd:51:39:48:91:ed:82:4c:
                    af:a0:9a:08:9a:23:d3:81:55:87:88:71:cb:4e:de:
                    1e:71:b7:c5:78:c4:33:b4:70:c0:c4:9f:c3:6c:15:
                    97:da:3d:64:b8:c6:34:c7:d5:ae:9d:3d:00:c2:a6:
                    a5:b5:79:27:7d:3d:7d:7c:c5:16:32:e0:1a:76:aa:
                    26:40:1c:d3:1e:ab:01:d4:ac:f4:ad:2b:0d:e5:90:
                    74:7a:af:15:64:ac:17:c3:da:28:15:6e:68:be:c7:
                    a7:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:0C:49:8D:D2:7F:A3:34:39:99:0B:46:D4:B9:AC:44:EA:59:B7:DF
            X509v3 Authority Key Identifier:
                keyid:E4:B0:D3:63:A0:A1:7A:06:84:51:A8:51:45:CE:4F:A4:64:D7:FA:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LDTY6ChegaEUahRRc5PpGTX-hs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4753d3-a1e9-4fd5-aefe-7c7d8a78a963/1/5LDTY6ChegaEUahRRc5PpGTX-hs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:7c:80:96:60:b5:97:53:d2:0d:d1:37:ce:2b:ee:f9:d1:8c:
         3b:3b:1d:d6:44:16:b3:5e:07:78:53:d9:0a:d0:54:58:f1:e7:
         9d:34:0e:75:00:63:62:38:ca:42:60:d5:b4:23:ee:76:6c:aa:
         96:83:d4:40:22:65:92:32:02:72:4d:67:03:8c:72:62:39:fe:
         06:7d:62:6f:d8:aa:f9:94:57:e5:d8:76:ab:af:5c:98:5e:fa:
         50:76:78:f8:19:f2:77:ee:85:74:e5:9e:1e:ac:f1:a6:50:e6:
         5c:82:3b:3c:dd:cf:9a:b0:ed:e0:3b:c7:93:57:e4:55:2d:84:
         48:2d:3f:84:2e:07:fc:e7:dd:70:eb:10:c5:f5:d4:33:1c:4b:
         45:eb:a8:64:6c:c1:9e:3f:45:e7:ef:6c:e4:c8:71:00:c4:1e:
         48:9f:4d:4b:39:8c:11:c3:4f:8e:7b:65:56:32:22:3d:1a:df:
         dd:31:41:a5:5c:ac:8e:8a:06:37:b5:06:3c:32:e6:13:7d:9b:
         15:d5:3e:7a:2b:73:57:ee:51:0b:41:ed:f8:91:23:c6:8c:06:
         a2:16:a4:bf:49:d1:64:51:c6:07:a1:11:f6:5c:e4:ed:63:b5:
         1c:23:02:f0:87:8f:cf:70:59:6c:b7:ce:bc:03:6b:1d:93:d0:
         f5:ea:e7:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY896GwwAOBfPeMF+ymfLdLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjBkMzYzYTBhMTdhMDY4NDUxYTg1MTQ1Y2U0ZmE0NjRk
N2ZhMWIwHhcNMjQwNTAzMTAwMzEzWhcNMjQwNTA0MTAwMzEzWjAzMTEwLwYDVQQD
Eyg5YjBjNDk4ZGQyN2ZhMzM0Mzk5OTBiNDZkNGI5YWM0NGVhNTliN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCyKbxFZzr93xKSkQbGjnCyagPaQ
F0yF2ll5GXHefEaDx2dHRCuAcUDGdXCqDh6lrMwHLaUCs4FCbCUHdFGxduwgOe0f
yWhwRxANf0i/XH8cGxzj0lmMWFU6X73SwUzUH3rwI6Z/Ub5mcqd/vfgf3H56sAKf
bT8xKPhjV10lIkm1cBsEdnBifVj+rY4e+mD6qmtq8lgE6GthTv5xvVE5SJHtgkyv
oJoImiPTgVWHiHHLTt4ecbfFeMQztHDAxJ/DbBWX2j1kuMY0x9WunT0AwqaltXkn
fT19fMUWMuAadqomQBzTHqsB1Kz0rSsN5ZB0eq8VZKwXw9ooFW5ovsenNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsMSY3Sf6M0OZkLRtS5rETqWbffMB8GA1UdIwQY
MBaAFOSw02OgoXoGhFGoUUXOT6Rk1/obMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUt
N2M3ZDhhNzhhOTYzLzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80NzUzZDMtYTFlOS00ZmQ1LWFlZmUtN2M3ZDhhNzhhOTYz
LzEvNUxEVFk2Q2hlZ2FFVWFoUlJjNVBwR1RYLWhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArnyAlmC1
l1PSDdE3zivu+dGMOzsd1kQWs14HeFPZCtBUWPHnnTQOdQBjYjjKQmDVtCPudmyq
loPUQCJlkjICck1nA4xyYjn+Bn1ib9iq+ZRX5dh2q69cmF76UHZ4+Bnyd+6FdOWe
HqzxplDmXII7PN3PmrDt4DvHk1fkVS2ESC0/hC4H/OfdcOsQxfXUMxxLReuoZGzB
nj9F5+9s5MhxAMQeSJ9NSzmMEcNPjntlVjIiPRrf3TFBpVysjooGN7UGPDLmE32b
FdU+eitzV+5RC0Ht+JEjxowGohakv0nRZFHGB6ER9lzk7WO1HCMC8IePz3BZbLfO
vANrHZPQ9ernKA==
-----END CERTIFICATE-----